kibana fields

edit

kibana Module

kibana

edit

Module for parsing Kibana logs.

kibana.session_id

The ID of the user session associated with this event. Each login attempt results in a unique session id.

type: keyword

example: 123e4567-e89b-12d3-a456-426614174000

kibana.space_id

The id of the space associated with this event.

type: keyword

example: default

kibana.saved_object.type

The type of the saved object associated with this event.

type: keyword

example: dashboard

kibana.saved_object.id

The id of the saved object associated with this event.

type: keyword

example: 6295bdd0-0a0e-11e7-825f-6748cda7d858

kibana.add_to_spaces

The set of space ids that a saved object was shared to.

type: keyword

example: [default, marketing]

kibana.delete_from_spaces

The set of space ids that a saved object was removed from.

type: keyword

example: [default, marketing]

kibana.authentication_provider

The authentication provider associated with a login event.

type: keyword

example: basic1

kibana.authentication_type

The authentication provider type associated with a login event.

type: keyword

example: basic

kibana.authentication_realm

The Elasticsearch authentication realm name which fulfilled a login event.

type: keyword

example: native

kibana.lookup_realm

The Elasticsearch lookup realm which fulfilled a login event.

type: keyword

example: native

log

edit

Kafka log lines.

kibana.log.tags

Kibana logging tags.

type: keyword

kibana.log.state

Current state of Kibana.

type: keyword

kibana.log.meta

type: object

kibana.log.kibana.log.meta.req.headers.referer

type: alias

alias to: http.request.referrer

kibana.log.kibana.log.meta.req.referer

type: alias

alias to: http.request.referrer

kibana.log.kibana.log.meta.req.headers.user-agent

type: alias

alias to: user_agent.original

kibana.log.kibana.log.meta.req.remoteAddress

type: alias

alias to: source.address

kibana.log.kibana.log.meta.req.url

type: alias

alias to: url.original

kibana.log.kibana.log.meta.statusCode

type: alias

alias to: http.response.status_code

kibana.log.kibana.log.meta.method

type: alias

alias to: http.request.method