I created a test json log file and sent it to my elasticsearch by using filebeat.
aftet that, I created index pattern for it and tryping to query in "Discover" menu.
it seems like all my json data is stored in "message" field. is there any way to query them in "Discover"
menu?? (such as message.id:77777)
or should I reindex them and store them to root position?
@timestamp:
November 16th 2018, 17:39:56.311
message:
{ "id": "77777", "title" : "JIN WOO PARK", "year":2018, "genre":["Action", "Comedy"] }
prospector.type:
log
input.type:
log
beat.name:
Jinui-MacBook-Pro.local
beat.hostname:
Jinui-MacBook-Pro.local
beat.version:
6.4.2
host.name:
Jinui-MacBook-Pro.local
source:
/Users/jinwoopark/Jin/json_files/testJson_2.log
offset:
111
_id:
WgitG2cBEkCi-1zRPa_m
_type:
doc
_index:
movie_2-6.4.2-2018.11.16
_score:
-