Hi,
We have a web service application that exposes certain webservices over http. The webservice requests are xml messages sent in a SOAP envelope. The application logs the request and response messages for audit purposes.Since the application processes multiple webservices, the xml messages are different.
I am trying to use the ELK stack for log analysis. I have used logstash to parse the log file and have put the xml message into an elasticsearch field.
Is there a way in Kibana using which the user can extract a certain tag from the xml message field, assign it to a different field and create graphs out of it? I do not want to do this in logstash, but would like to do it in Kibana at run time.
I'm not sure if that will work for your particular use-case, but I think it's your best bet. Scripted fields are not infinitely flexible though, and you can't use them in all of the same ways that you can use regular fields.
Generally speaking, I strongly recommend transforming data into the format you need when you index it rather than when you search for it.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.