Hi
I am reading data from multiple log files, which have identical format and are processed with the same grok filter. Format is SystemWideTimestamp, LogId, Value.
I would like to be able to draw the Value time-series, from various log files, on the same graph, with SystemWideTimestamp as X axis. Currently, I do the following:
1- In Line Chart, Y-axis, select Max/Avg as aggregation and use Value as its field
2- Use SystemWideTimestamp, in X-axis, as aggregation field, which is order by "Term", ascendingly
3- Add Split-Lines sub-bucket, and select "Filter" as sub aggregation, then define filters with LogId:logx, LogId:logy, etc
This works fine, except, as the name implies, the x-axis is split vertically. What I really like is for these time series to use a single x-axis, SystemWideTimestamp.
Anything I can do within Kibana?
Cheers,
So I can almost get there, by:
1- 1st aggregating on the common time stamp
2- Sub aggregate on "Split Chart", and select rows
3- Define qualifying filters
The only hitch is that non-sequential Y points are not connected.
I responded to your other topic about the broken lines, but it will probably ultimately be something we need to write some code to fix in Kibana. If you're on Kibana 5, have you tried using Timelion? You could probably accomplish exactly what you want there, as an alternative.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
