My Apologies for picking up an old thread.
But I have the same issue. I am not able to understand what to put inside
the Value field when I select the Chart Value as Mean or Max or total.
I have a log whose field names are
Timestamp, elapsed, label, bytes, Latency
Howdy everyone,
I have events with the following structure in ES:
{
_index: logstash-2014.02.25,
_type: symantecav-logs,
_id: _5Hig6lPTUi2p-palnuplA,
_score: null,
_source: {
message: [
When you add a Histogram panel, look in the setting Chart Value. There are
options for max and mean in there and then in the Value Field, you can
specify scan duration (or connect duration) - I'm not 100% sure if the
spaces in your field name might fail but if it does, you'll probably need
to
That did the trick! I was able to keep the spaces in the field name, but
did need to cast the field to a float in logstash for the metric to work.
Really loving how quickly valuable data hidden in the logs can be drawn out
and visualized with logstash+elasticsearch+kibana. Props to y'all for
Oh yeah forgot about the datatype - that's good that you caught that. Good
to hear!
--
You received this message because you are subscribed to the Google Groups
elasticsearch group.
To unsubscribe from this group and stop receiving emails from it, send an email
to
