hello, I try to create a graph but field is not available in the field section... I use winlogbeat (7.4) and I would like to count some specific event_id [image]

Kibana : field event_id not available in bucket (from winlogbeat)

dosant (Anton Dosov) April 20, 2020, 10:31am 2

Could it be that eventId field is not aggregatable?
To be able to make visualisations on it, you have to make sure it is aggregatable.

You could check that in Management -> Index Patterns section

If this is the case, here are useful threads on "how to make a field aggregatable":

Hope this is helpful.

Topic		Replies	Views
How to make a field aggregatable in Kibana Kibana	13	45279	July 20, 2017
Unable to make a field aggregatable in kibana Elasticsearch	27	10226	January 25, 2019
Unable to make a field aggregatable in kibana/ES Kibana	3	1474	February 8, 2019
How to aggregate particular field in kibana index Kibana	2	379	September 17, 2018
Can't make text field aggregatable Kibana	4	1115	January 31, 2022