- Kibana Guide: other versions:
- Introduction
- Set Up Kibana
- Getting Started
- Discover
- Visualize
- Dashboard
- Timelion
- Canvas
- Machine learning
- Maps
- Infrastructure
- Logs
- Uptime
- Graphing Connections in Your Data
- Dev Tools
- Monitoring
- Management
- Reporting from Kibana
- Kibana Plugins
- Contributing to Kibana
- Limitations
- Release Highlights
- Breaking Changes
- Release Notes
- Kibana 6.7.2
- Kibana 6.7.1
- Kibana 6.7.0
- Kibana 6.6.2
- Kibana 6.6.1
- Kibana 6.6.0
- Kibana 6.5.4
- Kibana 6.5.3
- Kibana 6.5.2
- Kibana 6.5.1
- Kibana 6.5.0
- Kibana 6.4.3
- Kibana 6.4.2
- Kibana 6.4.1
- Kibana 6.4.0
- Kibana 6.3.2
- Kibana 6.3.1
- Kibana 6.3.0
- Kibana 6.2.4
- Kibana 6.2.3
- Kibana 6.2.2
- Kibana 6.2.1
- Kibana 6.2.0
- Kibana 6.1.4
- Kibana 6.1.3
- Kibana 6.1.2
- Kibana 6.1.1
- Kibana 6.1.0
- Kibana 6.0.1
- Kibana 6.0.0
- Kibana 6.0.0-rc2
- Kibana 6.0.0-rc1
- Kibana 6.0.0-beta2
- Kibana 6.0.0-beta1
- Kibana 6.0.0-alpha2
- Kibana 6.0.0-alpha1
Heatmap Chart
editHeatmap Chart
editA heat map is a graphical representation of data where the individual values contained in a matrix are represented as colors. The color for each matrix position is determined by the metrics aggregation. The following aggregations are available for this chart:
Metric Aggregations:
- Count
- The count aggregation returns a raw count of the elements in the selected index pattern.
- Average
- This aggregation returns the average of a numeric field. Select a field from the drop-down.
- Sum
- The sum aggregation returns the total sum of a numeric field. Select a field from the drop-down.
- Min
- The min aggregation returns the minimum value of a numeric field. Select a field from the drop-down.
- Max
- The max aggregation returns the maximum value of a numeric field. Select a field from the drop-down.
- Unique Count
- The cardinality aggregation returns the number of unique values in a field. Select a field from the drop-down.
- Standard Deviation
- The extended stats aggregation returns the standard deviation of data in a numeric field. Select a field from the drop-down.
- Top Hit
- The top hits aggregation returns one or more of the top values from a specific field in your documents. Select a field from the drop-down, how you want to sort the documents and choose the top fields, and how many values should be returned.
- Percentiles
- The percentile aggregation divides the values in a numeric field into percentile bands that you specify. Select a field from the drop-down, then specify one or more ranges in the Percentiles fields. Click the X to remove a percentile field. Click + Add to add a percentile field.
- Percentile Rank
- The percentile ranks aggregation returns the percentile rankings for the values in the numeric field you specify. Select a numeric field from the drop-down, then specify one or more percentile rank values in the Values fields. Click the X to remove a values field. Click +Add to add a values field.
Parent Pipeline Aggregations:
For each of the parent pipeline aggregations you have to define the metric for which the aggregation is calculated. That could be one of your existing metrics or a new one. You can also nest this aggregations (for example to produce 3rd derivative)
- Derivative
- The derivative aggregation calculates the derivative of specific metrics.
- Cumulative Sum
- The cumulative sum aggregation calculates the cumulative sum of a specified metric in a parent histogram
- Moving Average
- The moving average aggregation will slide a window across the data and emit the average value of that window
- Serial Diff
- The serial differencing is a technique where values in a time series are subtracted from itself at different time lags or period
Sibling Pipeline Aggregations:
Just like with parent pipeline aggregations you need to provide a metric for which to calculate the sibling aggregation. On top of that you also need to provide a bucket aggregation which will define the buckets on which the sibling aggregation will run
- Average Bucket
- The avg bucket calculates the (mean) average value of a specified metric in a sibling aggregation
- Sum Bucket
- The sum bucket calculates the sum of values of a specified metric in a sibling aggregation
- Min Bucket
- The min bucket calculates the minimum value of a specified metric in a sibling aggregation
- Max Bucket
- The max bucket calculates the maximum value of a specified metric in a sibling aggregation
You can add an aggregation by clicking the + Add Metrics button.
Enter a string in the Custom Label field to change the display label.
The buckets aggregations determine what information is being retrieved from your data set.
Before you choose a buckets aggregation, specify if you are defining buckets for X or Y axis within a single chart or splitting into multiple charts. A multiple chart split must run before any other aggregations. When you split a chart, you can change if the splits are displayed in a row or a column by clicking the Rows | Columns selector.
This chart’s X and Y axis supports the following aggregations. Click the linked name of each aggregation to visit the main Elasticsearch documentation for that aggregation.
- Date Histogram
- A date histogram is built from a numeric field and organized by date. You can specify a time frame for the intervals in seconds, minutes, hours, days, weeks, months, or years. You can also specify a custom interval frame by selecting Custom as the interval and specifying a number and a time unit in the text field. Custom interval time units are s for seconds, m for minutes, h for hours, d for days, w for weeks, and y for years. Different units support different levels of precision, down to one second. Intervals are labeled at the start of the interval, using the date-key returned by Elasticsearch. For example, the tooltip for a monthly interval will show the first day of the month.
- Histogram
- A standard histogram is built from a numeric field. Specify an integer interval for this field. Select the Show empty buckets checkbox to include empty intervals in the histogram.
- Range
- With a range aggregation, you can specify ranges of values for a numeric field. Click Add Range to add a set of range endpoints. Click the red (x) symbol to remove a range.
- Date Range
- A date range aggregation reports values that are within a range of dates that you specify. You can specify the ranges for the dates using date math expressions. Click Add Range to add a set of range endpoints. Click the red (x) symbol to remove a range.
- IPv4 Range
- The IPv4 range aggregation enables you to specify ranges of IPv4 addresses. Click Add Range to add a set of range endpoints. Click the red (x) symbol to remove a range.
- Terms
- A terms aggregation enables you to specify the top or bottom n elements of a given field to display, ordered by count or a custom metric.
- Filters
You can specify a set of filters for the data.
You can specify a filter as a query string or in JSON format, just as in the Discover search bar. Click Add Filter to
add another filter. Click the
label button to open the label field, where you can type in a name to display on the visualization.
- Significant Terms
- Displays the results of the experimental significant terms aggregation.
Enter a string in the Custom Label field to change the display label.
You can click the Advanced link to display more customization options for your metrics or bucket aggregation:
- Exclude Pattern
- Specify a pattern in this field to exclude from the results.
- Include Pattern
- Specify a pattern in this field to include in the results.
- JSON Input
- A text field where you can add specific JSON-formatted properties to merge with the aggregation definition, as in the following example:
{ "script" : "doc['grade'].value * 1.2" }
The availability of these options varies depending on the aggregation you choose.
Select the Options tab to change the following aspects of the chart:
- Show Tooltips
- Check this box to enable the display of tooltips.
- Highlight
- Check this box to enable highlighting of elements with same label
- Legend Position
- You can select where to display the legend (top, left, right, bottom)
- Color Schema
- You can select an existing color schema or go for custom and define your own colors in the legend
- Reverse Color Schema
- Checking this checkbox will reverse the color schema.
- Color Scale
- You can switch between linear, log and sqrt scales for color scale.
- Scale to Data Bounds
- The default Y axis bounds are zero and the maximum value returned in the data. Check this box to change both upper and lower bounds to match the values returned in the data.
- Number of Colors
- Number of color buckets to create. Minimum is 2 and maximum is 10.
- Percentage Mode
- Enabling this will show legend values as percentages.
- Custom Range
- You can define custom ranges for your color buckets. For each of the color bucket you need to specify the minimum value (inclusive) and the maximum value (exclusive) of a range.
- Show Label
- Enables showing labels with cell values in each cell
- Rotate
- Allows rotating the cell value label by 90 degrees.