Response codes over time

This can be visualized easily using a bar graph.

Create a new visualization:

  1. Click on New and select Vertical Bar
  2. Select Logstash-* under From a New Search, Select Index
  3. On the x axis, select Date Histogram and @timestamp as the field
  4. Click Add sub-buckets and select Split Series
  5. Select Terms as the Sub Aggregation
  6. Select response.keyword as the field
  7. Click the Play (Apply Changes) button

The following screenshot displays the steps to create a new visualization for response codes over time:

Save the visualization as Response Codes By Time.

As seen in the visualization, on a few days, such as June 9, June 16, and so on, there is a significant amount of 404. Now, to analyze just the 404 events, from the labels/keys panel, click on 404 and then click positive filter:

The resulting graph is shown in the following screenshot:

You can expand the labels/keys and choose the colors from the color palette, thus changing the colors in the visualization. Pin the filter and navigate to the Discover page to see the requests resulting in 404s.


..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.