【发布时间】:2020-12-22 20:08:27
【问题描述】:
我是 kibana 的新手,目前我正在使用 aws waf,并且我正在使用 kibana 来可视化我的 waf 日志。但我在时间戳格式中遇到问题,它是数字格式而不是日期格式。
我尝试添加 _timestamp 格式,但由于时间戳错误,日志没有显示。 谢谢。
样本日志
{"timestamp":1608166564696,"formatVersion":1,"webaclId":"arn:aws:wafv2:ap-southeast-1:regional/webacl/***/","terminatingRuleId":"Default_Action" ,"terminatingRuleType":"REGULAR","action":"ALLOW","terminatingRuleMatchDetails":[],"httpSourceName":"ALB","httpSourceId":"-app/api-staging-waf/a4cc29fda18b3ac2"," ruleGroupList":[{"ruleGroupId":"regional/rulegroup/SQLi_Prevention/a9616e2c-0c1f-4a7b-9278-8","terminatingRule":null,"nonTerminatingMatchingRules":[],"excludedRules":null}],"rateBasedRuleList ":[],"nonTerminatingMatchingRules":[],"httpRequest":{"clientIp":"10.90.40.000","country":"-","headers":[{"name":"Host"," value":"api.com"},{"name":"Content-Length","value":"81"},{"name":"content-type","value":"application/json" },{"name":"authorization","value":"REDACTED"},{"name":"accept-encoding","value":"gzip"},{"name":"user-agent" ,"值":"http-client/2.0"}],"uri":"/notification/","args":"","httpVersion":"HTTP/2.0","httpMethod":"POST", "requestId":"1-5fdaaca4-5d4a7a83048d7bb54ded7d0c"}} 块引用
【问题讨论】:
-
您能否展示一个您正在编制索引的示例日志文档?
-
您好,我刚刚添加了示例日志。谢谢
标签: elasticsearch kibana