I am new with Kibana visualizations and need help with current task.
I have 2 logs in same index with different data.
Both has message with different log data.
1st one stores information about locations used for search and has fields with this data. (fields.SearchLocations.keyword)
2nd one stores information about number of search results. (fields.NumberOfSearchResults.keyword)
Both has common fields named like fields.Gds.keyword and fields.TenantName.keyword.
I need combined info from both of them to display using Table Visualization and table must have next structure:
|TenantName|GDS|SearchLocations|Count|
I tried to use Buckets for it and have added next fields to the bucket:
fields.TenantName.Keyword
fields.Gds.Keyword
fields.SearchLocations.keyword
As metric i used Filter and calculate how much fields.NumberOfSearchResults.keyword with 0 value
But it shows correct data per Gds and TenantName, but not per SearchLocations. I think it happens because information about NumberOfSearchResults and SearchLocations are placed in different logs inside same index.
I can add metric for SearchLocations, but in this case all routes will be listed in one row, but i need separate stat per requested route.
If i enable metric for every bucket field, then i have next data in table:
It is correct for first two calculations. But third one is always 0.
How i can change my table and receive collected data for visualization?
Thank you.