I have a field in my logfile that is called "last_seen_time". This field gets populated with a timestamp that describes when a problem was last seen. Once a problem is not seen for two months anymore we consider the problem solved.
How can I best visualize the number of solved issues over time in Kibana in this configuration (only solved if not seen anymore since "that date on the axis - 2 month"?
I want to visualize number of solved issues on y axis, time on x axis.
If possible it would also be nice to express this not in absolute numbers (number of solved issues) but % wise to the total number of issues in the index.
How can I best do this? Timelion? Anything else? What formulla to use in timelion
this does not sound like something that would be easy to solve in Kibana. But maybe we can work something out if you tell me a bit more about your schema:
is there a document for each class of issues or for each occurence of an issue
how does last_seen_time differ from the primary timestamp field of the document (if there is one)
how are the classes of issues identified (some kind of keyword?)
I can't think of a way to achieve that without pre-processing your data. I would recommend to use something like logstash or a custom script to regularly post documents to a separate index that contains the summary of the status you want to visualize. For example you could post a document like
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.