Hi ,
I am new to Kibana and trying to create data table visualization to show distinct errors and its counts.
For example, I have a save query with following result columns.
DateTimestamp, app.message, app.problemdetails.type, etc
1/1/2020, "error message 1", "error message type1"
1/2/2020, "error message 1", "error message type1"
1/2/2020, "error message 2", "error message type2"
1/2/2020, "error message 1", "error message type1"
1/3/2020, "error message 1", "error message type1"
I want to create a data table visualization with following results
"error message type1 " - 4
"error message type 2" - 1
I tried to create data table, but it only shows one record and all other records goes to missing category.
Looking at your example you're describe and the data table in that screenshot, I think what you'll want to do is change the "Field" under the "Buckets" section to be set to "app.problemdetails.type" rather than "app.message.keyword". That should aggregate your data by that type field like you're looking for.
For the chart, if you select "vertical bar" as your chart type in Visualize, then under "Buckets" you can click "Add" and then select "Split Series". Then choose a "Terms" aggregation and set "app.problemdetails.type" as the field. Then, click "Add" again and choose "X Axis" and select the "Date Histogram" aggregation. By default, this will show the counts stacked on top of each other. If you want each error type broken out into it's own vertical bar, you can select the "Metrics & axes" tab and then change "Stacked" to "Normal" in the Mode field.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
