326 questions
9
votes
2
answers
14k
views
Calculating time between events
I have a message that flows through several systems, each system logs message entry and exit with a timestamp and a uuid messageId. I'm ingesting all logs through:
filebeat --> logstash --> ...
- 23.9k
8
votes
3
answers
22k
views
Join query in ElasticSearch
Is there any way (query) to join 2 JSONs below in ElasticSearch
{
product_id: "1111",
price: "23.56",
stock: "100"
}
{
product_id: "1111",
category: "iPhone case",
manufacturer: "Belkin"
}
Above 2 ...
- 139
78
votes
7
answers
153k
views
How to retrieve unique count of a field using Kibana + Elastic Search
Is it possible to query for a distinct/unique count of a field using Kibana? I am using elastic search as my backend to Kibana.
If so, what is the syntax of the query? Heres a link to the Kibana ...
125
votes
3
answers
92k
views
difference between a field and the field.keyword
If I add a document with several fields to an Elasticsearch index, when I view it in Kibana, I get each time the same field twice. One of them will be called
some_field
and the other one will be ...
- 1,429
22
votes
1
answer
35k
views
How to create multiple indexes in logstash.conf file?
I used the following piece of code to create an index in logstash.conf
output {
stdout {codec => rubydebug}
elasticsearch {
host => "localhost"
protocol => "...
- 789
43
votes
5
answers
83k
views
How to set authentication in kibana
Is it possible to enable authentication in Kibana in order to restrict access to a dashboard to only be accessible to particular users?
- 2,119
11
votes
1
answer
10k
views
analyzed or not_analyzed, what to choose
I'm using only kibana to search ElasticSearch and i have several fields that can only take a few values (worst case, servername, 30 different values).
I do understand what analyze do to bigger, more ...
- 2,325
5
votes
2
answers
5k
views
Kibana linking two independent events
I have ELK configured for collecting data offline, the log files look something like this :
Info 2025-08-06 09:33:37,522 User 3 connected
Info 2025-08-06 10:03:57,592 User 99 connected
Info 2015-08-...
- 1,781
1
vote
2
answers
3k
views
Kibana: Cant import Shakespeare.json on Sense Web Plugin
I am trying to import shakespeare.json as per elastic search tutorial.
[Environment]
Elastic Search 2.1
Sense -Extension for Chrome
[Background]
When I paste curl -XPUT localhost:9200/_bulk --data-...
- 1,066
76
votes
4
answers
230k
views
Export to csv/excel from kibana
I am building a proof of concept using Elasticsearch Logstash and Kibana for one of my projects. I have the dashboard with the graphs working without any issue. One of the requirements for my project ...
- 2,666
37
votes
7
answers
55k
views
Location of custom Kibana dashboards in ElasticSearch
I know for a fact that saved Kibana dashboards (ie, the JSON file of the dashboard) are saved in OR associated to a particular ElasticSearch instance. If I were to save my Kibana instance when ...
- 12k
35
votes
3
answers
29k
views
Kibana on Docker cannot connect to Elasticsearch
I tried to create Kibana and Elasticsearch and it seems that Kibana is having trouble identifying Elasticsearch.
Here are my steps:
1) Create network
docker network create mynetwork --driver=...
- 1,873
10
votes
3
answers
33k
views
Logstash does not parse json
When i see results in Kibana, i see that there are no fields from JSON, more over, message field contains only "status" : "FAILED".
Is it possible to parse fields from json and to show them in Kibana?...
- 9,766
90
votes
4
answers
90k
views
Kibana - How to display log as table
I'm testing Kibana 4 for a project.
I have created an index from my database table which is composed by 3 fields:
Date
User
Action
I would like to display my index as a simple table (3 column, N rows)...
- 1,618
74
votes
4
answers
174k
views
How to list unique values of a particular field in Kibana
I am having a field named rpc in my elasticsearch database and I am displaying it using Kibana. When I search in search bar of kibana like:
rpc:*
It display all the values of rpc field but I want to ...
- 739