Hi everyone,
I'm still new at this so please forgive me. I am attempting to visualize some data in Kibana by using:
The problem here is I am unable to locate "event_data.CommandLine" from the "Field" drop down
I can confirm that "event_data.CommandLine" does exist as I am able to show logs picking this field up:
I've also gone into the Management > Index Patterns.....showing this field exists.
Can anyone help me out in getting this field displayed in the Visualize menu?
Thanks everyone!
Hi Jim,
I encountered the same issue, not sure if the approach is right, but I mapped the fields to keywords, or use the raw multifield mapping,
PUT my_index
{
"mappings": {
"my_type": {
"properties": {
"city": {
"type": "text",
"fields": {
"raw_city": {
"type": "keyword"
}
}
}
}
}
}
}
reference link:https://www.elastic.co/guide/en/elasticsearch/reference/current/multi-fields.html
and it worked for me.
Hope this helps you too
Best,
Thanks J, will give it a go!
system
June 23, 2017, 1:11am
4
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
