Hello I am trying to evaluate ELK to help visualize my log data as we did with other tools till now. I have some log data like
15 1424376130.979 84 10.0.0.210 TCP_MISS/200 104708 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 16 1424376132.409 11 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 17 1424376133.240 10 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 18 1424376133.937 11 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 19 1424376134.644 6 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 20 1424376135.366 9 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 21 1424376136.057 11 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 22 1424376136.821 12 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 23 1424376137.410 25 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 24 1424376137.956 12 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 25 1424376138.508 23 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 26 1424376139.142 17 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 27 1424376139.713 26 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 28 1424376140.404 20 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 29 1424376141.084 21 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 30 1424376141.677 25 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 31 1424376142.216 25 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 32 1424376142.937 44 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 33 1424376144.726 13 10.0.0.210 TCP_REFRESH_HIT/200 104573 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 34 1424376170.692 32 10.0.0.210 TCP_REFRESH_HIT/200 104565 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 35 1424376172.692 213 10.0.0.210 TCP_REFRESH_HIT/200 104565 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 36 1424376173.400 10 10.0.0.210 TCP_REFRESH_HIT/200 104565 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 37 1424376174.895 9 10.0.0.210 TCP_REFRESH_HIT/200 104565 GET http://en.wikipedia.org/wiki/Walden,_New_York - DIRECT/en.wikipedia.org text/html 38 1424376274.397 1384 10.0.0.210 TCP_MISS/200 86976 GET http://www.citrix.co.jp/products.html?posit=glnav - DIRECT/www.citrix.co.jp text/html These log data is with timestamp in the unit of milliseconds. I succeed to put it into elasticsearch, but can somebody advise how I can do this with kibana4? - Calculate the HIT ratio per second. The Hit ration will be calculated as the percentation of "HIT" happens among all logs in that time. Thanks, Cong -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/9c3cba40-48d0-4837-a1f0-62b06f12740c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
