I am trying get the following similar to following on dashboard.
Host A, Sum of (Byte Sent) , Sum of (Byte Received)
Host B, Sum of (Byte Sent) , Sum of (Byte Received)
Host C, Sum of (Byte Sent) , Sum of (Byte Received)
Host A is value of field 1
Byte Sent is value of field 2
Byte Received is value of field 3
Out of the box, using Quick Value widget, I can get the count of field 1. But not the sum of field 2 and field 3 based on field 1.
Is there anyway I can achieve the objective. I vaguely guess ES aggregation query and bit of plugin coding might be required.
I would like to know the direction and some guide to do so. I can do basic plugin coding for graylog and ES queries.
I will be happy to hear alternative approach to achieve the objective too.
you want to do data aggregation, which Graylog does not support yet.
See here:
for more details.
If you want to have the functionality, you will have to code a plugin for that yourself. I’m sorry, but I’m not that far into Graylog Plugins regarding search yet to give any qualified advise ^^
The other post crafted the question better. I will explore the option. Quick Value Widget might be the start I guess. I will share here when I found the viable solution.
