Hi ,
I am using elasticsearch 5.1.1 and kibana also 5.1.1 . I want to check distinct counts for a long value field in elasticsearch i have used cardinality to do this. i have designed three graphs
Userid is my long value field Ex : 54002 ,54004 etc...
- total unique userid counts (Metric Graph)
- Total unique userid among each hour
- Total unique userid among each server.
So here when i cross check total of graph 3 with total of graph 1 both are different . can you please tell me why it is happening. is this because of approximate values for cardinality aggregations or some other issue in designing dashboards.
Thanks
phani
Can you post some screenshots of your three graphs and how you are comparing the values? This will help me try to replicate your issue.
Hi ,
Sure Thanks for the quick reply. Please find the screenshots attached
Unique count of users by Hour Metric
Total Count of unique users metric.
But if we sum all the numbers in per hour graph not matching to all unique users count.
But total unique users count is : 118 .
Thanks
phani
Yea, this is expected. It's because the chart is counting unique ips per hour (same ip may appear in different hourly buckets) while the metric is counting unique ips across all time. If you change your time range in the graph to a very large value, they should come out the same value:
Hi @Stacey_Gammon
Thank you for replies ..it solved my problem .Thanks for nice explanation
