Querying, Filtering, and Visualizing Data
You can interactively explore your data source data using the Metron dashboard.
In CCP, if telemetry indexing is enabled, a rotating index for every telemetry is created. By convention this index will have a name [telemetry_name]_[timestamp]. Telemetry documents indexed into this index will by convention be called [telemetry_name]_doc. Queries reference the document type of the indexed telemetries.
For more information about exploring and analyzing your data, refer to the Kibana documentation:
|Task||Description||Where to Look|
|Querying your data||
You can search and refine the data you receive from your data source by creating a query from the Discover page. You should create and save a query for each data source not provided by CCP.
CCP includes queries for the following telemetries:
You can also add custom queries for new telemetry types.
|Filter your query results||
You can use the Metron dashboard to filter your query results to further refine the information. The Metron dashboard provides two types of filters:
|Visualizing your data||
You can filter search results to display only those documents that contain a particular value in a field. You can also create negative filters than exclude documents that contain the specified field value.