Formatted values in logstash are not displayed

its-ogawa · April 1, 2021, 2:51am

Formatted values in logstash are not displayed.

want to
I would like to split the log collected by logstash and get it by dissect, and check each in a different field in Kibana.
issue
However, the variable name on the logstash is displayed instead of the retrieved value.
How can I display the retrieved value?

experiment
input:

A	B

settings:

... snip ...
filter {
  dissect {
    mapping => {
      "message" => "%{ia}	%{ib}"
    }
  }
  mutate {
    add_field => { "a" => "%{ia}" }
    add_field => { "b" => "%{ib}" }
  }
}

expect:

"a" => "A",
"b" => "B"

actual:

"a" => "%{ia}",
"b" => "%{ib}"

its-ogawa · April 1, 2021, 3:04am

In Kibana, it looks like this

its-ogawa · April 2, 2021, 12:54am

Was it the logstash category, not Kibana?
I apologize for that.
I hope someone can answer my question.

its-ogawa · April 9, 2021, 11:43am

The problem is solved in this thread, and I'll write down the URL.

system · May 7, 2021, 11:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Not displaying fields specified in the Logstash filter Logstash	11	4647	July 6, 2017
How to view logstash fields in Kibana Kibana	2	642	July 6, 2017
Kibana doesn't show the numerical tags values Kibana	14	2371	July 6, 2017
How can I change the display of data in kibana from logstash? Logstash	2	250	August 12, 2020
Separate Fields Now Displaying As One Object Kibana	12	711	February 14, 2022

Formatted values in logstash are not displayed

Related Topics