Display partially structured data into multiple columns in Kibana Discover

Selma · November 15, 2023, 8:14pm

I am trying to get the data as separate columns based on the fields serviceName, flowName, correlationId and timestamp from below log field. can this be achieved through scripts in Kibana UI itself ? If not is there an alternative for this ?

[2023-11-15 13:59:41.146] INFO info [[MuleRuntime].uber.512: [mule-sys].post:\accounts:application\json:mule-sys-api-config.CPU_LITE @720d4er4] [event: xxx]: {
"muleMessage": {
"messageType": "Request",
"responseStatus": "Success",
"serviceName": "Account Status ",
"flowName": "post:\accounts:application\json:mule-sys-api-config",
"correlationId": "xxx",
"timestamp": "2023-11-14T14:59:41.145Z",
}
}

bhavyarm · November 22, 2023, 10:11pm

Hello,

What is the version of your stack? We release ES|QL in 8.11.0 which would definitely help with this.

https://www.elastic.co/elasticsearch/piped-query-language

Thanks,
Bhavya

system · December 20, 2023, 10:11pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.