Timelion expression

Elastic Stack Kibana
1

**

Timelion expression required

**

Hi All,
Below is the log format in our organisation, please let me know the expression for creation of TIMELION which can show us the graph of Response code : 200

Thanks in advance.

LOG:

@timestamp December 11th 2018, 13:06:36.000
t _id xxxxxxxxxxxx
t _index xxxxxxxxxxxx
# _score -
t _type nginx-logs
t agent xxxxxxxxxxxx
t appid nginx
# bytes 46
t domain xxxxxxxxxxxx
t fields.bank xxxxxxxxxxxx
t fields.env Production
t host xxxxxxxxxxxx
t message xxxxxxxxxxxx
# proc_time 0.022
t remote_ip xxxxxxxxxxxx
t request xxxxxxxxxxxx
t response 200
t source xxxxxxxxxxxx
t tags xxxxxxxxxxxx
t timestamp 11/Dec/2018:13:06:36 +0530
t upstream_addr xxxxxxxxxxxx
t user_agent.build
t user_agent.device Other
t user_agent.major 40
t user_agent.minor 0
t user_agent.name Firefox
t user_agent.os Windows 7
t user_agent.os_name Windows 7
t verb GET
2

Hi, the expression will depend on what you want to visualize. Please see the following references as a starting point:

https://www.elastic.co/guide/en/kibana/current/timelion.html

Your initial expression to filter to 200 response code may look something like this:
.es(q='response:200')

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.