I have a website and an api who send logs to Elasticsearch. When an error occur on the website or the api, i would like to see every logs (website and api) of my user before that error (with kibana) by putting the user id in the search bar.
I tried to use Data Table and scripts but i didn't manage to achieve what i want and i really want to avoid to write a plugin. In my logs, i have the group id, the user id and the session id. I used these in the scripts and Data table.
The dashboard is based on two saved searches, one for all logs and one for error specific logs. The second bar chart is errors, and the table shows the top ip addresses in those errors (I don't have user ids in my data). You could then click on an ip address in that table to filter the dashboard by that ip, and adjust the time frame by brushing/dragging a selection on the bar chart that focuses on the time surrounding the error:
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
