Search code examples
javascriptnode.jselasticsearchkibanaelk

ELK: Kibana graph chart & elastic-search mapping

I'd like to ask for advice about Kibana's graph visualization & ElasticSearch mapping with join types.

I am having different entities, let say pets (let's call them major entities) and their owners (minor entity).

I am inserting pets in PETS index and put owners in separate index of OWNERS. So some pets have a property that can be connected/join with the following (only one) owner.

Like this:

pets

{ 
  id: 1,
  name: 'Pikacho',
  ownerId: 1
}

owner

{ 
  id: 1,
  name: 'Rachel',
  petId: 1
}

Actually I am free to use every structure I want, even nested owner documents inside every pet. The real question is how to achieve the best case for graph data

Owners are really a separate entity and I don't need them in the business logic of my app, but sometimes, as a user I'd like to check in Kibana's UI via graph chart how many pets have one owner and so on.

enter image description here

So my question is: Are there any restrictions on data inserting (with.index method) via ElasticSearch driver for node.js, if I'd like to build a graph chart?

  • Should I create index via .create index and mark every field with correct mapping or I can just write them as usual in Elastic and connect necessary field inside Kibana by the result?
  • How to use the join relation correctly in this case if I have to use it for graph charts and should I use them at all?
  • Should I have two different indexes for performable graph chats, or it's better to have a document-oriented way with:
{
  id: 1,
  name: 'Pikachoo',
  owner: {
    id: 1,
    name: 'Rachel'
  }
}

My Elastic & Kibana versions are 7.16+ (current) I'll be glad to have any example provided.

Solution

  • The good thing about the Graph application in Kibana and the underlying Graph API is that they don't require you to index your data in any specific way, which means they don't leverage join fields or parent-child or nested relationships at all.

    The only thing that Graph uses to create connections are common values between documents, and based on those, it can create a network of related terms in the index.

    It's very easy to start exploring your data with Graph.

    1. Create an index pattern in Kibana that spans both indexes pets and owners
    2. Open the Graph application, select the index pattern you just created
    3. Select the two fields petName and ownerId
    4. Click "Graph" and you'll start seeing connections between your data. The label of the vertices will be the pet/owner IDs and the vertices will be connected

    Here is an example of how it could look like based on your data:

    owner / pet graph