Kibana Visualize - Field not showing

jim1044 · May 23, 2017, 12:20am

Hi everyone,

I'm still new at this so please forgive me. I am attempting to visualize some data in Kibana by using:
Data Table > Split Row > Aggregation > Terms.

The problem here is I am unable to locate "event_data.CommandLine" from the "Field" drop down

I can confirm that "event_data.CommandLine" does exist as I am able to show logs picking this field up:

I've also gone into the Management > Index Patterns.....showing this field exists.

Can anyone help me out in getting this field displayed in the Visualize menu?

Thanks everyone!

Jai_Prakash_Bhardwaj · May 23, 2017, 6:28am

Hi Jim,

I encountered the same issue, not sure if the approach is right, but I mapped the fields to keywords, or use the raw multifield mapping,

PUT my_index
{
  "mappings": {
    "my_type": {
      "properties": {
        "city": {
          "type": "text",
          "fields": {
            "raw_city": { 
              "type":  "keyword"
            }
          }
        }
      }
    }
  }
}

reference link:
https://www.elastic.co/guide/en/elasticsearch/reference/current/multi-fields.html

and it worked for me.

Hope this helps you too

Best,
J

jim1044 · May 26, 2017, 1:11am

Thanks J, will give it a go!

Topic		Replies	Views
Can’t see all fields when Visualize->Aggregation->Terms is selected in Kibana Kibana	2	749	January 9, 2018
Cann't Visualize certain term in kibana data table Kibana	2	1434	February 17, 2017
Fields not displaying in visualize Kibana	3	12909	June 25, 2018
Kibana doesn't show .keyword field under fields dropdown Kibana	4	3436	August 26, 2020
I just want to show a field. Why is this so hard? Kibana	4	367	July 30, 2018

Kibana Visualize - Field not showing

Related topics