Kibana 7.3.0: show most recent values and combine multiple queries in a table?

Elastic Stack Kibana
1

Hi,

I want to create a live table which shows the current status of a system.
In this particular example I want to create a table which is listing the node status of my kubernetes cluster.

  1. There may be many events per node, because it is updated each minute or more often.
    I only want to show the most recent data per node. Do I need to create entity centric indices on my own, or is there a way to tell kibana just to show data of the most recent event?

  2. If somehow possible, I want to add information of different source events in a table. E.g. node status and cpu, memory usage taken from a different metricset. The should be combined by kubernetes.node.name = host.name

  3. What is your opinion: Is metricbeat + kibana mature enough for monitoring metrics and logs of a productive kubernetes cluster, or are the people who say "kibana for logs, prometheus +grafana for metrics" right?

Thanks, Andreas

2
  1. You can do this by using the Top Hit aggregation, sorted by timestamp.
    Display latest value in a „Metric“
  2. This one can't really be done in Kibana, they should just be in the same index for you to be able to use them in the same data table.
  3. I'm going to be biased here and say that Kibana is just as good for metrics. It all depends on what you want to achieve and how your data is structured. By myself I used it to monitor a bunch of smart plugs in my house.
3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.