Split a field value in a Visualization

Jonathan_Fernandez · March 8, 2023, 7:14pm

Hi everyone,

Currently I am trying to split the value of a field (an email) by the '@' in an "Aggregation Based - Data Table" visualization at Kibana, so the expected output for an email field with value name@domain.com would be:

field 1: name
field 2: domain

I have no access to filebeat, which I guess will be th eassiest way to do it, so I tried to apply a painless like substring script and a processor at Advance settings (the JSON script option within the Visualization), as expected, nothing worked.

It is possible to do such an split at this Kibana visualization (or another one) or I have to go to Logstash?

Thank you in advance!

mhoward · March 8, 2023, 7:33pm

Could you use an ingest pipeline? A dissect processor with a pattern something like %{name}@%{domain} would do the trick.

stephenb · March 9, 2023, 2:40am

Or two runtime fields depending what version you are on.

Jonathan_Fernandez · March 9, 2023, 7:37am

Thank you both guys! I'll add this change to Logstash then

system · April 6, 2023, 7:38am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Kibana Index - Splitting Index Values and Adding to New Field Logstash	14	922	August 25, 2020
Regex on filtered data on Kibana Kibana	8	339	February 8, 2023
How to split values from a column in a table in Kibana? Kibana	7	8984	September 25, 2019
Why is Kibana splitting my fields Kibana	3	1041	July 6, 2017
Split field in elastic Logstash	7	283	July 15, 2021

Split a field value in a Visualization

Related Topics