[Kibana] group by request?

Elastic Stack Elasticsearch
3

Thanks for the answer!
I think wasn't clear enough: all our log messages already have a requestID.
So if there was a grouping feature we'd apply it to that field.

I'm just wondering, how do you troubleshoot a issue of a user? When we see
a problem we look at all requests of that user in the GAE log viewer. Then
you quickly see requests that have non-200 status codes. Then we drill into
a request and see all logs of that request chronologically. While in
Kibana I can also look at all logs from a user ordered by time, but it's
not always completely clear which request log messages belong to. It's more
like one big stream.

My point is, you should really try out the Google App Engine log viewer -
then you would know what you are missing! :slight_smile:

Stephan

On Monday, December 22, 2014 7:38:26 AM UTC+1, Magnus Bäck wrote:

On Tuesday, December 16, 2014 at 10:03 CET,
stephanos <stephan...@gmail.com <javascript:>> wrote:

we are using Google App Engine to host our SaaS app. Google offers a
nice log browser but it is way too sloooow. So one of my colleagues
suggested we pipe our logs to logstash and make them accessible via
Kibana. So far so good, we managed to set everything up.
But when Kibana was shown to the other team members they weren't
really excited. It was much faster, yes. It allowed to make better
queries, yes. BUT it broke the pattern they knew from the Google App
Engine log browser:
/some-request
log message 1
log message 2
/another-request
log message 3
/yet-another-request
log message 4
While Kibana works like this:
log message 1 /some-request
log message 2 /some-request
log message 3 /another-request
log message 4 /yet-another-request
So basically App Engine groups log messages by request. To get my
team on board, can we make Kibana do the same?

Not out of the box, no. Kibana doesn't have any such contextual
understanding of messages and currently can't be configured as
such either.

--
Magnus Bäck | Software Engineer, Development Tools
magnu...@sonymobile.com <javascript:> | Sony Mobile Communications

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/8cbd90e7-5e12-4cd7-90d6-35f49dc44e1d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.