Kibana map visualization

Elastic Stack Kibana
1

Hi All,

I need your help with creating a visualization in kibana for three major queries.

The data I have - a bus samples that include: GPS (of its current position), StopId (The next bus stop), timestamp (the current time), vehicleId (the vehicle id of the bus), delay (time in seconds that describes how much the bus is late - can also be a negative value)

  1. I need to display in a map for each vehicle its current position
  2. I need to display heat map of the current position of all vehicles.
  3. I need to display heat map of the delay for the current position of all vehicle.

I have no idea how to do this visualization, I am new in kibana so please be Gentle with me :slight_smile:

Before I decide to move to kibana I implemented a JavaScript script the display all those queries in google map, I get the data directly for my elastic server.

In my JavaScript code I execute this query first:

{
"size": 0,
"aggs" : {
"group_by_vehicleId" : {
"terms" : {
"field" : "vehicleId",
"size" : 1000
},
"aggs" : {
"max_time" : {
"max": { "field" :"timestamp"}
},
"include_source": {
"top_hits": {
"size": 1,
"_source": {
"includes": [
"vehicleId", "location","lineId","delay","timeFrame"
]
}
}
}
}
}
}
};

And then get the data that I need for each task and display it in google map.

By the way, I am working with kibana version 6.4.2

Thanks for the help.

2

I assume you have a flow of events coming with new updated information for each vehicle at a specific interval. This is a scenario where it often make sense to index the data twice. The first index contains all the raw events and can be used to analyze how the data for specific vehicles change over time. To get the latest document for each vehicle from such an index can get expensive as the data volume grows and cluster scales out. To get around this you can create an entity-centric index where you instead have one document per vehicle (using vehicle identifier as document id), which you then update for every new state change that arrived. This gives a small index that contains just the most recent state, so it will be very fast to query even for very large volumes of data. You then choose the appropriate index based on what you want to analyze.

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.