[Kibana visualization] max of sum

Hi
need your help to do a max of sum group by document's date field

Assuming I have 2 series , can you please tell me what metric aggregation I have to use to do this:

each line is in the separate document
Thanks in advance for your help

Cheers
Yazid

This sounds like it's a sibling pipeline aggregation: https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-pipeline-max-bucket-aggregation.html

Thanks for your quick reply. But I have already tried this and it is not giving the result I'm expecting.
Actually, when I'm analyzing a short period and using a short bucket (5 min), so yes it is correct, but when I'm analyzing for a day for example 5 min as a bucket is very short for kibana

and the result is something like that (assuming bucket is 10 min)

actually I need something like
select MAX (sum (CurrentActiveSessionsTotal) group by date

Yazid

Hi again

I have a better result using timelion (it was my first try ), but still have some incorrect values .
this is my request

.es(index=telco_kpi_idx*,
timefield='date',
metric='max:CurrentActiveSessionsInbound',
split=name.keyword:5, kibana=1 , q='type : kpi_realm AND name: Peer_edfe_ AND hostname.keyword :TSBC-11*',).label(regex='.(PEER).(LON.*)',label='($2)'),

.es(index=telco_kpi_idx*,
timefield='date',
metric='sum:CurrentActiveSessionsInbound',
kibana=1 ,q='type : kpi_realm AND name: Peer_edfe_ AND hostname.keyword :TSBC-11*',
).scale_interval(1m).legend(position=sw).label(label='sum of CurrentActiveSessionsInbound ')

when I request for 1 day the result seems correct

image.png605×502 58.4 KB

but when I increase the period (3 days for example) I have this

image.png1007×839 103 KB

as you can see , it shows me 248 as max of the sum values of the same day I showed before.

Do you have any idea how I can solve this please?

Thnks
Yazid

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.