堆栈内存溢出
  简体   繁体   English

Kibana - 如何将日志显示为表格

[英]Kibana - How to display log as table

 原文  2015-04-16 10:08:10       elasticsearch/ kibana/ kibana-4

问题描述

I'm testing Kibana 4 for a project.我正在为一个项目测试 Kibana 4。

I have created an index from my database table which is composed by 3 fields:我从我的数据库表中创建了一个索引,它由 3 个字段组成:

  1. Date日期
  2. User用户
  3. Action行动

I would like to display my index as a simple table (3 column, N rows) in my dashboard.我想在仪表板中将我的索引显示为一个简单的表格(3 列,N 行)。

I tried to use "Data table" visualization but I can't find a way to display my results without any Metrics (Count, Sum etc...)我尝试使用“数据表”可视化,但我找不到一种方法来显示没有任何指标(计数、总和等...)的结果

Maybe is pretty simple and I missed something... is there a way to do this?也许很简单,我错过了一些东西......有没有办法做到这一点?

Regards,问候,

4 个解决方案

解决方案1
 161 已采纳  2015-04-16 15:50:08

On the Discover tab, create a view that has just the fields you want and then save that as a search.在“发现”选项卡上,创建一个仅包含所需字段的视图,然后将其保存为搜索。

On the Dashboard tab, click on Edit then hit the + Create new button to add a widget, but if you look at the top, there's a Searches tab.在仪表板选项卡上,单击编辑,然后点击+ Create new按钮以添加小部件,但如果您查看顶部,则会有一个搜索选项卡。 Select that and add your saved search in.选择它并添加您保存的搜索。

解决方案2
 20  2019-11-16 23:01:31

[Elastic 7.x / 2019 Update] [Elastic 7.x / 2019 更新]

I was a bit confused when I read @Alcanzar's answer so I am sharing a little more noob-friendly step-by-step how-to here :当我阅读@Alcanzar 的回答时,我有点困惑,所以我在这里分享了一些对新手友好的分步操作方法:

  • STEP 1 : Create the Index Pattern第 1 步:创建索引模式

  • STEP 2 : Go to the Dashboard view, and create a view on your index第 2 步:转到仪表板视图,并在您的索引上创建一个视图
    Select each column you want to include/add in your view by clicking "add" on it ( The confusing part is that until you do that, you will have a "scrambled" view listing everything in a jumbled way. )通过单击“添加”来选择要包含/添加到视图中的每一列(令人困惑的部分是,在您这样做之前,您将拥有一个“杂乱无章”的视图,以混乱的方式列出所有内容。

  • STEP 3 : Go to the Dashboard view, and create a view on your index第 3 步:转到仪表板视图,并在您的索引上创建一个视图

The trick is to select the specific columns you want to include... and voila !诀窍是选择您想要包含的特定列……瞧!
Don't forget to save your view, this will help a lot in the process.不要忘记保存您的视图,这在此过程中会有很大帮助。

解决方案3
 12  2020-06-11 22:07:03

In Kibana 7.5.0 you can do it as follows:在 Kibana 7.5.0 中,您可以按如下方式进行:

  1. Go to Discover section转到发现部分在此处输入图片说明
  2. Select fields you are interested in选择您感兴趣的领域在此处输入图片说明
  3. Click on Save to save your discover search so you can use it in visualizations and dashboards单击保存以保存您的发现搜索,以便您可以在可视化和仪表板中使用它在此处输入图片说明 在此处输入图片说明
  4. Click on Dashboard and create a new dashboard单击仪表板并创建一个新的仪表板在此处输入图片说明 在此处输入图片说明
  5. Click on Add and select the panel单击添加并选择面板在此处输入图片说明 在此处输入图片说明
  6. There is no step 6没有第6步在此处输入图片说明

解决方案4
 0  2019-11-27 15:59:33

The accepted solution has its pros (if, for simplicity, you see your index as a table, this is the only way to deal with rows naturally ) but also cons (it allows the user to see too much information, by expanding the records that appear in the table; users cannot get an export of the values).公认的解决方案有其优点(如果为了简单起见,您将索引视为一个表,这是自然处理行的唯一方法)但也有缺点(它允许用户通过扩展记录来查看太多信息)出现在表中;用户无法导出值)。

So if you plan to build tables to use in reports seen by users which should not see everthing and may want to get exports of the data, I recommend a different (hacky) approach using Table visualizations:因此,如果您打算构建表格以用于用户看到的报告中,而这些报告不应该看到所有内容并且可能想要导出数据,我推荐使用表格可视化的不同(hacky)方法:

Say you have three columns A, B and C:假设您有三列 A、B 和 C:

  • If there are no duplicates considering the combined values of A and B, you can use these two vales as aggregation fields, and then set a Max or Top hit Metric for C.如果考虑到 A 和 B 的组合值没有重复,您可以将这两个值用作聚合字段,然后为 C 设置 Max 或 Top hit Metric。

  • If even A, B and C have duplicates, then you can use the three of them as aggregation fields and add a Metric count, that will give you the number of repeated rows.如果即使 A、B 和 C 也有重复项,那么您可以将它们中的三个用作聚合字段并添加一个 Metric 计数,这将为您提供重复行的数量。 This solution makes somehow sense, because instead of repeating the same row 'n' times you just tells you should have repeated 'n' times that row.这个解决方案在某种程度上是有意义的,因为不是重复同一行“n”次,而是告诉你应该重复该行“n”次。

  • If A and B have duplicates but A, B and C are unique, then there is, afaik, no elegant solution.如果 A 和 B 有重复项,但 A、B 和 C 是唯一的,那么肯定没有优雅的解决方案。 You have to use the three of them as aggregation fields, but then you would have a dummy metric at the end (eg count, always equal to 1).您必须使用它们中的三个作为聚合字段,但是最后您将有一个虚拟指标(例如计数,始终等于 1)。

Why?为什么? why do we have to go through all of this?为什么我们要经历这一切? that is another question...那是另一个问题...

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在kibana中查看日志 - How to view log in kibana 如何登录kibana? - How do I log into kibana? 如何在Kibana中显示2项图 - How to display a 2 terms graph in Kibana 使用Kibana在表中显示2个不同的查询结果 - Display 2 different query results in table with Kibana 如何获取Kibana的日志表单仪表板的详细信息 - How to get details of log form dashboards of kibana Kibana 4:如何在Kibana仪表板中获取和显示MySQL数据? - Kibana 4:How to fetch and display MySQL data in Kibana dashboard? 如何从Web站点使用Elastic&Kibana收集日志和收集日志 - How to collect log and gathering log with elastic & kibana from WEBSITE kibana logstash表基于日志级别的行颜色 - kibana logstash table row color based on log level 如何在Kibana中显示数据而不进行汇总? - How to display data without aggregation in Kibana? 如何在Kibana中更新日期显示格式? - How to update date display format in kibana?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM