How to Rename Values in Grafana Using Regex-Based Value Mapping

Grafana How To
, , ,
1

Hi,

I have query result from Elasticsearch using logs result that have long value in particular field, and I want to remove some of the characters and get specific result using Rename by Regex transformation, but no luck to get what I want to achieve.

The situation like below:
I have field origin with value like below:
"authenticated for user 'is-someone'. From: 10.14.15.254."

Using regex: [^\.*].+user '(.+)'\..* i will get is-someone
but i don’t know to use the transformation in the table panel that show the result of the regex, the origin field still the same as before and I don;t know where the replacement of the regex was.

Is it possible to do it ?

Datasource: Elasticsearch
Metric: RawData
Panel: Table
Transform: Rename by regex

Regards,
Fadjar Tandabawana

1 Like
2

Hi @fadjar340

Not sure if I’m understanding perfectly, but I did want to mention that regex-based value-mapping will ship with 8.2. That should allow you to modify individual fields of data in, say, the table panel.

Perhaps that will help? If not, can you maybe add some screenshots so we can get you unblocked? :+1:

1 Like
3

Hi @mattabrams ,

below the config in my transform

image
image1566×914 74.3 KB

I just need to show the is-eko as a user in the field.

I’m very happy If you have the detail documentation about transform Rename by Regex how to use it properly.

BTW, I use Grafana 8.1.5
And if this will work in 8.2, I just waiting for that one… :slightly_smiling_face:

Regards,
Fadjar Tandabawana

1 Like
4

@fadjar340 Here are the new Grafana docs for regex-based value-mapping.

And here is an example, using your data. I copied your string value, but not exactly :sunglasses:

CleanShot 2021-09-28 at 13.01.37@2x
CleanShot 2021-09-28 at 13.01.37@2x1920×1096 80.9 KB

Chose the new Regex option:

CleanShot 2021-09-28 at 13.02.26@2x
CleanShot 2021-09-28 at 13.02.26@2x1920×1200 61 KB

Here is my rather ugly regex with a capture group for the user IDs:

CleanShot 2021-09-28 at 13.02.35@2x
CleanShot 2021-09-28 at 13.02.35@2x2446×762 50.5 KB

And there you go!

CleanShot 2021-09-28 at 13.02.47@2x
CleanShot 2021-09-28 at 13.02.47@2x1920×1200 87.6 KB

When I first saw this PR get merged, I was so excited. Adding regex-parsing to value mapping could help a lot of folks… :grafana:

5 Likes
5

Wow…

So simple, thank you @mattabrams

I didn’t realize that so simple…

Many thanks…

Regards,
Fadjar Tandabawana

2 Likes
6

Hi,
this new regex value mapping is indeed a very powerfull new feature.
but did anyone tried combining it with the color settings? I’m having problems with that, maybe I’m using the regex expression the wrong way? for more details see: Value mappings: selected colors not set correctly when using regex rules · Issue #41265 · grafana/grafana (github.com)

2 Likes
8

Sadly there is one caveat, which is that table sorting is not affected by the displayed values, but rather still sorts by the original ones.

See a request here to change this: Table: Sort value mapped column by display text, not by value · Discussion #43280 · grafana/grafana · GitHub

2 Likes
9

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.