Formatted values in logstash are not displayed

its-ogawa · April 1, 2021, 2:51am

Formatted values in logstash are not displayed.

want to
I would like to split the log collected by logstash and get it by dissect, and check each in a different field in Kibana.
issue
However, the variable name on the logstash is displayed instead of the retrieved value.
How can I display the retrieved value?

experiment
input:

A	B

settings:

... snip ...
filter {
  dissect {
    mapping => {
      "message" => "%{ia}	%{ib}"
    }
  }
  mutate {
    add_field => { "a" => "%{ia}" }
    add_field => { "b" => "%{ib}" }
  }
}

expect:

"a" => "A",
"b" => "B"

actual:

"a" => "%{ia}",
"b" => "%{ib}"

its-ogawa · April 1, 2021, 3:04am

In Kibana, it looks like this

its-ogawa · April 2, 2021, 12:54am

Was it the logstash category, not Kibana?
I apologize for that.
I hope someone can answer my question.

its-ogawa · April 9, 2021, 11:43am

The problem is solved in this thread, and I'll write down the URL.

system · May 7, 2021, 11:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Unable to extract the message filed from the logstash filter Logstash	7	552	September 17, 2019
Not displaying fields specified in the Logstash filter Logstash	11	4653	July 6, 2017
Kibana not showing dictionary output of log events Kibana	13	1444	February 26, 2019
Kibana doesn't show the numerical tags values Kibana	14	2373	July 6, 2017
How can I change the display of data in kibana from logstash? Logstash	2	250	August 12, 2020

Formatted values in logstash are not displayed

Related topics