Visualize in Kibana

Elastic Stack Kibana
1

Hi Kibana team. I'm newbie at ELK stack, i just installed and run a first step and now i have a question:
Is it possible to visualize the data by specify time everyday?
for example i want to check hits log from 10-11h everyday in 1 visualize so i can compare it.
If it's possible please teach me, ty

2

yes, it is possible to visualize the data by specific time. You could do this by picking the time filter option in visualize . The time filter restricts the search results to a specific time period. You can set a time filter if your index contains time-based events and a time-field is configured for the selected index pattern.

By default the time filter is set to the last 15 minutes. You can use the Time Picker to change the time filter or select a specific time interval or time range in the histogram at the top of the page.

More information can be found here: Set the time range | Kibana Guide [8.11] | Elastic

Let us know if you need more information.
Thanks
Rashmi

3

Hi @rashmi
I have try the specific time that kibana tool give me at top right but i want to see the result each day at one time in one result data not by click at the < button
The result like 1
Can i do it with kibana tool?
Thanks

4

Yes, this could be done by using the painless script . For example, I used Filebeat data. Create a scripted field with painless as shown doc['json.REALTIme_TimeSTAMP'].date.hourOfDay and use this to plot against the x-axis as shown in the visualization.
Also add the sub-aggregation- Range - Field hour for the specific time of the day you want to plot the graph against. I chose between 10-11 and as you can see the graph is plotted hourly. You can keep adding the hour fields for the range you want.

Hope this helps.
Thanks
Rashmi

image (1)
image (1)2234×1225 115 KB
image
image971×593 43.6 KB

1 Like
5

Thanks @rashmi
That's exactly what i want.
Ty for good support again :slight_smile:

6

glad my response helped u.

Thanks
Rashmi

7

Hi @rashmi im back :slight_smile:
I have follow your step and i have a trouble with the scripted field here
My scripted Field:

11
11.PNG933×463 9.49 KB

Without the Split Series it's the normal result per day
12
12.PNG1124×616 19.3 KB

But when i add the range hour follow you, it's error
13
13.PNG1125×549 20.6 KB
14
14.PNG1144×333 23.2 KB

Can you help me with this. Thank you

8

The quote characters used in your Script field look like typographic quotes instead of the expected single or double quotes (' or "). Try using normal single quotes.

1 Like
9

Hi @weltenwort
After follow your advice i can visualize with scripted field.
I can filter with my scripted field doc['Time'].date.hourOfDay
But when i choose range 1-2 it become 8-9 in the result, i think it's because of my GMT +7 so i try
doc['Time'].date.hourOfDay() - 7
(doc['Time'].date.hourOfDay) - 7
doc['Time'].date.hourOfDay - 7
event in the Popularity (the field i dont know exactly what it doing)
Still not work. Can you help me with this.
Thanks

10

Yes, the time should be in UTC by default. Using doc['Time'].date.hourOfDay + 7 in the script field should work:

image
image.png461×530 13.1 KB

The popularity field just influences the sorting of the field within the field list of the discover view and does not influence its functionality.

1 Like
11

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.