Kibana 根据日志值计算唯一记录
[英]Kibana count unique records based on log value
问题描述
I want to create a Kibana metric for the unique users visiting my site.
我想为访问我网站的唯一用户创建一个 Kibana metric 。 I have an index collecting logs from a service in format我有一个索引,以格式从服务中收集日志
<date> <user1@gmail.com> - <log message> <client>
and I want to count unique user emails ignoring the rest of the fields.我想计算忽略字段的 rest 的唯一用户电子邮件。
Is it possible to do such a regex via some of the aggregations?是否可以通过一些聚合来做这样的正则表达式? Currently I was able to find only unique count based on some specific field which is not an option for me.目前,我只能根据某些特定字段找到唯一计数,这对我来说不是一个选项。
1 个解决方案
解决方案1
0 2021-02-21 19:14:42
You can create a separate field first:您可以先创建一个单独的字段:
- Either by using kibana scripted fields.通过使用 kibana 脚本字段。
- Or by using logstash mutate filter plugin.或者通过使用 logstash mutate filter 插件。
And then you can apply terms aggregation on data table visualization to achieve this.然后您可以在数据表可视化上应用术语聚合来实现这一点。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.