Kibana visualisation from SQL query

Mkapustin · August 6, 2020, 11:32am

Hello friends! Need help with visualisation in Kibana from sql query:

I have the same table from sql query:

11301×250 33.2 KB

I need to group results values by columns of actions values and by Mail ID. In splunk I realise it with chart option ("chart latest(results) as status over mail_id by actions"):

21429×263 51.6 KB

How to get something like this in Kibana?
With an sql query, I get the difference between two time parameters in milliseconds. How to display this data on the graph on the Y-axis, on the x-axis-the time of data receipt:

31368×676 69.1 KB

thomasneirynck · August 6, 2020, 2:32pm

Can you add a group by clause?

e.g.

Select MailId, action, last(timestamp)
FROM filebeat
WHERE ...
GROUP BY MailId, action

Mkapustin · August 17, 2020, 10:45am

Hi! Yes, I can add a grouping, however, this does not lead to the desired result (screenshot), I need a table of results by steps, as in the attached screenshot from Splunk (first message).

Topic		Replies	Views
Visualisation from Kibana using SQL query Kibana	3	2658	January 14, 2020
Run a simple sql group by query in kibana 4 Elasticsearch	4	1793	July 5, 2017
Creating data table using group by like clause in Kibana? Kibana	2	6473	July 6, 2017
Visualize sql query result Kibana	4	1471	December 25, 2018
Group by function is not working in sql query in kibana>dev tools Kibana	9	1182	February 1, 2021

Kibana visualisation from SQL query

Related topics