Hi Guys..
After lot of struggle finally we are able to extract the fields from raw event logs and we are getting the events as per our requirement in Kibana Discover tab. We have 2 fields that is “Certificate” (which contains certificate names) and “Days_Remaining”(which shows the number of days left for certificate expiry) . Now we want them to put in a tabular format dashboard, hence we are very new to this ELK we are starting with a simple dashboard by just saving this search and open it in Visualize tab. We are able to see the data as expected but we need these modifications done on that.
We need to sort this table in descending order as per the field “Days_Remaining” as the table is in random format.
Note : We have something called “sort” query in splunk but we are not finding it in Kibana
We need to rename the “Time” field to something else or we want to rename it.
Hi Nathan,
Thanks, but we get only "Remove Column" and "Move Column to the right or left" options while mouse over the column header of these fields (These fields are created by me using Grok filter in logstash.json file), but we can see this option "sort by" UI popping out successfully for other fields which are created by default in kibana like @timestamp, event_id, beat_version, record number, _index etc... So now the question is how to enable this "sort by" UI on fields which are created by us using grok filter. Please advise.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
