Hi, very new user of Kibana, so my terminology may be way off, please bear with me.
We (video game company) are considering using Kibana/Elasticsearch to track non-fatal error reports. Each report is a string like "not enough costume parts", and then some number of named pieces of data such as "costumeName" and "playerName" and so forth. So I'm uploading each error as a single json object with "errorString" as one field, and then "costumeName" and "playerName" as additional fields, and it's all working great, I can search and graph and so forth.
So to see what the most common errors are, I set up a data table doing a count of "errorString", and presto, I see the most frequent errors over whatever time frame. And I can click on one to add a filter, and now I can drill down and explore various fields within that error, etc.
What I would like to be able to do, however, is treat that error, that is, all reported errors with a matching errorString, as an object of some sort, to which metadata can be added. For instance, a producer sees that "too many costume pieces" is the most common error, he goes and talks to the programmers, learns that a fix is already in, and he writes "already fixed in version 32" on that object in some fashion. Then some other producer does a search, also sees that "too many costume pieces" is the most common error, but also sees "oh, someone else already wrote a note here, looks like it's already fixed in version 32". (And if I'm really dreaming, each of these objects could be linked into our JIRA bug tracking system.)
Does my question make any sense? What's the right approach to take within the framework of Kibana to do something like this?
Thanks!