maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
kibana/docs/visualize.asciidoc
Tim Roes 2885e871e3
Replace spy panels by Inspector (#16387) 
* Add Inspector feature

* So long, and thanks for all the fish, spy panel

* Fix several functional tests

* Fix unit tests

* Fix spy panel button tests

* Replace old spy panel documentation

* Disable test temporarily until we have dashboard triggers

* Enter edit mode for dark theme test

* Fix some more functional tests

* Fix more functional tests

* More test fixing

* Fix more functional tests

* Allow opening the inspector via loader handler

* Refactor InspectorViewChooser, remove unused CSS

* Remove dead code

* Fix data download button style

* Remove redundant code

* Load inspectorViews for dashboard_viewer

* Extract inspector views to custom core_plugin

* Switch API to TypeScript 🎉

* Design changes

* Remove icons from views

* Design changes

* Improve typings of API

* Add typing to all adapters

* Show loading spinner in request selector

* Rewrite InspectorView to TypeScript

* Fix help text for data view

* Remove deprecated React lifecycle methods

* Embed inspector into dashboard panel actions

* Remove temporary inspector trigger

* Remove old CSS

* Fix dashboard trigger for new panel action

* Add tests for InspectorPanel and DataAdapter

* Produce a hierarchical table if the vis is hierarchical

* Remove allowJs option again

* Add missing Apache license headers

* Close inspector on dashboard when navigating away

* Use proper title for dashboard panels

* Fix functional tests

* Skip broken test for now

* Flush view chooser button

* Add request adapter tests

* Skip more tests, broken due to typescript

* Add Request Time description

* Add description for courier request

* Fix tests

* Replace icon by new (not yet released) icon

* Finalize design of inspector

* Remove discover test, that relied on spy panels

* Change API to be properly mockable in tests

* Add aria-live region for request status

* Replace old method in functional tests

* Replace abitrary magic number

* Use object destructuring in vis

* Fix issue with crashing requests view

* Add request time tooltip

* Get request body of correct search source

* Make filter buttons properly keyboard accessible

* Follow Dave's design suggestions

* Remove redundant request from name

* Remove unneeded comments

* WIP raw-formatted values

* Fix filtering issue

* Fix tests and more license headers

* Add data view tests

* Remove search from table

* Fix typos

* Implement review suggestion

* Remove artificial delays for testing

* Fix new panel action structure

* Minor design adjustments

* Fix failing functional test

* Update failing snapshot test

* Implement final wording

* Apply new EUI styling

* Fix closing inspector in tests

* Fix sorting of table

* Align punctuation between tooltips
2018-06-20 11:07:44 +02:00

168 lines
6.7 KiB
Plaintext
Raw Blame History

[[visualize]]
= Visualize
[partintro]
--
_Visualize_ enables you to create visualizations of the data in your
Elasticsearch indices. You can then build <<dashboard, dashboards>> that
display related visualizations.
Kibana visualizations are based on Elasticsearch queries. By using a
series of Elasticsearch {ref}/search-aggregations.html[aggregations]
to extract and process your data, you can create charts that show
you the trends, spikes, and dips you need to know about.
You can create visualizations from a search saved from <<discover, Discover>>
or start with a new search query.
--
[[createvis]]
== Creating a Visualization
To create a visualization:
. Click on *Visualize* in the side navigation.
. Click the *Create new visualization* button or the **+** button.
. Choose the visualization type:
+
* *Basic charts*
[horizontal]
<<xy-chart,Line&comma; Area and Bar charts>>:: Compare different series in X/Y charts.
<<heatmap-chart,Heat maps>>:: Shade cells within a matrix.
<<pie-chart,Pie chart>>:: Display each source's contribution to a total.
* *Data*
[horizontal]
<<data-table,Data table>>:: Display the raw data of a composed aggregation.
<<metric-chart,Metric>>:: Display a single number.
<<goal-chart,Goal and Gauge>>:: Display a gauge.
* *Maps*
[horizontal]
<<tilemap,Coordinate map>>:: Associate the results of an aggregation with geographic locations.
<<regionmap,Region map>>:: Thematic maps where a shape's color intensity corresponds to a metric's value.
locations.
* *Time Series*
[horizontal]
<<timelion-getting-started,Timelion>>:: Compute and combine data from multiple time series
data sets.
<<time-series-visual-builder,Time Series Visual Builder>>:: Visualize time series data using pipeline aggregations.
* *Other*
[horizontal]
<<controls,Controls>>:: Controls provide the ability to add interactive inputs to Kibana Dashboards.
<<markdown-widget,Markdown widget>>:: Display free-form information or
instructions.
<<tagcloud-chart,Tag cloud>>:: Display words as a cloud in which the size of the word correspond to its importance.
<<vega-graph,Vega graph>>:: Support for user-defined graphs, external data sources, images, and user-defined interactivity.
. Specify a search query to retrieve the data for your visualization:
** To enter new search criteria, select the index pattern for the indices that
contain the data you want to visualize. This opens the visualization builder
with a wildcard query that matches all of the documents in the selected
indices.
** To build a visualization from a saved search, click the name of the saved
search you want to use. This opens the visualization builder and loads the
selected query.
+
NOTE: When you build a visualization from a saved search, any subsequent
modifications to the saved search are automatically reflected in the
visualization. To disable automatic updates, you can disconnect a visualization
from the saved search.
. In the visualization builder, choose the metric aggregation for the
visualization's Y axis:
* *Metric Aggregations*:
* {ref}/search-aggregations-metrics-valuecount-aggregation.html[count]
* {ref}/search-aggregations-metrics-avg-aggregation.html[average]
* {ref}/search-aggregations-metrics-sum-aggregation.html[sum]
* {ref}/search-aggregations-metrics-min-aggregation.html[min]
* {ref}/search-aggregations-metrics-max-aggregation.html[max]
* {ref}/search-aggregations-metrics-stats-aggregation.html[standard deviation]
* {ref}/search-aggregations-metrics-cardinality-aggregation.html[unique count]
* {ref}/search-aggregations-metrics-percentile-aggregation.html[median] (50th percentile)
* {ref}/search-aggregations-metrics-percentile-aggregation.html[percentiles]
* {ref}/search-aggregations-metrics-percentile-rank-aggregation.html[percentile ranks]
* {ref}/search-aggregations-metrics-top-hits-aggregation.html[top hit]
* {ref}/search-aggregations-metrics-geocentroid-aggregation.html[geo centroid]
* *Parent Pipeline Aggregations*:
* {ref}/search-aggregations-pipeline-derivative-aggregation.html[derivative]
* {ref}/search-aggregations-pipeline-cumulative-sum-aggregation.html[cumulative sum]
* {ref}/search-aggregations-pipeline-movavg-aggregation.html[moving average]
* {ref}/search-aggregations-pipeline-serialdiff-aggregation.html[serial diff]
* *Sibling Pipeline Aggregations*:
* {ref}/search-aggregations-pipeline-avg-bucket-aggregation.html[average bucket]
* {ref}/search-aggregations-pipeline-sum-bucket-aggregation.html[sum bucket]
* {ref}/search-aggregations-pipeline-min-bucket-aggregation.html[min bucket]
* {ref}/search-aggregations-pipeline-max-bucket-aggregation.html[max bucket]
. For the visualizations X axis, select a bucket aggregation:
+
* {ref}/search-aggregations-bucket-datehistogram-aggregation.html[date histogram]
* {ref}/search-aggregations-bucket-range-aggregation.html[range]
* {ref}/search-aggregations-bucket-terms-aggregation.html[terms]
* {ref}/search-aggregations-bucket-filters-aggregation.html[filters]
* {ref}/search-aggregations-bucket-significantterms-aggregation.html[significant terms]
For example, if you're indexing Apache server logs, you could build bar chart
that shows the distribution of incoming requests by geographic location by
specifying a terms aggregation on the `geo.src` field:
image::images/bar-terms-agg.jpg[]
The y-axis shows the number of requests received from each country, and the
countries are displayed across the x-axis.
Bar, line, or area chart visualizations use _metrics_ for the y-axis and
_buckets_ for the x-axis. Buckets are analogous to SQL `GROUP BY`
statements. Pie charts, use the metric for the slice size and the bucket
for the number of slices.
You can futher break down the data by specifying sub aggregations. The first
aggregation determines the data set for any subsequent aggregations. Sub
aggregations are applied in order--you can drag the aggregations to change the
order in which they're applied.
For example, you could add a terms sub aggregation on the `geo.dest` field to
the Country of Origin bar chart to see the locations those requests were
targeting.
image::images/bar-terms-subagg.jpg[]
For more information about working with sub aggregations, see
https://www.elastic.co/blog/kibana-aggregation-execution-order-and-you[Kibana,
Aggregation Execution Order, and You].
include::visualize/xychart.asciidoc[]
include::visualize/controls.asciidoc[]
include::visualize/datatable.asciidoc[]
include::visualize/markdown.asciidoc[]
include::visualize/metric.asciidoc[]
include::visualize/goal.asciidoc[]
include::visualize/pie.asciidoc[]
include::visualize/tilemap.asciidoc[]
include::visualize/regionmap.asciidoc[]
include::visualize/time-series-visual-builder.asciidoc[]
include::visualize/tagcloud.asciidoc[]
include::visualize/heatmap.asciidoc[]
include::visualize/vega.asciidoc[]
include::visualize/inspector.asciidoc[]
Reference in a new issue View git blame Copy permalink