New dashboard

When you first log in to the UTMVault, go to the Dashboard tab to display the option: New dashboard

new-dashboard.png

1 .Clicking on New dashboard opens a pop-up window on the right side of the screen.

visualizations-1.png

It displays a list of all the logs, events, and alarms collected and generated by UTMSTack. The list can be sorted in ascending or descending order by name or last modification.

2. Two search bars allow selecting the type of visualization: pie, chart, bar, gauge, line, and the source: timestamp, alerts, events, etc.

Mouse over any element on the list to get a preview of the visualization. You can download the preview as an image, or restore it.

3. You can select any of them to create a visualization, then you add the visualizations to the dashboard. You can save the dashboard with a name and description. 

4. When you load the dashboard, every visualization can be filtered by time or deleted. Click on the visualization options icon displays a list with the following options:

  • Edit panel: you can change the name
  • Disable time filter
  • Edit visualization

4.1. Edit visualization

The visualization builder lets you manipulate the data to edit or customize the visualizations. You can see the multifaceted collected data in a simple and intuitive way.

You can filter by field, operator, and time:

  • Field: Limit the search to a particular data type.
  • Operator: Filter by condition using advanced criteria, such as if a value is equal to or in between certain values.
  • Time: Use customized time ranges, or apply the predefined filters.

Agregation

Aggregation refers to the collection of documents or a set of documents obtained from a particular search query or filter.

You can use the supported aggregations to build your visualizations. Metric aggregations extract field from documents to generate data values. You can add different metrics and apply a custom label.

UTMSTack supports the following aggregations:

Average

The mean value.

Count

The total number of documents that match the query, which allows you to visualize the number of documents in a bucket. Count is the default value.

Max

The highest value.

Median

The value that is in the 50% percentile.

Min

The lowest value.

Sum

The total value.

Unique Count

The Cardinality of the field within the bucket.

Buckets aggregations

Bucket aggregations creates buckets or sets of documents based on certain criteria. Depending on the aggregation type, you can create filtering buckets, that is, buckets representing different value ranges and intervals for numeric values, dates, IP ranges, and moreBucket aggregations sort documents into buckets, depending on the contents of the document.

UTMSTack supports the following aggregation buckets:

Date histogram

Terms

Splits a date field into buckets by interval. If the date field is the primary time field for the index pattern, it chooses an automatic interval for you. Intervals are labeled at the start of the interval. For example, the tooltip for a monthly interval displays the first day of the month.

Specify the top or bottom n elements of a given field to display, ordered by count or a custom metric. Supports exclude and include patterns.

In order to use it you will need to enable fielddata and custom label.

The visualization can be downloaded as an image, restored, or displayed as data.

Saving

After finishing building the visualization, you can enter a title and optionally a description. You can enable the option: Save as new visualization.