How to extract a field from message and create a visualization?

friscos · January 17, 2019, 1:22am

Hi,

I would like to extract a responsetime from message and create a visualization for the response time. How do i do that?

Here is how my message looks like:

{
"_index": "test",
"_type": "logs",
"_id": "pTylV93",
"_version": 1,
"_score": null,
"_source": {
"application-name": "test",
"@timestamp": "2019-01-17T01:10:55.297Z",
"level": "INFO",
"logger": null,
"@version": "1",
"message": "{ "Service":"ABC", "abcresponsetime":158,"Service":"XYZ","xyzresponsetime":340}",
"loggerName": "test",
"timestamp": "2019-01-17T01:10:54.842+00:00",
"unknownFields": {
"loggerName": "test"
}
},
"fields": {
"@timestamp": [
1547687455297
],
"timestamp": [
1547687454842
]
},
"sort": [
1547687454842
]
}

I am interested in creating the visualization for xyzresponsetime. Please advise.

Christian_Dahlqvist · January 17, 2019, 6:26am

This is something you should do before indexing your data into Elasticsearch, e.g. using Logstash or an ingest node pipeline. Trying to parse this out at query time will be expensive, slow and most likely not scale well.

system · February 14, 2019, 6:26am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Create response_time field from message field Logstash	1	285	December 26, 2018
Extracting substring from a field Kibana runtime	5	193	July 7, 2024
Create graph for a specific parameter from message against time stamp Kibana	2	1122	October 12, 2017
Extract Data from message to display each field as a column in kibana Logstash	10	10189	April 6, 2018
Trying to create a scripted field in Kibana Kibana	4	760	June 20, 2019

How to extract a field from message and create a visualization?

Related topics