Howdy everyone,
I have events with the following structure in ES:
{
"_index": "logstash-2014.02.25",
"_type": "symantecav-logs",
"_id": "_5Hig6lPTUi2p-palnuplA",
"_score": null,
"_source": {
"message": [
"1393368016|0|2|5|3|69.16.1.13/UMTL300X.rtf|4|UMTL300X.rtf|39|192.168.23.7|17|0.167|18|0.232|43|192.168.25.22|44|9003|45|12133924"
],
"@version": 1,
"@timestamp": "2014-02-25T22:40:16.000Z",
"host": "antivirus1.domain.net",
"tags": [
"antivirus",
"test",
"boston"
],
"file": "/antivirus/log/SSE20140225.log",
"type": "symantecav-logs",
"typecode": "0",
"filename": "UMTL300X.rtf",
"client": "client.domain.net",
"scan duration": 0.167,
"connect duration": 0.232,
"extension": "rtf"
},
"sort": [
1393368016000,
1393368016000
]
}
My goal is to visualize the max and mean of the scan and connect duration
over time as a line graph within Kibana. Is this possible with the widgets
currently available? I've been trying out several but haven't had much luck
getting them to do what I'm looking for.
Here are are the ES queries I'm using on the Kibana dashboard:
type:"symantecav-logs" AND tags:"test" AND host:"antivirus1.domain.net"
type:"symantecav-logs" AND tags:"test" AND host:"antivirus2.domain.net"
thanks for any and all help you can lend to a neophyte such as myself!
-Dave
--
You received this message because you are subscribed to the Google Groups
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/elasticsearch/fc93669e-6d95-4f99-b00d-63ad997865d2%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
