Menu
I am trying to read log files using logstash. I used grok to parse a number in the message into a number and store it as a field. But as far i see, i only got Kibana to graph the number of times a message occured over time.
I didnt have any luck using Kibana to graph more than just the number of times a message occurs.
Example of my message :
1) "JvmStatsLoggerService - gc count: 58"
2) "JvmStatsLoggerService - gc time: 2392 ms"
I extract/create COUNT and TIME fields to store the corresponding values 58 and 2392..I want to graph the different values of COUNT and TIME over the last 5mins or 10mins rather than the number of times they occured in the log files over time.
Tried it on the live demo but on my kibana localost console i get this error
Oops! ClassCastException[org.elasticsearch.index.fielddata.plain.PagedBytesIndexFieldData cannot be cast to org.elasticsearch.index.fielddata.IndexNumericFieldData]
Any help is greatly appreciated.
648
Your elastic search index does not know that count and time fields are integers.
The easiest way to make it aware of type is to specify type in grok pattern (notice last :int)
grok {
match => ["message", "%{INT:timeout:int}"]
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
