Parse log data as metric to create visualization

Hi Community,
Good day!

I am trying to create chart visualization for fields which I extracted for one of the data sets but while creating the visualization it is taking count of documents instead of values which are extracted for the field. So, can you please guide me how to create a visualization for values which are extracted for fields.

Ex: below is my log
<14>Apr 4 12:08:04.332 gateway SSG[327]: INFO com.l7tech.server.policy.assertion.ServerAuditDetailAssertion: -4: API Name = Fetch/Remove | Service URI = /addusers/nanda | Latency = 9 | Total Time = 14 | Request = | Request URL = http://xx.xx.xx.xx:8080/addusers/nanda | Client IP = xx.xx.xx.xx | Routing URL = | Request Method = PUT | Response = | Response Status = 405 | Error Message = {\r\n "error": "invalid_request",\r\n "error": "Method PUT not allowed!"\r\n}

Fetching fields: Latency, Total Time

I need to create chart visualization for Latency and Total Time.

Regards,
Eshwar

Hi @Eshwar_K,

Can you confirm the type of this field is text? How are you ingesting this data into Elastic (agent, beat or other)?

Depending on the ingestion method you could use processors to create additional fields for latency and total time from the log entry that can be used by your visualization. Alternatively you could try using runtime fields with script logic to pull out the values.

Hope that helps!