Color code cells or rows based on field values #617
Labels
Comments
|
I think the right way to accomplish this would be with named queries. Then you could color code the results based on the color of the query they match. Alternatively, this could perhaps fit into the field transformation ticket, though figuring out a UI for it would be challenging |
|
I would love to see this feature implemented, having the results have some display of the query that they were found in. Maybe it could be a separate column for "query" with dots of each color that matched. |
|
this seems potentially similar to: |
|
Closing, duplicate of #335 |
w33ble
pushed a commit
to w33ble/kibana
that referenced
this issue
Sep 13, 2018
* Created popover HOC for EuiPopover. Refactored existing popovers. Added popover HOC. Refactored refresh_control Added paddingSize prop to popover Added EuiButtonIcon and EuiPopover to arg_add_popover Added aria-label to euibuttonicon in arg_add_popover Added ids to all popovers Fixed position of popovers * Replaced EUI Popover with bootstrap popover * Removed comments and unused props * Fix: popover closes when clicking outside of the popover * Fixed CSS for arg_form * Changed div to span in popover * Fixed button prop type in popover * Refactored popover to use bootstrap overlay. * Fixed popover props to match EuiPopover props * Fixed popover title in refresh_control * Removed window resize and wheel event listeners * Added comment to popover * Fixed prop name in popover
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
and others
I use kibana for many things, including slicing and dicing through my OSSEC (Host-Based Intrusion Detection System [HIDS]) alerts.
OSSEC has an alert leveling system to aid in reviewing logs, ranging from 0 to 16 - the higher the level, the more security-relevant the event. In Kibana 2 I hacked together a change so that a field named 'alert' would apply a different background color to that cell based on the value.
For example:
level 1 = dark green
...
level 5 = blend of green and yellow
...
level 8 = yellow
...
level 16 = dark red
I got this idea from another individual involved with OSSEC. You can see a crude snapshot of his idea here:
http://i1.ytimg.com/vi/SNYoXw24tfw/hqdefault.jpg
Kibana 3's code base is much more sophisticated now and I'm not confident in my ability to modify it to provide the same behavior.
It would be awesome if Kibana 3 could implement a similar system. The way I picture it working is that I specify a field and it's max value, then choose a color scheme for how either that cell OR the entire row would be colored (without making the table hard to read or perturbing the overall slick look of Kibana).
In addition to OSSEC users, I could see this being helpful for folks that want a way to distinguish between syslog facility levels.
If you read this far, thanks for at least considering my idea.
The text was updated successfully, but these errors were encountered: