We have installed kibana and elasticsearch on the same server and want to configure index on kibana but not able to create. Time-field not highlighted also getting error. “Unable to fetch mapping. Do you have indices matching the pattem?”
Do you have any indices in Elasticsearch?
Yes we have
[root@newmaillogs bin]# curl 'localhost:9200/_cat/indices?v'
health status index pri rep docs.count docs.deleted store.size pri.store.size
yellow open .kibana 1 1 1 0 2.5kb 2.5kb
yellow open @timestep 5 1 0 0 720b 720b
yellow open test 5 1 0 0 720b 720b
yellow open shakespeare 5 1 0 0 720b 720b
yellow open twitter 5 1 0 0 720b 720b
yellow open customer 5 1 0 0 720b 720b
[root@newmaillogs bin]#
Right, but you have no logstash-
type instances, and that is what it is telling you.
How we can create it? do you have any tutorial link
I have done with that but the Time-field still not showing.
[root@mail logstash]# bin/logstash -e 'input { stdin { } } output { stdout {} }'
2015-10-30T07:51:05.800+0000 mail.bw.ae
[root@mail logstash]#
[root@mail logstash]# curl 'localhost:9200/_cat/indices?v'
health status index pri rep docs.count docs.deleted store.size pri.store.size
yellow open .kibana 1 1 1 0 2.4kb 2.4kb
[root@mail logstash]#
Right, but you didn't send the event to Elasticsearch, so have a look at https://www.elastic.co/guide/en/logstash/current/advanced-pipeline.html
I have resolved it, now facing issue to creating graph for mail logs, like to sender, receive per hour mail sent from server. How to filter the mail logs?
It depends on how you have indexed the data into ES really.
There are few ready fields in kibana interface using that I tried to create graph but it is not clear.
For example,a mail log includes sender, receiver . I want to create a graph that how many emails each receiver received but some confusion there. If I use a ' message' files ( message="to=<" ) then it shows few things from the log but not gathering exact value that how may times the receiver received that email.
Do I need to create a field which will automatically gather count ?