使用过滤器计算Kibana / Visualize中的值?

时间:2017-06-15 14:43:43

标签: elasticsearch kibana

(我对ELK堆栈很新,可能会问一些明显的东西......)

我有描述客户信息的文件,包括姓名,地址,年龄等数据...... 有时,并非所有这些字段都存在,而且我想知道填写它们的文档数量。

如果数据如下:

PUT customers
{
  "mappings": {
    "customer": {
      "properties": {
        "id": {
          "type": "integer"
        },
        "category": {
          "type": "keyword"
        },
        "email": {
          "type": "text"
        },
        "age": {
          "type": "integer"
        },
        "address": {
          "type": "text"
        }
      }
    }
  }
}


POST _bulk
{"index":{"_index":"customers","_type":"customer"}}
{"id":"1","category":"aa","email":"sam@test.com"}
{"index":{"_index":"customers","_type":"customer"}}
{"id": "2", "category" : "aa", "age": "5"}
{"index":{"_index":"customers","_type":"customer"}}
{"id": "3", "category" : "aa", "email": "bob@test.com", "age": "36"}
{"index":{"_index":"customers","_type":"customer"}}
{"id": "4", "category" : "bb", "email": "kim@test.com", "age": "42", "address": "london"}

我们的想法是让 Kibana可视化一个数据表,如:

+----------+-------+-------+-----+---------+
| category | total | email | age | address |
+----------+-------+-------+-----+---------+
| aa       |     3 |     2 |   2 |       0 |
| bb       |     1 |     1 |   1 |       1 |
+----------+-------+-------+-----+---------+

(例如:我们在“aa”类别中有3个客户;其中2个给了他们的电子邮件,2个给了他们的年龄,没有给出地址)

我可以通过以下查询找出如何做到这一点:

POST /customers/_search?size=0
{
  "aggs": {
    "category": {
      "terms": {
        "field": "category"
      },
      "aggs": {
        "count_email": {
          "filter": {
            "exists": {
              "field": "email"
            }
          }
        },
        "count_age": {
          "filter": {
            "exists": {
              "field": "age"
            }
          }
        },
        "count_address": {
          "filter": {
            "exists": {
              "field": "address"
            }
          }
        }
      }
    }
  }
}

但我无法在Kibana Visualize中找到我们如何做到这一点。 我应该使用脚本字段吗? JSON输入?怎么样 ?有更好的方法吗?

感谢您的建议。

1 个答案:

答案 0 :(得分:0)

在UI中,我可以使用关键字术语过滤器来分割行。

以下是帮助您入门的网址。

调用将创建一个数据表,按计数聚合,按类别关键字术语拆分行。

http://localhost:5601/app/kibana#/visualize/create?type=table&indexPattern=customers&_g=()&_a=(filters:!(),linked:!f,query:(query_string:(analyze_wildcard:!t,query:'*')),uiState:(vis:(params:(sort:(columnIndex:!n,direction:!n)))),vis:(aggs:!((enabled:!t,id:'1',params:(),schema:metric,type:count),(enabled:!t,id:'2',params:(field:category.keyword,order:desc,orderBy:_term,size:2),schema:bucket,type:terms)),listeners:(),params:(perPage:10,showMeticsAtAllLevels:!f,showPartialRows:!f,showTotal:!f,sort:(columnIndex:!n,direction:!n),totalFunc:sum),title:'CategoryTable',type:table))
相关问题
最新问题