Product Documentation

About Charts

Last updated on 02 June, 2023

Dashboards are central in LM Dexda as a starting point from where you can quickly get a situation overview. Dashboards visualize data using charts of different types. Charts get information from the different data records stored in Dexda – insights, alerts, and events. You can add filtering to charts to customize the visualization output for specific purposes and user groups.

The following describes the concepts of charts and data filtering. For information on how to create dashboards, see Creating Dashboards. For information on how to view and act on dashboard information, see Using Dashboards.

Requirements

You need administration permission in LM Dexda to manage charts on dashboards.

Chart Types

Using charts you can query data with an optional filter, and display it for consumption in a supported chart type, either as raw data or as an aggregation. Charts provide numerous options to create summaries of aggregated statistics, as well as detailed data views. For example, you can create a Ticker chart showing the number of priority-one alerts for customer-facing applications. Or, you can create a Grid (table) chart displaying event details.

The following main data sources are available for querying when configuring customized charts:

  • Insights: Alerts created from automated machine learning.
  • Alerts: Alert records created from matched rules.
  • Events: Processed event records.

You can create the following types of charts for the different data source types:

  • Grid Chart
  • Ticket Chart
  • Aggregation Chart
  • Time Series Chart

Grid Chart

The grid chart displays source data in table format, for example a list of singleton (uncorrelated) alerts.

Configuration options for a grid chart include:

  • Title: The name of the chart as displayed on the dashboard.
  • Filter: Option to add filter expressions to limit the query. If no filter is added, all events, alerts, or insights are displayed. For more information, see Creating Filters.

Ticker Chart

The ticker chart shows aggregations as count values, for example the total number of open insights or singleton alerts.

Configuration options for a ticker chart include:

  • Title: The name of the chart as displayed on the dashboard.
  • Field: The field on which to calculate the aggregation. Select id to count unique records. Fields available for selection vary depending on the record type selected. For more information, see Creating Filters.
  • Aggregation: Operators include MIN, MAX, SUM, MEAN, and COUNT.
  • Filter: Option to add filter expressions. For more information, see Creating Filters.

Aggregation Chart

The aggregation chart shows a group based aggregation, for example a count of insights grouped by their severities

Configuration options for an aggregation chart include:

  • Title: The name of the chart as displayed on the dashboard.
  • Group: The group with which to calculate the aggregation, for example by resource or tenant ID. Fields available for selection vary depending on the record type selected. For more information, see Creating Filters.
  • Field: The field on which to calculate the aggregation. Select id to count unique records. Fields available for selection vary depending on the record type selected. For more information, see Creating Filters.
  • Aggregation: Operators include MIN, MAX, SUM, MEAN, and COUNT.
  • Filter: Option to add filter expressions. For more information, see Creating Filters.

Time Series Chart

The time series chart shows an aggregation computed by time bucket. For example, number of events received during a specific time range, in five minute buckets. When displaying a time series chart on a dashboard, the time range is determined by the dashboard timespan. The time bucket granularity is automatically optimized and set based on the length of the dashboard timespan.

Configuration options for a time series chart include:

  • Title: The name of the chart as displayed on the dashboard.
  • Group: The group with which to calculate the aggregation. Fields available for selection vary depending on the record type selected. For more information, see Creating Filters. Note that Time Series charts only permits grouping (bucketing) by a time-based field.
  • Field: The field on which to calculate the aggregation. Select id to count unique records. Fields available for selection vary depending on the record type selected. For more information, see Creating Filters.
  • Aggregation: Operators include MIN, MAX, SUM, MEAN, and COUNT.
  • Filter: Option to add filter expressions. For more information, see Creating Filters.

Note: Time Series charts only permits grouping (bucketing) by a time-based field.

Filters

LM Dexda has a shared filter component that lets you define a query filter in a consistent way across applications like dashboards, rules, and actions. When adding charts and building queries and aggregations to limit results, you have a number of fields to chose from. Available fields vary depending on the selected data source – events, alerts, or insights, for the chart. For more information, see Creating Filters.

In This Article