Bandwidth usage of the top five countries over time

The steps to demonstrate this are as follows:

  1. Create a new visualization
  2. Click on New and select Area Chart
  3. Select Logstash-* under From a New Search, Select Index
  4. In Y axis, select Aggregation type and Sum of bytes as the field
  5. In X axis, select Date Histogram and @timestamp as the field
  6. Click Add sub-buckets and select Split Series
  7. Select Terms as the Sub Aggregation
  8. Select geoip.country_name.keyword as the field
  9. Click the Play (Apply Changes) button

The following screenshot displays the steps to create a new visualization for the bandwidth usage of the top five countries over time:

Save the visualization as Top 5 Countries by Bandwidth Usage.

What if we were not interested in finding only the top five countries? Rearrange the aggregation and click Play, as follows:

The order of aggregation is important.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset