I want to add a line visualization that contains the number of Errors graph.
I am trying to use the aggregation "count" with a Json input to count only errors. But this is not working.
{
"query": {
"match": {
"level.keyword": {
"query": "ERROR",
"type": "phrase"
}
}
}
}
I can't link a filter to my graph because I have in the same graph other metrics.
JSON Input allows for manually setting aggregation parameters that do not have GUI inputs. None of the aggregations support query as a parameter so you can not filter aggregation results in this way.
Try using the timelion visualization. That visualization allows for specifying specific queries per metric. For example, the following expression displays a unique count metric for two filters
.es(index=logstash-*,q='machine.os.raw:ios',metric=count), .es(index=logstash-*,q='machine.os.raw:osx',metric=count)
You could also use the filters aggregation to split the series and create a seperate metric per filter.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
