Stats panel in Kibana won't show the total value for a field

StackOverflow https://stackoverflow.com/questions/23602865

  •  20-07-2023
  •  | 
  •  

Question

I want to see the total for a numeric field in Kibana but I can't seem to get it working. I am generating json log entries and shipping them to elastic search and generating graphs (which is all working nicely),

and I have config that looks like this:

input {
   file {
      path => "C:\logs\my-stats.log"
      codec => json
   }
}

filter {
    date {
        match => [ "timestamp", "ISO8601" ]
    }
    mutate {
        convert => [ "clientSellAmount", "float" ]
    }
}

output {
  elasticsearch_http {
    host => "mylogserver.foo"
  }
}

and some log entries that have things like this:

{
  "timestamp": "2014-05-12T16:52:11.105+10:00",
  "logType": "PaymentConfirmed",
  "domicile": "New Zealand",
  "userType": "SPOT_APPROVER",
  "clientType": "Spot",
  "clientName": "NZ_TEST_CLIENT",
  "sellCcy": "EUR",
  "buyCcy": "EUR",
  "clientBuyAmount": 35000,
  "clientSellAmount": 27149.67,
  "logVersion": "1"
}

And then in Kibana I added a Stats panel, function is "total", field is "clientSellAmount" and then in query I have a query that has two payments. No matter what I try the amount in the stats panel is always 0, and no errors are shown.

Could it be that I added some logs before I made the field numeric and that's confusing it? Or is there something I'm totally missing? The docs are sparse to nonexistent on any of this stuff.

Was it helpful?

Solution

I have the same problem... I simply want to show a count/total/max of a numeric field and want to show a green text with " registered". Registered user are a count of an ldap base. Its not possible to select a last value of a field, its not possible to use field placeholders in text panels, all text in a text panel is static, and you cant use the termns(_stats) panel, cause there is only bar, pie or table availible. The stats panel show a number like this, but doesn work and show always "0".

Edit:

I found the solution: you must convert the field to float for the stats panel... eg:

mutate {
         convert => [ "registered_users", "float" ]
       }
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top