I have a question regarding Kibana Heatmap visualisation. I'm collecting logs from an application and these logs have an Apachee syslog level, i.e. error, warning, info.
Now I want to visualize 10 minute bins of aggregated log levels on the x axis. The color of the bin should depend on the severity of the log messages. I want to color the bin red in case of >= 1 error message, yellow in case of zero errors but >=1 warnings, and green in case only info level messages were received.
Therefore I map the log level to the corresponding syslog value, so for simplicity let's assume error => 0, warning => 1, info => 2. I color the bin by using the minimum log value observed in the time interval.
I have the following issue:
I have to define ranges (e.g. error would be [0,1)) but have only discrete values. This becomes a problem as the legend labels are then 0-1, 1-2, ... but I want to have 1, 2, 3.
In an ideal case it would be nice to map the ranges back to the corresponding level labels, i.e. error in case of range 0-1, warning in case of 1-2, and info for range 2-3.
Best and have a nice weekend,
Ranges don't support custom labels, but you should be able to replicate the same thing by using the "Filters" aggregation instead. There you have to define your range using a KQL or Lucene filter and you can set a custom label for it.
Thanks for the hint Joe, but I do not yet see how I could do that. Currently I use the date histogram aggregation on @timestamp to split the x-axis into time bins and I use the Min aggregation on level_value as metric.
Adding a filter aggregation on top of that would require me to split the Heatmap into different rows.
But I need a single row with a time binning on the x axis and color coded error levels.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.