I have an elasticsearch index called github that I host on a local cluster visible on localhost:9200 with grafana on localhost:3000 but when Ive added the data source from elasticsearch I cant see anything on dashboard. Its just empty.
Do you mean that right after adding the data source, you went and created a new dashboard and expected there to be data from the elasticsearch index? If that’s the case, then you need to customise the graph just like you’d do it in Kibana.
Click on the drop-down arrow right to the graph’s “Panel Title” and there’s the Edit button there; it’ll bring up the graph editor wherein you can specify which data source to query and what to query.
If you just want to see what you have in your index without creating graphs, check out the Explore feature. It’s right under the Dashboards in the left pane.
It seems to work yay!!!
However, if you have time for another question, is it possible to get the sum of type:keywords?
“title”: “[Bluefringe] QRadar Console for Local environments”,
how would you set it up on grafana to total by label
I’m not sure that I understand the “the sum of type:keywords” part. Are you referring to the elasticsearch keyword datatype? So that if, let’s say, we have just a single document and only two fields with datatype “keyword” within the document, the result should be 2?
If not, could you please explain in greater detail? Alternatively, at this stage your question might be more related to elasticsearch rather than to Grafana, so it might be worth exploring getting your question asked on the elasticsearch community.