Packetbeat data visualisation to show data being sent and recieved by a host and where it's going to and from using domain names

So I'm trying to work out how to create a graph in Kibana 5.2 using info from packetbeat that has logging hosts along the X axis and data transfered in GB along the Y axis.

The x axis for each host is split to incoming and outgoing traffic. The bars are then split into which hosts they went too, listed by their FQDN's if possible instead of their IP's.

The above is a mock up of the graph I'd like or if you could think of a better way to visualise the data.

I'm pretty new to the whole elastic stack so I'm still getting my head around manipulating the data.
I'm yet to get it to show the data using IP's let alone domain names.
One of the main issues with IP's though is that we're using LXC, IP's may change. That and IP's aren't exactly user friendly for the 'at a glance' look.

@Alistair_Hardy with the current visualizations you can get really close to what you're looking for with the following vertical bar chart:

Screen Shot 2017-03-02 at 9.50.47 AM.png518×1704 59.4 KB

The above chart shows the sum of the bytes_in, and then you could create a separate chart for for the bytes_out.

I'd recommend opening up another topic in the Beats forum to see if there's a way to get the destination hostname, there might be a way to setup a processor or the ingest node to enrich the information with this data, but they'll be able to guide you in the proper direction.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.