Creating an audit index pattern and visualize audit data in Kibana

From the Kibana console, create a basic index pattern.

By using the Kibana console, you can create a basic index pattern. Do these steps.
  1. From the IBM Storage Fusion user interface, click the App launcher (the icon with nine dots).
  2. Click the outbound arrow to open the Kibana console in another window.
  3. Log in to the Kibana console with the user credentials.
    Note: The Kibana console shares a single sign-on authentication with the IBM Storage Fusion user interface.
  4. Click Management > Index Patterns. The Create index pattern page is displayed if you are adding the first index pattern. For more information, see https://docs.openshift.com/container-platform/4.15/logging/cluster-logging-deploying.html.
  5. In Step 1 of 2: Define index pattern, enter the Index pattern. You must create index patterns when logged into Kibana the first time for the app, infra, and audit indices. You can enter wildcard characters (*). For example, enter audi*.
  6. Click Next step.
  7. In the Step 2 of 2: Configure settings, use the @timestamp time field to view their container logs.
  8. Click Create index pattern to add the index pattern.

    For example, if you entered audi* in the index pattern. The Fields tab page lists every field in the audi* index and the field’s associated core type as recorded by Elasticsearch.

  9. Click Discover menu to visualize the audit data.
    Kibana screenshot showing result of audi* filter