Export a field's content from a Kibana Message

deeps · November 29, 2019, 9:05pm

I need to export the whole content in "message" field in a log message to grep some data.

Is there a way to do that?

Kibana version: 5.5.1 (No X-Pack).

  "_source": {
    "message": "op=THIS, status=OK, zip=X, state=X, city=X, Id=X, timeStamp=2019-11-29T05:58:44.751+0000",
    "@version": "1",
    "@timestamp": "2019-11-29T05:58:44.751Z",
    "host": "XX",
    "type": "XX",
    "tags": [
      "X",
      "Y",
      "Z"
    ]

I have 500 messages for a time period. I need message field exported from all those messages.

Nathan_Reese · December 6, 2019, 1:15pm

You can not export data without x-pack. Starting in 6.3 release, x-pack is contained in the default elastic distribution and exporting data is provided in the free tier with no paid license required.

To export message, open Discover application. Add "message" field to the table from the Fields list. Save the search configuration. Finally, use share menu to export a CSV of the table.

system · January 3, 2020, 1:15pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.