Kibana - showing related data in a dashboard

Hi there,

I've got some data sources being parsed and written into EL from
logstash, and it would be great to report on additional metadata
related to the record stored in EL. e.g. for a network flow record,
reporting information like the BGP AS (Autonomous System) name related
to the source and destination IP.

I can add this info to each record from Logstash and store in EL, but
it seems redundant to store this data over and over when it could be
looked up in realtime from another data source.

Can such a thing be done with Kibana or does it require a more custom
approach reading directly from EL?

Thanks,

Chris

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/20141127060435.GA29723%40cgb-linux.rcmb.lan.
For more options, visit https://groups.google.com/d/optout.

That'd be a custom job as KB just pulls and displays data from ES, assuming
it has everything in the doc.

On 27 November 2014 at 17:04, Chris Bennett chris@ceegeebee.com wrote:

Hi there,

I've got some data sources being parsed and written into EL from
logstash, and it would be great to report on additional metadata
related to the record stored in EL. e.g. for a network flow record,
reporting information like the BGP AS (Autonomous System) name related
to the source and destination IP.

I can add this info to each record from Logstash and store in EL, but
it seems redundant to store this data over and over when it could be
looked up in realtime from another data source.

Can such a thing be done with Kibana or does it require a more custom
approach reading directly from EL?

Thanks,

Chris

--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an
email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/20141127060435.GA29723%40cgb-linux.rcmb.lan
.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CAF3ZnZnOy91obDj%3DsDvNSfqmLcKj9nbTKBtxZ%3D8RW5BdxNb3gw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

That'd be a custom job as KB just pulls and displays data from ES,
assuming it has everything in the doc.

Thanks Mark - was suspecting that was the case.

The only problem I've found with my playing with ELK thus far is the
sheer explosion of ideas about what I can do to visualise & report on
all the data I'm ingesting... :slight_smile:

Regards,

Chris

--
You received this message because you are subscribed to the Google Groups "elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email to elasticsearch+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/20141127063751.GB29723%40cgb-linux.rcmb.lan.
For more options, visit https://groups.google.com/d/optout.