Problem date_histogram in vega with aggregation

nb03briceno · April 17, 2020, 10:02am

Hello everyone,

I'm trying to create a graph with vega. A date histogram graph from an aggregation, but it is not working. In Kibana, it shows me the following error.

_.aggregations is undefined

Would you mind to make a look, and giving to me a suggestion.

The associated code is this:

{
$schema: https://vega.github.io/schema/vega-lite/v2.json
title: Daily Count

data: {
url: {

  index: hs_index
  
  
   body: {
    
	size: 1000000,
	// Just ask for the fields we actually need for visualization
    _source: ["@timestamp","@version","consumed","consumed_text1","consumed_text2","free","free_text1","free_text2","host", "logLevel", "logdate","max","max_text1","max_text2","message","values","values_names","date_time","date_time","message"]
  	   
	"track_total_hits": true,
	"query": {
		"match": {
			"message": "COMMAND ORDER"
		}	
	}, 
	"aggregations":{
			order_over_time:{
				date_histogram: {
					field: "date_time",
					format: "yyyy-MM-dd hh:mm-ss",
					interval: "day"
				}
			}
	}

 }
}
format: {property: "aggregations.order_over_time.buckets"}

}

mark: bar

encoding: {
x: {
field: key
type: temporal
axis: {title: false}
}
y: {
field: doc_count
type: quantitative
axis: {title: "Call count"}
}
}
}

Thanks so much,

JUAN DAVID BRICENO GUERRERO

Luca_Belluccini · April 17, 2020, 10:33am

Few comments:

Please edit the question to be formatted properly, wrapping the code in ``` (see Markdown code sections)
Using size: 1000000 will probably make the request fail and if you're interested only on aggregations, you can set it to 0
Why do you want to use Vega for a histogram aggregation when you have Kibana native histogram aggregations?

Luca_Belluccini · April 17, 2020, 10:42am

Try with the following:

{
  "$schema": "https://vega.github.io/schema/vega-lite/v2.json",
  "title": "Daily Count",
  "data": {
    "url": {
      "index": "hs_index",
      "body": {
        "size": 0,
        "track_total_hits": true,
        "query": {"match_all": {}},
        "aggregations": {
          "order_over_time": {
            "date_histogram": {
              "field": "timestamp",
              "format": "yyyy-MM-dd hh:mm-ss",
              "interval": "day"
            }
          }
        }
      }
    },
    "format": {"property": "aggregations.order_over_time.buckets"}
  },
  "mark": "bar",
  "encoding": {
    "x": {"field": "key", "type": "temporal", "axis": {"title": false}},
    "y": {
      "field": "doc_count",
      "type": "quantitative",
      "axis": {"title": "Call count"}
    }
  }
}

Then adjust the query to match the documents you need.

nb03briceno · April 17, 2020, 12:08pm

Hello, Lucca, I'm willing to do the work with vega because we have been developping other graphs with this graph tool in kibana. Is there a way for me to send you the last code correctation within vega to see why the plot is not having any result?. I tried the aggregations in the dev tools and it is working properly, I made the corrections you suggested but I'm not having different results.

"key" , "doc_count" must be the fields selected by default when I do the plot with the aggregation?, cause those fields I dont have in my index (hs_index), and for example I saw sometimes people refers to the Y fields suchs as the "name of the aggregation".value
? Would you mind explainning me this ? last time we developed a graph was in a total different way.

Thanks so much!

Thanks for your answer.

Luca_Belluccini · April 17, 2020, 1:48pm

The doc_count and key are fields generated by the aggregation you've specified.
I just discovered an error (because I tested it on a different time field: mine was timestamp while yours is date_time). Try this:

{
  "$schema": "https://vega.github.io/schema/vega-lite/v2.json",
  "title": "Daily Count",
  "data": {
    "url": {
      "index": "hs_index",
      "body": {
        "size": 0,
        "track_total_hits": true,
        "query": {"match_all": {}},
        "aggregations": {
          "order_over_time": {
            "date_histogram": {
              "field": "date_time",
              "format": "yyyy-MM-dd hh:mm-ss",
              "interval": "day"
            }
          }
        }
      }
    },
    "format": {"property": "aggregations.order_over_time.buckets"}
  },
  "mark": "bar",
  "encoding": {
    "x": {"field": "key", "type": "temporal", "axis": {"title": false}},
    "y": {
      "field": "doc_count",
      "type": "quantitative",
      "axis": {"title": "Call count"}
    }
  }
}

I strongly suggest using native visualizations.
It is straightforward (see here).

nb03briceno · April 17, 2020, 3:53pm

Thanks so much, now it is working properly! :). I would like just to ask you one last question, do you know if it is possible to change the way in which the scale of an axis is depicted in Vega? (supposing the X axis in my example) when I change the aggregation to minutes or seconds, the whole amount labeled values of the axis are grouped too close so its not possible to see them or differentiate them.it is possible to keep some space between each point and have a longer X- axis that i could move in with an scroll bar or something similar?

Thanks so much

Luca_Belluccini · April 17, 2020, 5:30pm

I am not an expert on Vega unfortunately...
I would suggest checking the official documentation at https://vega.github.io/vega/docs/ and grab hints from the examples

system · May 15, 2020, 5:31pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Problem with simple and composite date_histogram aggregations Kibana	3	252	June 13, 2019
Vega histogram does not work in Kibana Kibana	4	1531	November 3, 2018
Sankey visualisation (Vega) - _aggregations is undefined Kibana vega	2	655	March 29, 2019
Kibana Vega - How to display multiple results in a date histogram Kibana vega	2	1973	December 19, 2019
Vega date_histogram aggregation interval based on signal Kibana vega	2	833	August 19, 2020

Problem date_histogram in vega with aggregation

Related topics