Question
I am using logstash to analyze multiple types of logs that have different structures. "prodlog" and "access_log" in the below.
Following is my logstash configuration:
https://stackoverflow.com/questions/21967813
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian input {
file {
type => "prodlog"
# Wildcards work, here :)
path => [ "/root/isaac/my_logs/*log*"]
start_position => "beginning"
}
file {
type => "access_log"
# Wildcards work, here :)
path => [ "/root/isaac/my_logs/access_logs/gw_access_log*"]
start_position => "beginning"
}
}
filter {
if [type] == "prodlog" {
grok {
type => "prodlog"
patterns_dir => "/root/isaac/logstash/patterns"
pattern => "%{TIMESTAMP_ISO8601:log_timestamp} %{LOGLEVEL:log_level}%{SPACE} \[%{JAVACLASS:class}\] %{DATA:thread} - .*"
}
}
if [type] == "access_log" {
grok {
type => "access_log"
patterns_dir => "/root/isaac/logstash/patterns"
pattern => "\[%{DATA:my_timestamp}\] %{IP:client} %{WORD:method} %{URIPATHPARAM:request} \[%{DATA:auth_data}\] \[%{DATA:another_timstamp}\] %{NUMBER:result_code} %{NUMBER:duration} %{NUMBER:bytes}"
}
}
}
output {
stdout { debug => true }
elasticsearch { embedded => true }
}
Is it possible from the Kibana GUI that comes built-in with elasticsearch to create multiple dashboards instead of having the whole data mixed in the same dashboard?
Ideally each dashboard would be accessed with its own URL from the kibana home page.
Thx in advance.
Solution
If you want to create a new dashboard, save the one that you are using with a different name. After that, if you click over the folder icon, you should see two dashboards, the one that you have before and the other that you have just saved.
I think it is like that to create new dashboards, but I can not access now to a Kibana to test.
