First, I set the mapping of the relevant index to have events as a nested type. Then, I plug in Kibana and I would like to build a graph, from 0h to 24h on the X axis, showing the count of events spread in dots. I do not understand how I can do that. I would do that using some homemade backend but since Kibana exists I thought it would be a nice use case.
Is it possible to achieve what I want using my current data structure and Kibana, or should I:
forget about Kibana for that purpose
change my data structure to duplicate the time in another property
Unfortunately, Kibana does not support visualizing over array types. Instead Kibana expects that each document represents an event in time, and then visualizes those events over time. To accomplish what you're attempting to do you would need to create a new document for each event and then graph those documents over time.
For example, create two separate documents:
PUT /my-events/_doc
{
"date": "2019-03-20T18:30:00",
"event-type": "SOME_TYPE"
}
PUT /my-events/_doc
{
"date": "2019-02-07T18:00:00",
"event-type": "ANOTHER_TYPE"
}
Once you've indexed these documents you can the create an index pattern in Kibana and set the timestamp field to your date field and use that in your graphs as your X-Axis.
thanks for the info
The current project is close to being shipped I cannot rework my data model like so. That being said, I will use this information for further work with elastic so that Kibana can ease the data processing.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
