...
| Field | Description | Notes | ||
|---|---|---|---|---|
 | Widget label | |||
 | When records are ingested, there are two modes: "streaming: true", and "streaming: false" The "View Live" and "View Saved" toggle buttons on the widget toolbar toggle between viewing of these two modes. | |||
 | The "Community Filter" toggle is by default "Off" meaning that the list of communities in the main GUI is ignored. If "On", only currently selected communities are scanned.
| |||
 | The data types viewed can be selected using the three "Show:" toggles: Logs: Show records harvested using the Logstash extractor Custom: Shows the results of custom jobs that have been configure with "$output.indexMode": "custom" The custom fields get given "_type": "custom", and "sourceKey": <"custom:" then the custom job title> Docs: Shows a subset of "normal" (Infinit.e) documents. |
| ||
| Add Doc Query | Adds the query from the main Infinit.e GUI to the Record Analyzer query bar. |
About the Kibana GUI
| Info |
|---|
Note that it is out of scope of this documentation to define the fields of th eKibana GUI. For more information, see the Kibana documentation. |
Only the following fields are (currently) visible in the "Table" view (eg "All Events"):
| Field | Description | Note |
|---|---|---|
| "message" |
from the title |
| @timestamp" |
from publishedDate |
| "url" |
| "displayUrl" |
| "tags" |
| "type" |
from mediaType |
(Entities and assocations associations use "nested" fields, which Kibana does not currently support).
Note that fields Fields configured to be non-indexed by the harvester (eg Search index settings pipeline element) cannot be viewed
...