github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-24 17:59:23 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/docs/graph/getting-started.asciidoc
Lisa Cawley fee60ecbd4
[DOCS] Moves graph folder to docs (#19530)
2018-05-29 22:21:01 -07:00

57 lines
2.5 KiB
Text
Raw Blame History

[role="xpack"]
[[graph-getting-started]]
== Getting Started
Graph is automatically enabled in {es} and {kib}.
[[exploring-connections]]
To start exploring connections in your data:
. Open Kibana in your web browser and log in. If you are running Kibana
locally, go to `http://localhost:5601/`.
. Click **Graph** in the side navigation to open the graph explorer.
+
image::graph/images/graph-open.jpg["Accessing Graph"]
. Select an index pattern to specify what indices you want to explore.
For example, if you are indexing log data with Logstash, you could select the
`logstash-*` index pattern to visualize connections within the log entries.
. Select one or more multi-value fields that contain the terms you want to
graph. The vertices in the graph are selected from these terms. If you're
visualizing connections between Apache log entries, you could select the
`url.raw` field and the `geo.src` field so you can look at which pages are
being accessed from different locations.
. Enter a search query to discover relationships between terms in the selected
fields. For example, to generate a graph of the successful requests to
particular pages from different locations, you could search for the 200
response code:
+
image::graph/images/graph-url-connections.jpg["URL connections"]
The weight of the connection between two vertices indicates how strongly they
are related. You can click any connection to view more information about
the relationship:
image::graph/images/graph-link-summary.jpg["Link summary"]
Once you have your initial graph, you can use the toolbar buttons to explore
additional connections. Click the Expand button
image:graph/images/graph-expand-button.jpg[Expand Selection] to display additional vertices
that connect to your graph. Click the Link button
image:graph/images/graph-link-button.jpg[Add links to existing terms] to display additional
connections between the displayed vertices. To explore a particular area of the
graph, select the vertices you are interested in and click the Expand or Link button.
To step back through your changes to the graph, click the Undo button
image:graph/images/graph-undo-button.jpg[Undo].
To see more relationships within your data, you can submit additional queries.
image::graph/images/graph-add-query.jpg["Adding networks"]
NOTE: By default, when you submit a search query Graph searches all available
fields. You can constrain your search to a particular field using the Lucene
query syntax. For example, `machine.os: osx`.
Reference in a new issue View git blame Copy permalink