I have older Kibana v5.6.4 running as a log aggregator, part of a custom ELK implementation. I have indexed log database and I can Search my logs based on my criteria. I can visualize my messages using that same search filter. I get a nice heatmap showing severity of the log messages during my time interval. However, when I click on a single heatmap element, I am presented with another filter to accept and when I do, I get another heatmap which shows nothing meaningful. What I want to do is to be able to get to individual messages showing up in a heatmap element. Each element may have 1-1000 or something messages, but I don't see way to select a heatmap element to get to the actual messages. A Search may have keywords such as
message:critical. I want to display results of the second search based on a heatmap element I chose which is represented by a time interval and severity. X-axis is Date Histogram, Y-axis is hostname and Split Chart is Severity in my case.
Any help would be greatly appreciated.