Creating an audit index pattern and visualize audit data in Kibana
From the Kibana console, create a basic index pattern.
By using the Kibana console, you can create a basic index pattern. Do these steps.
- From the IBM Storage Fusion user interface, click the App launcher (the icon with nine dots).
- Click the outbound arrow to open the Kibana console in another window.
- Log in to the Kibana console with the user credentials.Note: The Kibana console shares a single sign-on authentication with the IBM Storage Fusion user interface.
- Click Create index pattern page is displayed if you are adding the first index pattern. For more information, see https://docs.openshift.com/container-platform/4.15/logging/cluster-logging-deploying.html. . The
- In Step 1 of 2: Define index pattern, enter the Index
pattern. You must create index patterns when logged into Kibana the first time for the
app
,infra
, andaudit
indices. You can enter wildcard characters (*). For example, enter audi*. - Click Next step.
- In the Step 2 of 2: Configure settings, use the
@timestamp
time field to view their container logs. - Click Create index pattern to add the index pattern.
For example, if you entered audi* in the index pattern. The Fields tab page lists every field in the audi* index and the field’s associated core type as recorded by Elasticsearch.
- Click Discover menu to visualize the audit data.