Showing the required fields
When we open Kibana Discover, it shows the data under the _source column along with the time column. In the _source field, we have all the fields with data being displayed, which are combined with a single space. The _source column shows all the fields, which makes it difficult to get the relevant information.
We can add the desired fields from the field listing area on the left section of the page. To add the fields, we need to click on the Add button, which appears after hovering over the field name. We can add as many fields as we want to see:
As shown in the previous screenshot, we have added the following fields through which we can easily get the required information:
- Time
- dest.ip
- dest.port
- source.ip
- source.port
- transport
Now, this list has made things quite clear and has made it quite easy to visualize the data of the fields, which is more important than the other fields.