I have been struggling to create simple stacked up vertical bar graph. Any help would be appreciated.
My data set looks like -
And I want to create chart like below:
This should actually be quite easy to pull off, if you are storing your documents correctly in Elasticsearch. I suspect any trouble you are having with Kibana is probably related to how you are storing that information.
Can you share some more details about the data you are trying to visualize, and how you are storing it?
Thanks for response. I'm storing data as below:
Sample Data:
And I want to create bar graph like below:
I am able to create stacked up vertical graph after few tries.
Now I'm trying to order bars by total (High + Critical). Right now it orders by either critical or high.
I'm actually not totally sure how you managed to graph both the Critical and High values together in the first place, those being 2 different fields.
Can you share what you have in the Visualization build. That is, the left hand side where you define the Metrics and Buckets. That'll help me better understand what I'm looking at here.
Ah, yes, that looks right. I just couldn't visualize in my head how you'd pull that off. You nailed it though 
Anyway, so the chart you see is actually correct, or at least as correct as you can get. Notice how the sum of CRITICAL values (the dark teal color) is actually ordered correctly. If you choose to instead order by the sum of HIGH values, those will be in the right order, but CRITICAL will no longer be sorted, and the overall counts may still be out of order.
The problem is that, at least as far as I know, there's no way to ask Elasticsearch to order the values by the total count. It may actually be possible using pipeline aggs ,but I'm really not familiar with them so I couldn't say for sure. Kibana definitely doesn't consume them yet anyway.
The data that is used in the visualizations is simply the data that came back from Elasticsearch, exactly how it came back. Kibana could sort the results after the fact, but the team has made a point not to do things that Elasticsearch doesn't do.
There's probably an opportunity to open an issue here, since sorting by the total seems like a valid feature request. At the very least, you'll get some input from others on the team and start a larger conversation about it. Plus, someone else might know if this is actually possible with pipelines.
I have created feature reqeust. Lets see what do they responsd.
Is it possible to do the same if I write my own custom visualization chart plugin?
It should be, in theory. If you wanted to keep using the courier in Kibana (how it coordinates communication with Elasticsearch), you should still be able to, and then just sort the buckets in the response by count.
It seems like a nice feature to add to Kibana proper though. If you're not using time-series data (and you aren't), being able to sort by total count would be nice. It would be awesome to see a contribution to Kibana, instead of another visualization for just this kind of use case.