Kibana - Timelion network visualization problems

dinon · January 8, 2018, 8:12pm

HI,
I am trying to create a netwoek traffic visualization based on timelion.

Network traffic should easily be represented by following expression in timelion: .es(index=metricbeat*, timefield=@timestamp, metric=max:system.network.in.bytes).derivative()

But here are some findings:

for short time periods (less than hour) it is not producing the results

Screen Shot 2018-01-08 at 21.05.39.png2624×1348 173 KB
for longer periods it is creating the result and is following the trend, but results are off for big margin (below graph is based on windows perfmon counters and these are real numbers)

Screen Shot 2018-01-08 at 21.01.58.png2588×1324 262 KB
here is the timelion definition

Screen Shot 2018-01-08 at 21.01.43.png3406×2072 600 KB
for long time periods it looks like counters reach maximum value and upon reset it creates a strange spikes - how to ignore/overcome this

Screen Shot 2018-01-08 at 21.10.21.png3430×2262 380 KB

Thank you!
DiNo

thomasneirynck · January 10, 2018, 12:15am

hi @dinon,

I'm not sure what that is, it's tough to reproduce on my end. Are you sure that this is not an artefact of the data?

If so, could you try to reproduce these same issues with the sample makelogs data, or with some sample dataset? If so, I can take a look here from my end.

system · February 7, 2018, 12:16am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Visualizing network traffic timelion (metricbeat) Kibana timelion	2	1184	April 30, 2018
Major performance issues when using Timelion Kibana timelion	3	583	June 20, 2019
Timelion expression Problem Kibana timelion	2	261	June 24, 2020
Network I/O Timelion show crazy with offset one second Kibana	3	727	November 22, 2017
Kibana visualize network bandwidth from metribeat Kibana	7	9656	June 21, 2017

Kibana - Timelion network visualization problems

Related topics