Hi,
I am trying to create visualization that show per specific log the count of ERROR, WARN & INFO messages.
I have tried to create the json input for getting all to message filed that contains [ERROR] but it did not show any.
How can I make it?
Thanks,
Yaniv
You can add the error type bucket to your aggregtation
or use the filter aggregation as a bucket in your viz
It gives me results while Discovering: 
Does not it means it text?
Yes if it gives results on discovery it should give same in viz
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
