The Distribution visualization shows data aggregated across one or several tags, such as hosts. Unlike the heat map, a distribution graph’s x-axis is quantity rather than time.
This visualization displays only a single query; additional queries are disregarded.
Note: Outlier detection cannot be performed for this visualization.
Configure your query as usual. The Distribution visualization supports metrics, live processes, APM request latency, log events, and RUM events. Note: This visualization type is useful only when data is aggregated across tag keys, such as for each host.
Make a selection in the “avg/max/min/sum by/etc.” control to see your data across the associated tags.
On screenboards only, choose whether your widget has a custom timeframe or the screenboard’s global timeframe.
With APM request distributions, you can add percentiles markers on the x-axis.
Axis controls are available through the UI and the JSON editor.
They allow you to:
Display a custom title for your widget by activating the Show a Title check box:
Optionally define its size and alignment.
In addition to the standard full screen options, you can use x-axis controls to zoom in to a specific percentile.
This widget can be used with the Dashboards API. See the Dashboards API documentation for additional reference.
The dedicated widget JSON schema definition for the distribution widget is:
Field
Type
Description
legend_size
string
DEPRECATED: (Deprecated) The widget legend was replaced by a tooltip and sidebar.
markers
[object]
List of markers.
display_type
string
Combination of:
x_axis_percentile.label
string
Label to display over the marker.
time
string
Timestamp for the widget.
value [required]
string
Value to apply. Can be a single value y = 15 or a range of values 0 < y < 10.
requests [required]
[object]
Array of one request object to display in the widget.
See the dedicated Request JSON schema documentation
to learn how to build the REQUEST_SCHEMA.
apm_query
object
The log query.
compute
object
Define computation for a log query.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
group_by
[object]
List of tag prefixes to group by in the case of a cluster check.
facet [required]
string
Facet name.
limit
int64
Maximum number of items in the group.
sort
object
Define a sorting method.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
order [required]
enum
Widget sorting methods.
Allowed enum values: asc,desc
index
string
A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes
multi_compute
[object]
This field is mutually exclusive with compute.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
search
object
The query being made on the logs.
query [required]
string
Search value to apply.
apm_stats_query
object
The APM stats query for table and distributions widgets.
columns
[object]
Column properties used by the front end for display.
alias
string
A user-assigned alias for the column.
cell_display_mode
enum
Define a display mode for the table cell.
Allowed enum values: number,bar
name [required]
string
Column name.
order
enum
Widget sorting methods.
Allowed enum values: asc,desc
env [required]
string
Environment name.
name [required]
string
Operation name associated with service.
primary_tag [required]
string
The organization's host group name and value.
resource
string
Resource name.
row_type [required]
enum
The level of detail for the request.
Allowed enum values: service,resource,span
service [required]
string
Service name.
event_query
object
The log query.
compute
object
Define computation for a log query.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
group_by
[object]
List of tag prefixes to group by in the case of a cluster check.
facet [required]
string
Facet name.
limit
int64
Maximum number of items in the group.
sort
object
Define a sorting method.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
order [required]
enum
Widget sorting methods.
Allowed enum values: asc,desc
index
string
A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes
multi_compute
[object]
This field is mutually exclusive with compute.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
search
object
The query being made on the logs.
query [required]
string
Search value to apply.
log_query
object
The log query.
compute
object
Define computation for a log query.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
group_by
[object]
List of tag prefixes to group by in the case of a cluster check.
facet [required]
string
Facet name.
limit
int64
Maximum number of items in the group.
sort
object
Define a sorting method.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
order [required]
enum
Widget sorting methods.
Allowed enum values: asc,desc
index
string
A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes
multi_compute
[object]
This field is mutually exclusive with compute.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
search
object
The query being made on the logs.
query [required]
string
Search value to apply.
network_query
object
The log query.
compute
object
Define computation for a log query.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
group_by
[object]
List of tag prefixes to group by in the case of a cluster check.
facet [required]
string
Facet name.
limit
int64
Maximum number of items in the group.
sort
object
Define a sorting method.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
order [required]
enum
Widget sorting methods.
Allowed enum values: asc,desc
index
string
A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes
multi_compute
[object]
This field is mutually exclusive with compute.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
search
object
The query being made on the logs.
query [required]
string
Search value to apply.
process_query
object
The process query to use in the widget.
filter_by
[string]
List of processes.
limit
int64
Max number of items in the filter list.
metric [required]
string
Your chosen metric.
search_by
string
Your chosen search term.
profile_metrics_query
object
The log query.
compute
object
Define computation for a log query.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
group_by
[object]
List of tag prefixes to group by in the case of a cluster check.
facet [required]
string
Facet name.
limit
int64
Maximum number of items in the group.
sort
object
Define a sorting method.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
order [required]
enum
Widget sorting methods.
Allowed enum values: asc,desc
index
string
A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes
multi_compute
[object]
This field is mutually exclusive with compute.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
search
object
The query being made on the logs.
query [required]
string
Search value to apply.
q
string
Widget query.
rum_query
object
The log query.
compute
object
Define computation for a log query.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
group_by
[object]
List of tag prefixes to group by in the case of a cluster check.
facet [required]
string
Facet name.
limit
int64
Maximum number of items in the group.
sort
object
Define a sorting method.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
order [required]
enum
Widget sorting methods.
Allowed enum values: asc,desc
index
string
A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes
multi_compute
[object]
This field is mutually exclusive with compute.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
search
object
The query being made on the logs.
query [required]
string
Search value to apply.
security_query
object
The log query.
compute
object
Define computation for a log query.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
group_by
[object]
List of tag prefixes to group by in the case of a cluster check.
facet [required]
string
Facet name.
limit
int64
Maximum number of items in the group.
sort
object
Define a sorting method.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
order [required]
enum
Widget sorting methods.
Allowed enum values: asc,desc
index
string
A coma separated-list of index names. Use "*" query all indexes at once. Multiple Indexes
multi_compute
[object]
This field is mutually exclusive with compute.
aggregation [required]
string
The aggregation method.
facet
string
Facet name.
interval
int64
Define a time interval in seconds.
search
object
The query being made on the logs.
query [required]
string
Search value to apply.
style
object
Widget style definition.
palette
string
Color palette to apply to the widget.
show_legend
boolean
DEPRECATED: (Deprecated) The widget legend was replaced by a tooltip and sidebar.
time
object
Time setting for the widget.
live_span
enum
The available timeframes depend on the widget you are using.
Allowed enum values: 1m,5m,10m,15m,30m,1h,4h,1d,2d,1w,1mo,3mo,6mo,1y,alert
title
string
Title of the widget.
title_align
enum
How to align the text on the widget.
Allowed enum values: center,left,right
title_size
string
Size of the title.
type [required]
enum
Type of the distribution widget.
Allowed enum values: distribution
xaxis
object
X Axis controls for the distribution widget.
include_zero
boolean
True includes zero.
max
string
Specifies maximum value to show on the x-axis. It takes a number, percentile (p90 === 90th percentile), or auto for default behavior.
min
string
Specifies minimum value to show on the x-axis. It takes a number, percentile (p90 === 90th percentile), or auto for default behavior.
scale
string
Specifies the scale type. Possible values are linear.
yaxis
object
Y Axis controls for the distribution widget.
include_zero
boolean
True includes zero.
label
string
The label of the axis to display on the graph.
max
string
Specifies the maximum value to show on the y-axis. It takes a number, or auto for default behavior.
min
string
Specifies minimum value to show on the y-axis. It takes a number, or auto for default behavior.
scale
string
Specifies the scale type. Possible values are linear or log.
{
"legend_size": "string",
"markers": [
{
"display_type": "error dashed",
"label": "Error threshold",
"time": "string",
"value": "y = 15"
}
],
"requests": [
{
"apm_query": {
"compute": {
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
},
"group_by": [
{
"facet": "resource_name",
"limit": 50,
"sort": {
"aggregation": "avg",
"facet": "@string_query.interval",
"order": "desc"
}
}
],
"index": "days-3,days-7",
"multi_compute": [
{
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
}
],
"search": {
"query": ""
}
},
"apm_stats_query": {
"columns": [
{
"alias": "Requests",
"cell_display_mode": "number",
"name": "Reqs",
"order": "desc"
}
],
"env": "prod",
"name": "rack.request",
"primary_tag": "datacenter:*",
"resource": "CartsController",
"row_type": "service",
"service": "web-store"
},
"event_query": {
"compute": {
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
},
"group_by": [
{
"facet": "resource_name",
"limit": 50,
"sort": {
"aggregation": "avg",
"facet": "@string_query.interval",
"order": "desc"
}
}
],
"index": "days-3,days-7",
"multi_compute": [
{
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
}
],
"search": {
"query": ""
}
},
"log_query": {
"compute": {
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
},
"group_by": [
{
"facet": "resource_name",
"limit": 50,
"sort": {
"aggregation": "avg",
"facet": "@string_query.interval",
"order": "desc"
}
}
],
"index": "days-3,days-7",
"multi_compute": [
{
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
}
],
"search": {
"query": ""
}
},
"network_query": {
"compute": {
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
},
"group_by": [
{
"facet": "resource_name",
"limit": 50,
"sort": {
"aggregation": "avg",
"facet": "@string_query.interval",
"order": "desc"
}
}
],
"index": "days-3,days-7",
"multi_compute": [
{
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
}
],
"search": {
"query": ""
}
},
"process_query": {
"filter_by": [],
"limit": "integer",
"metric": "system.load.1",
"search_by": "string"
},
"profile_metrics_query": {
"compute": {
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
},
"group_by": [
{
"facet": "resource_name",
"limit": 50,
"sort": {
"aggregation": "avg",
"facet": "@string_query.interval",
"order": "desc"
}
}
],
"index": "days-3,days-7",
"multi_compute": [
{
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
}
],
"search": {
"query": ""
}
},
"q": "host:X tags:Y",
"rum_query": {
"compute": {
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
},
"group_by": [
{
"facet": "resource_name",
"limit": 50,
"sort": {
"aggregation": "avg",
"facet": "@string_query.interval",
"order": "desc"
}
}
],
"index": "days-3,days-7",
"multi_compute": [
{
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
}
],
"search": {
"query": ""
}
},
"security_query": {
"compute": {
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
},
"group_by": [
{
"facet": "resource_name",
"limit": 50,
"sort": {
"aggregation": "avg",
"facet": "@string_query.interval",
"order": "desc"
}
}
],
"index": "days-3,days-7",
"multi_compute": [
{
"aggregation": "avg",
"facet": "@duration",
"interval": 5000
}
],
"search": {
"query": ""
}
},
"style": {
"palette": "string"
}
}
],
"show_legend": false,
"time": {
"live_span": "5m"
},
"title": "string",
"title_align": "string",
"title_size": "string",
"type": "distribution",
"xaxis": {
"include_zero": false,
"max": "string",
"min": "string",
"scale": "string"
},
"yaxis": {
"include_zero": false,
"label": "string",
"max": "string",
"min": "string",
"scale": "string"
}
}Additional helpful documentation, links, and articles:
