hello, I try to create a graph but field is not available in the field section... I use winlogbeat (7.4) and I would like to count some specific event_id [image]

Kibana : field event_id not available in bucket (from winlogbeat)

dosant (Anton Dosov) April 20, 2020, 10:31am 2

Could it be that eventId field is not aggregatable?
To be able to make visualisations on it, you have to make sure it is aggregatable.

You could check that in Management -> Index Patterns section

If this is the case, here are useful threads on "how to make a field aggregatable":

Hope this is helpful.

Topic		Replies	Views
How to make a field aggregatable in Kibana Kibana	13	45232	July 20, 2017
Unable to make a field aggregatable in kibana Elasticsearch	27	10214	January 25, 2019
Unable to make a field aggregatable in kibana/ES Kibana	3	1474	February 8, 2019
Can't make text field aggregatable Kibana	4	1094	January 31, 2022
How to make a text field aggregate-able in Kibana Kibana	5	513	September 6, 2023