Timelion Exercise

  • Access Kibana user interface with browser: http://domain-name:5601/

  • Select Timelion on the left hand navigation bar

  • Switch to full screen using the icon on the chart

  • In the formula area type: .es(*)

  • Select time range of last 5 years

  • Select play button to update the presentation to present a typical time-series chart

  • Zoom-in to more active time period of the chart before next steps

  • In the formula area extend the expression to .es(*).derivative()

  • Select '1h' for the time interval from drop-down list

  • And select the play button again - variation for number of events on hourly basis will be presented

  • Modify the formula: .es(*), .es(*,offset=-1h) to compare count of events to previous hour and select play button

  • Add some custom color to the time series: .es(*), .es(*,offset=-1h).color(yellow) and select play button

  • Convert line to bars: .es(*), .es(*,offset=-1h).bars().color(yellow) and select play button again

  • Add secondary data source to correlate number of events in log files to population of Israel: .es(*).bars(), .wbi(country=ISR).divide(100000)

  • Adding another metric to the chart: .es(), .es(metric=max:memory).divide(100)

  • You are getting the rough idea of a potential...

PreviousTimelionNextConsole

Last updated

Was this helpful?