Logstash fields merge

Elastic Stack Kibana
1

Two event's of postfix-mail log fields are below.:

source: /var/log/mail.log
postfix_queueid":24C4C681F19
host: mail
program: postfix/amavis/smtp
postfix_to: jhon@gmail.com
time: 10:53:30
postfix_status: sent
postfix_delay: 2.1
postfix_relay_ip: 127.0.0.1
postfix_delay_in_qmgr: 0.01

source: /var/log/mail.log
postfix_queueid: 24C4C681F19
postfix_size: 8209
host: mail
time: 10:53:30
program: postfix/qmgr
postfix_from: salam@gmail.com

But I need a complete information. like from, to, status etc in kibana dashboard.
khsjkd

How can I do it?

I need help.
Thanks.

1 Like
2

Hey @abu.sayeed you can add a Saved Search to your Dashboard that will be very similar to the results that you see in Discover, that will contain the fill source of the documents in Elasticsearch.

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.