Visualizations
The Visualize tab opens a page where you can select one or more existing visualizations of the data in your Elasticsearch indices; you can also create a new visualization from this page. You can then build dashboards that display related visualizations.
Visualizations can also be created directly on a dashboard by selecting Edit → Add.
Siren Investigate visualizations are based on Elasticsearch queries. By using a series of Elasticsearch aggregations to extract and process your data, you can create charts that show you the trends, spikes, and dips that you need to know about.
You can create visualizations from an entity table or search that is saved from the Discover app, or you can start with a new search query.
Types of visualization
| Compare different series in X/Y charts. | |
| Display data in an x/y chart using upper and lower percentiles. | |
| Show data and parent/child relationships as bubbles. | |
| Display a gauge. | |
| Shade cells within a matrix. | |
| A visualization in which you can switch between other visualizations at will. | |
| Arranges several metrics on parallel columns. | |
| Display each source’s contribution to a total. | |
| A graphical method of displaying multivariate data in the form of a two-dimensional chart of three or more quantitative variables represented on axes starting from the same point. | 
| Display the raw data of a composed aggregation. | |
| Display free-form information or instructions. | |
| Display a single number. | |
| Display words as a cloud in which the size of the word correspond to its importance. | |
| Perform significance and clustering analysis on full-text fields. | 
| Associate the results of an aggregation with geographic locations. | |
| Thematic maps where a shape’s color intensity corresponds to a metric’s value. | 
| Display Elasticsearch documents as nodes and Siren Investigate relations as links of a graph. Note: The Graph Browser is a very powerful visualization and is described in a separate section of the documentation. | |
| Show the documents matched by a query on an Elasticsearch index with enhanced features. | |
| Show data in an x/y graph as scattered points. | 
| Compute and combine data from multiple time series data sets. | |
| Visualize time series data using pipeline aggregations. | |
| Visualize events in chronological order. | 
| Create interactive controls for easy dashboard manipulation. | |
| Provide navigation between relationally-connected dashboards. | 
Customizing visualizations
You can update your visualization’s label or change the display color. For more information, see Customizing visualizations.