How to filter certain range of hours for each day in bar chart?

YuWatanabe · November 7, 2016, 10:39am

I have a requirement where I need to filter out the certain hours with in the day with bar chart.

So, for example , if I search from 2016.10.01 00:00:00Z to 2016.10.06 00:00:00Z in time filter and if create a filter like 00:00 - 01:00 for each day, I expect kibana to return counts for 00:00 - 01:00 for every day.

Time range                  Counts
2016.10.01 00:00            4
2016.10.02 00:00            5
2016.10.03 00:00            1
2016.10.04 00:00            2
2016.10.05 00:00            4

This seems to be possible only using "now" using date range but I want to dynamically calculate from the time filter in visualization.

Is this possible?

thomasneirynck · November 7, 2016, 7:38pm

I would look into using a "Scripted field". In the script, extract the hour (e.g. 1.00-2.00am, 2.00-3.00am, ...) from the timestamp field of each log. Then, you can filter on the value of the scripted field.

You'll need Kibana 5, which allows you to write a scripted field in Painless, a scripting language similar to Groovy.

https://www.elastic.co/guide/en/elasticsearch/reference/master/modules-scripting-painless.html
https://www.elastic.co/guide/en/kibana/current/scripted-fields.html

system · December 5, 2016, 7:38pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.