Hi All,
I am sending custom syslog data from a server to elasticsearch using fluentd. I am able to see the data in table visualisation. But when I try to go for Line or any other visuzlization I am not able to place the date field or any other field which is a string into the Y axis.
This is the sample log.
{"date":"Feb 3 17:26:36","server":"xx","error":"augenrules: failure 1"}
{"date":"Feb 3 17:26:38","server":"xx","error":"NetworkManager[830]: [xx] manager: rfkill: WiFi enabled by radio killswitch; enabled by state file"}
{"date":"Feb 3 17:26:44","server":"xx","error":"Unit metricbeat.service entered failed state."}
{"date":"Feb 3 18:01:44","server":"xx","error":"rtprocess[4815]: (RTI rtscantask[6106]@xx)#app#ClsRtdb_query_attr.cpp#931#ClsRtdbAttrTbl::fetchScalarVal(): Failed to fetch scalar value because failed to convert address to number address."}
I have 3 fields here.
- date
2.server
3.error
All I want to show is in X-axis I need a date field and in Y axis I need server names and I want to aggregate the errors in between using a dot/line visualisation. When the mouse mouse hovers it should be abe to show the error message.
Can someone please advise on how this can be done?