Dhinesh Prabakaran
Reputation: 21
Parsing JSON data into separate fields in Kibana
We have an EKS cluster and an ELK stack to monitor the cluster. The logs from the cluster is shipped via Fluentbit. The requirement is to make the log message into separate fields in Kibana so that it becomes easier to filter and create dashboards out of it. If supposing the logs are made into a JSON file, could someone suggest a solution to make the key-value pairs in JSON into separate fields in Kibana?
Upvotes: 0
Views: 2743
Answers (1)
Paulo
Reputation: 10346
Tldr;
There are multiple ways to go about it.
This is not an extensive list, but those are the one I know about.
Solution
Ingest pipeline
Create a pipeline
PUT _ingest/pipeline/pipeline_json_parser
{
"description" : "json parser pipeline",
"processors" : [
{
"json" : {
"field" : "string_source",
"target_field" : "json_target"
}
}
]
}
Test the pipeline
POST /_ingest/pipeline/pipeline_json_parser/_simulate
{
"docs": [
{
"_index": "index",
"_id": "id",
"_source": {
"string_source": "{\"a\":\"b\"}"
}
}
]
}
Set the pipeline as default on an index
And you are all set.
Upvotes: 1
Related Questions
- is there a way to make an array of words in python?
- How can I generate a list of possible 'words' when all I know is the number of letters of each word in Python?
- Is there a library containing an array of many words for use in python?
- how to input words to make a list of words in python?
- Words generating in Python
- How to create an array of strings by using array module?
- How to pass words to an array not single characters - Python
- How to create a two-dimensional array of words of sentences from text in python?
- Simple code to generate a wordlist of specific type
- Make a dictionary consisting of index of words in python 3