Equal field values show up as different

DarkKooky · May 15, 2023, 9:54am

Why do these values show up as different although equal and how should it be fixed?
If this could help:

Capture d’écran 2023-05-15 114841

jughosta · May 22, 2023, 8:03am

Welcome to the community, @DarkKooky!

What if you filter for these values (via "+" button). Does it give different search results too?

DarkKooky · May 22, 2023, 9:42am

Yes it did show different Record counts.

I found my mistake which came from the dissect processor: I used " as delimiter which removed the quote from the field value.

Being a string, Kibana would still display the value between quotes but separate it from other values that do contain the ending quote.

Topic		Replies	Views
Filebeat dissect processed logs not appearing in Kibana Kibana	5	1427	September 15, 2020
Filebeat and parsing Beats	3	688	July 12, 2017
Getting duplicate log entry in dashboard Beats filebeat	10	462	September 26, 2022
Add custom field and its value needs to be derived from one of the source field Kibana	6	2797	June 3, 2021
Search behavior in Kibana Kibana	2	296	August 15, 2018