When our users are going through the various data sources present in our Elastic stack, they often struggle to know which fields are present in order to build dashboards and alerts.
For example: For Metricbeat data, the Discover app will present all the possible fields that can be present based on the loaded templates. This list is obviously much longer than the actual present fields.
Is there a way to generate a list (either in Kibana or outside using APIs) that will show which fields are actually populated with data?
I think the best way is to copy the used Index Template and then customize the copy to only affect your index, increase priority (so your custom template will be used instead of the default one) and only add the fields you require (you may need to remove one of the component templates that contain the unnecessary mappings).
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.