Viz of latest results of unique item: Not possible with Pie? Works for table, metric & bar chart

Elastic Stack Kibana
1

I'm looking to represent in a Pie chart only the most recent result per test of my data set.
I've managed to do this with Data Table visualizations, Metrics, and Bar charts, but Pie Charts seem to lack this ability today.
Kibana&ES 5.6.3

For my working Data Table viz, I have a count metric and a Top Hit metric that aggregates on my result field sorted by @timestamp with a limit of 1 result, and then two sub buckets for my display needs.

Inexplicably, the Pie chart doesn't come close to having these same features. I can only have one metric, and if I try to use a Top Hit metric, I am limited to Fields of only _score and offset.

As I'm still an ELK newb, I remain open to the possibility of my own mistake/omission, but this just looks like missing functionality.

There doesn't seem to be a way to inject my own JSON input to meet my needs, and I'm not able to undertake development of a custom visualization at this time. Any other options to consider??

An example of my Data Table viz and chained aggs 
{
   "version": true,
  "query": {
    "bool": {
      "must": [
        {
          "query_string": {
            "query": "testName:*",
            "analyze_wildcard": true
          }
        },
        {
          "query_string": {
            "query": "testName:something.*",
            "analyze_wildcard": true
          }
        },
        {
          "range": {
            "@timestamp": {
              "gte": 1352120635903,
              "lte": 1509887035903,
              "format": "epoch_millis"
            }
          }
        }
      ],
      "must_not": []
    }
  },
  "size": 0,
  "_source": {
    "excludes": []
  },
  "aggs": {
    "3": {
      "terms": {
        "field": "testName.keyword",
        "size": 500,
        "order": {
          "_term": "asc"
        }
      },
      "aggs": {
        "4": {
          "terms": {
            "field": "@timestamp",
            "size": 1,
            "order": {
              "_term": "desc"
            }
          },
          "aggs": {
            "2": {
              "top_hits": {
                "_source": "result",
                "size": 1,
                "sort": [
                  {
                    "@timestamp": {
                      "order": "desc"
                    }
                  }
                ]
              }
            }
          }
        }
      }
    }
  },
  "highlight": {
    "pre_tags": [
      "@kibana-highlighted-field@"
    ],
    "post_tags": [
      "@/kibana-highlighted-field@"
    ],
    "fields": {
      "*": {
        "highlight_query": {
          "bool": {
            "must": [
              {
                "query_string": {
                  "query": "testName:*",
                  "analyze_wildcard": true,
                  "all_fields": true
                }
              },
              {
                "query_string": {
                  "query": "testName:something.*",
                  "analyze_wildcard": true,
                  "all_fields": true
                }
              },
              {
                "range": {
                  "@timestamp": {
                    "gte": 1352120635903,
                    "lte": 1509887035903,
                    "format": "epoch_millis"
                  }
                }
              }
            ],
            "must_not": []
          }
        }
      }
    },
    "fragment_size": 2147483647
  }
}

Thanks in advance

2

hi @BobENose,

I don't think I fully understand how you need the pie-chart to look like?

I presume your configuration for datatable looks something like (I used the sample logstash dataset):

image

Do I have that right? You are not able to make a similar selection for pie-charts?

As an aside, I'm also not 100% sure how a query like this would work for pie-charts? Don't you usually want to see multiple slices, instead of just a single one?

Could you add an example with some screenshots of where you are stuck now, and perhaps a mockup of how you want that final pie-chart to look like?

Thx,

3

Hi Tom - thanks for the feedback. Your example config for that datatable is similar to what I'm using (the Data Table I am using is embedded in my first post, as returned by the visualization's Request as Kibana displays it, and displayed below)

Let me try words (and a pic) to explain why I seek a Pie chart like I do, as a minimum working example will take me a few days to get to.

example
example.png1811×1012 111 KB

In one example, I have 135 pass/fail/warn tests per run, where the log of each run is fed into ELK
Thats 540 results after 4 runs. I don't want the Pie chart to show the pass/fail/warn % of all runs, just the most recent.
This is simple regression testing, with the desire to see quickly, in a Pie, what the status of the latest build is, tied to ES to drill into the data later (and yes, I lookforward to the drilldown features that I see are in the works).

Final footnote on an unrelated bug - the Data Table above, is not sortable on the "Last Result" column. Sorting works properly on Test Name and "At Timestamp" - but the last result column has no effect (the arrows next to the column title change, but no sorting action occurs). Sorry to overload this topic with that bug report.

One last, adding a pic of my view of adding a Pie Chart with Top Hit as the metric - I'm limited to only two fields, so I can't make a "result" selection to perform a similar view to the DataTable shown above.

example
example.png351×501 11.3 KB

4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.