Kibana User Guide [4.2] » Visualize » Data Table

标签: ELKKibana
1205人阅读 评论(0) 收藏 举报

Data Table


Count 计数
The count aggregation returns a raw count of the elements in the selected index pattern.
Average 平均值
This aggregation returns the average of a numeric field. Select a field from the drop-down.
Sum 综合
The sum aggregation returns the total sum of a numeric field. Select a field from the drop-down.
Min 最小值
The min aggregation returns the minimum value of a numeric field. Select a field from the drop-down.
Max 最大值
The max aggregation returns the maximum value of a numeric field. Select a field from the drop-down.
Unique Count 单一计数
The cardinality aggregation returns the number of unique values in a field. Select a field from the drop-down.
Standard Deviation 标准差
The extended stats aggregation returns the standard deviation of data in a numeric field. Select a field from the drop-down.
Percentiles 百分比
The percentile aggregation divides the values in a numeric field into percentile bands that you specify. Select a field from the drop-down, then specify one or more ranges in the Percentiles fields. Click the to remove a percentile field. Click + Add to add a percentile field.
一个数值字段中,值的百分比分布。使用X来移除一个百分比框,使用+ Add 来添加百分比框。
Percentile Rank 百分比排名
The percentile ranks aggregation returns the percentile rankings for the values in the numeric field you specify. Select a numeric field from the drop-down, then specify one or more percentile rank values in the Values fields. Click the X to remove a values field. Click +Add to add a values field.

You can add an aggregation by clicking the + Add Aggregation button.

通过+ Add Aggregation按钮增加一个聚集。

The rows of the data table are called buckets. You can define buckets to split the table into rows or to split the table into additional tables.


Each bucket type supports the following aggregations:


Date Histogram 日期柱状图
date histogram is built from a numeric field and organized by date. You can specify a time frame for the intervals in seconds, minutes, hours, days, weeks, months, or years. You can also specify a custom interval frame by selecting Custom as the interval and specifying a number and a time unit in the text field. Custom interval time units are s for seconds, m for minutes, h for hours, d for days, w for weeks, and y for years. Different units support different levels of precision, down to one second.
Histogram 柱状图
A standard histogram is built from a numeric field. Specify an integer interval for this field. Select theShow empty buckets checkbox to include empty intervals in the histogram.
基于数值字段创建,为这个字段指定一个整数间隔。勾选Show empty buckets让直方图中包含空的间隔。
Range 类别
With a range aggregation, you can specify ranges of values for a numeric field. Click Add Range to add a set of range endpoints. Click the red (x) symbol to remove a range.
可以为一个数值字段指定一系列区间,点击添加一对区间端点。点击红色(x) 符合移除一个区间。
Date Range 日期类别
date range aggregation reports values that are within a range of dates that you specify. You can specify the ranges for the dates using date math expressions. Click Add Range to add a set of range endpoints. Click the red (/) symbol to remove a range.
计算你指定的时间区间的值。可以使用data math表达式指定区间,点击Add Range添加新的区间端点,点击红色的 (/) 符号移除区间。
IPv4 Range IPv4类别
The IPv4 range aggregation enables you to specify ranges of IPv4 addresses. Click Add Range to add a set of range endpoints. Click the red (/) symbol to remove a range.
指定IPv4地址的区间,点击Add Range添加新的区间端点,点击红色的 (/) 符号移除区间。
Terms 条件
terms aggregation enables you to specify the top or bottom n elements of a given field to display, ordered by count or a custom metric.
Filters 过滤器
You can specify a set of filters for the data. You can specify a filter as a query string or in JSON format, just as in the Discover search bar. Click Add Filter to add another filter. Click the images/labelbutton.png label button to open the label field, where you can type in a name to display on the visualization.
你可以为数据指定一组filters,每个filters中可以用query string,也可以用JSON格式,就像在Discover页的搜索栏里一样。点击Add Filter添加下一个过滤器。
Significant Terms 有意义的条件
Displays the results of the experimental significant terms aggregation. The value of the Size parameter defines the number of entries this aggregation returns.
Geohash 地理哈希
The geohash aggregation displays points based on the geohash coordinates.

Once you’ve specified a bucket type aggregation, you can define sub-aggregations to refine the visualization. Click + Add Sub Aggregation to define a sub-aggregation, then choose Split Rows or Split Table, then select a sub-aggregation from the list of types.

一旦你定义好了一个bucket类型聚合,可以继续定义子聚合来完善可视化效果。点击+  Add Sub Aggregation来定义子聚合,然后选择Split Rows 或者Split Table,并从类型菜单中选择一个子聚合。

You can use the up or down arrows to the right of the aggregation’s type to change the aggregation’s priority.


You can click the Advanced link to display more customization options for your metrics or bucket aggregation:

你可以点击Advanced 链接显示更多有关聚合的自定义函数:

Exclude Pattern 排除模式
Specify a pattern in this field to exclude from the results.
Exclude Pattern Flags 排除模式标志
A standard set of Java flags for the exclusion pattern.
排除模式的Java flags 标准集
Include Pattern 包含模式
Specify a pattern in this field to include in the results.
Include Pattern Flags 包含模式标志
A standard set of Java flags for the inclusion pattern.
包含模式的Java flags标准集
A text field where you can add specific JSON-formatted properties to merge with the aggregation definition, as in the following example:
{ "script" : "doc['grade'].value * 1.2" }

In Elasticsearch releases 1.4.3 and later, this functionality requires you to enable dynamic Groovy scripting.

在Elasticsearch 1.4.3及以后版本,这个函数需要你开启dynamic Groovy scripting

The availability of these options varies depending on the aggregation you choose.


Select the Options tab to change the following aspects of the table:

选择Options 更改表格中如下方面:

Per Page 每页
This field controls the pagination of the table. The default value is ten rows per page.

Checkboxes are available to enable and disable the following behaviors:


Show metrics for every bucket/level 为每个bucket/level显示metrics
Check this box to display the intermediate results for each bucket aggregation.
Show partial rows 显示部分行
Check this box to display a row even when there is no result.

Enabling these behaviors may have a substantial effect on performance.


Viewing Detailed Information


To display the raw data behind the visualization, click the bar at the bottom of the container. Tabs with detailed information about the raw data replace the visualization:


Table. A representation of the underlying data, presented as a paginated data grid. You can sort the items in the table by clicking on the table headers at the top of each column.

Table. 潜在数据的展现,以标页数据格的形式存在。你可以通过点击表头或者圆柱体顶部,对表中的条款进行排序

Request. The raw request used to query the server, presented in JSON format.

Request. 被用于请求服务器,以JSON形式展现。

Response. The raw response from the server, presented in JSON format.

Response. 来自服务器的响应,以JSON的形式存在。

Statistics. A summary of the statistics related to the request and the response, presented as a data grid. The data grid includes the query duration, the request duration, the total number of records found on the server, and the index pattern used to make the query.

Statistics. 对统计信息的总结,和请求响应相关,以数据格形式展现。数据格包括请求持续、应答持续、服务器中的记录总数和用于请求的索引模式。

To export the raw data behind the visualization as a comma-separated-values (CSV) file, click on either theRaw or Formatted links at the bottom of any of the detailed information tabs. A raw export contains the data as it is stored in Elasticsearch. A formatted export contains the results of any applicable Kibana field formatters.

想要以csv格式输出可视化背后的原始数据,点击任何一个详细信息标签底部的 Raw 或 Formatted 链接。一个原始输出包括存在ES中的数据,一个定制化的输出包括Kibana中应用的结果。





* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    • 访问:393626次
    • 积分:5964
    • 等级:
    • 排名:第4234名
    • 原创:110篇
    • 转载:366篇
    • 译文:37篇
    • 评论:24条