- Access Kibana user interface with browser: http://domain-name:5601/
- Select Timelion on the left hand navigation bar
- Switch to full screen using the icon on the chart
- In the formula area type:
.es(*) - Select time range of last 5 years
- Select play button to update the presentation to present a typical time-series chart
- Zoom-in to more active time period of the chart before next steps
- In the formula area extend the expression to
.es(*).derivative() - Select '1h' for the time interval from drop-down list
- And select the play button again - variation for number of events on hourly basis will be presented
- Modify the formula:
.es(*), .es(*,offset=-1h)to compare count of events to previous hour and select play button - Add some custom color to the time series:
.es(*), .es(*,offset=-1h).color(yellow)and select play button - Convert line to bars:
.es(*), .es(*,offset=-1h).bars().color(yellow)and select play button again - Add secondary data source to correlate number of events in log files to population of Israel:
.es(*).bars(), .wbi(country=ISR).divide(100000) - Adding another metric to the chart:
.es(), .es(metric=max:memory).divide(100) - You are getting the rough idea of a potential...