Line diagram showing sum of finished orders over time

maxl · December 2, 2021, 7:34pm

Hello to the elastic community!

I have a problem and I can't figure out how I could achieve this.
Every few minutes some orders get finished.
And I want to show how many are finished after 5 mins, after 10 mins, and so on.

So the x axis would be the time and y axis would be the sum of finished orders from start time.

Marius_Dragomir · December 2, 2021, 8:12pm

Hi, how is your data structured? Do you get a document when order starts and one when order ends, or just a single one for the whole order? what fields would you have in your document?

maxl · December 2, 2021, 8:16pm

Well it's one label and data gets updated.
For example label.order_end is only set when order is finished.
So I filter for if label.order_end exists.

Marius_Dragomir · December 2, 2021, 8:43pm

Then it should be pretty straightforward:
You can map: "labels.order_end - labels.order_start" on one axis and count on the other. That calculation can be done in multiple ways:

Best way: when you update the order_end field, add/update a duration field.
TSVB math aggregation: you can do the difference there, when you have both fields, but you need to make sure first that you do checks for the label.order_end field existing first.
Scripted field: same as before, you need to do the checks and you can create your own duration field.

maxl · December 3, 2021, 9:28am

Thanks for the fast reply!

I was not specific on the x axis. I don't want the duration, I want the time ( @timestamp ).
So e.g. at 18:00 we have 0 orders finished, at 18:10 we have 10, then 15, and so on.

Here I got something, but I can't choose @timestamp, only the timestamp in us, which is pretty ugly:

maxl · December 3, 2021, 10:15am

So, eventually I got it to work with lens and cumulative sum.
Somehow I oversaw this.

system · December 31, 2021, 10:15am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.