Questions tagged [kibana]

0

votes
0

answer
3

Views

How to set keycloak authentication in kibana

Is it possible to configure keycloak authentication in Kibana-7. For restrict access to a kibana dashboard to only be accessible to particular users?
Kailas Biradar
1

votes
1

answer
79

Views

Set filter in Kibana 7/6.7.2 for latest _id in DSL with size 1

I want the filter to be set on dashboard which will fetch only latest record So Used below query in DSL { 'query': { 'match_all': {} }, 'size': 1, 'sort': [ { '_id': { 'order': 'desc' } } ] } This is not working in Elasticsearch Kibana 7.0 and I have checked in 6.7.1 also , it is not working 'size'...
happy
1

votes
2

answer
1.4k

Views

Kibana and Docker-Compose: Automatically load in saved object

Goal: Load in Kibana saved object when starting Elastic Stack from Docker-Compose. I have an 'export.json' object from Kibana, containing my default index, 10+ visualizations, and dashboard setup. I am able to successfully start the Elastic Stack from Docker-Compose and manually load the object, but...
Alan
1

votes
1

answer
234

Views

What are benefits of running ELK stack on Docker over running it on VM

I'm learning ELK stack. I wonder, why would people run it on Docker? If I understand everything correctly, it would have to have some directory of a host OS mapped to be persistent over resets of the image. Meanwhile, running just VL with installed docker would be persistent anyway. Why should I use...
Kowalski Paweł
1

votes
0

answer
41

Views

Offline time report using Kibana and ElasticSearch

Our devices are sending pings to ElasticSearch, every 5 minutes, in the following format: { deviceId: 34567, timestamp: 1514889787 } (We may alter the stored timestamp format if needed). If the device is offline, the ping is not send at all (ElasticSearch is storing only pings for devices being onli...
Sfisioza
1

votes
1

answer
800

Views

How to validate Elasticsearch Painless scripts?

We use many ScriptQuery and ScriptField in our project, and provide inline scripts for them in painless language. My question is, how can we validate these painless scripts? In other words, how to make sure that they will compile? The approach we use today is to test them out locally through Kibana...
Sunil Purushothaman
1

votes
0

answer
593

Views

Elasticsearch painless get string field (which contains XML) into a variable

I'm trying to parse an Elasticsearch string field (named Request.Body) which contains XML. This field contains a SOAP request string, like this : myData myData myData myData false My goal is to extract the value of the search tag in a scripted field (in Kibana) using the painless language. I tried t...
Dorian
1

votes
0

answer
160

Views

Logstash with elasticsearch input and output keep looping results

I would like to reindex and filter my log again. What I get the information from Internet is using the logstash to filter the data again. I tried and it can really split my data into different fields, however, the data keeps looping. That is, I have 100,000 logs but after filtering and output to ela...
Layla
1

votes
0

answer
30

Views

Relation based search with elasticsearch / kibana

I'm running a software where a client-application communicates with a backend-service. In order to be able to track what the client does I want to analyze my logs in the backend. Therefore I've setup an ELK stack in the backend. Setup and application behaves as follows: a) filebeat delivers logfiles...
BK_
1

votes
1

answer
115

Views

How to store the content of the website in the Status Index using StormCrawler?

We are trying to store the content of the webpage in the Status Index, along with url, status and metadata information. We tried to edit the ES_IndexInit.sh and add the next property in the Status' mapping section: 'content': { 'type': 'text', 'index': 'true', 'store': true } but we can't see anyth...
ArtoriasSnow
1

votes
1

answer
286

Views

Visualizing pdf data on kibana

I have ELK(Logstash, Elasticsearch, Kibana) stack setup working. Visualizations are created using CSV files which are loaded using logstash to kibana. But, I have indexed the PDF, DOC files using elasticsearch and able to see the data on kibana and can search in them. But, I need to visualize the t...
monty
1

votes
2

answer
1.3k

Views

logstash convert string to date

I want to convert string to date in logstash. I tried to do it with 2 solutions but it doesn't work. 1) with mutate/convert grok {match => {'message' => '%{TIMESTAMP_ISO8601:log_date} - %{GREEDYDATA:key}:%INT:value}'} mutate {convert => ['log_date', 'date']} 2) with date/target : date {match => [ '...
Papiis
1

votes
0

answer
158

Views

Custom labels on range aggregation in kibana

I would like to customize the labels for range aggregation in kibana 5.6.6: With something like : Very short Short Medium Long Too long Way too long With this kind of range: Thanks in advance.
Zaphod
1

votes
1

answer
86

Views

Apply filter in Elastic search query

I want to apply filter after aggregate query. For example, with the below aggregate query, I want to get only those entries where we have all the windows. Note: we do not have to use include because it uses regular expression which is time consuming and we cannot ignore the case. Query: GET /record...
Utsav Dusad
1

votes
1

answer
1.1k

Views

Traefik with self-signed backend

I have the traefik setup to proxy the kibana backend with self signed certs. Whenever I access the backend, I am getting 'Internal error' in the browser and I see the following error message in kibana logs. {'type':'log','@timestamp':'2018-02-04T03:56:26Z','tags':['connection','client','error'],'pid...
thotam
1

votes
1

answer
57

Views

Elasticsearch: new type or new index?

I am doing a test, gathering tweets from the Twitter API, and index some of the information in Elasticsearch. As we all know, Elasticsearch doesn't handle well array of objects. And I need those for some analysis. Examples of arrays of objects from a tweet could be: List of urls contained in the t...
salvob
1

votes
2

answer
70

Views

Two different date fields want to check is gte or lte

Am new to Elasticsearch 6.2.1 and Kibana 6.2.1. Now am working on scripted Field in kibana. I have two different date fields in indices like (resolved_on and resolve_due_by) i want check the condition if resolved_on is lessThan or equalTo resolve_due_bye. I tried some scripted query that are shown b...
Chandru
1

votes
0

answer
153

Views

Median and percentiles in Kibana geohash grid aggregation

I have an index composed by lat,long,country,value that I want to plot both in the region map and the coordinate map. I want for every bucket (region or grid tile) the median or another percentile, for example 75%, but the only metric aggregation that I can see from Kibana are Average, Count, Sum, M...
1

votes
1

answer
251

Views

sentiment analysis - elastic stack

I am using the newest version of Elastic stack (Logstash, Elasticsearch, Kibana) to perform some Twitter analysis and I would like to add a sentiment analysis to it (basic one is fine, nothing too complicated) however all options I found were using libraries like tweepy to input data into elasticsea...
Angelika
1

votes
1

answer
23

Views

Creating a filter in Kibana

I have a db with offers: each offer has a name, a date, a price and a supplier + for every date, there is an offer which is a 'default offer'. I would like to make a filter that gives me all the offers for the date which are inferior in price to the price of the default offer for that date. Is this...
tomak
1

votes
0

answer
12

Views

Elasticsearch does not keep logs

I am having couple of the strange issues with the elasticsearch: 1) When I run my web app as localhost, I get the logs in ES. But when I run the app using my public IP/domain name, then I dont get any logs. I guess this is because ES needs some settings to be changed from localhost to some IP (publi...
Joe Doe
1

votes
2

answer
672

Views

How to use QueryStringQueryBuilder

I've tried to use QueryStringQueryBuilder in a very simple case, but I dont understand why I get another result than the result I get from Kibana. What am I doing wrong? Kibana: GET .../_search { 'query': { 'query_string' : { 'query' : '\'this is a query\'', 'lenient': true, 'default_operator': 'OR'...
Nicole
1

votes
1

answer
59

Views

elastic query fails with this error Exception: TransportError(400, u'search_phase_execution_exception', u'Failed to parse query [*/abc*]')

The main reason for this error is the selected string starts with / or it includes many of / symbol in it. Example : '/abc/cd/ef' It works fine if the selected string does not contain / in it. This is the query am using: f1= += ', '+elQuery+' {'query_string' : {'default_field' : ''+eJson+'.string',...
programmer
1

votes
0

answer
124

Views

Kibana setup on Ubuntu 17.10 for consuming log files from Jboss Fuse

Every day I get a new log file from Jboss Fuse. Examples: fuse.log.2018-02-28 fuse.log.2018-03-01 fuse.log.2018-03-03 etc.. I want to load a log file into Kibana every day. Now this is what I have done so far: Installed Elasticsearch Installed ingest-geoip Installed Kibana on http://localhost:9200...
Sigma
1

votes
0

answer
446

Views

Developing Kibana plugin using ReactJS

I would like to create a Kibana plugin using ReactJS as the preferred javascript framework. It seems like is possible, but the documentation and examples are definitely sparse. I have set up the local environment as far as running Kibana, kbn bootstrap etc and modified the app.js as one would when w...
erp
1

votes
1

answer
25

Views

Bool search: must_not is not useful

I use bool to search,it like this: {'query': { 'bool': { 'must': { 'match': { 'message': { 'query': 'disconnect' } } }, 'must': { 'match': { 'message': { 'query': 'server' } } }, 'must_not': { 'match': { 'message': { 'query': 'pomelo_list' } } }, 'must_not': { 'match': { 'message': { 'query': 'socke...
sogg
1

votes
1

answer
128

Views

Kibana: Field collapsing and inner hits not working for visualizations

In Kibana, I have created a search that returns the last status for each servers, using field collapsing and inner hits. { 'query': { 'match': { 'event_name': 'server_status' } }, 'collapse': { 'field': 'server_id', 'inner_hits': { 'name': 'last_status', 'size': 1, 'sort': [ { '@timestamp': 'asc' }...
Samy Kacimi
1

votes
0

answer
1.7k

Views

The final mapping would have more than 1 type Error - Intermittent

I am currently observing the below error. Strangely, it worked for the first time, later on I had to an additional field (Tag) to my data and that was the only change I have done and now i get the mapping error. I was not able to figure out the reason behind it and now when i remove the field i adde...
sdgd
1

votes
0

answer
30

Views

Timelion draw a dot if log contains error

I'm using Timelion to draw my time series, but I'd like to draw points or color the lines red if the document contains an 'error' field. Is there a way to do this with conditionals? Ideally, I'd like some HUGE pointer identifying where the errors are. Below is an example of what I'm trying. The top...
Breedly
1

votes
0

answer
384

Views

Sending Logs to Logstash in ELK using Ruby on Rails Docker Image

I've been following these tutorials, repos, docs, and everything: https://medium.com/@AnjLab/how-to-set-up-elk-for-rails-log-management-using-docker-and-docker-compose-a6edc290669f https://github.com/OrthoDex/Docker-ELK-Rails http://ericlondon.com/2017/01/26/integrate-rails-logs-with-elasticsearch-l...
Jose A
1

votes
0

answer
24

Views

Elasticsearch / Kibana - Wrong time values

I construct an Elasticsearch and Kibana service via Docker. Therefore I use this Github sources: deviantony/docker-elk. After importing JSON data with a script, Kibana shows me wrong time values. All time values are increased by exactly two hours. Maybe it could be a problem with GMT or UTC time, bu...
baconLX
1

votes
0

answer
56

Views

Define first bucket’s start time in aggregation query

I want to visualize the data stored on Elasticsearch. I have a time filter and bucket filter in my visualization. Let me explain my problem on my data stored in Elasticsearch. For example; according to the 'created' value the first item's 'created' value is 02.03.2018. Because of this value Elastics...
zackeriya
1

votes
0

answer
19

Views

Unable to use the generate_plugin.js script in Kibana

I tried to run the plugin generator included in Kibana 7.0.0-alpha, but generate_plugin.js script doesn't exist after upgrading Kibana by running the .deb installation file for Kibana 7.0.0-alpha. I know I successfully installed Kibana 7.0.0-alpha because it runs properly through the browser. In add...
AloysiusParedes
1

votes
0

answer
48

Views

Querying Multiple Indexes (of different field mappings) causing Failed Shards Exception

I am trying to create Coordinate Map Visualization in Kibana, using an Index Pattern which covers two Indices of ElasticSearch. One Index contains the location (lat/lon) info whereas the other contains live data from IoT devices relevant to these locations. Both these indices have different fields o...
waleed ali
1

votes
0

answer
243

Views

Lucene query to check for greater than condition for a part of the field

Have a field called queryparam in Kibana which shows the query parameters for a REST endpoint and looks like createdTime=1524456000000,limit=1000,sort=name. Is there a Lucene query to fetch only rows which have limit greater than 1000? P.S. Not sure whether we need to parse the field to get limit va...
Silent_Pal
1

votes
0

answer
156

Views

Missing data in the Discover tab of kibana 6.2.2

I have an index with 3 documents in it. Each of the documents is very similar--they have the same fields and very close time stamps. When looking at the data in the Discover tab--with no filters and an empty search field--Kibana shows that there are 3 hits (correct), shows 3 buckets each with a coun...
gaccardo
1

votes
0

answer
313

Views

Elastic connection ERROR -> Elasticsearch 6 + Kibana + Docker Compose

Below is my docker.compose.yml. After executing it, it shows: kibana | {'type':'log','@timestamp':'2018-04-24T18:27:43Z','tags':['warning','elasticsearch','admin'],'pid':1,'message':'Unable to revive connection: http://localhost:9200/'} kibana | {'type':'log','@timestamp':'2018...
Guid
1

votes
0

answer
477

Views

ENABLE user ROLES in KIBANA and Elasticsearch using DOCKER.compose?

Below is my docker.compose.yml file that starts Elasticsearch 6.2.4 with 2 nodes + Kibana 6.2.4. I am using Elastisearch 6.2.4 platinum version and I have configured user login and password across ELK. The problem is that when I log into Kibana>Management I don't see the panel to configure Security...
Guid
1

votes
0

answer
48

Views

AWS ElasticSearch - restrict or filter data in Kibana

I have a managed ElasticSearch set up in AWS. I have researched how to apply resource or iam policies to restrict access to es domains, etc. However, what I was looking to do was possibly filter what an app team can see in the included Kibana dashboard based upon an iam policy. Is there some way to...
Mike
1

votes
1

answer
356

Views

Kibana bootstrapping with Yarn - Errors 800A0404/800A1391

UPDATE 2: Unfortunately, it doesn't work on my other computer either. While elasticsearch boots just fine, kibana.bat gives an 'Unable to find usable node.js executable' message on boot. Though I know it's dangerous, I think I am just going to try to develop on the production version of Kibana from...
Elizabeth

View additional questions