Kibana adds filed - Codes Helper - Programming Question Answer

Kibana adds filed

Hello, everyone. I have been building an elk environment recently, but I have encountered a problem. My logstash agent output log is as follows:

{
         "level" => "WARN",
          "uuid" => "109933",
          "path" => "/usr/local/deploy/intelligent/logs/spring.log",
      "@version" => "1",
    "@timestamp" => 2018-11-14T09:37:47.483Z,
          "type" => "znpz",
     "timestamp" => "2018-11-14 17:37:31.345 ",
       "message" => "2018-11-14 17:37:31.345  WARN 109933 --- [AlarmTimer] c.c.i.service.Impl.ShowIpranServiceImpl  : ip:NeName = 1233-NGN-SW3-XZ-S9306-A",
          "host" => "ZNZD-CORE"
}

you want the level field to appear in the kibana management interface, but there is no display, such as screenshot

ask God for guidance
the specific configuration is as follows:

logstash agent:input {
    file {
        path => ["/usr/local/deploy/intelligent/logs/spring.log"]
        type => "znpz"
        discover_interval => "15"
        sincedb_path => "/opt/deploy/logstash-6.4.3/.sincedb"
        start_position => "beginning"
    }
}
filter {
    grok {
        match => { "message" => "%{DATA:timestamp} %{LOGLEVEL:level} %{DATA:uuid} %{DATA:message}" }
    }
}
output {
    kafka {
        bootstrap_servers => ["XXXX"]
        topic_id  => "znpz"
        compression_type => "snappy"
        codec => "plain"
    }
   stdout {}
}
logstash server :
input {
    kafka {
        bootstrap_servers => ["172.25.241.229:9092,172.25.241.230:9092,172.25.241.231:9092"]
        auto_offset_reset => "latest"
        topics => ["znpz"]
        codec => "plain"
        consumer_threads => "3"
        decorate_events => true
        type => "znpz"      
    }
}
output {
    elasticsearch {
        hosts => ["172.25.241.229:9200"]
        manage_template => false
        index => "logstash-%{type}-%{+YYYY.MM.dd}"
        document_type => "%{type}"
    }
}

really, need help!

Elk

Nov.15,2021

Is

not refreshed? There is a "Refresh" button in the upper right corner:

Previous: Is the performance of mysql: limit much worse than that of between or in?

Next: How does windows upload the folder to the linux server (upload by command)?

Why does the type of geo_point not take effect if a field in the logstash log is set?
the architecture is simple: filebeat collects nginx logs, output to logstash logstash format and then output to elasticsearch There is nothing to say about the configuration of filebeat but to send the access.log of nginx directly to logstash ...

Filebeat logstash elk elasticsearch kibana

Feb.28,2021
Type the visit record of the website into the text with slf4j. If you want to count the log data according to the difference, write it to mysql..
use slf4j to type log the visit record of the website into the text, and want to count the log data according to the difference. Is there any good plan for mysql, to write about ? Do I really have to write complex shell scripts, count them according to d...

Elk myql shell

Mar.10,2021
In ES, how to use templates for all fields under a field, and not for fields outside the field.
now is a scenario where there are 50 fields under field A, and these fields are of the same type as the parser. You don t want to specify one by one manually. You want to set the template. but I m afraid that setting a template will affect all field...

Elk elasticsearch

Mar.19,2021
How many inputs of filebeat nodes can logstash hold?
excuse me, A 4-core 8G machine with logstash, deployed on it can probably support several log input nodes of filebeat. If there is no message queue as buffer, do you have any experience in this field? similarly, how many logstash nodes can a 4-core ...

Filebeat elasticsearch logstash elk

Mar.21,2021
There is a string like\ x09\ x09\ x09 in the nginx log, which leads to the failure of logstash collection. Has anyone encountered and solved it?
there is a string like x09x09x09Version in the nginx log, which caused logstash to report an error when collecting Filter. Has anyone ever encountered the same problem and solved it? nginx log content: {"http_host": "xxxx", &quo...

Elk logstash

Mar.23,2021
Filebeat+kafka+logstash+es data storage exception
the configuration file is as follows: < hr > < H2 >-filebeat-< H2 > type: log enabled: true paths: var log nginx userapi.access.log json.message_key: true json.keys_under_root: true json.overwrite_keys: true tail_files: true fields...

Elk

Apr.24,2021
Can Filebeat.config.modules specify include_lines?
all the materials seen so far are filebeat.inputs: . Only under the include_lines attribute can be used for Filter log content. Such as filebeat.inputs: - type: log ... include_lines: [ ^ERR , ^WARN ] but now I don t open filebeat.inputs...

Elk filebeat

Jun.01,2021
Data from another index appears when ELK,kibana is given a matching pattern.
A beginner elk, sets up a log collection look and encounters doubts when presenting the data. my logstash has set up two pipeline,rabbitmq and two http input: input { rabbitmq { host => "rabbitmq" subscription_retry_interval_se...

Elk kibana logstash elasticsearch rabbitmq

Sep.16,2021
Es mapping mapping
I installed the elasticsearch-6.4.3 version I modified the mapping,properties of es to include the following fields es: ask for advice, thank you! ...

Elk

Nov.26,2021
Ask for help on the mapping setting of nested nested obj in elasticsearch
paste the document first: { "total": 5, "online": [ { "sid": "1101006", "total": 0 }, { "sid": "1101001", ...

Elk elasticsearch

Dec.21,2021
GET query, what is the difference between adding .keyword and not adding .keyword, and why there is no result
GET production-index-info index_info _search { "query": { "bool": { "minimum_should_match": 0, "must": [ { "term": { "is_resolved.keyword": "...

Elk elastic-search elasticsearch

Feb.23,2022
Can filter set dictionary matching in logstash? (similar to GeoIP)
problem description there is a requirement to get the accessed domain name IP from the log and want to match the type and Chinese name of the website in filter. the type and Chinese name of the website are stored in a database file, just like a dic...

Elk logstash elasticsearch kibana filebeat

Apr.07,2022
Is there a plug-in or solution for Kibana to implement permission control?
recently, I want to implement the permission control of Kibana, because Xpack and shield are charged. Is there any implementation of a custom plug-in? My main purpose is to implement the permission control of Kibana dashboard, otherwise anyone can edit a...

Elk

May.11,2022
Logstash is configured with grok, but kibana view does not take effect
Hello prawns! logstash: 100.97.73.229-- [19 Feb 2019:17:43:11 + 0800] "GET news-spread_index-138.html HTTP 1.1 " 7920 "- " Mozilla 5.0 (Linux; Android 8.1; MI 6X Build OPM1.171019.011; wv) AppleWebKit 537.36 (KHTML, like Gecko) Version 4.0...

Elk logstash regular-expression kibana

Jun.29,2022

MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1c24509-32c27.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1c24509-32c27.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?