I have some logs in kibana with this message:
message: '{ "Type": "successfully created", "Count": 6, "ElapsedTime": 2004, "Id": "189f6293-21a1-4a74-a332-34369a0ebd0d"}'
How i can create a chart with timelion that shows average value of ElapsedTime?
You would have to extract the fields/json-keys from the message field.
The message field itself is of type text, meaning you can do full-text searches on it. In order to use the values of ElapsedTime to build visualizations, it has to be an own field inside the document either with type integer or keyword.
If you use Logstash, you can set up a pipeline using the json filter plugin. It will extract the JSON object inside the message field and store the key-value-pairs as separate fields in your event/document.