Visualize all the dates a keyword field changes

dao · April 24, 2018, 11:58am

I have a serie of documents like this:

timestamp	CAR.keyword	ENGINE_SERIAL_NUMBER.keyword
20-02-2017	CAR1	A0001
20-02-2017	CAR2	B0001
21-02-2017	CAR1	A0001
21-02-2017	CAR2	B0001
22-02-2017	CAR1	A0001
22-02-2017	CAR2	B0002
23-02-2017	CAR1	A0001
23-02-2017	CAR2	B0002
24-02-2017	CAR1	A0002
24-02-2017	CAR2	B0002

As you can see,

the 22nd, the ENGINE_SERIAL_NUMBER of CAR2 has changed.
the 24th, the ENGINE_SERIAL_NUMBER of CAR1 has changed.

I'd like to visualize those changes. Something like:

22-02-2017 CAR2 replaced engine B0001 by B0002
24-02-2017 CAR1 replaced engine A0001 by A0002

Is it possible? I assume it could be a table view?

thomasneirynck · April 24, 2018, 4:39pm

hi @dao,

This is not possible in Kibana right now.

You may want to ask this question first in the Elasticsearch forum, to see if Elasticsearch actually supports such a query to begin with (I don't think it does, but I may be wrong).

dao · April 28, 2018, 9:50am

OK, I have created a new issue in elastic topic: Query the list of changes for a keyword field

system · May 26, 2018, 9:50am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Query the list of changes for a keyword field Elasticsearch	3	457	June 3, 2018
Visualize value change over time in table Kibana	3	3104	July 11, 2018
Visualizing Terms In A Field Kibana	4	348	February 7, 2020
Kibana filter; trying to query a keyword field Kibana	3	1291	August 16, 2018
Visualizing the latest Entries by a specific Field Kibana	3	214	July 19, 2021

Visualize all the dates a keyword field changes

Related topics