My use case calls for counting all documents in an index pattern across days. I am grouping by timestamp field by minutes that is being ingested in milliseconds. So simply trying to group milliseconds into minutes.
I get the counts for each day instead of total count for 3 days (see attached).
I have looked on this forum and elsewhere, tried some options but to no avail.
Hoping a Kibana expert can chime in and point me in the right direction.
What is the expected result?
One number = 1200000 + 500 + 36836
If so, just do the count, without timestamp buckets.
I did not state my question clearly. Expected result is total for grouped docs not all docs that were ingested. For example:
Group1 (by minute) contains 5 docs by milliseconds which were ingested.
Group2 (by minute) contains 7 docs by milliseconds which were ingested.
Group3 (by minute) contains 3 docs by milliseconds which were ingested.
so my count should be 3 (although my index has milliseconds level data). I think this may require some scripting.
I'm still not sure I understand what you are trying to do. What I can recommend is that if you are being limited by the UI of the visualization, you probably need to use Vega to do more advanced visualizations. Another popular alternative is the kibana-enhanced-table plugin.
Thanks, I will try these options.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
