elasticsearchlogstashkibanakibana-4

Objects in array is not well supported error observed for ELK docker image


I'm using the latest elk image for kibana dashboard and I have json file which is having list of array[] and I'm not able to show those as field in kibana and It's showing that the object in array is not well supported error message.

As per the document in kibana I just went through the below link but I didn't find anything useful for elk docker image.

    https://github.com/istresearch/kibana-object-format

I just tried to run the command

   Run bin/kibana-plugin install <package.zip>

but it returned as run is unknown command removed run and ran remaining command but It says that's invalid.

I'm using linux box and Kibana 7.3 version.

Is it possible to overcome this issue? how to deploy that plugin for elk image else is there any other way to make those arrays object as fields in kibana.

I'm not sure how can I proceed. Please help me.

Sample Data:

{
    "expand": "schema,names",
    "startAt": 0,
    "maxResults": 50,
    "total": 4,
    "issues": [{
            "expand": "operations,versionedRepresentations,editmeta,changelog,renderedFields",
            "id": "1999875",
            "self": "https://amazon.kindle.com/jira/rest/api/2/issue/1999875",
            "key": "KINDLEAMZ-67578",
            "fields": {
                "summary": "contingency is displaying for confirmed card.",
                "priority": {
                    "name": "P1",
                    "id": "1"
                },
                "created": "2019-09-23T11:25:21.000+0000"
            }
        },
        {
            "expand": "operations,versionedRepresentations,editmeta,changelog,renderedFields",
            "id": "2019428",
            "self": "https://amazon.kindle.com/jira/rest/api/2/issue/2019428",
            "key": "KINDLEAMZ-68661",
            "fields": {
                "summary": "card",
                "priority": {
                    "name": "P1",
                    "id": "1"
                },
                "created": "2019-09-23T11:25:21.000+0000"
            }
        },
        {
            "expand": "operations,versionedRepresentations,editmeta,changelog,renderedFields",
            "id": "2010958",
            "self": "https://amazon.kindle.com/jira/rest/api/2/issue/2010958",
            "key": "KINDLEAMZ-68167",
            "fields": {
                "summary": "Test Card",
                "priority": {
                    "name": "P1",
                    "id": "1"
                },
                "created": "2019-09-23T11:25:21.000+0000"
            }
        }
    ]
}

I just want to fetch KEY, Summary, Priority from each of the above array. But its not working as expected when I tried to make a field its showing as array in kibana. If this is not working with 7.3.0 should I downgrade to lower version? the steps are missing for docker user in that document. Is there any way to get those details?


Solution

  • Checking here: https://github.com/istresearch/kibana-object-format/releases it looks like the plugin latest release was for Elasticsearch 6.3. I guess that is the reason for your error.

    I'm not sure there's a fix for this in kibana. There are many issues on this subject, open for a long time, like: https://github.com/elastic/kibana/issues/3333.