Hi All,
Scenario: From Elasticsearch, I am getting chat participants as an array of string for each document.
For example - I am receiving data in Kibana something like this -
Document 1:
"_source": {
"participants": [
"messenger",
"john"
],
}
Document 2:
"participants": [
"messenger",
"Harry"
],
My requirement is to display users talked on our messenger every hour for let say last 7 days.
To achieve the requirement - I created a Time series in Visual Builder and kept following configurations:
aggregation = count
aggregation = Count, Group By = Terms by participants
and made other configurations required to display count per hour basis and kept the chart as stacked bar.
It creates time Series almost same what I want -- BUT graph/chart is including "messenger" as well in the list of users.
So the output I am getting in Visual Builder is something like as below -
messenger 2
John 1
Harry 1
While, I want to get something like ---
John 1
Harry 1
I want to exclude "messenger" from my counts and display.
Then in order to achieve it - I created a scripted field which holds only "users", not the "messenger".
scripted_user has values = John and Harry for respective documents.
But, seems visual Builder doesn't support use of scripted field.
If I can be able to "group by" on "scripted_user" field in Visual Builder, my problem will get solve.
Could any of you please suggest how can I use scripted field in Visual Builder,
Otherwise, any other solution for my use case.
Many thanks in advance.