Hey all,
I am VERY new to ELK, and I am having an issue.
I am moving logs into Elasticsearch via Logstash and Grok. This breaks my logfiles up, how ever when I want to use the Kibana Vizualization (pie chart) and need to select the Term I am looking for, none of the Logstash filtered terms are appearing. Any help would be apprecated.
Kevin
Is the missing field getting put into the document that is stored in logstash? Add the following to your logstash configuration file
stdout { codec => json }
}```
This will show you what is getting stored in elasticsearch. Make sure your field is in here.
Nathan© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.