i'm new @ ELK-Stack and working with it about half an year. Now i have one request which i don't know how to do.
I got an application (windows) with several logfiles. So i installed filebeat and put the logs to ELK-Stack. Now i have @ message-Field some Text like:
message:
2019-05-14 09:23:35.291 [jdk-http-server-396] INFO SPMRestController - DecideBestFee (per package): Calc time: 3 ms
I need to get the value of "Calc time" shown in Grafana and Co. I don't know how and where to doi this in best practise. Is it possible to create a new Field for "Calc Time" at Kibana? Should i use a module of logstash instead?
It would be great, if someone can give me a bit help. I don't expect a solution, but perhabs some tipps.
When @ the linked post is written "lastSlashIndex" and "LastUndrIndex", are that funktions of painless? I did not find anything.
These are just arbitrary variable names that you can define in your script. Painless function is lastIndexOf. I'd recommend you first go through examples, other discuss threads and API reference. Experiment with them and get back if you still have questions.
As far as I know Regexes are disabled by default in Painless, but you can use other string-based functions.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
