Brian, I like the direction you are going down and am trying to do that myself. However, being a perl fledgling, I am still battling Dumper etc. I would appreciate it if you could share your code to convert and ES query to CSV. I want to use aggregations and print/report/graph results. Kibana is very pretty and does the basics well, but I want to know who used web mail and order it by volume of data sent by hour of day and either graph / tabulate / csv out the result. I just cant see how to do that with Kibana.
Thanks Ash On Monday, August 25, 2014 6:36:42 PM UTC-4, Brian wrote: > > Is there some existing method to integrate processing between the Kibana/ > Elasticsearch response JSON and the graphing? > > For example, I have a Perl script that can convert an Elasticsearch JSON > response into a CSV, even reversing the response to put the oldest event > first (for gnuplot compatibility). I then have an R script that can accept > a CSV and perform custom statistical analysis from it. It can even > auto-detect the timestamp and ordering and reverse the CSV events (adapting > without change to either an Elasticsearch response as CSV, or a direct CSV > export from Splunk). > > I've showed the process to a few people, but all balk outright or else shy > away politely at the thought of going to Kibana's Info button, copying and > pasting the curl-based query, and then running it along with the Perl CSV > conversion script and R processing script from the command line. And I > can't blame them! > > It may be that Kibana already has the capability to pipe data through > server-installed commands and scripts, but my lack of Javascript experience > and lack of Kibana internals expertise doesn't seem to help me discover it. > > Or perhaps this would be a great new addition to Kibana: > > 1. Allow a server-side command to be in the middle of the response and the > charting. > 2. Deliver the response as a CSV with headers, including the @timestamp > field of course, to the server-side command, along with the appropriate > arguments and options for the particular panel. > 3. Document the graphite / graphviz / other format required to display the > plots. > > Just a thought. > > Brian > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/aa578197-352f-4def-a341-4388b9627a58%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
