How do I create a stacked graph of HTTP codes in Kibana?

前端 未结 2 1352
旧时难觅i
旧时难觅i 2021-01-31 16:29

I\'m sending HTTP logs into Kibana, and the response code (200, 401, 500, etc) are correctly parsed out of them as a field. I\'d like a time-series chart with the count of each

2条回答
  •  故里飘歌
    2021-01-31 17:23

    This is a Kibana 4/5 answer, check this answer if you are using Kibana 3

    Kibana 4/5

    At the moment of writing, the only version available for Kibana 4 is beta1, so these screenshots might be different in future versions of Kibana. I will try to keep them updated, if relevant changes are applied.

    Kibana 4 (and 5) provides some features that the previous version didn't have. For example, now we can build panels using the aggregations that were available in ES since version 1.0.

    To build a stacked graph of HTTP codes (or other field), you have to:

    • Click on the Visualize tab. This tab allows you to build panels that you can put afterwards in a dashboard.

    Visualize tab

    • Then you have to select that you want to create the visualization making a new search (or using an existing one, if you played before in the Discover tab. You have to select an existing index that you previously configured.

    Create a visualization from a search

    • Once you selected your index, you have to select the type of panel that you want. In this case, we will select a Vertical bar chart.

    Type of chart selection

    • Next we will find a beautiful page with a graph on the right part and a panel with different options. This panel will let us to define a query to plot our data. Basically, what we want to plot in the Y axis is a count of documents (by default is the one that is selected).

    Count of documents in the Y axis

    • Then we add a new aggregation, first we want a total count of documents distributed on time and then we want to split this total with the different existing codes. Furthermore, the first aggregation will be per timestamp and the second one per codes. You want to plot the timestamp on the X axis (select X axis) and you want to split the bars into the different codes (select Split bars). Your final configuration should be something like this:

    Final configuration

    • After applying, the final result should be something like this.

    Final plot

    • You can play with the interval, if you want to aggregate data for more or less time (there are several options like hourly, daily, monthly ...). Remember to change the timespan on the top, if you want to see more data, because this graph is limited by that timestamp.

提交回复
热议问题