No fields available when creating logs threshold alert in Kibana

mattia.borini · January 5, 2023, 9:21am

Hi, I don't understand why I cannot find any field in the select when trying to create a Log Threshold Alert in Kibana (7.17).

I can see data in Discover

Ayush_Mathur · January 5, 2023, 3:40pm

@mattia.borini this is due to the fact that your index contains only single field called "log" which essentially has the whole message as string text. You need to parse the events as JSON first to have the {property:value } pairing. Once those pairings are stored in ES, you will see the property list in your available fields list and can be used for alerting or monitoring purposes.

system · February 2, 2023, 3:41pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Missing Fields when Creating Alert in Kibana Kibana elastic-stack-alerting	4	1285	July 27, 2021
Not able to create Alerts for log threshold Kibana elastic-stack-alerting	2	116	April 16, 2024
Problems with create Log threshold rule Kibana elastic-stack-alerting	2	797	December 30, 2021
Alerts and actions problems with log threshold and index threshold Kibana	1	307	May 5, 2022
Alert Message Data Kibana 8.3 Kibana elastic-stack-alerting	1	331	November 2, 2022

No fields available when creating logs threshold alert in Kibana

Related topics