Is it possible to make a visualization in Kibana 4 of data without aggregation?
In other words: make a layed out list of content found in the Discover section without analyzing?
One example could be a firewall log:
All firewall events can be found in the discover dash of Kibana.
We can do loads filtering on it, but the resulting data in the main window stays rather raw.
An ideal solution would be a table view of all events in chronological order found on the dashboard where only fields related to rule activity are shown. Perhaps even colour pass or block events green or red.
Can this be done or is it impossible? So far I always end up with overviews of percentages of blocked or passed traffic... but never a view of the basic data.
Any help would be greatly appreciated.