Split a field value in a Visualization

Jonathan_Fernandez · March 8, 2023, 7:14pm

Hi everyone,

Currently I am trying to split the value of a field (an email) by the '@' in an "Aggregation Based - Data Table" visualization at Kibana, so the expected output for an email field with value name@domain.com would be:

field 1: name
field 2: domain

I have no access to filebeat, which I guess will be th eassiest way to do it, so I tried to apply a painless like substring script and a processor at Advance settings (the JSON script option within the Visualization), as expected, nothing worked.

It is possible to do such an split at this Kibana visualization (or another one) or I have to go to Logstash?

Thank you in advance!

mhoward · March 8, 2023, 7:33pm

Could you use an ingest pipeline? A dissect processor with a pattern something like %{name}@%{domain} would do the trick.

stephenb · March 9, 2023, 2:40am

Or two runtime fields depending what version you are on.

Jonathan_Fernandez · March 9, 2023, 7:37am

Thank you both guys! I'll add this change to Logstash then

system · April 6, 2023, 7:38am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Split Function in Painless Kibana	2	1355	November 20, 2019
Kibana Index - Splitting Index Values and Adding to New Field Logstash	14	922	August 25, 2020
Regex on filtered data on Kibana Kibana	8	344	February 8, 2023
Using painless script split(string) don't work Kibana	7	23343	August 3, 2017
How to split values from a column in a table in Kibana? Kibana	7	9028	September 25, 2019

Split a field value in a Visualization

Related topics