I have a common index pattern, say abc-index*, which captures two indices, for example:
abc-index-log and abc-index-users.
The log contains data on interactions by known users.
The users index contains information about users, such as which country they are in.
Actions by the users are identified by their unique ID in the log, and this unique ID in the users index corresponds to a number of user attributes including the country that the user is located in.
Even though I can create a visualization for the pattern abc-index*, and pick count of searches as the y axis and the term country as the x axis, Kibana cannot produce a sensible visualization. Obviously Kibana cannot discern by itself what would be the foreign key (in database terms) in the logs is the same as the primary key in the users index. I cannot see how to point out that relationship, or any other way to be able to generate visualizations from fields of data in two indices that can be related in database terms.
Has anyone had any experience in something like this?