Help in index pattern


(Nivedita Singh) #1

Hi ,

I was going through the following link on creating kibana index pattern -

https://www.elastic.co/guide/en/kibana/current/index-patterns.html#settings-create-pattern

I am using ELK stack in my project , where I am uploading logs to logstash where it gives to elastiserarch and index is created with the following format -

apache_elastic_example+random+

Here random in the end is the function which generates unique index against every logs.

Now this elasticsearch feed logs to Kibana , I want to customize kibana in the manner that everytime when I upload logs with regards to that index , an index pattern is created with the same name as index and web page fir kibana is routed directly to open my logs on discover tab.

Is there any way to achieve this..??

Thanks
Nivedita Singh


(Christian Dahlqvist) #2

Why are you creating indices this way? This seems quite odd, and I do not understand the rationale behind it. Could you please explain?

Why not just write the log entries to a single, time-based index and then include the random identifier as a field for each log entry so you can filter based on it? That way you can have a single index pattern and dashboard. If you want the correct data to show up immediately, you might be able to programatically create the dashboard URL and include the required filter.


(Nivedita Singh) #3

Hi
Thanks for you reply.
So I am creating indices this way because I want to identify each log files separately on kIbana too.
As I am developing this project for certain Engineers , who have to do log analysis. For them if I will make indices with timestamp and create index pattern with that , then it will not be unique and per day logs , will take one pattern and then it will be of no use to my Engineers.

Now , currently in my scenario index pattern is being created but that has to be done manually by going it to dev and run query for indices and then checking which new index is created and them create index pattern on that indice using Management tab.

Then using discover tab we can see the log which is uploaded and can built dashboard with that.

Now, talking about creation of the dashboard URL and include the required filter.This is what I was trying to do setting prest filters , but I don't know how to generalized that , so that everytime when I upload logs that particular index pattern- taking the random value
apache_elatsic_example+random+

to be created and logs are read.

Need help with that..

Thanks


(Nivedita Singh) #4

Hi Guys!!
Still stuck here any help or pointer will be appreciated.

Thanks
Nivedita


(system) #5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.