Kibana grouping query

anoopmk007 · November 7, 2017, 7:34pm

Hello ,

I have some json logs from ES and looking for some customized output visualization on Kibana. Could you please confirm if this is possible, if yes how can i achieve this ? any help appreciated .

logs:-

{ "STATUS": "OFFLINE", "CMP_NAME": "ABC123", "TYPE": "POS" }
{ "STATUS": "ONLINE", "CMP_NAME": "ABC123", "TYPE": "POS" }
{ "STATUS": "OFFLINE", "CMP_NAME": "ABC123", "TYPE": "POS" }
{ "STATUS": "OFFLINE", "CMP_NAME": "ABC124", "TYPE": "POS" }
{ "STATUS": "ONLINE", "CMP_NAME": "ABC124", "TYPE": "POS" }
{ "STATUS": "ONLINE", "CMP_NAME": "ABC125", "TYPE": "POS" }

Can we get the count of cmp_name which have the status=offline count >=2 using kibana ?

lukas · November 7, 2017, 9:46pm

Yeah, you can. You can just create a metric visualization, and put "status:offline and count:>=2" in the query bar.

anoopmk007 · November 7, 2017, 10:16pm

Hi Lukas, Thank you for the comments. Here i am looking for the unique count of cmp_name which have more than 2 time offline as status

.

lukas · November 8, 2017, 4:04pm

Hmm... This is more complicated than I originally thought. The only way I can think to do this to plot the unique count against the terms for CMP_NAME.

system · December 6, 2017, 4:05pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.