What Grafana version are you using?
5.1.3
What datasource are you using?
ElasticSearch
What OS are you running grafana on?
NAME=“Ubuntu”
VERSION=“16.04.4 LTS (Xenial Xerus)”
What did you do?
Queried a specific datasource + index using the following:
Query: Schedule.project.keyword:“GROUP1”
METRIC: Unique count, Schedule.reservationId, default precision threshold
Date Histogram, serverTime (in Epoch_MS), interval = 15m
What was the expected result?
Specific counts of data that contained the value GROUP1 in Schedule.project.keyword, while also containing unique instances of reservationId. Since all reservations and data points indexed in ES are unique, this part may be redundant. To this date I have not found a way to graph data without it though, please advise if I’m doing this wrong.
What happened instead?
Strangely enough, I got back a count of documents like this:
Imagine a data set of 20 reservations, 10 with GROUP1 and 10 with GROUP2.
In this case, both GROUP1&2 exist. The graph would show that both GROUP1&2 had 20 reservations each (40 total). This same scenario applies with an example data set that has GROUP1&2&3, as long as any of them have a presence in the data payload. So basically in the second scenario, the graph would show 60 total reservations (20+20+20) for 3 groups, even if the split was something like 4, 6, 10. I’m happy to include data and graphs showing what I’m talking about if need be. It will be a lot of screenshots to cover various examples, but I’ll do it if it’s wanted.
If related to metric query / data viz:
Not sure what to put here, let me know if additional information is needed.
Include raw network request & response: get by opening Chrome Dev Tools (F12, Ctrl+Shift+I on windows, Cmd+Opt+I on Mac), go the network tab.
Let me know if more is needed than just this. I’m happy to get more information.
Request Payload:
{“search_type”:“query_then_fetch”,“ignore_unavailable”:true,“index”:“videosystemsmonitoring”,“max_concurrent_shard_requests”:256}
{“size”:0,“query”:{“bool”:{“filter”:[{“range”:{“serverTime”:{“gte”:“1526078163327”,“lte”:“1526682963327”,“format”:“epoch_millis”}}},{“query_string”:{“analyze_wildcard”:true,“query”:“Schedule.project.keyword:“Zodiac””}}]}},“aggs”:{“2”:{“date_histogram”:{“interval”:“15m”,“field”:“serverTime”,“min_doc_count”:0,“extended_bounds”:{“min”:“1526078163327”,“max”:“1526682963327”},“format”:“epoch_millis”},“aggs”:{“1”:{“cardinality”:{“field”:“Schedule.reservationId”}}}}}}
Any and all help would be greatly appreciated with this. Essentially, I’m trying to figure out how to double filter the results I’ve got from my ES query by both unique reservation ID’s and a project (key) string (value) match.