I'm newbie for ELK and now wondering how to specify recent data only using lucene query in Kibana.
I'm trying to do like:
timestamp:[10 minutes ago TO now]
I found the way to specify static range of time window, but I would like to show a dynamic graph based on recent data only.
Thank you
Answer myself..
I found this post. Right now kibana doesn't support such query.
https://github.com/elastic/kibana/issues/4278
Related
I've got a process storing RedisTimeSeries data in a Redis instance on Docker. I can access the data just fine with the RedisInsight CLI:
I can also add Redis as a data source to Grafana:
I've imported the dashboards:
But when I actually try to import the data into a Grafana dashboard, the query just sits there:
TS.RANGE with a value of - +, or two timestamps, also produces nothing: (I do get results when entering it into the CLI, but not as a CLI query in Grafana.
What could I be missing?
The command you should be using in the Grafana dashboard for retrieving and visualising the data in time series stored in Redis with RedisTimeSeries is TS.RANGE for a specific key, or TS.MRANGE in combination with a filter that selects a set of time series matching this filter. List of commands with RedisTimeSeries: https://oss.redislabs.com/redistimeseries/commands/ (you're using TS.INFO which does only retrieve metadata of time series key, not the actual samples within)
So I looked into this a bit more. Moderators deleted my last answer because it didn't 'answer' the question.
There is a github issue for this. One of the developers also responded. It is broken and has been for awhile. Grafana doesn't seem to want to maintain this datasource at the moment. IMHO they should remove the redis timeseries support from their plugin library if it isn't fully baked.
[redis datasource issue for TS.RANGE]
[1]: https://github.com/RedisGrafana/grafana-redis-datasource/issues/254
Are you trying to display a graph (eg, number of people vs time)? If so, perhaps that TS.INFO is not the right command and you should use something like TS.MRANGE.
Take a look at
https://redislabs.com/blog/how-to-use-the-new-redis-data-source-for-grafana-plug-in/
for some more examples.
I'm looking for a workaround on the following issue. Hope someone can help.
I'm unable to backfill data in the ga_sessions_ table in BigQuery through product linking in GA. e.g. partition ga_sessions_20180517 is missing
This specific view has already been linked before. Google documentation says that historical load is only done once per view (hence, the issue) (https://support.google.com/analytics/answer/3416092?hl=en)
Is there any way to work around it?
Kind regards,
Martijn
You can use Google Analytics Reporting API to get the data for that view. This method has lot of restrictions like sometimes the data is sampled/only 7 dimensions can be exported in one call, but at least you will be able to fetch your data in a partitioned manner.
Documentation hereDoc
If you need a lot of dimensions/metrics in hit level format, scitylana.com has a service that can provide this data historically.
If you have a clientId set in a custom dimension the data-quality is near perfect.
It also works without a clientId set.
You can get all history as available through the API.
You can get 100+ dimensions/metrics in one batch into BQ.
I have a simple query regarding the Wikimedia/Wikipedia API.
I have to fetch the changes made from a list of "revids". I am able to fetch the XML content for a batch of "revids", but I failed to extract only the changed text.
Does API provide any way to extract only the changed sentences? If not any external script/module that can do this job?
Query to fetch the revision details: https://en.wikipedia.org/w/api.php?action=query&prop=info|revisions&rvprop=user|userid|ids|tags|comment|content&format=jsonfm&revids=1228415
I would appreciate any suggestions/solutions that could solve this issue!
(Currently, I am using the Wikitools python module to make the queries)
You can get the diff between the old and new text with action=compare, but it segments text by wikitext lines, not sentences, isn't meant to be machine-readable, and is generally not that helpful. Since you are using Python, the client-side library deltas will probably work better for you.
I have some code deployed on 1 out of my 6 servers. I need a splunk query that pulls data from the other 5 hosts. Something like - All except this 1 host. I know the host option in splunk to look for the host's logs, but I have no idea how to do all except 1. Can someone please assist me?
The one box I am talking about has my latest code changes, and the other 5 have my old code. So I want to write a query to do a before vs after analysis.
Looks like you have your answer, but I use an alternative method that speeds things up for me.
Within your search results, you can quickly eliminate what you want to filter out by ALT-clicking on a value in a selected field. In your case, it would add NOT host="1" to your query and immediately update your results.
I find this particularly helpful when I'm in the preliminary stage of investigating an issue, and don't have enough information to know exactly where to look first. It makes it easy to rapidly eliminate what you don't need.
*Note: This may still be broken in Splunk 6, not sure if the bug has been fixed yet: http://answers.splunk.com/answers/109473/alt-click-not-working-selected-fields
Okay, I got the answer to my question. Just use !=. So if I want the results for all my hosts except host 1, all I do is - index=blah host!="1"
How to customize standard search behavior in Drupal 6? I need search results to be sorted by date. In example, people want to show items within 2 past weeks or something like that.
I've tried a lot things on this reference without luck. Have you ever encountered such problem? Any help will b appreciated. Thanks!
You can sort by date using search solutions like Apache Solr. But I understand you want to use standard Drupal search.
In that situation I would recommend using the faceted search module http://drupal.org/project/faceted_search
Faceted Search module does not require the installation of a separate search engine. It also has views integration which will allow you to do thinks like show results from last 2 weeks and so on.
Please see:
http://drupalcode.org/viewvc/drupal/contributions/modules/faceted_search/README.txt?view=co
You can search for "views" in the above document for information.
You can choose to also not show any facets if you don't want your users to see them. In that case you would be installing the module only because of the benefits of views integration.