My goal is to visualize the number of violations per file and per owner over time.
I upload a new dataset to Kibana every 24 hours, all datapoints with the same timestamp (since they belong to the same day).
Just to try it out, I've tried pushing 2 times in the last 24 hours to see how it would look like. I can see Kibana does show 2 datapoints for the 2 different timestamps I've used, but it doesn't connect the lines (breakdown by "file"):
Or it connects them wrongly (breakdown by "owner", currently there's only one owner):
the problem of dots not connected depends on the bucketing returned by Elasticsearch, where between each dots there are gaps in the data, so non-adjacent dots are non connected.
I can reproduce the same thing here with a breakdown:
Thanks for the reply @Marco_Liberati . I have indeed tried different options for "Missing values", but it still doesn't work. It's especially bad when my metric is e.g. sum(violations). In between datapoints, Kibana thinks that the violations have a value 0 and so it displays a line that goes to 0 all the time:
It doesn't matter if I change it to "Last value", Kibana will always fill the gaps which 0's, which is incorrect. This sounds like a pretty basic use case that should be covered? How do people display lines over time then?
Found the problem! The default time interval seems to be 3 hours, so Kibana expects data every 3 hours. Not sure why it fills with zeros if data is missing there though, despite selecting "Last Value" as filling option.
Anyhow, changing the time interval to 1 day solves the problem and the dots are correctly connected!
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
