Visualize all the dates a keyword field changes

dao · April 24, 2018, 11:58am

I have a serie of documents like this:

timestamp	CAR.keyword	ENGINE_SERIAL_NUMBER.keyword
20-02-2017	CAR1	A0001
20-02-2017	CAR2	B0001
21-02-2017	CAR1	A0001
21-02-2017	CAR2	B0001
22-02-2017	CAR1	A0001
22-02-2017	CAR2	B0002
23-02-2017	CAR1	A0001
23-02-2017	CAR2	B0002
24-02-2017	CAR1	A0002
24-02-2017	CAR2	B0002

As you can see,

the 22nd, the ENGINE_SERIAL_NUMBER of CAR2 has changed.
the 24th, the ENGINE_SERIAL_NUMBER of CAR1 has changed.

I'd like to visualize those changes. Something like:

22-02-2017 CAR2 replaced engine B0001 by B0002
24-02-2017 CAR1 replaced engine A0001 by A0002

Is it possible? I assume it could be a table view?

thomasneirynck · April 24, 2018, 4:39pm

hi @dao,

This is not possible in Kibana right now.

You may want to ask this question first in the Elasticsearch forum, to see if Elasticsearch actually supports such a query to begin with (I don't think it does, but I may be wrong).

dao · April 28, 2018, 9:50am

OK, I have created a new issue in elastic topic: Query the list of changes for a keyword field

system · May 26, 2018, 9:50am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Visualize value change over time in table Kibana	3	3092	July 11, 2018
Visualizing Terms In A Field Kibana	4	345	February 7, 2020
Visualizing the latest Entries by a specific Field Kibana	3	214	July 19, 2021
Re-mapping field type from date to text Elasticsearch	2	1141	July 19, 2018
Split and group documents by two conditions in Kibana visualizations or Elasticsearch queries Kibana	4	1032	November 30, 2021

Visualize all the dates a keyword field changes

Related Topics