Kibana User Guide. Visualization. Part 5

The fifth part of the translation of official documentation on data visualization in Kibana.

Link to original material: Kibana User Guide [6.6] "Visualize

Link to 1 part: Kibana User Guide. Visualization. Part 1
Link to part 2: Kibana User Guide. Visualization. Part 2
Link to part 3: Kibana User Guide. Visualization. Part 3
Link to part 4: Kibana User Guide. Visualization. Part 4

Content:

Tag Clouds
Heatmap chart

Tag Clouds

Tag cloud visualization displays a visual display of textual data, typically using arbitrary shapes to represent text. Tags are usually single words, the importance of each tag is displayed by font size or color.
The font size of each word is determined by the aggregation of metrics. The following aggregations are available for this schema.
Metric aggregations:

Count. Counting aggregation returns the net count of the elements in the selected index pattern.
Average. This aggregation returns the average of a number field. Select a field from the drop-down list.
Sum. Returns the total amount of a numeric field. Select a field from the drop-down list.
Min. Returns the minimum value in a numeric field. Select a field from the drop-down list.
Max. Returns the maximum value in a numeric field. Select a field from the drop-down list.
Unique Count. Cardinal aggregation returns the number of unique values in a field. Select a field from the drop-down list.
Standard Deviation. Aggregation of general statistics returns the standard deviation of data in a numeric field. Select a field from the drop-down list.
Top hit. Aggregation of top values returns one or more top values from a special field in your document. Choose the field from the drop-down list, the type of document sorting, the number of values to be returned.
Percentiles. Percent Aggregation divides numeric field values into specified ranges. Select a field from the drop-down list, then define one or more areas in the Percentiles fields. Click the X to remove the percent field. Click + Add to add a percentage field.
Percentile Rank. Percentage rank aggregation returns percent ranking by selected numeric field. Select a field from the drop-down list, then define one or more percentage rank values in the Values fields. Click the X to remove the value field. Click + Add to add a value field.

Aggregations of parent data sources:
For each aggregation of the parent information source, it is necessary to determine the metric for which the aggregation is calculated. This may be one of the existing metrics or a new one. You can also invest these aggregations (for example, to obtain a third derivative).

Derivative. Derivative aggregation counts the derivative of certain metrics.
Cumulative Sum. The aggregation of the cumulative sum counts the cumulative sum of certain metrics in the parent histogram.
Moving average. Moving average aggregation will insert a window through the data and write the average value of this window.
Serial Diff. Sequential differentiation is a method where values in a time series are subtracted from themselves in another time period or delay.

Related Source Aggregations:
As in the case of aggregation of parent sources, you need to specify the metric for which the aggregation of the related source will be calculated. In addition, you need to provide for the aggregation of segments, which will determine on which segments the aggregation will run.

Average Bucket. The segment average calculates the average value of certain metrics in the aggregation of related sources.
Sum Bucket. Calculates the sum of the values of a specific metric in the aggregation of a related source.
Min Bucket. Returns the minimum value of a specific metric in a relative source aggregation.
Max Bucket. Returns the maximum value of a specific metric in a related source aggregation.

You can create an aggregation by clicking on the + Add Metrics button.
Enter a string in the Custom Label field to change the label.
Segment aggregations determine which information will be retrieved from your data.
Before you select segment aggregation, select the Split Tags option.
You can specify the following segment aggregations to visualize the tag cloud:

Terms. Aggregation of values allows you to define the top or bottom n elements of this field for display, ordered by number or custom metric.

You can click on the Advanced link to display more options for your metrics or segment aggregation:

JSON Input. A text field where you can add specific properties in JSON format to merge with a specific aggregation, as in the following example:

{ "script" : "doc['grade'].value * 1.2" }

Note. In Elasticsearch 1.4.3 and later, this functionality needs Groovy dynamic scripting enabled .
Select the Options tab to change the following aspects of the scheme:

Text Scale. You can select linear, logarithmic or quadratic scales for the text scale. A logarithmic scale is used to display data that changes exponentially or quadratic, to order the display of data with variables that vary greatly.
Orientation. You can choose the orientation of your text in the tag cloud. There are several options: single, rotate 90 degrees, randomly.
Font Size. Allows you to set the minimum and maximum font size for use by this visualization.

Heatmap chart

A heat map is a graphical representation of data, where individual values are contained in a matrix and are represented by colors. The color of each matrix position is determined by the aggregation of metrics. The following aggregations are available for this schema:
Metric aggregations:

Before you select aggregation of segments, indicate whether you are dividing the segments for the X or Y axes within the same schema, or split them into several diagrams. The division into several schemes should be performed before any other aggregations. When you divide a chart, you can change if splits are displayed in a row or column by clicking the Rows | Columns .
The X and Y axes of this schema support the following aggregations:

Date Histogram. The time histogram is based on a numerical field and is organized by date. You can define time frames for intervals in seconds, minutes, hours, days, weeks, months, or years. You can also define a default interval by selecting Custom as the interval and specifying the number and unit of time in the text field. The default time interval units are: s for seconds, m for minutes, h for hours, d for days, w for weeks, y for years. Different units support different levels of accuracy, up to one second. Intervals are signed at the beginning of the interval using the key-date, which is returned from Elasticsearch. For example, the first day of the month will be displayed in the tooltip for the monthly interval.
Histogram. The standard histogram is based on a numeric field. Determine the integer interval for this field. Check the Show empty buckets box to include empty intervals in the histogram.
Range. Using rank aggregation, you can determine the ranks for the numeric field values. Click Add Range to add a set of rank endpoints. Click the red symbol (x) to remove the rank.
Date Range. Time rank aggregation reports values that are in the specified date range. You can specify date ranges using mathematical date expressions. Click Add Range to add a set of rank endpoints. Click the red symbol (x) to remove the rank.
IPv4 Range. IPv4 rank aggregation allows you to define IPv4 address ranges. Click Add Range to add a set of rank endpoints. Click the red symbol (x) to remove the rank.
Terms. Aggregation of values allows you to define the top or bottom n elements of this field for display, ordered by number or custom metric.
Filters. You can define a set of filters for data. It is possible to specify a filter as a query string or in JSON format, as well as in the Discover search tab. Click Add Filter to add another filter. Click the label button to open the label field where you can type the name to display on the visualization.
Significant Terms. Displays the results of experimental aggregation of signed values.

Enter a string in the Custom Label field to change the label.
You can click on the Advanced link to display more options for your metrics or segment aggregation:

Exclude Pattern. Specify a template in this field to exclude from the results.
Include Pattern. Specify a template in this field to include in the results.
JSON Input. A text field where you can add specific properties in JSON format to merge with a specific aggregation, as in the following example:

{ "script" : "doc['grade'].value * 1.2" }

The availability of these parameters depends on the aggregation you choose.
Select the Options tab to change the following aspects of the scheme:

Show Tooltips. Check the box to enable prompts.
Highlight. Check the box to enable highlighting of elements with identical signatures.
Legend Position. You can choose where the legend of the map will be located (top, left, right, bottom).
Color Schema. You can choose an existing color scheme or go to the settings and define your own colors in the legend.
Reverse Color Schema. Check this checkbox to invert the color scheme.
Color Scale. You can choose between linear, logarithmic and quadratic scales for a color scale.
Scale to Data Bounds. By default, the bounds of the Y axis are zero and the maximum value from the data. Check the box to change the upper and lower bounds according to the values of the selected data.
Number of Colors. The number of color segments to create. At least 2, at most 10.
Percentage Mode. Enabling this will show the legend of percentile values.
Custom Range. You can define your own ranges for color segments. For each color segment, you must define a minimum value (inclusive) and a maximum value (exclusively) for the range.
Show Label. Shows signatures with cell values in each cell.
Rotate. Allows you to wrap the label of cell values by 90 degrees.

Sixth part

Source: https://habr.com/ru/post/442104/

All Articles

Kibana User Guide. Visualization. Part 5

Tag Clouds

Heatmap chart

More articles: