Are you okay sharing the scatter plot code in my Elastic vega example gallery??

https://uploads.disquscdn.c... Hi can we make the tooltip to show as labels without the need to hover with mouse to see it? Like the picture attached?

Hi, Thanks for the great article. Is there a way to only include data in the plot that satisfies the search requests? SImilar as what is done with standard Kibana visuals, where both filters and search requests are considered.
Cheers,

how can I load more than 10 000 documents ?

Thanks

Hi Tim, thanks for the example. Actually I can't load all my data from the index logstash, apparently logstash-* is different of logstash-nsg-* for example, why ? It is beceause of size: 10000?

Cheers

Hi Tim, thanks for the example, the chart looks great. I had a play with Vega and Kibana however didnt have any luck using it with aggregations. Have you had any luck doing this?

For example, rather than accessing hits, access time bucketed categorical data that can be used to feed a vega matrix plot.

Cheers,

Paul

Paul, multi-level aggregates are fairly difficult to use in Vega at this point - I just filed a ticket that should make it far easier - https://github.com/vega/veg...
The problem is not accessing individual sub-sub-values when drawing them, but scaling - you need to tell Vega the domain of values on which to draw. For example, you you could aggregate by time and by file extension, getting number of events (doc_count) for each. Now if you want to draw doc_count along the y axis, you need to tell Vega how to calculate minimum and maximum of those doc counts, so that it can map it to the height of the graph. Vega can easily do it from a single list of objects, but it cannot do it from a hierarchy.

PERFECT, I searched for this function in the Vega docs (...and failed) when I was trying to figure it out. Thanks for proposing the function.

Paul, make sure to comment on the github issue, explaining your use case, and possibly linking here. Makes it more visible.

Hi Paul,

doing aggregations with three levels (as in this chart) is a bit more complex. Using just 2 levels, e.g. date histogram and the average of bytes, is easier, an Yuri has covered this in this blog post.

If you need a third level, you will need to use Vega (and not Vega-Lite) and it will become more complex. Hopefully we'll see Yuri publishing a blog post about that in detail in the future :-) I will post you a link if he does.

Cheers,
Tim

Sorry I failed to mention this in the post - I have charted at 2 levels however ran into problems when trying 3. My current approach is to use Vega outside of Kibana however this is time consuming as I need to manipulate the elastic response to suit Vega using js. I look forward to the link! Cheers.

You mean 2 and 1 levels. A single aggregation produces a list: `[ {key, doc_count}, {key, doc_count}, ... ]`. For example, a term agg would give you a list of objects, one for each bucket. A two level agg produces a sub-list for each - e.g. list of file extensions objects, and each would have a list of date histogram objects. Drawing them with Vega is possible, but I'm not sure Vega-Lite can handle nested iterations.