I am importing my Exchange Tracking Logs in ES and am now trying to create my first Dashboard. I already have a TimeLion visualisation showing the Mail Flow (Inbound and Outbound) showing the last 15 minutes refreshing every minute. I'd like to add a Top 10 senders like this:
My visualisation shows the Top 10 since the beginning of time (when I first started collecting the logs) and doesn't refresh by the minute with the Mail Flow. The chart is set up as follows:
So, if I'm understanding correctly, you'd like to have one visualization based on all data since the beginning of time, and another based on the last fifteen minutes?
I'd just like my current visualization to update to reflect according to the time filter set in the top right hand corner, if possible. I don't think I explained myself well...sorry. ELK is a new project for me.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
