I'm just starting with Kibana and want to create a Tag Cloud. The index I’m using stores documents that are posted each hour and contain counts from up to 200 counters. A sample of the data is as follows:
I would like the tag cloud to show the counter names (counter_a, counter_b, etc) in proportion to a summation of the counts from all the documents – i.e. the sum of counter_a across all documents would be 1,100, the sum of counter_b would be 650 & the sum of counter_c would be 330. Therefore the font size of counter_a would be the largest while counter_c would be the smallest and counter_b would be in between.
Is what I’m asking doable? If so, how would I get started? I do have the flexibility of re-creating the index with a different mapping if required to achieve my goal.
If you would ingest your counter values as separate documents like this: { "countDate": "2020-01-17T00:00:00", "counterName": "counter_a", "counterValue": 25 } , { "countDate": "2020-01-17T00:00:00", "counterName": "counter_b", "counterValue": 12 } , { "countDate": "2020-01-17T00:00:00", "counterName": "counter_c", "counterValue": 7 }, { "countDate": "2020-01-17T00:00:00", "counterName": "total", "counterValue": 150 }
Then you should be able to get this visualization by using a Terms aggregation on the counterName field for the Tags and a Sum aggregation on the counterValue field for the Tag size.
I refactored my custom NiFi processor to push documents to Elasticsearch using the mapping you recommended and the Tag Cloud rendered perfectly! This revised mapping helps a lot with other visualizations I've been working on.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.