Kibana Dashboard Exchnage Message Tracking

teejayuu · June 14, 2017, 8:17am

Hi all,

I am trying to create a Windows 2012 R2 ELK server to analyse Exchange Message Tracking logs by following the guide at https://elijahpaul.co.uk/analysing-exchange-2013-message-tracking-logs-using-elk-elasticsearch-logstash-kibana/ . I have managed to get the logs into Kibana. I now need to get create the Dashboard.

I know that this guide is using an older version of the ELK stack, and that the gist supplied in the guide is incompatible with ELK version 5.3.2. I am not familiar with gist, but think I have managed to decode it, but am unsure on how to recreate it in Kibana.

My guess is that it goes into the kibanaSavedObjectMeta.searchSourceJSON, optionsJSON & panelsJSON sections of Management > Saved Objects > Edit Dashboard. My issue is what parts go where and how do I write them...

I have seen numerous questions regarding this but no solutions posted. So, my questions are

Is there anybody who has done this that is willing to share their work?
Are there any guides to editing these sections (language/syntax/etc)?

Thanks
Tony

spalger · June 14, 2017, 4:59pm

Sorry, but there is no was to say how visualizations should map between kibana 3 and kibana 4/5.

I suggest starting with the visualize app and trying to recreate the visualizations with the UI rather than trying to understand the internal representation of these objects.

system · July 12, 2017, 4:59pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.