Drilldowns (also known as custom operations) enable you to configure workflows for data analysis and troubleshooting. With DrillDowms, you can navigate from one dashboard to another and take the current time range, filters and other parameters with you so the context remains the same. You can continue the analysis from a new Angle.
For example, you might have a dashboard that shows the overall state of multiple data centers. You can create drilldown that navigates from this dashboard to a dashboard that shows a single data center or server.
How do Drilldowns work?
Drilldowns is a user-configurable Kibana operation stored along with dashboard metadata. Drilldown is specific to the dashboard panels you create for it – they are not shared between panels. A panel can have multiple drilldowns.
This example shows a dashboard panel that contains a pie chart. In general, clicking on the pie chart will apply the current filter. When the panel is drill-down, clicking on the pie chart opens a menu with default actions and your drill-down. In the following sections, I’ll show you how to get instructions on how to create this Drilldown.
Create a drilldown
To prepare data
In today’s tutorial, we’ll use the index that comes with Kibana. Open the Kibana interface:
Click on the Add data:
Now our sample data is imported into Elasticsearch. In Elasticsearch we will generate an index called KiBANA_sample_datA_logs.
Create a new dashboard
We create a called Host Overview and include these visualizations from the sample dataset:
[Logs] Heatmap
[Logs] Visitors by OS
[Logs] Host, Visits, and Bytes Table
[Logs] Total Requests and Bytes
Open Kibana:
Add the visualizations one by one as described above to form the following Dashboard:
Click the Save button above. We’ll save the Dashboard above and call it Host Overview:
Let’s create a geo. SRC: CN filter:
The purpose of creating this filter is to see if the filter is passed correctly when drilldown passes from one Dashboard to another.
Create the Drilldown
Next, we create a drilldown for the [Logs] Visitors by OS visualization in the upper right corner that helps us navigate from the current Dashboard to another Dashboard and add the current filter, The time range selection and other parameters are passed to another Dashboard and further demonstrated.
We click the Edit button in the Dashboard above to enter Edit mode.
Click on the Create Drilldown menu above:
Click the Create Drilldown button above:
Just like the information shown above, we must hold for the Drilldown we just created to be valid. We click the Save link to keep the current Hostview Dashboard.
When we click on the green pie at the top, we see an extra menu called My Drilldown. This is the drilldown we just created. We choose My drilldown:
At this point, we can see our interface switch to another Dashboard called [Logs] Web Traffic, and this Dashboard has the same time range and filter as the previous Host Overview. Using this [Logs] Web traffic we can see more detailed statistics about the current machine. Os.keyword: osx.
If you are still interested, you can enter more search criteria in the search box, such as:
extension.keyword:( "gz" or "css" or "deb")
Copy the code
When we click on My Drilldown:
The search criteria have also been passed on.
Reference:
【 1 】 www.elastic.co/webinars/ac…