Hello.
I'm interested in two things with some logsthat should--but don't seem to--be straightforward:
-
Filtering data by day-of-week (i.e., Monday, Tuesday,...,Sunday or even just numbers 1-7). I understand this is more of an Elasticsearch/Lucene issue and I'll not pursue that in this email.
-
Histogram by day-of-week. Again, this is just mapping the timestamp/date back down to a day of the week. Reading around I discovered Kibana scripted fields in their Index Patterns area of the 'Management' tool. As I understand scripted fields, I can use them for aggregation but not for indexing (if I could, the first issue above would also be addressed readily).
Googling around I found this blog post that looked helpful:
https://blog.trifork.com/2017/09/04/kibana-histogram-on-day-of-week/
I made myself a scripted field called "day_of_week_opened" that looks like this (painless):
doc['open_time'].date.dayOfWeek
The scripted field is just an integer valued from 1 to 7 inclusive. This works fine, as one can see from this screenshot:
The days Monday(1) to Sunday (7) are presented in the correct order.
Now, suppose instead I would like a more human-friendly label--say abbreviation of the name of the day of the week...I made a scripted field called dayofweek that looks like this (again, painless):
doc['open_time'].date.dayOfWeek + " (" + ["", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun"][doc['open_time'].date.dayOfWeek] + ")"
Following the logic of the aforementioned blog post I tried aggregating the data by Terms and chose my new scripted field dayofweek as the Term. Here's a screenshot...
You might immediatly say "Wait! You chose order by count! That's what you've done wrong" Well, yes and no. I only chose this ordering because order by Term did not appear as an option.
Any thoughts on what I've done wrong, or have I revealed an undocumented feature?
Further info: I'm using kibana 6.4.1 on Chrome.
Thanks for any help/advice you might offer on this issue...