Timelion graph for dynamic array elements

mirco-s · March 14, 2019, 2:12pm

Hi,

I've got data as follows and would like to render a graph with Timelion.

{
  "_index": "test",
  "_type": "summary",
  "_id": "1552561142688",
  "_version": 1,
  "_score": null,
  "_source": {
    "databaseProductName": {
      "MySQL_5-5": 20,
      "MySQL_5-6": 41,
      "Microsoft_SQL_Server_12-00": 97,
      "Microsoft_SQL_Server_13-00": 124,
      "Microsoft_SQL_Server_14-00": 57
    }
  },
  "fields": {
    "reportTimestamp": [
      "2019-03-14T10:59:02.688Z"
    ]
  },
}

In Elastic this means something like this:
databaseProductName.MySQL_5-5 with value 20
databaseProductName.MySQL_5-6 with value 41
etc.

There is one document per day. The graph should show one line per databaseProductName (e.g. MySQL_5-5) with the value (e.g. 20). The databaseProductName keys are dynamic so new names can occur anytime. I don't want to manually update the graph to include new names.

I thought this should be easy with Timelion but so far I struggled to find a way to do it. Can this be achieved with Timelion or other Kibana means?

Thanks!

Marius_Dragomir · March 22, 2019, 11:40am

They way the data looks now it's very hard to draw the graph that you want. I would recommend changing the way the data ingest looks, creating one document for each datbaseProductName. It can have the same data except having two fields instead of that array:
databaseProductname as a string, with the key from the pair, example: "MySQL_5-5"
databaseProductValue as a number, with the value from the pair, example: 20

then you can do filters and various aggregations on the databaseProductName field.

system · April 19, 2019, 11:40am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.