Kibana垂直条形图在X轴的哪个位置有求和的桶?
提问于 2019-12-18 16:04:05
假设我有以下数据:
{"name": "John", "spend": 50 }
{"name": "John", "spend": 150 }
{"name": "Mary", "spend": 30 }
{"name": "Mary", "spend": 70 }
{"name": "Will", "spend": 10 }
{"name": "Will", "spend": 20 }
{"name": "Matt", "spend": 0 }我想要构建一个垂直条形图,在X轴上我有存储桶,每个名称的总花费,在Y轴上,存储桶中名称的唯一计数,如下所示:
我不知道如何使用Kibana 7.5来实现这一点。有人能帮帮我吗?
回答 2
Stack Overflow用户
发布于 2019-12-19 16:49:56
过了一段时间,我用Vega解决了这个问题。由于我在elastic search中已经有了数据,所以我使用聚合来格式化数据,使用以下请求:
POST /teste/_search?size=0
{
"aggs" : {
"spend_per_name_0_to_50" : {
"terms" : { "field" : "name" },
"aggs" : {
"spend_sum" : { "sum" : { "field" : "spend" } },
"ranges": {
"bucket_selector": {
"buckets_path": { "spendSum": "spend_sum.value" },
"script": "params.spendSum < 50"
}
}
}
},
"spend_per_name_50_to_100" : {
"terms" : { "field" : "name" },
"aggs" : {
"spend_sum" : { "sum" : { "field" : "spend" } },
"ranges": {
"bucket_selector": {
"buckets_path": { "spendSum": "spend_sum.value" },
"script": "params.spendSum >= 50 && params.spendSum < 100"
}
}
}
},
"spend_per_name_100_to_150" : {
"terms" : { "field" : "name" },
"aggs" : {
"spend_sum" : { "sum" : { "field" : "spend" } },
"ranges": {
"bucket_selector": {
"buckets_path": { "spendSum": "spend_sum.value" },
"script": "params.spendSum >= 100 && params.spendSum < 150"
}
}
}
},
"spend_per_name_150_to_inf" : {
"terms" : { "field" : "name" },
"aggs" : {
"spend_sum" : { "sum" : { "field" : "spend" } },
"ranges": {
"bucket_selector": {
"buckets_path": { "spendSum": "spend_sum.value" },
"script": "params.spendSum >= 150"
}
}
}
},
"spend_sum_per_name_0_to_50": {
"sum_bucket": {
"buckets_path": "spend_per_name_0_to_50>spend_sum.value"
}
},
"spend_sum_per_name_50_to_100": {
"sum_bucket": {
"buckets_path": "spend_per_name_50_to_100>spend_sum.value"
}
},
"spend_sum_per_name_100_to_150": {
"sum_bucket": {
"buckets_path": "spend_per_name_100_to_150>spend_sum.value"
}
},
"spend_sum_per_name_150_to_inf": {
"sum_bucket": {
"buckets_path": "spend_per_name_150_to_inf>spend_sum.value"
}
}
}
}这为我提供了以下数据:
{
"took" : 6,
"timed_out" : false,
"_shards" : {
"total" : 1,
"successful" : 1,
"skipped" : 0,
"failed" : 0
},
"hits" : {
"total" : {
"value" : 7,
"relation" : "eq"
},
"max_score" : null,
"hits" : [ ]
},
"aggregations" : {
"spend_per_name_150_to_inf" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 0,
"buckets" : [
{
"key" : "John",
"doc_count" : 2,
"spend_sum" : {
"value" : 200.0
}
}
]
},
"spend_per_name_0_to_50" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 0,
"buckets" : [
{
"key" : "Will",
"doc_count" : 2,
"spend_sum" : {
"value" : 30.0
}
},
{
"key" : "Matt",
"doc_count" : 1,
"spend_sum" : {
"value" : 0.0
}
}
]
},
"spend_per_name_50_to_100" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 0,
"buckets" : [ ]
},
"spend_per_name_100_to_150" : {
"doc_count_error_upper_bound" : 0,
"sum_other_doc_count" : 0,
"buckets" : [
{
"key" : "Mary",
"doc_count" : 2,
"spend_sum" : {
"value" : 100.0
}
}
]
},
"spend_sum_per_name_0_to_50" : {
"value" : 30.0
},
"spend_sum_per_name_50_to_100" : {
"value" : 0.0
},
"spend_sum_per_name_100_to_150" : {
"value" : 100.0
},
"spend_sum_per_name_150_to_inf" : {
"value" : 200.0
}
}
}并使用此Vega请求发送此请求并格式化数据:
{
"$schema": "https://vega.github.io/schema/vega/v3.json",
"data": [
{
"name": "spends",
"url": {
"%context%": true,
"index": "teste",
"body": {
"aggs" : {
"spend_per_name_0_to_50" : {
"terms" : { "field" : "name" },
"aggs" : {
"spend_sum" : { "sum" : { "field" : "spend" } },
"ranges": {
"bucket_selector": {
"buckets_path": { "spendSum": "spend_sum.value" },
"script": "params.spendSum < 50"
}
}
}
},
"spend_per_name_50_to_100" : {
"terms" : { "field" : "name" },
"aggs" : {
"spend_sum" : { "sum" : { "field" : "spend" } },
"ranges": {
"bucket_selector": {
"buckets_path": { "spendSum": "spend_sum.value" },
"script": "params.spendSum >= 50 && params.spendSum < 100"
}
}
}
},
"spend_per_name_100_to_150" : {
"terms" : { "field" : "name" },
"aggs" : {
"spend_sum" : { "sum" : { "field" : "spend" } },
"ranges": {
"bucket_selector": {
"buckets_path": { "spendSum": "spend_sum.value" },
"script": "params.spendSum >= 100 && params.spendSum < 150"
}
}
}
},
"spend_per_name_150_to_inf" : {
"terms" : { "field" : "name" },
"aggs" : {
"spend_sum" : { "sum" : { "field" : "spend" } },
"ranges": {
"bucket_selector": {
"buckets_path": { "spendSum": "spend_sum.value" },
"script": "params.spendSum >= 150"
}
}
}
},
"spend_sum_per_name_0_to_50": {
"sum_bucket": {
"buckets_path": "spend_per_name_0_to_50>spend_sum.value"
}
},
"spend_sum_per_name_50_to_100": {
"sum_bucket": {
"buckets_path": "spend_per_name_50_to_100>spend_sum.value"
}
},
"spend_sum_per_name_100_to_150": {
"sum_bucket": {
"buckets_path": "spend_per_name_100_to_150>spend_sum.value"
}
},
"spend_sum_per_name_150_to_inf": {
"sum_bucket": {
"buckets_path": "spend_per_name_150_to_inf>spend_sum.value"
}
}
},
"size": 0
}
},
"format": {"property": "aggregations"},
"transform": [
{
"type": "fold",
"fields": [
"spend_sum_per_name_0_to_50",
"spend_sum_per_name_50_to_100",
"spend_sum_per_name_100_to_150",
"spend_sum_per_name_150_to_inf"
],
"as": ["aggregations", "vals"]
}
]
}
],
"scales": [
{
"name": "yscale",
"type": "linear",
"zero": true,
"domain": {"data": "spends", "field": "vals.value"},
"range": "height"
},
{
"name": "xscale",
"type": "band",
"domain": {"data": "spends", "field": "aggregations"},
"range": "width",
"padding": 0.05
}
],
"marks": [
{
"type": "rect",
"from": {"data": "spends"},
"encode": {
"update": {
"x": {"scale": "xscale", "field": "aggregations"},
"width": {"scale": "xscale", "band": 1},
"y": {"scale": "yscale", "field": "vals.value"},
"y2": {"scale": "yscale", "value": 0}
}
}
}
],
"axes": [
{"scale": "yscale", "orient": "left"},
{"scale": "xscale", "orient": "bottom"}
]
}我现在可以显示这个图表:
我知道它有一些限制,比如如何改变直方图的范围,以及许多硬编码的脚本,但由于我找不到正确的方法,所以我用这种方法解决了问题。如果有人想出了一个更优雅的方法来解决这个问题,请发布为答案!
Stack Overflow用户
发布于 2019-12-19 06:34:04
是否创建了.conf文件并将其提供给日志存储??
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/59395904
复制相关文章
腾讯云开发者
