Unique value counts in kibana

Elastic Stack Kibana
1

Hi ,

I am using elasticsearch 5.1.1 and kibana also 5.1.1 . I want to check distinct counts for a long value field in elasticsearch i have used cardinality to do this. i have designed three graphs

Userid is my long value field Ex : 54002 ,54004 etc...

  1. total unique userid counts (Metric Graph)
  2. Total unique userid among each hour
  3. Total unique userid among each server.

So here when i cross check total of graph 3 with total of graph 1 both are different . can you please tell me why it is happening. is this because of approximate values for cardinality aggregations or some other issue in designing dashboards.

Thanks
phani

2

Can you post some screenshots of your three graphs and how you are comparing the values? This will help me try to replicate your issue.

3

Hi ,

Sure Thanks for the quick reply. Please find the screenshots attached

Unique count of users by Hour Metric

image
image.png1114×525 19.3 KB

Total Count of unique users metric.

image
image.png965×350 10.4 KB

But if we sum all the numbers in per hour graph not matching to all unique users count.

image
image.png830×397 16.3 KB

But total unique users count is : 118 .

Thanks
phani

4

Yea, this is expected. It's because the chart is counting unique ips per hour (same ip may appear in different hourly buckets) while the metric is counting unique ips across all time. If you change your time range in the graph to a very large value, they should come out the same value:

14 AM
Screen Shot 2017-11-13 at 9.21.14 AM.png2534×1192 263 KB
26 AM
Screen Shot 2017-11-13 at 9.21.26 AM.png2528×1240 227 KB
28 AM
Screen Shot 2017-11-13 at 9.19.28 AM.png2538×1316 187 KB

1 Like
5

Hi @Stacey_Gammon

Thank you for replies ..it solved my problem .Thanks for nice explanation

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.