Querying, Filtering, and Visualizing Data
You can interactively explore your data source data using the Metron dashboard.
In HCP, if telemetry indexing is enabled, a rotating index for every telemetry is created. By convention this index will have a name [telemetry_name]_[timestamp]. Telemetry documents indexed into this index will by convention be called [telemetry_name]_doc. Queries reference the document type of the indexed telemetries.
For more information about exploring and analyzing your data, refer to the Kibana documentation:
Task | Description | Where to Look |
---|---|---|
Querying your data |
You can search and refine the data you receive from your data source by creating a query from the Discover page. You should create and save a query for each data source not provided by HCP. HCP includes queries for the following telemetries:
You can also add custom queries for new telemetry types. |
|
Filter your query results |
You can use the Metron dashboard to filter your query results to further refine the information. The Metron dashboard provides two types of filters:
|
|
Visualizing your data |
You can filter search results to display only those documents that contain a particular value in a field. You can also create negative filters than exclude documents that contain the specified field value. |
Visualize |