How can I create an IP field from a log like this in kibana
Oct 18 16:01:56 Server name Sshd[207769]: Failed Password For Invalid User Music From 107.150.42.106 Port 63668 Ssh2
Individual fields (like IP) will need to be parsed out of the original message before inserting documents into ElasticSearch. Kibana is a visualization tool and can not be used to modify ElasticSearch documents.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.