Kibana Visualize - Field not showing

jim1044 · May 23, 2017, 12:20am

Hi everyone,

I'm still new at this so please forgive me. I am attempting to visualize some data in Kibana by using:
Data Table > Split Row > Aggregation > Terms.

The problem here is I am unable to locate "event_data.CommandLine" from the "Field" drop down

I can confirm that "event_data.CommandLine" does exist as I am able to show logs picking this field up:

I've also gone into the Management > Index Patterns.....showing this field exists.

Can anyone help me out in getting this field displayed in the Visualize menu?

Thanks everyone!

Jai_Prakash_Bhardwaj · May 23, 2017, 6:28am

Hi Jim,

I encountered the same issue, not sure if the approach is right, but I mapped the fields to keywords, or use the raw multifield mapping,

PUT my_index
{
  "mappings": {
    "my_type": {
      "properties": {
        "city": {
          "type": "text",
          "fields": {
            "raw_city": { 
              "type":  "keyword"
            }
          }
        }
      }
    }
  }
}

reference link:
https://www.elastic.co/guide/en/elasticsearch/reference/current/multi-fields.html

and it worked for me.

Hope this helps you too

Best,
J

jim1044 · May 26, 2017, 1:11am

Thanks J, will give it a go!

system · June 23, 2017, 1:11am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Kibana Kibana	5	239	December 7, 2020
I just want to show a field. Why is this so hard? Kibana	4	324	July 30, 2018
Fields are not appearing at visualize section , index management section Kibana	6	354	August 20, 2018
Visualization - field not available for selection - Kibana Kibana	2	833	September 7, 2020
Problem with raw field Kibana	13	6654	July 6, 2017

Kibana Visualize - Field not showing

Related topics