Kibana- vega: might be kibana vega context issue - querying separate index data

Elastic Stack Kibana
1

I'm using vega to work out my visualization.
As you can see, I'm querying "telemetry" index.
While if I input via filter (either in dashboard filter field or visualization filter - KQL) by using "appName" field, I found its querying data from a separate index (that index also has "appName" field). Why it happen? or are there configuration mess up there?

    {
      "$schema": "https://vega.github.io/schema/vega-lite/v2.6.json",
      "data": {
        "name": "metrics",
        "url": {
          "%context%": true,
          "index": "telemetry*"
    ....
    }
2

@wangyf2010 Hello there Simon.

My first question is does that index pattern resolve to more than just telemetry index (The asterisk following the index is what popped the question in my mind)?

Here is one way I've learned to query about indices: GET _cat/indices?v ...popping that in Dev Tools may help us rule out whether the index-pattern you've used for the index stanza is resolving to more than one index. In the meantime, I'll search about to discover whether you can indeed use an index-pattern in that stanza.

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.