Blog Detail

preview image Programming
by Anurag Srivastava, Dec 24, 2018, 5:25:28 PM | 3 minutes

Create a Pie Chart in Kibana

In this blog, I am going to explain how you can create a pie chart in Kibana to show Apache2 log data captured through Filebeat. So basically I will plot the pie chart to show multiple field values like response code, HTTP method and total bytes sent.

We will create a simple pie chart which will show multidimensional data where it will create buckets for each of the fields. Following Filebeat data structure we are going to use for creating Pie chart:

{
  "_index": "filebeat-6.5.2-2018.12.13",
  "_type": "doc",
  "_id": "-Z9Ap2cBI_XuAVP8QgYj",
  "_version": 1,
  "_score": null,
  "_source": {
    "offset": 2508,
    "apache2": {
      "access": {
        "referrer": "http://localhost/test/admin.php?username=root&db=mysite",
        "response_code": "200",
        "remote_ip": "127.0.0.1",
        "method": "GET",
        "user_name": "-",
        "http_version": "1.1",
        "body_sent": {
          "bytes": "4180"
        },
        "url": "/test/admin.php?username=root&db=mysite&script=db",
        "user_agent": {
          "original": "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:63.0) Gecko/20100101 Firefox/63.0",
          "major": "63",
          "minor": "0",
          "os": "Ubuntu",
          "name": "Firefox",
          "os_name": "Ubuntu",
          "device": "Other"
        }
      }
    },
    "prospector": {
      "type": "log"
    },
    "read_timestamp": "2018-12-13T10:56:32.756Z",
    "source": "/var/log/apache2/access.log",
    "fileset": {
      "module": "apache2",
      "name": "access"
    },
    "input": {
      "type": "log"
    },
    "@timestamp": "2018-12-13T08:03:29.000Z",
    "beat": {
      "hostname": "DLILPTP0305",
      "name": "DLILPTP0305",
      "version": "6.5.2"
    },
    "host": {
      "name": "DLILPTP0305"
    }
  },
  "fields": {
    "@timestamp": [
      "2018-12-13T08:03:29.000Z"
    ]
  },
  "highlight": {
    "apache2.access.method": [
      "@kibana-highlighted-field@GET@/kibana-highlighted-field@"
    ]
  },
  "sort": [
    1544688209000
  ]
}

Above document of the filebeat index is showing the metrics of Apache log data. So will use the fields from this document in order to create the pie chart. We need to do the following for creating the chart:

  • Click on Visualize link from the left menu. This will open the save visualization link.
  • Click on the plus icon the create a new visualization.
  • From Select visualization type screen, click on pie chart box. This will open a screen to select the index or saved search object.
  • Click on Filebeat if you have Filebeat index or choose your own index pattern.
  • Select count under "Metrics" option.
  • Under Buckets option, select terms for aggregation and select response_code field of Apache under field option.
  • Add the custom label as per the field name.
  • Now click on "Add sub-buckets" button to add more fields to aggregate.
  • Add HTTP method and total bytes sent field for aggregation.
  • After adding all these fields click on the "Apply Changes" button icon on the configuration panel.

This will load the visualization as shown in below screen-shot.

We can click on any section of the visualization to drill-down into the chart and in this way we can get the desired set of data using the visualization. For example, if we want to see only POST request with response code 302, we can directly click on these sections to filter out the chart. 

If you found this article interesting, you can explore  "Mastering Kibana 6.x" to get more insight about Kibana and how we can configure Elastic Stack to create dashboards for key performance indicators.

About Author

Anurag Srivastava

Author | Blogger | Tech Lead | Elastic Stack | Innovator |

View Profile

Comments (0)

Leave a comment

Related Blogs

Metrics Aggregation in Elasticsearch

Aug 18, 2018, 6:02:20 PM | Anurag Srivastava

Introduction to Elasticsearch Aggregations

Aug 14, 2018, 4:47:56 PM | Anurag Srivastava

Wildcard and Boolean Search in Elasticsearch

Aug 10, 2018, 7:14:40 PM | Anurag Srivastava

Bucket Aggregation in Elasticsearch

Aug 29, 2018, 7:15:06 PM | Anurag Srivastava

Elasticsearch Rest API

Jul 31, 2018, 6:16:42 PM | Anurag Srivastava

Basics of Data Search in Elasticsearch

Aug 4, 2018, 7:02:21 AM | Anurag Srivastava

Create word cloud in Python

Jun 30, 2018, 6:06:45 AM | Anurag Srivastava

Typecasting in PHP for short datatype

Jun 8, 2018, 8:03:52 AM | Lovish Sharma

Top Blogs

Configure SonarQube Scanner with Jenkins

Jun 21, 2018, 4:58:11 AM | Anurag Srivastava

Build and deploy Angular code using Python

Jun 26, 2018, 4:50:18 PM | Anurag Srivastava

Configure Jenkins for Automated Code Deployment

Jun 13, 2018, 3:44:01 PM | Anurag Srivastava

SonarQube installation on Ubuntu

May 12, 2018, 4:47:07 PM | Anurag Srivastava

Execute Commands on Remote Machines using sshpass

Jul 16, 2018, 5:00:02 PM | Anurag Srivastava

Why SonarQube is important for IT projects ?

Apr 24, 2018, 2:52:28 PM | Anurag Srivastava

Install Jenkins on Ubuntu

May 26, 2018, 6:42:02 PM | Anurag Srivastava

Analyze your project with SonarQube

Jun 2, 2018, 10:49:54 AM | Anurag Srivastava

Install Kafka on Ubuntu

Jul 12, 2018, 7:40:51 PM | Anurag Srivastava

Introduction to Elasticsearch Aggregations

Aug 14, 2018, 4:47:56 PM | Anurag Srivastava