Scripting fields in kibana-how to do it

Hey guys, i am trying to parse out one particular field from the message log, and include it in the index fields, i am relatively new to the kibana and confused between using the scripting fields or grok filters.
here is my log example : path:/xxxx/log/nginx.log type:xxxx @timestamp: @version:1 host:xxxx message: x.x.x.x x.x.x.x - - [11/Aug/2018:11:11:11 +0000] "GET /xxxxxxxxx HTTP/1.0" 200 35
i wanna parse out the http response code 200 and include it in the index pattern fields. Any help would be greatly appreciated. Thanks

You need to use Logstash and a filter (such as Grok) to do this. Once you used Logstash to create the fields and values you want (e.g. http_code:200) you can use Kibana to create some graphs.

In case of NGINX I think there are pre-made templates available for Grok that will do all the work for you.

do i need to give the number of the place where the http response is present, like here the message is already a field and i need to parse out a value inside the message field ,so do i need to give the place where the http response code is present or something like that

Have a look at this blog post which describes how to work with Logstash.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.