Would like to create a visulization that show ERROR, WARN and INFO

111363 · September 2, 2020, 8:30am

Hi,

I am trying to create visualization that show per specific log the count of ERROR, WARN & INFO messages.
I have tried to create the json input for getting all to message filed that contains [ERROR] but it did not show any.

How can I make it?

Thanks,
Yaniv

ylasri · September 2, 2020, 8:36am

You can add the error type bucket to your aggregtation

or use the filter aggregation as a bucket in your viz

111363 · September 2, 2020, 9:50am

Tried:

What do I do wrong?

ylasri · September 2, 2020, 9:56am

That should work if the field message is mapped as text

111363 · September 2, 2020, 10:02am

It gives me results while Discovering:

Does not it means it text?

ylasri · September 2, 2020, 10:04am

Yes if it gives results on discovery it should give same in viz

system · September 30, 2020, 10:04am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.