Nested query in Kibana

Hi members,

I have a problem concerning an visualization.

dockerelk_elasticsearch-master_2
dockerelk_kibana_1
dockerelk_elasticsearch-master_1
elasticsearch-coordinating
dockerelk_metricbeat_1
dockerelk_elasticsearch_3
dockerelk_elasticsearch_2
dockerelk_logstash_1
dockerelk_elasticsearch_1

0.033
0.011
0.036
0.045
0.002
0.205
0.207
0.065
0.199
SUM 0.81

So that are my containers with the memory %. And in the visualization table it is quiet easy to sum all entries.

Now I want the SUM 0.81% in a several visualization gauge.
So I have tried several things but I dont now how to say:
Get from all Container.names the Max Memory.usage.pct and build the total sum and visualize it as gauge

Has someone a solution? Thanks for advice.

@thomasneirynck do we support nested queries?

Thanks,
Bhavya

hi @Invictus,

That sum in the table is calculated by Kibana and not be Elasticsearch.

Can you express that total sum using a Sum-bucket pipeline aggregation? It'd look something like:

image.png789×951 27.6 KB

Yes, what worked. It was a big fail from my part.
I made this aggregation via Sum Bucket before and I forgot to set the Size to 10, because of 10 Containers. So the value was to low 0.325% now I set the Size to 10 and i got the same value as in the data table.

Thanks for your reply, Thomas.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.