Hello, I just got start with Grafana and made my first dashboard. Im trying to make a table containing firewall actions (source ip / dest. ip / action etc) but I am having some issues with getting all my data in a table, to be more specific I cant add columns to my table using lucene/keywords (it just adds all values into 1 line making it unreadable). I use elasticsearch to fill the table,
I could use JSON/raw document and add columns that way but then Im not able to select alot of the keyword/fields I have when using lucene. Somehow they arent in the list for raw document/JSON.
Can I add more columns to the table and split the data from one line to multiple columns ?
Can you please provide an example elasticsearch document together with mapping, i.e. get <index>/_mapping and possible also a screenshot which highlight your problem with the missing keyword/fields?
this is what i wanna do. i want to count total trx, total.response=success, total.response.error, etc for every URI Name. please find attachment below.
Don’t think you can do that in one query. What you can do in one query is to group by terms (URI name) and another terms (total.response) and metric=count which will give you columns URI name, “response type”, count as an example.
