Most frequently used visualizationsedit

The most frequently used visualizations allow you to plot aggregated data from a saved search or index pattern. They all support a single level of Elasticsearch Elasticsearch metric aggregations, and one or more levels of Elasticsearch bucket aggregations.

The most frequently used visualizations include:

  • Line, area and bar charts
  • Pie charts
  • Data tables
  • Metrics, goals, and gauges
  • Heat maps
  • Tag clouds

Configure your visualizationedit

You configure visualizations using the default editor, which is broken into metrics and buckets, and includes a default count metric. Each visualization supports different configurations for what the metrics and buckets represent. For example, a Bar chart allows you to add an X-axis:

A common configuration for the X-axis is to use a Elasticsearch date histogram aggregation:

visualize date histogram

To see your changes, click Apply changes apply changes button

If it’s supported by the visualization, you can add more buckets. In this example we have added a Elasticsearch terms aggregation on the field geo.src to show the top 5 sources of log traffic.

visualize date histogram split 1

The new aggregation is added after the first one, so the result shows the top 5 sources of traffic per 3 hours. If you want to change the aggregation order, you can do so by dragging:

The visualization now shows the top 5 sources of traffic overall, and compares them in 3 hour increments:

visualize date histogram split 2

For more information about how aggregations are used in visualizations, see supported aggregations.

Each visualization also has its own customization options. Most visualizations allow you to customize the color of a specific series:

An array of color dots that users can select