Hello,
I'm trying to create visualization on Kibana based upon referrer value from apache logs. Below is a sample log from apache access logs.
127.0.0.1 - - [20/May/2016:00:00:14 +0000] "GET /secure/queue/handleQueueIndex.do HTTP/1.1" 200 7127 1232 "http://localhost:8080/secure/queue/handleQueueIndex.do" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E)"
Grok pattern used:
%{COMMONAPACHELOG} %{NUMBER:time} %{QS:referrer} %{QS:agent}
Output based upon grok pattern:
"_source": {
"referrer": ""https://localhost:8080/secure/queue/handleQueueIndex.do"",
}
I want to parse referrer value and define mapping from it like below. Then create visualization on kibana based on timestamp, count and mapping values.
E.g (Key value pair)
/secure/queue -> queue manager
/secure/rules -> rule manager
Can someone help me in solving this problem or any example link?