我有一些问题,当我在我的领域添加一个部门时,我必须用 Kibana 制作图表我没有结果
I have some problems I have to make a graph with Kibana when I add a division with my field I have no result
/* 对不起我的英语我是法国人我的分裂是 nginx.access.response_code.keyword
呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜
呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜
mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm
mmmmmmmmmmmmmmmmmmmm
mmmmmmmmmmmmmmmmmmmmmmmm
mmmmmmmmmmmmmmmm
*/
{
"aggs": {
"2": {
"significant_terms": {
"field": "nginx.access.response_code.keyword",
"size": 10
},
"aggs": {
"3": {
"date_histogram": {
"field": "@timestamp",
"fixed_interval": "12h",
"time_zone": "Europe/Paris",
"min_doc_count": 1
}
}
}
}
},
"size": 0,
"stored_fields": [
"*"
],
"script_fields": {},
"docvalue_fields": [
{
"field": "@timestamp",
"format": "date_time"
},
{
"field": "event.created",
"format": "date_time"
},
{
"field": "read_timestamp",
"format": "date_time"
}
],
"_source": {
"excludes": []
},
"query": {
"bool": {
"must": [],
"filter": [
{
"match_all": {}
},
{
"range": {
"@timestamp": {
"gte": "2020-11-07T14:57:01.503Z",
"lte": "2020-12-07T14:57:01.503Z",
"format": "strict_date_optional_time"
}
}
}
],
"should": [],
"must_not": [
{
"match_phrase": {
"nginx.access.response_code.keyword": {
"query": "200"
}
}
},
{
"match_phrase": {
"nginx.access.response_code.keyword": {
"query": "301"
}
}
},
{
"match_phrase": {
"nginx.access.response_code.keyword": {
"query": "304"
}
}
}
]
}
}
}
/* the result my buckets are empty */
{
"took": 302,
"timed_out": false,
"_shards": {
"total": 11,
"successful": 11,
"skipped": 10,
"failed": 0
},
"hits": {
"total": 6418480,
"max_score": null,
"hits": []
},
"aggregations": {
"2": {
"buckets": []
}
}
}
我找到了。它在我的数据中不存在 nginx.access.response_code.keyword。请注意,Kibana 不会显示您的错误。
/* 对不起我的英语我是法国人我的分裂是 nginx.access.response_code.keyword 呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜 呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜呜 mmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm mmmmmmmmmmmmmmmmmmmm mmmmmmmmmmmmmmmmmmmmmmmm mmmmmmmmmmmmmmmm
*/
{
"aggs": {
"2": {
"significant_terms": {
"field": "nginx.access.response_code.keyword",
"size": 10
},
"aggs": {
"3": {
"date_histogram": {
"field": "@timestamp",
"fixed_interval": "12h",
"time_zone": "Europe/Paris",
"min_doc_count": 1
}
}
}
}
},
"size": 0,
"stored_fields": [
"*"
],
"script_fields": {},
"docvalue_fields": [
{
"field": "@timestamp",
"format": "date_time"
},
{
"field": "event.created",
"format": "date_time"
},
{
"field": "read_timestamp",
"format": "date_time"
}
],
"_source": {
"excludes": []
},
"query": {
"bool": {
"must": [],
"filter": [
{
"match_all": {}
},
{
"range": {
"@timestamp": {
"gte": "2020-11-07T14:57:01.503Z",
"lte": "2020-12-07T14:57:01.503Z",
"format": "strict_date_optional_time"
}
}
}
],
"should": [],
"must_not": [
{
"match_phrase": {
"nginx.access.response_code.keyword": {
"query": "200"
}
}
},
{
"match_phrase": {
"nginx.access.response_code.keyword": {
"query": "301"
}
}
},
{
"match_phrase": {
"nginx.access.response_code.keyword": {
"query": "304"
}
}
}
]
}
}
}
/* the result my buckets are empty */
{
"took": 302,
"timed_out": false,
"_shards": {
"total": 11,
"successful": 11,
"skipped": 10,
"failed": 0
},
"hits": {
"total": 6418480,
"max_score": null,
"hits": []
},
"aggregations": {
"2": {
"buckets": []
}
}
}
我找到了。它在我的数据中不存在 nginx.access.response_code.keyword。请注意,Kibana 不会显示您的错误。