[SOLVED] Exclude some values in elasticsearch

I 've a graph who sum all received byte on my fortigate, but sometimes, i've got double or triple logs, so it makes my graph unreadable.
can i ignore or remove some values.

example : all sum of value that exceed 1 000 000 are ignored.


You can either throw those out in the application consuming the data, or, possibly, you can throw them out using a pipeline aggregation.

1 Like

thanks a lot.