Challenge - 5 Problems

🎖️

Lens Mastery Badge

Get all challenges correct to earn this badge!

Test your skills under time pressure!

❓ Predict Output

intermediate

2:00remaining

What is the output of this Lens drag-and-drop configuration?

Given a Lens visualization in Elasticsearch where you drag the "bytes" field to the Y-axis and the "extension.keyword" field to the X-axis, what will the chart display?

Elasticsearch

Lens config:
- Y-axis: Sum of bytes
- X-axis: Terms of extension.keyword

Data sample:
{
  "extension": "jpg",
  "bytes": 1000
},
{
  "extension": "png",
  "bytes": 2000
},
{
  "extension": "jpg",
  "bytes": 1500
}

AA pie chart showing count of documents per extension without bytes aggregation

BA line chart showing average bytes per document regardless of extension

CA bar chart showing total bytes for each file extension, e.g., jpg: 2500, png: 2000

DA table listing each document with bytes and extension fields

Attempts:

2 left

🧠 Conceptual

intermediate

1:30remaining

Which Lens feature allows you to change the aggregation type for a dragged field?

In Elasticsearch Lens, after dragging a field to an axis, how can you change the aggregation method (e.g., from sum to average)?

ABy clicking the field on the axis and selecting the aggregation from the dropdown menu

BBy editing the Elasticsearch query manually in the Lens interface

CBy dragging the field again to the other axis

DBy changing the index pattern in the Lens settings

Attempts:

2 left

🔧 Debug

advanced

2:30remaining

Why does this Lens visualization show no data after dragging fields?

You dragged timestamp to the X-axis and bytes to the Y-axis in Lens, but the chart shows no data. What is the most likely cause?

Elasticsearch

Lens config:
- X-axis: Date histogram on timestamp
- Y-axis: Sum of bytes

Data sample:
{
  "timestamp": "2023-01-01T00:00:00Z",
  "bytes": 1000
}

Index pattern uses a different time field named "@timestamp".

ALens requires a keyword field on the X-axis, not a date field

BThe index pattern's time field is different from the dragged timestamp field, so Lens cannot filter data by time

CThe date histogram interval is too large to show data

DThe bytes field is not numeric, so sum aggregation fails silently

Attempts:

2 left

📝 Syntax

advanced

2:00remaining

Which Lens drag-and-drop configuration will produce a stacked bar chart by default?

In Lens, you want to create a stacked bar chart showing total bytes per extension, split by the geo.src field. Which drag-and-drop setup achieves this?

AY-axis: Terms of geo.src.keyword; X-axis: Sum of bytes; Break down by: Terms of extension.keyword

BY-axis: Count; X-axis: Terms of extension.keyword; Break down by: Terms of geo.src.keyword

CY-axis: Sum of bytes; X-axis: Terms of geo.src.keyword; Break down by: Terms of extension.keyword

DY-axis: Sum of bytes; X-axis: Terms of extension.keyword; Break down by: Terms of geo.src.keyword

Attempts:

2 left

🚀 Application

expert

3:00remaining

How to create a Lens visualization that shows average bytes per day for top 3 extensions?

You want a Lens chart that shows the average bytes per day on the Y-axis, with the X-axis as a date histogram on @timestamp, but only for the top 3 file extensions by count. How do you configure Lens?

AY-axis: Average of bytes; X-axis: Date histogram on @timestamp; Use 'Break down by' with extension.keyword limited to 3 terms

BY-axis: Sum of bytes; X-axis: Date histogram on @timestamp; Use 'Break down by' with extension.keyword limited to 3 terms

CY-axis: Average of bytes; X-axis: Terms of extension.keyword limited to 3; Use 'Break down by' with date histogram on @timestamp

DY-axis: Average of bytes; X-axis: Date histogram on @timestamp; Add a filter to include only top 3 extensions by terms aggregation on extension.keyword

Attempts:

2 left