Hi ,
I want to visualize the various url visited by a spcific user along with the timestamp in a graph. i have the following data in es index,
date: 11/Jul/2023:11:15:13.705 +0530
remote ip: 49.37.163.204
url:
/3dpassport/api/public/i18n/local/en
all are in text format. i want to visualize all the url visited from a specific ip based on the timestamp. which graph can i use?
if i use bar graphs it is selecting default @timestamp field. i wan to use the date field
I recommend using a data table visualization, since you want text information. You can have a date which comes from a date histogram aggregation, an column to group the IPs which comes from a terms aggregation, and a column to show the urls using the top hits aggregation.
yes, i already have it in a table visualization. looking for a graphical visualization. like node diagram or sequence diagram. or sankey.
To visualize the various URLs visited by a specific user along with the timestamp, you can use a line chart or an area chart. These types of graphs are suitable for displaying trends over time.
Here's how you can create the visualization in Kibana based on your data:
-
Access Kibana: Open Kibana in your web browser and navigate to the Discover tab.
-
Configure Time Filter: In the top right corner, click on the time picker and select the desired time range that includes the data you want to visualize.
-
Filter Data: Use the search bar or filters to narrow down the data to a specific user or IP address. For example, you can use a query like
remote_ip: "49.37.163.204"to filter by the IP address. -
Create Aggregation: On the left side, click on the "Add" button to add a new aggregation. Select the "Terms" aggregation.
-
Configure Aggregation: Choose the field that represents the URL visited (e.g.,
url) as the aggregation field. Set a reasonable size for the number of buckets to display (e.g., 10, 20, or more, depending on the number of URLs). -
Add Sub-Bucket: Click on the "Add sub-buckets" button and select the "Date Histogram" aggregation.
-
Configure Sub-Bucket: Choose the field that represents the timestamp (e.g.,
date) as the date field. Set an appropriate interval (e.g., hourly, daily, or based on your data). -
Visualize: Click on the "Run" button to apply the aggregations and display the results. Switch to the Visualize tab.
-
Select Chart Type: Choose either the line chart or area chart, depending on your preference. Both options can effectively display trends over time.
-
Configure Chart: In the chart configuration settings, choose the URL field as the X-axis and the count of documents (or any other relevant metric) as the Y-axis. You can also customize the labels, colors, and other aspects of the chart to suit your needs.
-
Save and Share: Once you're satisfied with the visualization, save it and give it a meaningful name. You can then share it with your team or embed it in dashboards for easy access.
By following these steps, you should be able to create a visual representation of the URLs visited by a specific IP address over time using the date field as the basis for your graph.
For more information check this: https://yardgearsguide.com/best-louvered-pergola/
I didn't find terms aggregation and sub bucket. when i click on + this is what i get.
I am using kibana 8.7.1
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.