I've written a search that uses collapse:
To get the latest records from a time series, that I would then like to graph. I can't however find a reasonable way in Kibana to do this, with the best I've found is the top_hits agg, which does not really work the same way as far as I can tell.
Example data might be account balances for an unknown number of accounts, collected at at unknown interval. So the data will have multiple records for the same accounts.
The collapse and sort query would be:
"sort": [ { "timestamp": { "order": "desc" } } ],
"collapse": { "field": "account.keyword" }
This would nicely return all the different accounts that exist, and the latest details about each one, ie, balance.
Any thoughts?
I've been looking in both Kibana and Grafana, and can't find in either of these, a way to just supply a custom written query and tell it to use the returned hits as it's data source for graphing.
I also looked at using reindex to write the results of a query to a new index, but that is also not supporting collapse.
