I put some data into Elasticsearch to visualize it in Kibana. My goal is to maximally avoid Scripted fields in Kibana, because they are computationally expensive.
I want to make a chart showing months in the X axis and count in Y axis. For this I need to format EventDate into month. What is the best way to do it?
This is my PUT statement:
PUT /test
{
"mappings": {
"registry": {
"_source": {
"enabled": true
},
"_all": {
"enabled": true
},
"properties": {
"Id": {
"type":"text"
},
"Location": {
"type":"geo_point"
},
"Country": {
"type":"keyword"
},
"EventDate": {
"type":"date",
"format": "yyyy-MM-dd HH:mm:ss.SSS"
},
}
}
}
}
I don't know the exact usecase, but you can use Histogram aggregation or regex queries which match the month in EventDate.
Here is the docu of the DateHistogramm Aggregation: https://www.elastic.co/guide/en/elasticsearch/reference/current/search-aggregations-bucket-datehistogram-aggregation.html