I have a peculiar use case where we have multiple devices generating alarms of different nature.
I have Field Named: Event and the data looks like: date_time|alarm_type|device1|on
corresponsing to that device i have another event date_time|alarm_type|device1|off
Now i need to know how i can:
Identify the time taken for the alarm to reach from on to off
Provide a visualization to identify the Average time in alarm before acknowledgement or it went off.
First i would suggest to index your data in a way that each of the parts of your field date_time|alarm_type|device1|off is a separate field, so datetime field, alarm_type field, device field and value/state field
once this is done calculating average time should be really straight forward (just use average aggregation on the elapsed field).
for calculating the frequency, what exactly would you expect to see there ? N alarms per hour or something like this ? that should be easy as well once alarm_type is a separate field.
just do a date histogram with a fixed interval and use count as a metric.
then you could probably use time series visual builder and its calculation aggregation
@ppisljar
Hi Peter,
Thanks for providing me exactly what i was looking for, here are some more insights on the setup i have.
Yes, i have my data indexed with all the fields such as
date_time
alarm_type
deviceid
state
unique_id (corresponding to each device ID with alarm type)
Now like on and off i have multiple alarm states like
alarm & normal
open & closed
...
Based on the documentation for elapsed filter, should i be adding multiple tags to achieve what i intend to?
For the frequency, i need to know the frequency of a specific type of alarm and be able to further drill down.
For the rest i will let you know how it goes as per your brilliant suggestions.
Thanks again.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.