Skip to content

Add Visualizations API examples to Lens chart pages #5645

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
florent-leborgne wants to merge 11 commits into
base: main
Choose a base branch
from
Draft

Add Visualizations API examples to Lens chart pages #5645

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
b0225f6
Add inline API dropdowns to Lens chart examples and advanced scenarios
florent-leborgne Mar 26, 2026
714cced
Use :applies_to: directive option syntax in dropdowns
florent-leborgne Mar 26, 2026
f4f09e6
Fix JSON quoting in formula examples
florent-leborgne Mar 26, 2026
12732af
Fix API payloads to pass integration tests
florent-leborgne Mar 26, 2026
0fd2bd7
Fix all API payloads: 50/50 pass integration tests
florent-leborgne Mar 26, 2026
e56ce4d
Fix broken API dropdowns in metric chart examples
florent-leborgne Mar 30, 2026
50b39c5
Fix broken dropdowns and add intro text with code callouts
florent-leborgne Mar 30, 2026
fd0f0c3
Fix callout annotations (size→limit), add missing frontmatter fields
florent-leborgne Apr 2, 2026
e4dbf8f
Fix callout annotations (size→limit) in heat-map, treemap, region-map…
florent-leborgne Apr 2, 2026
1c83e41
Fix callout annotations (size→limit) and add products to pie-charts.md
florent-leborgne Apr 2, 2026
7abc621
Add description to lens.md frontmatter
florent-leborgne Apr 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
229 changes: 225 additions & 4 deletions explore-analyze/visualize/charts/area-charts.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,56 @@ Use stacking to show how categories contribute to a total over time.

4. Optionally, in the **Breakdown** settings, you can set **Rank by** to specify the dimension the top values are ranked by.

:::{dropdown} Create this chart using the API
:applies_to: { stack: preview 9.4, serverless: preview }

Send the following request to create a stacked area chart that shows record counts broken down by agent.

```bash
curl -X POST "${KIBANA_URL}/api/visualizations" \
-H "Authorization: ApiKey ${API_KEY}" \
-H "kbn-xsrf: true" \
-H "Content-Type: application/json" \
-d '{
"type": "xy",
"title": "Stacked area by agent",
"filters": [],
"query": { "query": "" },
"legend": { "visibility": "auto" },
"fitting": { "type": "none" },
"axis": {},
"decorations": {},
"layers": [
{
"type": "area_stacked", <1>
"dataset": { "type": "index", "index": "kibana_sample_data_logs", "time_field": "timestamp" },
"x": {
"operation": "date_histogram",
"field": "timestamp"
},
"y": [
{
"operation": "count",
"format": { "type": "number" },
"filter": { "query": "" }
}
],
"breakdown_by": { <2>
"operation": "terms",
"fields": ["agent.keyword"],
"size": 5
}
}
]
}'
```

1. The `area_stacked` layer type renders stacked areas so each category's contribution is visible.
2. Breaks down the count by the top 5 values of `agent.keyword`.

For more information, refer to the [Visualizations API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-visualizations).
:::

### Compare current versus previous period with time shift [area-timeshift]

In Area charts, you can enable time shift to compare different periods and identify deltas.
Expand All @@ -112,9 +162,75 @@ In Area charts, you can enable time shift to compare different periods and ident
4. Optionally, customize the appearance of the layer to adjust how it looks on the chart. When you duplicate a layer, {{kib}} automatically assigns a different **Series color** to the new layer. You can for example change this color, or adjust the layer's name and axis position. This name is used for the chart's legend.

::::{tip}
You can also compute the relative change using a formula, for example:
You can also compute the relative change using a formula, for example:
`(average(bytes) - average(bytes, shift='1w')) / average(bytes, shift='1w')`
::::
::::

:::{dropdown} Create this chart using the API
:applies_to: { stack: preview 9.4, serverless: preview }

Send the following request to create two area layers that compare the current average bytes against the previous week.

```bash
curl -X POST "${KIBANA_URL}/api/visualizations" \
-H "Authorization: ApiKey ${API_KEY}" \
-H "kbn-xsrf: true" \
-H "Content-Type: application/json" \
-d '{
"type": "xy",
"title": "Current vs previous period - bytes",
"filters": [],
"query": { "query": "" },
"legend": { "visibility": "auto" },
"fitting": { "type": "none" },
"axis": {},
"decorations": {},
"layers": [
{
"type": "area", <1>
"dataset": { "type": "index", "index": "kibana_sample_data_logs", "time_field": "timestamp" },
"x": {
"operation": "date_histogram",
"field": "timestamp"
},
"y": [
{
"operation": "average",
"field": "bytes",
"label": "Current period",
"format": { "type": "number" },
"filter": { "query": "" }
}
]
},
{
"type": "area", <2>
"dataset": { "type": "index", "index": "kibana_sample_data_logs", "time_field": "timestamp" },
"x": {
"operation": "date_histogram",
"field": "timestamp"
},
"y": [
{
"operation": "average",
"field": "bytes",
"label": "Previous week",
"time_shift": "1w", <3>
"format": { "type": "number" },
"filter": { "query": "" }
}
]
}
]
}'
```

1. First `area` layer shows the current period average bytes.
2. Second `area` layer provides the comparison baseline.
3. The `time_shift` of `1w` offsets this layer by one week.

For more information, refer to the [Visualizations API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-visualizations).
:::

## Area chart settings [area-chart-settings]

Expand Down Expand Up @@ -205,7 +321,58 @@ When creating or editing a visualization, you can adjust the following settings.
- **Vertical axis**: `records`
- **Breakdown**: `geo.dest`

![Example Lens area chart geographical regions](../../images/kibana-area-geo-regions.png " =70%")
![Example Lens area chart geographical regions](../../images/kibana-area-geo-regions.png " =70%")

::::{dropdown} Create this chart using the API
:applies_to: { stack: preview 9.4, serverless: preview }

Send the following request to create a stacked area chart that shows record counts broken down by geographic destination.

```bash
curl -X POST "${KIBANA_URL}/api/visualizations" \
-H "Authorization: ApiKey ${API_KEY}" \
-H "kbn-xsrf: true" \
-H "Content-Type: application/json" \
-d '{
"type": "xy",
"title": "Traffic by geographic region",
"filters": [],
"query": { "query": "" },
"legend": { "visibility": "auto" },
"fitting": { "type": "none" },
"axis": {},
"decorations": {},
"layers": [
{
"type": "area_stacked", <1>
"dataset": { "type": "index", "index": "kibana_sample_data_logs", "time_field": "timestamp" },
"x": {
"operation": "date_histogram",
"field": "timestamp"
},
"y": [
{
"operation": "count",
"label": "Records",
"format": { "type": "number" },
"filter": { "query": "" }
}
],
"breakdown_by": { <2>
"operation": "terms",
"fields": ["geo.dest"],
"size": 5
}
}
]
}'
```

1. Uses `area_stacked` to show each region's contribution to the total traffic.
2. Breaks down the count by the top 5 geographic destinations.

For more information, refer to the [Visualizations API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-visualizations).
::::

**Response code over time with annotations**

Expand All @@ -220,7 +387,61 @@ When creating or editing a visualization, you can adjust the following settings.
* **Stacking**: `Percentage` to show the distribution relative to the total count at each point in time.
* **Annotation Query**: `tags:error AND tags:security`

![Example Lens area chart response code annotations](../../images/kibana-response-code-annotations.png " =70%")
![Example Lens area chart response code annotations](../../images/kibana-response-code-annotations.png " =70%")

::::{dropdown} Create this chart using the API
:applies_to: { stack: preview 9.4, serverless: preview }

Send the following request to create a percentage area chart that shows the distribution of HTTP response codes over time.

```bash
curl -X POST "${KIBANA_URL}/api/visualizations" \
-H "Authorization: ApiKey ${API_KEY}" \
-H "kbn-xsrf: true" \
-H "Content-Type: application/json" \
-d '{
"type": "xy",
"title": "Response code over time",
"filters": [],
"query": { "query": "" },
"legend": { "visibility": "auto" },
"fitting": { "type": "none" },
"axis": {},
"decorations": {},
"layers": [
{
"type": "area_percentage", <1>
"dataset": { "type": "index", "index": "kibana_sample_data_logs", "time_field": "timestamp" },
"x": {
"operation": "date_histogram",
"field": "timestamp"
},
"y": [
{
"operation": "count",
"label": "Count of records",
"format": { "type": "number" },
"filter": { "query": "" }
}
],
"breakdown_by": {
"operation": "filters", <2>
"filters": [
{ "filter": { "query": "response.keyword >= 200 and response.keyword < 400" }, "label": "Success/Redirection" },
{ "filter": { "query": "response.keyword >= 400 and response.keyword < 500" }, "label": "Client Error" },
{ "filter": { "query": "response.keyword >= 500" }, "label": "Server Error" }
]
}
}
]
}'
```

1. The `area_percentage` layer type normalizes each timestamp to 100% to emphasize shares.
2. Uses `filters` to create named categories based on HTTP response code ranges.

For more information, refer to the [Visualizations API](https://www.elastic.co/docs/api/doc/kibana/group/endpoint-visualizations).
::::



Expand Down
Loading
Loading