Now we will create a visualization using the Packetbeat data. Before starting the graph creation, ensure that the Packetbeat data is available under the index pattern of Kibana, and this can be easily done by clicking on the Discover link of Kibana. After verification, click on the Visualize link in the left menu on Kibana. Now, click on the plus button to open the create visualization page; after that, we need to select the index name, and this time, we need to choose Packetbeat index from the index listing page. This time, I want to create a data table to show the slow queries of MySQL. To create the data table, we need to do the following:
- Click on the data table option under Data.
- Under metrics, select average for aggregation and response time for field dropdown.
- Change the custom label to Response time.
- Under buckets, select terms for aggregation and query for the field dropdown.
- Select metric:Response time for the Order By field.
- Change the custom label to MySQL query.
- Click on the Apply Changes button. This will create the pie chart for Apache error level.
- Click on the Save button on the top menu, give a name, such as packetbeat_mysql_responsetime, and click on the Save button to save the visualization.
The following screenshot shows us the data table for MySQL slow queries based on the response time for MySQL queries:
Here, we have a table with MySQL queries with their respective response times in descending order. This information is quite helpful, as we can take these queries and optimize them individually to increase the MySQL performance.
In this way, we have created one visualization for each beat type; Filebeat, Metricbeat, and Packetbeat. Now we will create a dashboard by integrating these visualizations.