Grafana - Elasticsearch dashboard variable does not provide any results
I am trying to set up a logs monitoring where I can filter logs by log.level and labels.Application fields from a .NET application which uses a Serilog sink for Elastic.
I have created a dashboard variable and defined some JSON to query for labels.Application, but I never get any response and I do not know why. Below is an example where I tried to query for host.name:
Now, when I go to my Elasticsearch datasource and I click on Explore, if I filter for logs, I am actually able to see both host.name and labels.Application.
I do not know why this works everywhere else but it somehow does not work in dashboard variables. Is there something that would need to be explicitly set up for this to work? All the examples
Data source configuration (though I would imagine it’s got nothing to do with it):
Any idea what could be behind this? I am out of ideas, to be honest.
As it turns out (after an additional hour of debugging and searching), I had a provisioned datasources/default.yml where the pre-configured Elasticsearch datasource had the interval set to Daily. After commenting it out, it works fine now. I have no idea why this was necessary, but perhaps worth pointing out.
apiVersion: 1
datasources:
- name: Elasticsearch
type: elasticsearch
uid: elasticsearch
access: proxy
url: http://elasticsearch:9200
jsonData:
index: 'logs-*'
# interval: Daily
timeField: '@timestamp'
- What is the difference between CONTAINS and WITHIN on Elasticsearch GeoShape queries?
- Grafana - Elasticsearch dashboard variable does not provide any results
- How to log using serilog to elasticsearch with Elastic.Serilog.Sinks in .net application
- What's "EIO: i/o error, write" in node.js and how do I eliminate it?
- Kibana has strict security requirements enabled that your current browser does not meet
- What's the difference between search-as-you-type and context suggester?
- Convenient time string parsing in python
- ElasticSearch in Spring with @Query
- What is the best practice for ensuring idempotency for downloading a binary with Ansible?
- Logstash install error: can't get unique system GID (no more available GIDs)
- Can't configure elastic search with spring boot in docker network
- `index_prefixes` in OpenSearch?
- How to get latest values for each group with an Elasticsearch query?
- What does it mean when an Elasticsearch index has yellow health?
- Is it possible to transfer data from Redshift to Elasticsearch?
- How elastic queries work with contradicting statements
- Can filebeat dissect a log line with spaces?
- How to undo setting Elasticsearch Index to readonly?
- Date range filter not getting excluded from date histogram under global aggregations in elastic query
- "United States" not ["United","States"]
- Get all field names in an index elasticsearch python
- How to really reindex data in elasticsearch
- elasticsearch match_phrase returns same score for fields with exact and not exact match
- inner_hits aggregations in ElasticSearch
- Sorting a reverse nested back to parent aggregation
- Elasticsearch: how to list roles assigned to the current SSO user via role mappings
- How to setup password for elasticsearch users?
- OpenSearch prevent script_score from running more than once
- Elasticsearch intermittently killed
- Elasticsearch: Job for elasticsearch.service failed