Log json in an array

Elastic Stack Kibana
1

Hello,

I am being asked to have the data as a table in kibana. I don't see what to do?

My input json logs:

{"indexName":"aaa-bbb","ip":"XXX.XXX.XXX.XXX","ipServer":"XXX.XXX.XXX.XXX","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0","email":"alain.delon@gmail.com","department":"AA/BB/CCC/DDD","httpVerb":"GET","url":"/aaa/bbb/01242227","completeUrl":"/aaa/bbb/01242227","httpStatus":200,"duration":20,"jetonHash":"07a4f17ec87baf92c09bafc8c53f87da","requestSize":-1,"size":0,"@timestamp":"2022-01-05T15:56:04.149652+01:00"}

Users want to have logs in KIBANA discover in the following form :

image
image782×408 11 KB

How to do ? Is that possible ?

Best regard

2

To see the log in kibana, you have to index the log to some Elasticsearch cluster where kibana can communicate with.

that json looks fit Elasticsearch index, you can index the log via Index API or Bulk API as long as a valid Elasticsearch cluster is running. You can also use some client such as Python Elasticsearch Client or some Beats. What is the problem now?

3

I can see the json logs in KIBANA's discover.

image
image1316×682 61.5 KB

Users ask me that the logs are displayed in table form in kibana!

I don't know if this is possible? If yes, how ?

4

oh, sorry for misunderstanding . The problem is how to visualize the existing data.

In Discover, there is very little room for customization. One thing you can do is try new Document Explorer and choose between Document Explorer and classic view.

You can try it from StackManagement > Kibana - Advanced Settings > Discover > Document Explorer or classic view.

image
image1996×1129 181 KB

5

sorry, I can't find !

image
image597×726 51.6 KB

6

The option seems for newer version of kibana.

7

you're right.

I installed the version in 7.16.3

thank you very much

1 Like
8

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.