Bipartite chord diagram
This chart displays the interrelationships between data through time. The data is arranged radially around a circle with the relationships between the different distinct values (represented as segments in the circle) drawn as arcs connecting the data together. Each arc is assigned a value that represents its proportion.
What data do I need for this widget?
The option to create this chart will be disabled unless your query contains at least three columns, one of them with numeric values. Furthermore, it is advisable to group your data and aggregate it in order to show meaningful content on the diagram.
Creating a bipartite chord diagram
Affinity vs Bipartite
Even though these two diagrams look very similar, they have a major difference. While the Bipartite establishes relations between the elements of two different columns, the Affinity establishes relations between the elements of the same column.
Working with bipartite chord diagrams
Hover over a segment in the circle to see its total number of values and highlight its relationships with other values.
Hover over an arc to see the number of values in that connection and highlight the arcs going to the same target value.
You can hit the following keys to perform different visualization actions:
Shortcut keys | Description |
---|---|
D | Shows/hides a legend displaying the total amount of source values and the count of each distinct source value in the chart. Hover over each section in the diagram to display the count of instances in each relationship of that value. |
L | Shows/hides the labels indicating the names of each distinct value. |
S | Converts the source data to target data and vice versa. |
H | Shows a histogram representing the amount of data and percentage of the selected value in the chart through the selected time period. Hover over the histogram to see the count and percentage for each period. |
← | Displays data from the previous period. For example, if your query groups data every 30 seconds press the left arrow to see the data relationships in the previous 30-second period. |
→ | Displays data from the next period. For example, if your query groups data every 30 seconds press the right arrow to see the data relationships in the following 30-second period. |
? | Shows/hides the list of shortcut keys. |
Query example
You can recreate the example shown in the picture above with the data from the following query and mapping the fields as follows:
from demo.ecommerce.data
group every 30s by method, statusCode, bytesTransferred
every 30s
Required field | Column added |
---|---|
Source | method |
Target | statusCode |
Value | bytesTransferred |
In case you want another example, here is another query to construct another bipartite chord diagram:
from siem.logtrust.web.activity
group every 15s by username, serverHost
every 15s
select count() as count
Required field | Column added |
---|---|
Source | source |
Target | severHost |
Value | count |