I am new to Elastic .
I have setup like Filebeat->ES<-Kibana
Data is unformatted with single lines and multiple lines of logs and inserted into ES from Filebeat.
Based on multi line expression new line is inserted into ES successfully.
I need feature like some bookmark with predefined Api names from my logs...for eg api1 api2 .
Once I select api1 and give the search term in lucene kibana should show all the resutls for the API1.
Basically I am too lazy to search with "<< search word>>" AND "<< apiname >>"
in lucene.
Any pointers or tutorial will be really appreciated.
I explored kibana a bit , I think custom label is what i am looking for. But when I save it is not visible like other filters for eg msg,hostname etc.
I am using elastic 7.6
There's a couple of different ways of doing this. You could use a saved search Save a search | Kibana Guide [7.12] | Elastic . You could try entering the search and simply bookmarking it. You could also create a set of filters than you enable and disable.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.