Kibana - Timelion network visualization problems

dinon · January 8, 2018, 8:12pm

HI,
I am trying to create a netwoek traffic visualization based on timelion.

Network traffic should easily be represented by following expression in timelion: .es(index=metricbeat*, timefield=@timestamp, metric=max:system.network.in.bytes).derivative()

But here are some findings:

for short time periods (less than hour) it is not producing the results

Screen Shot 2018-01-08 at 21.05.39.png2624×1348 173 KB
for longer periods it is creating the result and is following the trend, but results are off for big margin (below graph is based on windows perfmon counters and these are real numbers)

Screen Shot 2018-01-08 at 21.01.58.png2588×1324 262 KB
here is the timelion definition

Screen Shot 2018-01-08 at 21.01.43.png3406×2072 600 KB
for long time periods it looks like counters reach maximum value and upon reset it creates a strange spikes - how to ignore/overcome this

Screen Shot 2018-01-08 at 21.10.21.png3430×2262 380 KB

Thank you!
DiNo

thomasneirynck · January 10, 2018, 12:15am

hi @dinon,

I'm not sure what that is, it's tough to reproduce on my end. Are you sure that this is not an artefact of the data?

If so, could you try to reproduce these same issues with the sample makelogs data, or with some sample dataset? If so, I can take a look here from my end.

system · February 7, 2018, 12:16am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.