I've updated ES template disabling '_all' field searching and set the
default field to search for as '@message'.
But now when I enter a search-string (from message part of a log) into
Kibana search bar, it doesn't return
any result. I will then have to modify the search as -
@message:"a_string_in_log_message"
to return the expected results. I mean, the query should return results
without including "@message:" along
with the search-string right? Please let me know and I'm attaching my
template also.
Did you modify the Primary_field setting in KibanaConfig.rb?
On Thursday, May 30, 2013 1:26:49 AM UTC-7, vims wrote:
I've updated ES template disabling '_all' field searching and set the
default field to search for as '@message'.
But now when I enter a search-string (from message part of a log) into
Kibana search bar, it doesn't return
any result. I will then have to modify the search as -
@message:"a_string_in_log_message"
to return the expected results. I mean, the query should return results
without including "@message:" along
with the search-string right? Please let me know and I'm attaching my
template also.
Did you modify the Primary_field setting in KibanaConfig.rb?
On Thursday, May 30, 2013 1:26:49 AM UTC-7, vims wrote:
I've updated ES template disabling '_all' field searching and set the
default field to search for as '@message'.
But now when I enter a search-string (from message part of a log) into
Kibana search bar, it doesn't return
any result. I will then have to modify the search as -
@message:"a_string_in_log_**message"
to return the expected results. I mean, the query should return results
without including "@message:" along
with the search-string right? Please let me know and I'm attaching my
template also.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.