Creating Custom Field in Kibana and fetching the values from a particular line in message

Dhinesh_Prabakaran · July 18, 2022, 10:59am

Hi All,

We've been using ELK to monitor our network and infrastructure logs. We have a requirement. We need to create a custom field name in filebeat so that we can use it as a unique key to filter the log messages in the Kibana. I've got the following requirements. Requesting the peers to kindly assist.

I need to create a custom field name in filebeat so that it'll be available in the Kibana 'available fields'
I need to dynamically fetch the value of this custom field name from one of the lines (ex: server name: ...) from the messages (log file). I need the value of this field to be fetched from only one occurence in the message source (not each time a new log occurs). (Note: The line from which a particular value needs to be fetched would occcur only once in the messages)
The above two needs to be done for all the logfiles specified in the path.

mtojek · July 19, 2022, 10:19am

I'm guessing that you want to read about ingest pipelines in Elasticsearch. They allow to modify or add extra fields.

system · August 16, 2022, 12:19pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Kibana how to filter out values of custom fields Kibana	5	1901	July 19, 2018
Add custom field and its value needs to be derived from one of the source field Kibana	3	917	June 3, 2021
Filebeat nginx include custom log field Beats filebeat	3	905	November 29, 2019
Add custom field and its value needs to be derived from one of the source field Kibana	6	2494	June 3, 2021
KIBANA CUSTOM FIELDS Kibana	3	506	October 27, 2020

Creating Custom Field in Kibana and fetching the values from a particular line in message

Related Topics