0

I have nginx logs and i have this date format [02/Mar/2015:13:02:51 +0000]

What should i use in elasticsearch and what i should put in the dateformat field of Kibana4?

curl -XGET 'http://localhost:9200/_mapping?pretty'
{
"nginx" : {
"mappings" : {
"t07_nginx" : {
"properties" : {
"@timestamp" : {
"type" : "date",
"format" : "dateOptionalTime"
},
"body_bytes_sent" : {
"type" : "string"
},
"geoip_country_code" : {
"type" : "string"
},
"host" : {
"type" : "string"
},
"http_host" : {
"type" : "string"
},
"http_referer" : {
"type" : "string"
},
"http_user_agent" : {
"type" : "string",
"index" : "not_analyzed"
},
"http_x_forwarded_for" : {
"type" : "string"
},
"message" : {
"type" : "string"
},
"msec request_time" : {
"type" : "string"
},
"remote_addr" : {
"type" : "string"
},
"request_http_protocol" : {
"type" : "string"
},
"request_time" : {
"type" : "string"
},
"request_type" : {
"type" : "string"
},
"request_url" : {
"type" : "string"
},
"status" : {
"type" : "string"
},
"upstream_addr" : {
"type" : "string"
},
"upstream_response_time" : {
"type" : "string"
}
}
}
}
}

with the above i can't see any data(events) in Kibana

Thanks

Ayman Al-Shorman
  • 190
  • 1
  • 2
  • 18

1 Answers1

0

What does the input plugin for nginx/output plugin for elasticsearch in your fluentd config file look like?

Also, make sure you have your time range setup correctly in kibana. I believe it defaults to 15 minutes.

Cong Hui
  • 202
  • 5
  • 16
  • 1
    my issue with elasticsearch dateformat my dateformat is non standard **02/Mar/2015:13:02:51 +0000** @Cong Hui – Ayman Al-Shorman Mar 04 '15 at 10:16
  • ` format /^(?[^ ]*) - (?[^ ]*) - \[(? – Ayman Al-Shorman Mar 04 '15 at 11:41