Hello All,
I am new to Kibana, I need to achieve the below. Please advise.
I am using formula to calculate one column data, I want to alert only if the calculated column value is greater than 5% difference.
Example:
Col1 Col2 Col3_Calculated
10 15 50%
20 21 0.5%
.
Here my row1 calculated field (col3_calcualted) field difference is greater than 5%, in such case I need to send an alert once.
Please guide me with the steps
Thanks Hendry,
Actually I am uploading CSV file into Elasticsearch and building Dashboard based on Kibana.
So where i need to create this runtime field, please let me know in detail
Hendry,
Is it possible for me to do the same in Kibana directly instead of moving to DevTool.
Because all the example shown are using the Devtool and writing JSON, but my requirement is, already I am loading the data from Elasticsearch and in Kibana how can I just create one more calculated field and alert based upon the dynamic value
I want to find the difference between source1 and source2 value for the same date and display in a calculated field and if the difference is morethan 5% I need to send an alert.
First of all, you can't use runtime field for this scenario, because you are trying to perform calculation against multiple documents.
The only way you can do this will be to either use Elasticsearch Watcher to periodically perform the calculation and trigger an alert if the condition is met.
Another option will be to use Elasticsearch transform to regularly perform the calculation, store the result in a separate index, and then you can create chart/alerting rule based on the aggregated index.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.