Create aliace name for fields in discover

alah64 · May 29, 2018, 5:40am

my fileds name in index are :category_code, userdata1,userdata2 ,userdata3 .

for events by category_code= 1 then userdata1 means name ,userdata2 means family ,userdata3 means phone
for events by category_code= 2 then userdata1 means ip ,userdata2 means domain ,userdata3 means mac_address
and many other category_codes

i have to saved discovery for category_cods , for clarity i need save some alias name for those fields.but there is nothing to do that.
i dont like do this in logstash or change data structure.

Christian_Dahlqvist · May 29, 2018, 6:01am

Changing the data structure and use meaningful names sound like the right thing to do.

alah64 · May 29, 2018, 9:19am

are you shore?
this is can not apply ,another software create logs and use this structure in mysql database too.

Christian_Dahlqvist · May 29, 2018, 1:12pm

I am not sure I understand.

alah64 · May 30, 2018, 5:36am

in sql server reporting service we can do this like a charm .
and in kibana discover need something like that ,please make it.

rcowart · May 30, 2018, 8:28am

The real issue here is that some places in Kibana allow you to specify a display name for a data point, and others do not. Saved searches stand out here as a place where you cannot. It would definitely be a useful feature for creating more user-friendly dashboards.

system · June 27, 2018, 8:28am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.