I have two indexes which configured in kibana.
I want to display graphs from two indexes in one dashboard is kibana support this? In kibana4 and above has this but I would like to know is this supports in kiban3
you can do this by adding an index pattern that matches the two indices, and then select this index pattern to create visualization.
Related
I’m relatively new to Tableau and have a question.
I want to create a heatmap show the location of two different groups of people. I’ve learned how to overlay maps using dual axis but the problem I keep running into is that each group requires different filters to aggregate the data the way I want.
Basically, I want to show:
Group1.id IF charge_id IS NOT NULL
And
Group2.id IF status = ‘ACTIVE’
Whenever I create a calculated field with one of the above calculated fields and place it in the filters box it automatically removes the other group from the map because the filters contradict one and other.
Help is much appreciated 😊
The filter shelf applies to the entire worksheet, so if you want to “filter” each field selectively, use an IF expression in a calculated field that evaluates to null when you don’t want that field in the view.
Give sample data if you want more detail
Is there a way to sort the given metrics descending?
From official support at kibana forums:
Unfortunately, there's no way to sort filters aggregation. However, depending on how complicated your filters are, you might be able to create a terms aggregation and add filters to the whole visualization, eg. on the enclosed picture I filter to only get destination (Dest) of the three airports I am interested in and sort it by descending order.
I have two documents in elasticsearch with the same date field i.e:
{"event":"event1", "datetime":"2017-04-10T12:41:30"}
{"event":"event2", "datetime":"2017-04-10T12:41:35"}
I would like to get the difference between the datetime of these two events. I took a look at script fields but it allows me to perform operations only on the same documento, not in two different documents.
Does anybody know how can i achieve this?
There's no real way to do it in Elasticsearch. Pull both of these fields to your application and apply the logic.
I have a Kibana dashboard with some visualizations and each visualization changes when i change the time window. Is there a way to display a visualization that does not change and stays fixed? For example, i want to display the total number of records present in my index. Now i have this in a nice dashboard. I only want this number to change if the actual number of records changes. Otherwise, I want it fixed. Is that possible?
You can use a second index pattern for that. It is a kinda hackish solution but it works.
Create a new index pattern. Configure it just like your regular one, but uncheck "contains time-based events". This way you will get an index pattern where the time picker doesn't apply.
Create your visualization from this second index pattern.
In case you want a certain fixed time range to apply: Add the time range as a normal filter in the query for this visualization.
I have an application that stores relationship information in a MySQL table (contact_id, other_contact_id, strength, recorded_at). This is fine if all I need to do is show who a contact's relationships are or even to generate a list of mutual contacts for two contacts.
But now I need to generate stats like: 'what was the total number of 2-way connections of strength 3 or better in January 2011' or (assuming that each contact is part of a group) 'which group has the most number of connections to other groups' etc.
I quickly found that the SQL for generating these stats became unwieldy real fast.
So I wrote a script that for any given date it will generate a graph in memory. I could then run whatever stat I wanted against that graph. Much easier to understand and in general, much more performant also -- except for the generating the graph part.
My next thought was to cache those graphs so I could call on them whenever I needed to run a new stat (or generate a later graph: eg for today's graph I take yesterday's graph and apply any changes that happened since yesterday). I tried memcached which worked great until the graphs grew > 1 MB.
So now I'm thinking about using a graph database like Neo4J.
Only problem is, I don't have just one graph. Or I do, but it is one that changes over time and I need to be able to query it with different reference times.
So, can I:
store multiple graphs in Neo4J and rertrieve/interact with them separately? i would then create and store separate social graphs for each date.
or
add valid to and from timestamps to each edge and filter the graph appropriately: so if i wanted a graph for "May 1st" i would only follow the newest edge between two noeds that was created before "May 1st" (and if all the edges were created after May 1st then those nodes wouldn't be connected).
I'm pretty new to graph databases so any help/pointers/hints will be appreciated.
Right now you can store just one graph database in a single Neo4j instance, but this one graphdb can contain as many different sub-graphs as you like. You only have to keep that in mind when doing global operations (like index queries) but there you can do compound queries that include timestamped properties as well to limit the results.
One way of doing that is, as you said adding temporal information to edges to represent the structure of a graph for a given date you can then traverse the structure of the graph back then.
Reference node has a different meaning in Neo4j.
Using category nodes per day (and linking them and also aggregating them for higher level timespans) is the more graphy way of categorizing nodes than indexed properties. (Effectively these are in-graph indices that you can easily include in your traversals and graph queries).
You don't have to duplicate the nodes as long as you are only interested in different temporal structures. If your nodes are also different (e.g. changing properties, you could either duplicate them, and so effectively creating different subgraphs) or create a connected list of history nodes on each node that contain just the changes (or the full snapshot depending on your requirements).
Your domain sounds very fitting for the graph database. If you have more and detailed questions feel free to join the Neo4j mailing list.
Not the easiest solution (I'm assuming you only work with one machine), but if you really want to separate your graphs, you only need to remember that a graph is a directory.
You can then create a dynamic loader class which takes the path of the database you want, load it in memory for the query, and close it after you getting your answer. You could also configure a proxy server, and send 2 parameters to your loader: your query (which I presume is a cypher query in this case) and the path of the database you want to query.
This is not adequate if you have tons of real-time queries to answer. But if it is simply for storing and doing some analytics over data sets, it can definitly answer your needs.
This is an old question, but starting with Neo4j 4.x, multi-tenancy is supported and you can have different databases within the same Neo4j server (with distinct RBAC permissions).