...
Field | Description | Notes | ||
---|---|---|---|---|
Widget label | ||||
When records are ingested, there are two modes: "streaming: true", and "streaming: false" The "View Live" and "View Saved" toggle buttons on the widget toolbar toggle between viewing of these two modes. | ||||
The "Community Filter" toggle is by default "Off" meaning that the list of communities in the main GUI is ignored. If "On", only currently selected communities are scanned.
| ||||
The data types viewed can be selected using the three "Show:" toggles: Logs: Show records harvested using the Logstash extractor Custom: Shows the results of custom jobs that have been configure with "$output.indexMode": "custom" The custom fields get given "_type": "custom", and "sourceKey": <"custom:" then the custom job title> Docs: Shows a subset of "normal" (Infinit.e) documents. |
| |||
Add Doc Query | Adds the query from the main Infinit.e GUI to the Record Analyzer query bar. |
About the Kibana GUI
Info |
---|
Note that it is out of scope of this documentation to define the fields of th eKibana GUI. For more information, see the Kibana documentation. |
Only the following fields are (currently) visible in the "Table" view (eg "All Events"):
Field | Description | Note |
---|---|---|
"message" |
from the title |
@timestamp" |
from publishedDate |
"url" |
"displayUrl" |
"tags" |
"type" |
from mediaType |
(Entities and assocations associations use "nested" fields, which Kibana does not currently support).
Note that fields Fields configured to be non-indexed by the harvester (eg Search index settings pipeline element) cannot be viewed
...