github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-06-27 18:51:07 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/docs/discover/log-pattern-analysis.asciidoc
amyjtechwriter 45748f60ec
[DOCS] License level required (#160638) 
## Summary

The pattern analysis feature is a Platinum subscription feature in
technical preview, which is now called out in the warning at the top of
the page. Otherwise users cannot follow the instructions on the page as
the options are not visible.

<img width="827" alt="Screenshot 2023-06-27 at 15 12 16"
src="9d9fc713-6640-4e41-9003-dd080f5fe746">

### Checklist

Relates to and closes: #159170
2023-06-28 09:48:25 +01:00

38 lines
No EOL
1.7 KiB
Text
Raw Blame History

[[run-pattern-analysis-discover]]
== Run a pattern analysis on your log data
preview::["This functionality is in technical preview, requires a link:https://www.elastic.co/subscriptions[Platinum subscription], and may be changed or removed in a future release. Elastic will apply best effort to fix any issues, but features in technical preview are not subject to the support SLA of official GA features."]
include::../user/ml/index.asciidoc[tag=log-pattern-analysis-intro]
Log pattern analysis works on every text field.
This example uses the <<gs-get-data-into-kibana, sample web logs data>>, or you
can use your own data.
. Open the main menu, and click *Discover*.
. Expand the {data-source} dropdown, and select *Kibana Sample Data Logs*.
. If you don't see any results, expand the time range, for example, to
*Last 15 days*.
. Click the `message` field in the **Available fields** list sidebar and click
**Run pattern analysis**.
+
--
[role="screenshot"]
image::images/log-pattern-analysis-available-fields.png["Available fields view in Discover showing the message field selected."]
The pattern analysis starts. The results are displayed in a flyout when the
analysis is complete.
[role="screenshot"]
image::images/log-pattern-analysis-results.png["Log pattern analysis results in Discover."]
--
. (optional) Apply filters to one or more patterns. *Discover* only displays
documents that match the selected patterns. Additionally, you can remove
selected patterns from *Discover*, resulting in the display of only those
documents that don't match the selected pattern. These options enable you to
remove unimportant messages and focus on the more important, actionable data
during troubleshooting.
Reference in a new issue View git blame Copy permalink