Export a field's content from a Kibana Message

deeps · November 29, 2019, 9:05pm

I need to export the whole content in "message" field in a log message to grep some data.

Is there a way to do that?

Kibana version: 5.5.1 (No X-Pack).

  "_source": {
    "message": "op=THIS, status=OK, zip=X, state=X, city=X, Id=X, timeStamp=2019-11-29T05:58:44.751+0000",
    "@version": "1",
    "@timestamp": "2019-11-29T05:58:44.751Z",
    "host": "XX",
    "type": "XX",
    "tags": [
      "X",
      "Y",
      "Z"
    ]

I have 500 messages for a time period. I need message field exported from all those messages.

Nathan_Reese · December 6, 2019, 1:15pm

You can not export data without x-pack. Starting in 6.3 release, x-pack is contained in the default elastic distribution and exporting data is provided in the free tier with no paid license required.

To export message, open Discover application. Add "message" field to the table from the Fields list. Save the search configuration. Finally, use share menu to export a CSV of the table.

system · January 3, 2020, 1:15pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Exporting the logs to CSV file from a Saved search or Dashboard in Kibana version 5.4.1 Kibana	4	3243	May 21, 2018
Extract field from kibana Kibana	3	201	May 27, 2022
Exporting message fields from Elasticsearch for one years Elasticsearch	2	156	June 30, 2023
Is it possible to split discovery message field? Kibana	3	2262	September 10, 2017
Is it possible to export logs from Kibana? Kibana	11	79372	July 6, 2018

Export a field's content from a Kibana Message

Related topics