mirror of
https://github.com/elastic/kibana.git
synced 2025-04-24 17:59:23 -04:00
c84532aade
* [DOCS] Dashboard-first refresh * Fixes broken links and partinto error * Fixes images in panel table * Fixes broken links * Fixes broken drilldowns link * Fixes images and table * Removed un needed files and added edit content * Update docs/getting-started/tutorial-visualizing.asciidoc Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com> * Review comments * Review comments * Removed blocks * Typo fix * Update docs/getting-started/tutorial-sample-data.asciidoc Co-authored-by: Wylie Conlon <wylieconlon@gmail.com> * Update docs/getting-started/tutorial-discovering.asciidoc Co-authored-by: Wylie Conlon <wylieconlon@gmail.com> * Update docs/getting-started/tutorial-sample-data.asciidoc Co-authored-by: Wylie Conlon <wylieconlon@gmail.com> * Update docs/getting-started/tutorial-visualizing.asciidoc Co-authored-by: Wylie Conlon <wylieconlon@gmail.com> * Update docs/user/dashboard/edit-dashboards.asciidoc Co-authored-by: Wylie Conlon <wylieconlon@gmail.com> * Update docs/user/dashboard/dashboard.asciidoc Co-authored-by: Wylie Conlon <wylieconlon@gmail.com> * Update docs/user/dashboard/dashboard.asciidoc Co-authored-by: Wylie Conlon <wylieconlon@gmail.com> * Update docs/user/dashboard/aggregation-reference.asciidoc Co-authored-by: Wylie Conlon <wylieconlon@gmail.com> * Review comments Co-authored-by: gchaps <33642766+gchaps@users.noreply.github.com> Co-authored-by: Wylie Conlon <wylieconlon@gmail.com>
51 lines
1.6 KiB
Text
51 lines
1.6 KiB
Text
[[tutorial-define-index]]
|
||
=== Define your index patterns
|
||
|
||
Index patterns tell {kib} which {es} indices you want to explore.
|
||
An index pattern can match the name of a single index, or include a wildcard
|
||
(*) to match multiple indices.
|
||
|
||
For example, Logstash typically creates a
|
||
series of indices in the format `logstash-YYYY.MMM.DD`. To explore all
|
||
of the log data from May 2018, you could specify the index pattern
|
||
`logstash-2018.05*`.
|
||
|
||
[float]
|
||
==== Create the index patterns
|
||
|
||
First you'll create index patterns for the Shakespeare data set, which has an
|
||
index named `shakespeare,` and the accounts data set, which has an index named
|
||
`bank`. These data sets don't contain time series data.
|
||
|
||
. Open the menu, then go to *Stack Management > {kib} > Index Patterns*.
|
||
|
||
. If this is your first index pattern, the *Create index pattern* page opens.
|
||
|
||
. In the *Index pattern name* field, enter `shakes*`.
|
||
+
|
||
[role="screenshot"]
|
||
image::images/tutorial-pattern-1.png[shakes* index patterns]
|
||
|
||
. Click *Next step*.
|
||
|
||
. On the *Configure settings* page, *Create index pattern*.
|
||
+
|
||
You’re presented a table of all fields and associated data types in the index.
|
||
|
||
. Create a second index pattern named `ba*`.
|
||
|
||
[float]
|
||
==== Create an index pattern for the time series data
|
||
|
||
Create an index pattern for the Logstash index, which
|
||
contains the time series data.
|
||
|
||
. Create an index pattern named `logstash*`, then click *Next step*.
|
||
|
||
. From the *Time field* dropdown, select *@timestamp, then click *Create index pattern*.
|
||
+
|
||
[role="screenshot"]
|
||
image::images/tutorial_index_patterns.png[All tutorial index patterns]
|
||
|
||
|
||
|