elasticsearch - How to enable sort on a field in kibana? -
in logstash parsing out microseconds apache logs, how sort on field in kibana?
here filter logs :
if [type] == "apachelogs" { grok { break_on_match => false match => { "message" => "\[%{httpdate:apachetime}\]%{space}%{notspace:verb}%{space}/%{notspace:apacherequested}" } match=> { "message" => "\*\*%{number:seconds}/%{number:microseconds}" } add_tag => "%{apachetime}" add_tag => "%{verb}" add_tag => "%{apacherequested}" add_tag => "%{seconds}" add_tag => "%{microseconds}" } }
as long logstash parsing field want sort on, is, has no impact on ability sort in kibana.
to sort in kibana, in discovery view, add field microseconds (or field want sort on). can sort on field, using arrow near field name.
Comments
Post a Comment