im new in elastic stack and want to try out something. I have Pexip Logs below, my issue is that the duration is not recognized as a Field (in Kibana), I would like to have the duration value so i can calculate the average duration of the video calls and visualize it. Please help me. I got told that I need to ask here and that it has to do with the grok filter, what filter would I need for my logs?
In order to use the Duration field as a number you need to create a mapping for your index which set the field to float. While you're at you can set the host field to type ip.
Not sure which version you are using but here is the doc:
Can you give me a put command for mapping my logs above, where do I set the command, in Kibana, DevTools?
Since you probably have daily or monthly indexes you'll want to set this via an index template.
As for how to parse the log in the first place, use a grok filter to extract timestamp, hostname etc, then use a kv filter to process the message part with the key="value" pairs.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.