I have followed the reverse geocoding example and the basics work great using Kibana 7.16. I have left the 'apply global search to layer data' option turned off so that the map updates when I filter observations in a dashboard.
Now I would like to limit the polygons shown on the map to those which meet a minimum number of observations (e.g. show only polygons with at least 5 IP addresses). Is there a way to make this work? If so, can I adjust the behaviour of the threshold to also filter the remaining dashboard or, alternatively, not to filter the remaining dashboard?
jsanz
June 23, 2022, 11:35am
2
Unfortunately there is not support for aggregation results filtering in Elastic Maps
Related issues:
opened 06:19AM - 22 Jan 20 UTC
Team:Geo
enhancement
**Describe the feature:**
Enable a way for filtering buckets visualized in a … map's
grid visualization.
This can potentially be implemented by
adding an additional [bucket-selector pipeline aggregation](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-pipeline-bucket-selector-aggregation.html) to the ES query.
**Describe a specific use case for the feature:**
Sometimes it may be necessary to hide buckets in a map's
grid aggregation from showing buckets with a certain count.
https://github.com/elastic/elasticsearch/pull/50480 describes a scenario where
it would be nice to have `min_doc_count` as
an additional parameter to a visualization so one can filter out
buckets that have a lower count than this.
opened 08:04PM - 13 Apr 20 UTC
Team:Geo
enhancement
I have tabular data by districts and days. Each row contains diff between the cu… rrent and previous days, i.e. relative value.
district | day | metric
----------+------------+--------
D1 | 2020-04-12 | -11
D1 | 2020-04-13 | 40
D2 | 2020-04-13 | 20
D1 | 2020-04-14 | 11
D1 | 2020-04-15 | -50
I need to visualize this data on Kibana's region map.
So, the *metric* is grouped by *district* and summarized. Here is the ElasticSearch query generated by Kibana:
{"aggs": {
"2": {
"terms": {
"field": "district",
"size": 300,
"order": {
"1": "desc"
}},
"aggs": {
"1": {
"sum": {
"field": "metric"
}}}}},
"query": {
"bool": {
"must": [{
"range": {
"@timestamp": {
"format": "strict_date_optional_time",
"gte": "2020-04-12T00:00:00.0Z",
"lte": "2020-04-16T00:00:00.0Z"
}}}]}}}
Depending on the selected data rage the result will vary. For example, this query selects all data (see @timestamp filter) and metric values for districts **D1** and **D2** will be **-10** and **20**. If I'll change the filter to select data for 12-13 April it will be *-11 + 40* = **29** for **D1** and **20** for **D2**.
In Kibana I need to filter out buckets with negative **sum(metric)** value and show districts only with a positive sum value. I couldn't find any working solution. I've tried
- Kibana's **JSON input** + [Bucket Selector
Aggregation](https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-pipeline-bucket-selector-aggregation.html)
Visual
- Kibana's Vega Graphs, but it seems that it doesn't support region maps.
I'd like to avoid it as it's quite complicated.
- Build a new index based on the existing ones, but it's not possible as
a result depends on a date range filter, so I cannot pre-calculate metrics and filter out negatives because I don't know what date range is in advanced
Nothing of this worked for me. I was able to compose a working Elastic Search query that does exactly what I want, but I don't know how to visualize it using the region map:
{"aggs": {
"2": {
"terms": {
"field": "district",
"size": 300,
"order": {
"1": "desc"
}},
"aggs": {
"1": {
"sum": {
"field": "metric"
},
"1_bucket_selector": { -- here is main part, how get it in region map?
"bucket_selector": {
"buckets_path": {
"metricSum": "1"
},
"script": "params.metricSum > 0"
}}}}}}}
So, any workaround to achieve what I want?
[Here](https://discuss.elastic.co/t/introduce-bucket-selector-or-any-post-aggregation-filtering-like-having-in-sql-into-region-map-elastic-search-kibana/227687) is a related topic on Kibana forum
ELK stack version is 7.0
system
July 21, 2022, 11:36am
3
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
