Visualizing the average of the sums

DidierB · September 6, 2018, 4:57pm

Hello,

I have a "probe" that is doing many API calls to get, every ten minutes or so, some metrics from a service.

So around the time T (but not exactly T), I have one hundred events indexed that look like this:

First run:
{ "time":"2018-09-06T18:45:02", "service name": "nas1", "volume": "vol1", "size": 112351341 }
{ "time":"2018-09-06T18:45:05", "service name": "nas2", "volume": "vol1", "size": 11251341 }
{ "time":"2018-09-06T18:45:29", "service name": "nas3", "volume": "vol1", "size": 1128351341 }
{ "time":"2018-09-06T18:46:06", "service name": "nas3", "volume": "vol2", "size": 192351341 }

Second run, ten minutes later:
{ "time":"2018-09-06T18:55:02", "service name": "nas1", "volume": "vol1", "size": 112351340 }
{ "time":"2018-09-06T18:55:08", "service name": "nas2", "volume": "vol1", "size": 11251451 }
{ "time":"2018-09-06T18:55:23", "service name": "nas3", "volume": "vol1", "size": 1128351342 }
{ "time":"2018-09-06T18:56:01", "service name": "nas3", "volume": "vol2", "size": 192351869 }

My goal is to create a visualization (horizontal bars) of the total size of volumes, per "service name". If the time span of the dashboard is large enough and holds multiple data about one same "service name", then only the maximum is displayed.

/EDIT/ or the latest value, or the average, etc. The problem is when I do the sum, I need to have only one run to have accurate results and I the dashboard user can change the time span of the dashboard as he wishes and so get wrong results.

I didn't a find a way to do it in Kibana (we have 5.5.0).

Can you help me?

cjcenizal · September 7, 2018, 7:57pm

Hi there,

Could I ask to clarify a few things?

Are you saying that you want each bar in the bar chart to represent a single volume, e.g. vol1, vol2, with the sum of allsizefields for the related documents, but only for those with uniqueservice namevalues? And if there are duplicateservice namevalues, you want to ignore all duplicates except for the one with the highestsize` value?

So in this example:

{ "time":"2018-09-06T18:55:23", "service name": "nas3", "volume": "vol1", "size": 1128351342 }
{ "time":"2018-09-06T18:56:01", "service name": "nas3", "volume": "vol1", "size": 192351869 }

You'd want to ignore the second document, and only include the first document in your visualization, since 1128351342 is greater than 192351869. Is that correct?

Thanks,
CJ

DidierB · September 10, 2018, 6:51am

Hello,

I want each bar to represent the total of all volumes size fields (so the "volume" do not appear in the bar and the bar as a "service name" label).

Since the probe is making regular checks, if I do this the simple way, the sum may vary depending of the time span of the dashboard. That's my problem. So I need to do, for example, the average of the "service name" "volume" "size" of each run of the probe.

system · October 8, 2018, 6:53am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Calculate average in Kibana visualizations Kibana	3	9772	November 13, 2018
Divide metrics and display them in Table Visualization Kibana	2	1042	August 2, 2018
Make visualizations (metric and table/topn) with weighted average Kibana	2	556	December 11, 2020
Visualize a time counter Kibana	5	498	January 1, 2021
Kibana visualization - Aggregating data for dashboard Kibana visualisation	2	141	April 30, 2024

Visualizing the average of the sums

Related topics