I need to be able to display multiple lines on a single histogram chart, where each line should be represented by a parameter. I have multiple servers for which I want to monitor, say, the CPU usage. My Kibana input data would look something like this:
Timestamp | Machine | Name | Value |
2015-06-15T13:31:50.831Z | 06 | CPUUsage | 26.71 |
2015-06-15T13:31:50.831Z | 04 | CPUUsage | 19.95 |
2015-06-15T13:31:50.831Z | 03 | CPUUsage | 17.54 |
2015-06-15T13:31:50.831Z | 02 | CPUUsage | 20.08 |
... and so on.
As you will understand, I need to graph each machine as a single line of a common histogram chart. At the moment, I have as many Kibana queries as my number of machines I want to monitor, so for the example input above, i'll have 4 queries :
Name:"CPUUsage" AND Machine:"02" Name:"CPUUsage" AND Machine:"03" Name:"CPUUsage" AND Machine:"04" Name:"CPUUsage" AND Machine:"06"
So it renders like the following :
Now rendering is great, but my problem is that I have to add a query for each machine I want to monitor, and that is both very cumbersome and not scalable at all, particularly because the number of machines to monitor is constantly evolving.
Finally, what I would like to achieve is to only declare a single query that would like this :
Name:"CPUUsage"
This query would be machine-agnostic, but for that I need to be able to tell Kibana to split my query in N lines using my parameter "Machine"... is that even possible ?
Note : I'm currently using Kibana 3.1.0.
For Kibana 3 you can refer to the answer by Sushil Verma in the following question: Kibana histogram - drawing multiple series on a single chart
With Kibana 4 onwards, you can create a line chart in Kibana for your purpose. The x-axis would be date histogram The Y-axis would be either sum of or max value of "Value" You can filter your chart by "Name":"CPUUSAGE" and in the split chart option, you can split lines using the term "Machine"
If it's not a big hassle to move to the new Kibana, I would suggest doing that