I want to have visualization showing bytes_in sorted by pools, here's expl of data:
beat.name x.x.x.x
beat.version 5.6.8
bytes_in 202091918
bytes_out 8688067381
hadrware.visibility private
hardware.subtype loadbalancer
hardware.type networking
host xxxxx
pool poolA
input_type log
loadbalancer x.x.x.x
timestamp 2018-03-05 10:50:01
So every 1 min I have multiple pools having bytes_in, and I wanna get them sorted with timeleon, tried this .es(metric=pool:*,metric=bytes_in:*) but it's not working.
rcowart
March 5, 2018, 10:52am
2
You will probably want to start with something like this...
.es(index="INDEXNAME", metric="sum:bytes_in", split="pools:10", kibana=true)
Odds are you will want to do more with the chart. Here is an example of one of the charts in our solution...
.es(index="elastiflow-*", metric="sum:flow.bytes", split="flow.client_hostname:10", kibana=true).multiply(8).scale_interval(1s).fit(mode=scale).if(operator="lt", if=0, then=0).trim(start=1,end=1).label(regex="^.* flow.client_hostname:(.+) > .*$", label="$1").lines(width=1, stack=true, fill=1).yaxis(label="bits / sec", units="bits/s", min=0)
To make it more readable...
.es(
index="elastiflow-*",
metric="sum:flow.bytes",
split="flow.client_hostname:10",
kibana=true
)
.multiply(8)
.scale_interval(1s)
.fit(mode=scale)
.if(
operator="lt",
if=0,
then=0
)
.trim(
start=1,
end=1
)
.label(
regex="^.* flow.client_hostname:(.+) > .*$",
label="$1"
)
.lines(
width=1,
stack=true,
fill=1
)
.yaxis(
label="bits / sec",
units="bits/s",
min=0
)
The result looks like this...
Hi @rcowart , thx for the feedback and indeed I think this could help me a lot but after querying I get following Fata Error:
Error: Uncaught TypeError: Cannot read property 'from' of undefined (https://x.x.x.x:x.x.x.x/bundles/commons.bundle.js?v=15523:94)
at window.onerror (https://x.x.x.x:x.x.x.x/bundles/commons.bundle.js?v=15523:90:22028)
Seems to be a Kibana problem.
system
April 2, 2018, 11:58am
4
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
