Opensearch Visualize Advance
114 views
Skip to first unread message
German DiCasas
May 28, 2024, 4:56:45 PM5/28/24
to Wazuh | Mailing List
Hi team,
I am trying to use the advance tab of the Pie visualization in the include and exclude section.
It is only taking a single value and when entering several items gives me an error. I have tried with , ; : [] {} etc but not works. Will you have documentation on how to include 5 values, for example Windows, Windows10, Windos11, Other, Android?
It is only taking a single value and when entering several items gives me an error. I have tried with , ; : [] {} etc but not works. Will you have documentation on how to include 5 values, for example Windows, Windows10, Windos11, Other, Android?
I have wazuh v4.7.4 installed using all in one script on ubuntu. Integrated with Office365 that takes the information from data.office365.DeviceProperties.Value to graph them in the pie chart and I only want it to take those five values.
I attached some images to understand the issue. Thanks
Regards,
German
Mauricio Ruben Santillan
May 28, 2024, 5:24:22 PM5/28/24
to Wazuh | Mailing List
Hello German,
I am able of using exclude or include without any problems. Take a look:
Be sure to exclude or include values that were already indexer in the field you selected. Also, in case you need to exclude/include multiple values, separate them using pipes:
Let me know how it goes.
German DiCasas
May 28, 2024, 6:04:18 PM5/28/24
to Wazuh | Mailing List
Thanks, that was fast......., it is with pipe . And work perfect now.
Do you have any docs related to advance tab related with the JSON input? I mean I thinks that is for for filter too, correct? can you give me any example of that use?
Regards
German
Reply all
Reply to author
Forward
0 new messages