kibana-6

问题 i am using kibana 6 dashboard to show visualization. i have a elastic query like below and it need to pass in kibana dashbaord URL : { "query": { "bool": { "minimum_should_match": 1, "should": [ { "match_phrase": { "jt_tax.keyword": "Partner" } }, { "match_phrase": { "jt_tax.keyword": "IT" } } ] } } } How to parse the ELASTIC QUERY into query parameter in Kibana dashboard Url? 回答1: Similiar issues: Passing the filter as part of the kibana url: https://discuss.elastic.co/t/dashboard-search

问题 I'm using elasticsearch + kibana + logstash + filebeat latest 6.4.1 to collect and analyze web logs. The columns of my log are like: timestamp, http_method, request_uri, http_status, host, user_agent, client_ip, client_port I have configured ELK to show my logs in Kibana. But now I want to see my logs in sessions. I hope the log lines can be grouped by session and shown in Kibana's Discover page. In my scenario, the log lines with the same (host, client_ip) belong to the same session. I hope

问题 Is there a way to perform a nested aggregation from Kibana (v6.7.0)? I've been looking at aggregating with buckets and sub-buckets, but to no avail. Say the data looks as follows (with ID being a string and Source also being a string : | ID | Source | =============== | a1 | srcA | | a1 | srcB | | a1 | srcC | | b2 | srcA | | b2 | srcB | | c3 | srcA | | d4 | srcA | | d4 | srcB | I'd like to visualize how many IDs are in N sources, i.e. a double aggregation. In SQL-Land, the first level of

问题 I have data and and i want to create index and want it to make searchable and aggregatable both.If I use datatype keyword I can't search any string but can aggregate but if I use datatype text then I can't aggregate but can search any string. So please tell me how to resolve this problem. I am using elasticsearch 6 回答1: The solution is to create a text field with a keyword sub-field so that you can do both, search text and aggregate values: Your field mapping should look like this: { "my

问题 I am trying to create visualization using curl command. I am using elasticsearch 6.2.3. I am able to create the same in elasticsearch 5.6.8. I am using this command curl -XPUT http://localhost:9200/.kibana/visualization/vis1 -H 'Content-Type: application/json' -d @vis1.json It is showing this error : {"error":{"root_cause":[{"type":"illegal_argument_exception","reason":"Rejecting mapping update to [.kibana] as the final mapping would have more than 1 type: [visualization, doc]"}],"type":

问题 I have assigned a Kibana-dashboard-only-mode to a user, to only access my dashboard. In my dashboard I have saved a search result, so the user with the dashboard-only-mode role should be also able to see and explore. The problem is that when that user signs in, there is no data available in the dashboard. The user can see the dashboard and the name of the dashboard and name of the saved search result, but when click on it, it says 'No results found' or 'No results displayed because all values