Tracking number of value changes of boolean field in time series

DennisKlopfer · November 29, 2021, 11:05am

My time series data contains a boolean field, which changes frequently. I want to count the number of changes of said field.

Optimally I would like to create a field containing this number while ingesting, but showing the current count on a Kibana Dashboard suffices.

I came up with the following approaches:

Calculate a cummulative sum over the boolean field, filter by negative values and output the cardinality of the result.
Use serial_diff on the boolean field and sum over the result.

However I was not able to construct said queries or find dashboard functionality to represent this behaviour. Help is greatly appreceated.

Nathan_Reese · November 29, 2021, 6:31pm

Dashboards do no expose the ability to derive fields from multiple documents. To show this value in Kibana, you will need to store the value in the document.

system · December 27, 2021, 6:31pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Kibana: representing evolution of boolean field in time Kibana	2	411	June 25, 2021
Graphing Boolean Values in Kibana Kibana	7	6592	February 2, 2018
Count of true values in Kibana data table Kibana	2	605	November 11, 2020
Dashboard in Kibana: Boolean vs. Count Distinct offered Field Kibana dashboard	1	135	April 30, 2024
Sum of True (Boolean Field) Kibana	9	4523	July 14, 2017

Tracking number of value changes of boolean field in time series

Related topics