Now i am using grafana to display netflow traffic in elasticsearch.
When i using table , it does work.But i want to display the data by pie.
For instance,i’d like to display the top 10 src_address group by bytes.
From the forum i know that the pie only works with timestamp.then i added a new aggregation,it’s work,But the data is incorrect…
Is there anyone who did this before?
I think you have to have a date histogram. In what way was the data incorrect?
It’s ok now, when i change the time interval to 1y,the data is correct , But i am not every clear about the time interval, what does that mean
What is a time interval? A time interval of 1yr shows data from now to a year ago. It is then grouped by a interval (once a minute, or once an hour for example). For Elasticsearch, this grouping is very important as fetching a year’s data can be expensive if you have a fine grained grouping (once a minute would be 365 * 24 * 60 points of data).
The time interval is 1y.And it works well,thank you so much
