Kibana tsvb pipeline aggregation

ivh · April 28, 2021, 11:34pm

Hello Elastic team!

I have a working pipeline aggregation script based on this example & I want to graph same in Kibana (7.10.1) TSVB ... and simply cannot understand how to accomplish this. Tried bucket_script in TSVB, tried scripted fields, no dice.

So my question is: how do I take a script working fine via GET from Postman, and convert it into a functional line graph in TSVB?

Thanks!

Script...

GET /index/_search
{
  "size": 0,
  "aggs": {
    "Daily Purchases": {
      "date_histogram": {
        "field": "coin_bot_datetime",
        "calendar_interval": "day"
      },
      "aggs": {
        "units": {
          "sum": {
            "field": "coin_bot_count"
          }
        },
        "Cumulative Purchases": {
          "cumulative_sum": {
            "buckets_path": "units" 
          }
        }
      }
    }
  }
}

Output...

{
    "took": 1,
    "timed_out": false,
    "_shards": {
        "total": 1,
        "successful": 1,
        "skipped": 0,
        "failed": 0
    },
    "hits": {
        "total": {
            "value": 2,
            "relation": "eq"
        },
        "max_score": null,
        "hits": []
    },
    "aggregations": {
        "Daily Purchases": {
            "buckets": [
                {
                    "key_as_string": "2021-04-02 00:00:00",
                    "key": 1617321600000,
                    "doc_count": 1,
                    "units": {
                        "value": 0.016652539372444153
                    },
                    "Cumulative Purchases": {
                        "value": 0.016652539372444153
                    }
                },
                {
                    "key_as_string": "2021-04-03 00:00:00",
                    "key": 1617408000000,
                    "doc_count": 0,
                    "units": {
                        "value": 0.0
                    },
                    "Cumulative Purchases": {
                        "value": 0.016652539372444153
                    }
                },
                {
                    "key_as_string": "2021-04-04 00:00:00",
                    "key": 1617494400000,
                    "doc_count": 0,
                    "units": {
                        "value": 0.0
                    },
                    "Cumulative Purchases": {
                        "value": 0.016652539372444153
                    }
                },
                {
                    "key_as_string": "2021-04-05 00:00:00",
                    "key": 1617580800000,
                    "doc_count": 0,
                    "units": {
                        "value": 0.0
                    },
                    "Cumulative Purchases": {
                        "value": 0.016652539372444153
                    }
                },
                {
                    "key_as_string": "2021-04-06 00:00:00",
                    "key": 1617667200000,
                    "doc_count": 0,
                    "units": {
                        "value": 0.0
                    },
                    "Cumulative Purchases": {
                        "value": 0.016652539372444153
                    }
                },
                {
                    "key_as_string": "2021-04-07 00:00:00",
                    "key": 1617753600000,
                    "doc_count": 1,
                    "units": {
                        "value": 0.017336610704660416
                    },
                    "Cumulative Purchases": {
                        "value": 0.03398915007710457
                    }
                }
            ]
        }
    }
}```

Stratoula_Kalafateli · April 29, 2021, 10:45am

Hello @ivh!

TSVB supports cumulative sum so no need to create a script. Here is my configuration to make it work

Is this what you want or have I misunderstood the question?

ivh · April 29, 2021, 5:12pm

[[ smacks head ]]

Hi @Stratoula_Kalafateli -- I could swear I tried that & it didn't work ... but lo & behold it works now perfectly just as you showed in your example. Thanks for that.

I do still wonder how to convert a viable script into a visualization in TSVD ... but for now, the immediate-term fix works great, thanks again.

ivh · May 12, 2021, 7:46pm

Additional question if you'll bear with me: I've now noticed that the individual documents that appear in the cumulative sum are those from the selected time bucket ... where really what I'm after is the cumulative sum over all documents ever -- regardless of time bucket. I have tried something like this...

coin_bot_name_short:ETH and @coin_bot_datetime>"2021-04-01"

...but it doesn't work.

system · June 9, 2021, 7:46pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Scripted Aggregations in Time Series Visual Builder Kibana	3	2669	October 9, 2017
Kibana 5.4 bucket_script visualization Kibana	2	2263	June 16, 2017
Time Series Visual Builder (TSVB) Table: How do I apply options to a Bucket Script computed field? Kibana	4	2749	January 30, 2020
KIBANA Tsvb Kibana	4	573	January 7, 2020
Field Filtering and Basic Math With Painless Kibana	5	1799	July 10, 2019

Kibana tsvb pipeline aggregation

Related topics