Sum by hour over several days

Gautam_S_Thakur · February 16, 2016, 10:33pm

It looks like with kibana, this is not possible. It cannot perform summation of value over the same hour for multiple days.

I would like to sum a numeric field by hour, over an arbitrary time period say (last 10 days). The resulting plot looks likes below,

X-axis => hour of the day (0-23 or 8 am, 9 am.... ).
Y-axis => aggregated sum (Say from last 10 days). Thus, value of y-axis for "0" hour is sum of all "0" hour in the last 10 days. That is, It is representative of the "sum of" all 8 AMs, 9 AMs... of last 10 days.

(X,Y) => (0, 10), (1, 20), ...... (23, 40) . An example is shown in the picture. I am using ES 1.7.1 and kibana 4.1.2

stormpython · February 19, 2016, 7:22am

Gautam,

It is possible in 4.3 +. Essentially whenever scripted fields was introduced into Kibana. You can create a scripted field, called hour_of_day, as below.

To learn more about scripted fields in Kibana, see here.

You can then create a line chart using a histogram aggregation to get the results you desire, like so: