Kibana aggregations help

smruthip · November 6, 2020, 9:23pm

Hi all,

I am trying to get the latest document based on a field

example
'''
container_id state time
1 A 2pm
1 B 1pm
1 C 6pm
2 A 3pm
2 B 6pm
2 C 2pm

solution I want to display in Kibana is

state count
A 0
B 1 (current container state for container id 2)
C 1 (current container state for container id 2)
'''
How do I do this in Kibana?

Nathan_Reese · November 6, 2020, 11:02pm

You can get the latest document by using "top hits" metric. In the example below I am using a top hits metric aggregation to show the timestamp field for the last document sorted on the timestamp field.

smruthip · November 7, 2020, 12:41am

Hi Nathan ,

thank you. there needs to be another level of aggregation which is container_id in my example above and show the count of each state.

What I actually need is

Staged 10
Stacked 4
Loaded 8

where 10 containers have a current state (based on latest timestamp) of Staged
4 have Stacked
8 have Loaded

Topic		Replies	Views
Unique count and bucket aggregation with top hits Kibana	4	460	December 7, 2020
How can I select the latest state of the data? Kibana	2	454	May 11, 2018
Count the latest records in Kibana visualization? Kibana	7	2525	January 4, 2023
Display data with the latest date Kibana	6	1445	April 5, 2021
Kibana data table with the aggregations only on the latest records Kibana	3	1300	February 4, 2019

Kibana aggregations help

Related topics