Double-click node or edge to add filter condition to all visualizations on the dashboard

[yhgcn]

Double-click on a node, this node is added to the filter conditions, show only the nodes and the nodes connected to the edges and nodes; Double-click on one side, the side added to the filter conditions, only show the edge and the two nodes connected to this side.

So that we achieved by double-clicking the node or edge in the network visualisation to add filter conditions to all visualization on the dashboard.

[AdrianP-]

This will be a awesome feature. Congratulations for your amazing work @dlumbrer From Spain too ;)

[dlumbrer]

Thanks for the clarification @yhgcn.

You are rigth @AdrianP- , the implementation of this is very interesant, i think that is not very difficult but now i dont have too much time to do it.

You will be notificated when it have been done it.

Thanks a lot for write and for the feedback. This encourages me to continue developing improvements to the plugin.

Regards,

David

[yhgcn]

The kbn_network plugin is the most visualized, practical and magical kibana plugin. But it does not support to show the diagram that is composed of three types of node. With the help of other visualization in the dashboard can show a third type of node information.

For example: in the diagram of source IP to access the destination IP can't show the destination port. In the dashboard is made up of the kbn_network visualization and destination port visualization, to double-click the source IP nodes in kbn_network visualization, all destination ports of all destination IP is displayed in the destination port visualization, to double-click the edge in kbn_network visualization, all destination ports of the destination IP is displayed. Not only the destination port, also can add other attribute information, such as destination IP belong to national, source IP belongs to countries and so on. Delete filter conditions, switch back to the original diagram, changes to other nodes or edges continue to analyze, that can improve the work efficiency of 4-5 times.

[ghost]

Current things I would be willing to donate some funds for to like a paypal or something:

Add additional node capabilities (more than 2, personally, id like to see at a minimum 3) Add capabilities to double click the items or right click and filter based on the clicks Add a hover over that allows you to show a field or two as a property or a popup for properties. Add the ability to graph hierarchical data some how. Grandparents, parents, children mappings some how.

This is one of my most useful tools. Would love to see it grow and would like to donate for additional features.

[dlumbrer]

Hi,

It's very difficult to add more levels because Kibana use agreggations searches of ElasticSearch. I mean, if I add more levels, there will be buckets with sub-buckets, and these sub-buckets with more sub-buckets, etc.

The response retrieved of ElasticSearch will not make much sense and the time of "build" the data will be increased.

As I've said before, I'm thinking about it. Thank you very much for write and for propose improvements.

[grinbin]

Is there any update on this request?