Kibana aggregations help

smruthip · November 6, 2020, 9:23pm

Hi all,

I am trying to get the latest document based on a field

example
'''
container_id state time
1 A 2pm
1 B 1pm
1 C 6pm
2 A 3pm
2 B 6pm
2 C 2pm

solution I want to display in Kibana is

state count
A 0
B 1 (current container state for container id 2)
C 1 (current container state for container id 2)
'''
How do I do this in Kibana?

Nathan_Reese · November 6, 2020, 11:02pm

You can get the latest document by using "top hits" metric. In the example below I am using a top hits metric aggregation to show the timestamp field for the last document sorted on the timestamp field.

smruthip · November 7, 2020, 12:41am

Hi Nathan ,

thank you. there needs to be another level of aggregation which is container_id in my example above and show the count of each state.

What I actually need is

Staged 10
Stacked 4
Loaded 8

where 10 containers have a current state (based on latest timestamp) of Staged
4 have Stacked
8 have Loaded

system · December 5, 2020, 12:41am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Kibana: How to get the top hits for a field and then do a count of them in terms of another field Kibana	3	2939	December 5, 2017
Display data with the latest date Kibana	6	1331	April 5, 2021
Count the latest records in Kibana visualization? Kibana	7	1704	January 4, 2023
How do I count and visualize only latest doc based on certain field? Kibana dashboard , data-views , visualisation	3	299	October 18, 2023
How can I show the value of a specific field from the most recent document in a time frame Kibana	3	140	July 12, 2023

Kibana aggregations help

Related Topics