How can find my message part of log in elastic discover

Elastic Stack Kibana
1

This is a part of my log file

<log realm="channel/172.17.17.20:39190" at="2024-05-01T19:17:40.993">
  <send>
    <isomsg direction="outgoing">
      <!-- com.mie.gateway.packager.ShetISO87APackager -->
      <field id="0" value="0110"/>
      <field id="2" value="6219861970319108"/>
      <field id="3" value="330000"/>
      <field id="7" value="0501191740"/>
      <field id="11" value="255680"/>
      <field id="12" value="191740"/>
      <field id="13" value="0501"/>
      <field id="15" value="0501"/>
      <field id="32" value="585947"/>
      <field id="33" value="950001"/>
      <field id="37" value="412215255680"/>
      <field id="38" value="255680"/>
      <field id="39" value="00"/>
      <field id="41" value="123456  "/>
      <field id="42" value="000000000582431"/>
      <field id="44" value="ÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿÿ04�õþ¢15�þ¤�öÿ¥�¢ùÿ÷õþö"/>
      <field id="55" value=""/>
      <field id="62" value="5900000001132011199980A201813172.20.35.17600N018000000          00321B02B0FF5BD350E235066B907FA304FB32C9F12EF35E91B06DC522D48CF58E6854"/>
      <field id="102" value="611828005729498101"/>
      <field id="128" value="03B535A600000000" type="binary"/>
    </isomsg>
  </send>
</log>

Now it is sending to elastic and I can see in dataview but want to know how can find this log in discover dashboard ? Does it put in message field ? How can find out it is sending in one message to elastic ?

2

Would you please help me about it ?

3

What version?
How did you ingest the log?
What did the source log look like?
Did you account for Multi-Line when you ingested them?

You will need to go to Discover, and look at a few of the logs by opening them...

If you share what they look like perhaps we can help...

Otherwise we can not help much...

4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.