Percentage difference over two different periods

Thomas74 · September 8, 2020, 8:00am

Hi,

I would like to see how I receive specifics logs during two periods :

Current month
Current month - 1

The goal is to see the difference, in percentage, between them. For example, this month we increased log integration by 20% from last month.

I tried with timelion and TSVB but with no success

Math integration could be a good idea but I don't know how to get params metrics from antoher bucket.

Is someone can guide me ?

Best regards,

Thomas R.

wylie · September 10, 2020, 8:04pm

This type of use case is harder than it sounds in Kibana for the reasons you found- it requires math across buckets. It's also difficult because of the global time filter which intersects with any buckets. When I have this kind of problem I write a Vega visualization from this template:

{
  "$schema": "https://vega.github.io/schema/vega-lite/v4.json",
  "data": {
    "url": {
      "index": "metricbeat-*",
      "body": {
        "aggs": {
          "f": {
            "filters": {
              "filters": {
                "current": {
                  "range": { "@timestamp": { "%timefilter%": true } }
                },
                "previous": {
                  "range": {
                    "@timestamp": {
                      "%timefilter%": true, "shift": -4, "unit": "week"
                    }
                  }
                }
              }
            }
          }
        },
        "size": 0
      }
    },
    "format": {
      "type": "json",
      "property": "aggregations.f.buckets"
    },
  }
  
  "transform": [
    {
      "calculate": "if (datum.previous.doc_count, datum.current.doc_count / datum.previous.doc_count, null)",
      "as": "percent_diff"
    }
  ]
  
  "vconcat": [
    {
      "title": "Percent change from 4 weeks ago"
      "width": "container"
      height: 40
      "mark": "text",
      "encoding": {
        "text": {
          "field": "percent_diff"
          "format": "0.2%"
        },
        "size": { value: 32 },
        "align": { "value": "center" },
      }
    },
    {
      "title": "Current value"
      "width": "container"
      "mark": "text",
      "encoding": {
        "text": {
          field: "current.doc_count",
          format: ","
        },
        "fill": { "value": "black" },
        "fontWeight": { "value": "bold" },
        "align": { "value": "center" },
      }
    }

  ],
}

Thomas74 · September 11, 2020, 9:32am

Thanks I will test it I never used vega visualization. It seems interesting too.

system · October 9, 2020, 9:32am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to get percentage change of field values for two different time periods or differentiated by other field in visualizations Kibana	3	895	February 26, 2020
I want to calculate percentage increase of user count between two categories Kibana	4	1122	March 5, 2019
Display data as metric percentage of document count Kibana	9	1657	February 15, 2020
Display a metric change over a period of time Kibana	2	268	October 3, 2022
Display percentage growth on vertical bar Kibana	3	1116	June 18, 2020

Percentage difference over two different periods

Related topics