如何将日志数据作为Kibana图值
[英]How to make logdata as Kibana graph value
问题描述
I am having a log file that gives a Duration : 10 with timestamp in my logfile. 
我有一个日志文件,在我的日志文件中提供了带有时间戳的Duration:10 。 When ia put a search field in kibana for duration, i am able to get a point coming in the graph whenever duration is coming in the log file. 当ia在kibana中放置持续时间的搜索字段时,只要持续时间在日志文件中出现,我就可以在图中得到一个点。 How can i get/set the value of a point at the graph. 我如何获取/设置图中点的值。
currently 目前
10:12:34 Duration :5 10:17:19 Duration :7
Whenever Duration is coming a point is coming in the graph.How to set the value at the particular timestamp to 7/10 or whtever is corresponding value for duration. 每当“持续时间”到来时,图表中就会出现一个点。如何将特定时间戳记上的值设置为7/10或如何将其设置为持续时间的相应值。
my logstash conf file is as follows 我的logstash conf文件如下
input {
file {
path => "C:/log.txt"
}
}
filter {
extractnumbers {
add_field => [ "Duration", "%{message}" ]
}
}
output {
stdout { codec => rubydebug }
elasticsearch {
embedded => true
}
}
2 个解决方案
解决方案1
1 2014-05-12 15:54:34
You want to do something like this: 您想做这样的事情:
grok {
match => ["message", %{TIME:time}.*%{NUMBER:duration}]
}
date { match => [ "time", "HH:mm:ss" ] }
解决方案2
0 已采纳 2014-05-29 08:55:34
This was able to fetch the data of type duration.I added the following filter in logstash.conf file. 这能够获取duration类型的数据。我在logstash.conf文件中添加了以下过滤器。 We can replace Duration with any field we want to extract. 我们可以用要提取的任何字段替换Duration。
filter {
extractnumbers {
add_field => [ "Duration", "%{message}" ]
}
}
In the kibana dash board we can extract corresponding values. 在kibana仪表板中,我们可以提取相应的值。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.