Visualizations

The Visualize tab opens a page where you can select one or more existing visualizations of the data in your Elasticsearch indices; you can also create a new visualization from this page. You can then build dashboards that display related visualizations.

Visualizations can also be created directly on a dashboard by selecting Edit → Add.

Siren Investigate visualizations are based on Elasticsearch queries. By using a series of Elasticsearch aggregations to extract and process your data, you can create charts that show you the trends, spikes, and dips that you need to know about.

You can create visualizations from an entity table or search that is saved from the Discover app, or you can start with a new search query.

Types of visualization

Table 1. Charts

Area, bar, and line charts

Compare different series in X/Y charts.

Boxplot

Display data in an x/y chart using upper and lower percentiles.

Bubble Diagram

Show data and parent/child relationships as bubbles.

Goal and Gauge

Display a gauge.

Heatmap Chart

Shade cells within a matrix.

Multi Chart

A visualization in which you can switch between other visualizations at will.

Parallel Lines Chart

Arranges several metrics on parallel columns.

Pie Chart

Display each source’s contribution to a total.

Radar Chart

A graphical method of displaying multivariate data in the form of a two-dimensional chart of three or more quantitative variables represented on axes starting from the same point.

Table 2. Textual

Analytic Table

Display the raw data of a composed aggregation.

Markdown

Display free-form information or instructions.

Metric

Display a single number.

Tag Cloud

Display words as a cloud in which the size of the word correspond to its importance.

Topic Clustering

Perform significance and clustering analysis on full-text fields.

Table 3. Maps

Enhanced Coordinate Map

Associate the results of an aggregation with geographic locations.

Region Map

Thematic maps where a shape’s color intensity corresponds to a metric’s value.

Table 4. Showing individual records

Graph Browser

Display Elasticsearch documents as nodes and Siren Investigate relations as links of a graph. Note: The Graph Browser is a very powerful visualization and is described in a separate section of the documentation.

Record Table Visualization

Show the documents matched by a query on an Elasticsearch index with enhanced features.

Scatter Plot

Show data in an x/y graph as scattered points.

Table 5. Time series

Timelion

Compute and combine data from multiple time series data sets.

Visual Builder

Visualize time series data using pipeline aggregations.

Timeline

Visualize events in chronological order.

Table 6. Interactive filters and relational navigation

Controls

Create interactive controls for easy dashboard manipulation.

Relational Navigator

Provide navigation between relationally-connected dashboards.

Customizing visualizations

You can update your visualization’s label or change the display color. For more information, see Customizing visualizations.