Use elasticsearch requests in kibana (with double/tripple aggregation)

Hi

given:
documents with a timestamp

try:
I have a working requests which first rounds the timestamps to 10 minutes (date_histogram) and than sums up six 10 minute windows. (Rolling hour).

here is the request:

POST /xxx/_search?size=0
{
  "aggs": {
    "myDateHisto": {
      "date_histogram": {
        "field": "STutc",
        "fixed_interval": "10m"
      },
      "aggs": {
        "moving_count": {
          "moving_fn": {
            "buckets_path": "_count",
            "window": 6,
            "script": "MovingFunctions.sum(values)"
          }
        }
      }
    }
  }
}

The request produces the correct result but I have no idea how to use the result in a graph within kibana. As far as I am aware there is nothing like this in KQL or lucene, nor can I find a way to use this request for a graph directly. Even when using TVSB there is only one level of aggregation.

Any ideas?

In a next step I have to get the maximum per day (now there are 144 values for each 10 minutes). So there will be another level of aggregation.

Regards
Seb

HI @sebneu. I believe there is currently no way to accomplish this in our Kibana visualizations. However, you might be able to create your own visualization using Vega in Kibana. Vega can be challenging if you haven't used it before, but it accepts almost any Elasticsearch query for input.

wow, a complete new world is opening up! great

Thank you for the hint!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.