Hi Everyone,
I am trying to make a bar graph that will show the value of a field(storeinfo) with the highest count, every hour, for the past 24 hours. Basically, I want to to show the most frequent storeinfo in my logs, by hour, with the number of times it appeared on the y-axis, and the actual storeinfo and hour in the x-axis.
I currently have a poor workaround for this. My y-axis is set to count, I split the chart by columns as a date histogram with an hourly interval, and have my x-axis set to be a sub aggregation on the term storeinfo.raw ordered by count, descending, and a size of 1.
The attached picture is the result I get
My biggest issue with this result is that every value of storeinfo that is most frequent for at least one hour appears in every 1 hour chunk.
I think I need to do something like y=max(count(storeinfo.raw) (which I already basically have), and need to be able to control the x-axis labels better.
Any help would be appreciated
