Add layers for the Elasticsearch data

edit

Add layers for the Elasticsearch data

edit

To avoid overwhelming the user with too much data at once, you’ll add two layers for Elasticsearch data.

  • The first layer will display individual documents. The layer will appear when the user zooms in the map to show smaller regions.
  • The second layer will display aggregated data that represents many documents. The layer will appear when the user zooms out the map to show larger amounts of the globe.

Add a vector layer to display individual documents

edit

This layer displays web log documents as points. The layer is only visible when users zoom in the map past zoom level 9.

  1. Click Add layer.
  2. Select Documents.
  3. Set Index pattern to kibana_sample_data_logs.
  4. Click the Add layer button.
  5. Set Name to Actual Requests.
  6. Set Visibilty to the range [9, 24].
  7. Set Opacity to 100%.
  8. Click Add under Tooltip fields.
  9. In the popover, select clientip, timestamp, host, request, response, machine.os, agent, and bytes and click Add.
  10. Set Fill color to #2200ff.
  11. Click Save & close.

    Your map now looks like this between zoom levels 9 and 24:

    gs add es document layer

Add a vector layer to display aggregated data

edit

Aggregations group Elasticsearch documents into grids. You can calculate metrics for each gridded cell.

You’ll create a layer for aggregated data and make it visible only when the map is zoomed out past zoom level 9. Darker colors will symbolize grids with more web log traffic, and lighter colors will symbolize grids with less traffic. Larger circles will symbolize grids with more total bytes transferred, and smaller circles will symbolize grids with less bytes transferred.

grid metrics both

Add the layer

edit
  1. Click Add layer.
  2. Select Clusters and grids.
  3. Set Index pattern to kibana_sample_data_logs.
  4. Click the Add layer button.
  5. Set Name to Total Requests and Bytes.
  6. Set Visibility to the range [0, 9].
  7. Set Opacity to 100%.

Configure the aggregation metrics

edit
  1. Click Add metric under of Metrics label.
  2. Select Sum in the aggregation select.
  3. Select bytes in the field select.

Set the layer style

edit
  1. In Layer style, change Symbol size:

    1. Set Min size to 7.
    2. Set Max size to 25.
    3. Change the field select from count to sum of bytes.
  2. Click Save & close button.

    Your map now looks like this between zoom levels 0 and 9:

    sample data web logs