Creating Custom Field in Kibana and fetching the values from a particular line in message

Dhinesh_Prabakaran · July 18, 2022, 10:59am

Hi All,

We've been using ELK to monitor our network and infrastructure logs. We have a requirement. We need to create a custom field name in filebeat so that we can use it as a unique key to filter the log messages in the Kibana. I've got the following requirements. Requesting the peers to kindly assist.

I need to create a custom field name in filebeat so that it'll be available in the Kibana 'available fields'
I need to dynamically fetch the value of this custom field name from one of the lines (ex: server name: ...) from the messages (log file). I need the value of this field to be fetched from only one occurence in the message source (not each time a new log occurs). (Note: The line from which a particular value needs to be fetched would occcur only once in the messages)
The above two needs to be done for all the logfiles specified in the path.

mtojek · July 19, 2022, 10:19am

I'm guessing that you want to read about ingest pipelines in Elasticsearch. They allow to modify or add extra fields.

system · August 16, 2022, 12:19pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Dynamically injecting custom fields to logstash from filebeat Beats filebeat	2	894	April 10, 2019
Kibana how to filter out values of custom fields Kibana	5	1908	July 19, 2018
Add custom field and its value needs to be derived from one of the source field Kibana	3	920	June 3, 2021
How to create custom fields filein filebeat to preprocess before transporting to elasticsearch Beats filebeat	2	1886	March 2, 2018
Parsing custom field with logstash Logstash	2	973	March 27, 2017

Creating Custom Field in Kibana and fetching the values from a particular line in message

Related topics