Kibana + timelion: time series with the elastic stack

•

5 likes•7,615 views

The document discusses Kibana and Timelion, which are tools for visualizing and analyzing time series data in the Elastic Stack. It provides an overview of Kibana's evolution and capabilities for creating dashboards. Timelion is introduced as a scripting language that allows users to transform, aggregate, and calculate on time series data from multiple sources to create visualizations. The document demonstrates Timelion's expression language, which includes functions, combinations, filtering, and attributes to process and render time series graphs.

Software

1
Sylvain Wallez
@bluxte
Kibana + Timelion:
Time series with the
Elastic Stack

2
Agenda
From ELK to Elastic Stack 5.0
Kibana
Timelion
Conclusion
1
2
3
4

4
The Elastic Stack

Elastic Cloud
Security
Monitoring
Aler0ng
Graph
X-Pack
KibanaUser Interface
ElasticsearchStore, Index,
& Analyze
Ingest Logstash Beats
+

5
What’s new in Elastic Stack 5.0 ?
‒ Dimensional fields – speed up and better compression of numerical data
‒ Ingest node – avoids using Logstash for simple setups
‒ Rollover & Shrink API – better handling of non-hot data
‒ Painless – new fast & secure scripting langage
‒ Complete UI redesign
‒ Control center: config, monitoring, dev tools… and dashboards
‒ Timelion: for time series
Unified release, same version number for all products

6
What’s new in Elastic Stack 5.0 ?
• 
‒ Up to 50% faster
‒ Integration with Kafka
‒ New filters
• 
‒ Libbeat – framework pour construire des agents
‒ MetricBeat, PacketBeat, FileBeat
‒ {Community}Beats, lots of them
‒ Immediate availability of new versions
‒ Automated upgrades
Unified release, same version number for all products

7
Agenda
From ELK to Elastic Stack 5.0
Kibana
Timelion
Conclusion
1
2
3
4

8
Kibana evolution
Data VisualizationManagement

9
Kibana evolution: 4.x
Data VisualizationManagement
Discover
Dashboard
Visualize

10
Kibana evolution: 4.x
Data VisualizationManagement
Discover
Dashboard
Visualize
Monitoring

11
Graph
Kibana evolution: 4.x
Data VisualizationManagement
Discover
Dashboard
Visualize
Monitoring

12
Graph
TimelionSense
Kibana evolution: 4.x
Data VisualizationManagement
Discover
Dashboard
Visualize
Monitoring

13
Discover
Dashboard
GraphDevTools
TimelionConsole
Monitoring
Visualize
Kibana evolution: 5.0
Data VisualizationManagement

14
Discover
Dashboard
Graph
Settings
Users
DevTools
Timelion
Monitoring
Visualize
Console
Kibana evolution: 5.0
Data VisualizationManagement

15
Creating a Kibana dashboard
1 2 3 4
Configure
Select indices
Discover
Explore & filter
Visualize
Create charts
Dashboard
Layout charts
5
It’s alive!
Live update &
filtering

17
Creating a Kibana dashboard
1 2 3 4
Configure
Select indices
Discover
Explore & filter
Visualize
Create charts
Dashboard
Layout charts
5
It’s alive!
Live update &
filtering

19
Creating a Kibana dashboard
1 2 3 4
Configure
Select indices
Discover
Explore & filter
Visualize
Create charts
Dashboard
Layout charts
5
It’s alive!
Live update &
filtering

21
Creating a Kibana dashboard
1 2 3 4
Configure
Select indices
Discover
Explore & filter
Visualize
Create charts
Dashboard
Layout charts
5
It’s alive!
Live update &
filtering

23
Creating a Kibana dashboard
1 2 3 4
Configure
Select indices
Discover
Explore & filter
Visualize
Create charts
Dashboard
Layout charts
5
It’s alive!
Live update &
filtering

26
Agenda
From ELK to Elastic Stack 5.0
Kibana
Timelion
Conclusion
1
2
3
4

27
Why Timelion?
• Elasticsearch queries
‒ Select lots of items (lightning fast)
‒ Aggregations make them understandable
• Need more than that
‒ Correlation, calculation, filtering
‒ Assemble multiple data sources
• Timelion started as an experiment
‒ Escape the UI and use the flexibility of a language
Because there’s more than search

28
Time series resampling
A common time reference to allow calculations
Value
Value
Time
Time
Bucket

29
Timelion expression language
A transformation & aggregation pipeline
ES
World
Bank
Graphite
- Sampling
- Aggregation
- Calculation
- Graphic attributes
Data sources
Transformations
Time series
- Data
- Metadata
- Graphic attributes

30
The Timelion expression language
• Functions
‒ abs, cusum, derivative, fit, holt, log, min, max, movingaverage, movingstd, sum, trend
• Combinations
‒ add, divide, multiply, plus, substract
• Filtering
‒ condition, if
• Graphic attributes
‒ bars, color, hide, label, legend, lines, points, range, title, yaxis
• Data sources
‒ elastic, graphite, wbi, quantl
A rich function library

33
Agenda
From ELK to Elastic Stack 5.0
Kibana
Timelion
Conclusion
1
2
3
4

What's hot

Log management with ELKGeert Pante

ELK StackEberhard Wolff

ElasticsearchShagun Rathore

Elk - An introductionHossein Shemshadi

Deep Dive Into ElasticsearchKnoldus Inc.

ElasticSearch Basic IntroductionMayur Rathod

Elastic stack PresentationAmr Alaa Yassen

ElasticsearchHermeto Romano

ELK introductionWaldemar Neto

Centralized log-management-with-elastic-stackRich Lee

Cloud Monitoring tool Grafana Dhrubaji Mandal ♛

Elk Caleb Wang

ElasticSearchVolodymyr Kraietskyi

Elasticsearch IntroductionRoopendra Vishwakarma

ELK Elasticsearch Logstash and Kibana Stack for Log ManagementEl Mahdi Benzekri

What Is ELK Stack | ELK Tutorial For Beginners | Elasticsearch Kibana | ELK S...Edureka!

Centralized Logging System Using ELK StackRohit Sharma

Elastic - ELK, Logstash & KibanaSpringPeople

ElasticsearchDivij Sehgal

Log analysis using elkRushika Shah

What's hot (20)

Log management with ELK

ELK Stack

Elasticsearch

Elk - An introduction

Deep Dive Into Elasticsearch

ElasticSearch Basic Introduction

Elastic stack Presentation

Elasticsearch

ELK introduction

Centralized log-management-with-elastic-stack

Cloud Monitoring tool Grafana

Elk

ElasticSearch

Elasticsearch Introduction

ELK Elasticsearch Logstash and Kibana Stack for Log Management

What Is ELK Stack | ELK Tutorial For Beginners | Elasticsearch Kibana | ELK S...

Centralized Logging System Using ELK Stack

Elastic - ELK, Logstash & Kibana

Elasticsearch

Log analysis using elk

Similar to Kibana + timelion: time series with the elastic stack

Elk ruminating on logsMathew Beane

Sumo Logic Cert Jam - Advanced Metrics with KubernetesSumo Logic

What's new in Elasticsearch v5Idan Tohami

Flink in Zalando's world of Microservices ZalandoHayley

Flink in Zalando's World of Microservices Zalando Technology

Apache Kylin @ Big Data Europe 2015Seshu Adunuthula

Deep Dive Into Elasticsearch: Establish A Powerful Log Analysis System With E...Tyler Nguyen

Elisa curve fitting-analysis with ReaderFit.comMiraiBio Group of Hitachi Solutions America, Ltd.

Apache Kylin: OLAP Engine on Hadoop - Tech Deep DiveXu Jiang

AWS Chicago 2016 Lessons Learned Deploying the ELK StackAWS Chicago

Lessons Learned in Deploying the ELK Stack (Elasticsearch, Logstash, and Kibana)Cohesive Networks

AD1545 - Extending the XPages Extension Librarypaidi_ed

ELK Ruminating on Logs (Zendcon 2016)Mathew Beane

Building a Complex, Real-Time Data Management ApplicationJonathan Katz

What You Missed: OpenStack Summit AustinNetApp

Enterprise Data World 2018 - Building Cloud Self-Service Analytical SolutionDmitry Anoshin

Kubernetes 101 WorkshopVishal Biyani

Elasticsearch on AzureElasticsearch

Améliorer OpenStack avec les technologies IntelOdinot Stanislas

CCI2019 - Monitorare SQL Server Senza Andare in Bancarottawalk2talk srl

Similar to Kibana + timelion: time series with the elastic stack (20)

Elk ruminating on logs

Sumo Logic Cert Jam - Advanced Metrics with Kubernetes

What's new in Elasticsearch v5

Flink in Zalando's world of Microservices

Flink in Zalando's World of Microservices

Apache Kylin @ Big Data Europe 2015

Deep Dive Into Elasticsearch: Establish A Powerful Log Analysis System With E...

Elisa curve fitting-analysis with ReaderFit.com

Apache Kylin: OLAP Engine on Hadoop - Tech Deep Dive

AWS Chicago 2016 Lessons Learned Deploying the ELK Stack

Lessons Learned in Deploying the ELK Stack (Elasticsearch, Logstash, and Kibana)

AD1545 - Extending the XPages Extension Library

ELK Ruminating on Logs (Zendcon 2016)

Building a Complex, Real-Time Data Management Application

What You Missed: OpenStack Summit Austin

Enterprise Data World 2018 - Building Cloud Self-Service Analytical Solution

Kubernetes 101 Workshop

Elasticsearch on Azure

Améliorer OpenStack avec les technologies Intel

CCI2019 - Monitorare SQL Server Senza Andare in Bancarotta

Recently uploaded

%in Benoni+277-882-255-28 abortion pills for sale in Benonimasabamasaba

WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2

%in Midrand+277-882-255-28 abortion pills for sale in midrandmasabamasaba

%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...masabamasaba

AI & Machine Learning Presentation TemplatePresentation.STUDIO

%in Soweto+277-882-255-28 abortion pills for sale in sowetomasabamasaba

WSO2CON 2024 - Does Open Source Still Matter?WSO2

%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...masabamasaba

Direct Style Effect Systems -The Print[A] Example- A Comprehension AidPhilip Schwarz

%in kempton park+277-882-255-28 abortion pills for sale in kempton park masabamasaba

Architecture decision records - How not to get lost in the pastPapp Krisztián

WSO2CON 2024 Slides - Open Source to SaaSWSO2

%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...masabamasaba

%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...masabamasaba

MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...Jittipong Loespradit

%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...masabamasaba

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2

WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2

Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...chiefasafspells

Artyushina_Guest lecture_YorkU CS May 2024.pptxAnnaArtyushina1

Recently uploaded (20)

%in Benoni+277-882-255-28 abortion pills for sale in Benoni

WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...

%in Midrand+277-882-255-28 abortion pills for sale in midrand

%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...

AI & Machine Learning Presentation Template

%in Soweto+277-882-255-28 abortion pills for sale in soweto

WSO2CON 2024 - Does Open Source Still Matter?

%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...

Direct Style Effect Systems -The Print[A] Example- A Comprehension Aid

%in kempton park+277-882-255-28 abortion pills for sale in kempton park

Architecture decision records - How not to get lost in the past

WSO2CON 2024 Slides - Open Source to SaaS

%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...

%+27788225528 love spells in new york Psychic Readings, Attraction spells,Bri...

MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...

%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...

WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation

WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...

Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...

Artyushina_Guest lecture_YorkU CS May 2024.pptx

Kibana + timelion: time series with the elastic stack

1. 1 Sylvain Wallez @bluxte Kibana + Timelion: Time series with the Elastic Stack

2. 2 Agenda From ELK to Elastic Stack 5.0 Kibana Timelion Conclusion 1 2 3 4

3. 3

4. 4 The Elastic Stack Elastic Cloud Security Monitoring Aler0ng Graph X-Pack KibanaUser Interface ElasticsearchStore, Index, & Analyze Ingest Logstash Beats +

5. 5 What’s new in Elastic Stack 5.0 ? ‒ Dimensional fields – speed up and better compression of numerical data ‒ Ingest node – avoids using Logstash for simple setups ‒ Rollover & Shrink API – better handling of non-hot data ‒ Painless – new fast & secure scripting langage ‒ Complete UI redesign ‒ Control center: config, monitoring, dev tools… and dashboards ‒ Timelion: for time series Unified release, same version number for all products

6. 6 What’s new in Elastic Stack 5.0 ? •  ‒ Up to 50% faster ‒ Integration with Kafka ‒ New filters •  ‒ Libbeat – framework pour construire des agents ‒ MetricBeat, PacketBeat, FileBeat ‒ {Community}Beats, lots of them ‒ Immediate availability of new versions ‒ Automated upgrades Unified release, same version number for all products

7. 7 Agenda From ELK to Elastic Stack 5.0 Kibana Timelion Conclusion 1 2 3 4

8. 8 Kibana evolution Data VisualizationManagement

9. 9 Kibana evolution: 4.x Data VisualizationManagement Discover Dashboard Visualize

10. 10 Kibana evolution: 4.x Data VisualizationManagement Discover Dashboard Visualize Monitoring

11. 11 Graph Kibana evolution: 4.x Data VisualizationManagement Discover Dashboard Visualize Monitoring

12. 12 Graph TimelionSense Kibana evolution: 4.x Data VisualizationManagement Discover Dashboard Visualize Monitoring

13. 13 Discover Dashboard GraphDevTools TimelionConsole Monitoring Visualize Kibana evolution: 5.0 Data VisualizationManagement

14. 14 Discover Dashboard Graph Settings Users DevTools Timelion Monitoring Visualize Console Kibana evolution: 5.0 Data VisualizationManagement

15. 15 Creating a Kibana dashboard 1 2 3 4 Configure Select indices Discover Explore & filter Visualize Create charts Dashboard Layout charts 5 It’s alive! Live update & filtering

16. 16

17. 17 Creating a Kibana dashboard 1 2 3 4 Configure Select indices Discover Explore & filter Visualize Create charts Dashboard Layout charts 5 It’s alive! Live update & filtering

18. 18

19. 19 Creating a Kibana dashboard 1 2 3 4 Configure Select indices Discover Explore & filter Visualize Create charts Dashboard Layout charts 5 It’s alive! Live update & filtering

20. 20

21. 21 Creating a Kibana dashboard 1 2 3 4 Configure Select indices Discover Explore & filter Visualize Create charts Dashboard Layout charts 5 It’s alive! Live update & filtering

22. 22

23. 23 Creating a Kibana dashboard 1 2 3 4 Configure Select indices Discover Explore & filter Visualize Create charts Dashboard Layout charts 5 It’s alive! Live update & filtering

24. 24

25. 2525 Demo!

26. 26 Agenda From ELK to Elastic Stack 5.0 Kibana Timelion Conclusion 1 2 3 4

27. 27 Why Timelion? • Elasticsearch queries ‒ Select lots of items (lightning fast) ‒ Aggregations make them understandable • Need more than that ‒ Correlation, calculation, filtering ‒ Assemble multiple data sources • Timelion started as an experiment ‒ Escape the UI and use the flexibility of a language Because there’s more than search

28. 28 Time series resampling A common time reference to allow calculations Value Value Time Time Bucket

29. 29 Timelion expression language A transformation & aggregation pipeline ES World Bank Graphite - Sampling - Aggregation - Calculation - Graphic attributes Data sources Transformations Time series - Data - Metadata - Graphic attributes

30. 30 The Timelion expression language • Functions ‒ abs, cusum, derivative, fit, holt, log, min, max, movingaverage, movingstd, sum, trend • Combinations ‒ add, divide, multiply, plus, substract • Filtering ‒ condition, if • Graphic attributes ‒ bars, color, hide, label, legend, lines, points, range, title, yaxis • Data sources ‒ elastic, graphite, wbi, quantl A rich function library

31. 31 The Timelion expression language

32. 3232 Demo!

33. 33 Agenda From ELK to Elastic Stack 5.0 Kibana Timelion Conclusion 1 2 3 4

34. 34 Questions? Answers!