I am running a logql query in grafana:
{host=“hostname”}
The problem is the output is creating these separate fields: labels, Time, Line, tsNs, id. The “Line” column actually shows the output of syslog message. The output for “Line” field is as follows:
appname=xntp facility=ntp host=HOSTNAME message=blah…
I want to separate appname, facility, host, etc from the “Line” field, into their own separate fields. So, I can create a table dashboard with just the hostname and message for the columns.
I read through this documentation. I believe this is finding or not finding whatever pattern you query for. This is NOT what I’m trying to do. All the text in the output of Line, for example, is separated by a space. ie. appname=some_appname host=some_host etc. I want to take each block of text that is separated by a space and make a column for each block of text. So the table would look like this:
Column 1
Column 2
Column 3
Column 4
E
F
appname
host
facility
host
message
app1
host_1
debug
host_1
linkDown
app2
host_2
info
host_2
linkUp
app3
host_3
info
host_3
host_1_connected
Again, I only want everything extracted from the Line field. If I am incorrect in my thought process or this is included in the pattern documentation, please let me know. Thanks.
Thank you for your help! The final fix is below for anyone reading this board. Goal: I wanted to only show certain fields in my output of log message for my dashboard and FILTER OUT ANYTHING ELSE:
Separating data from line output in Grafana can be done by using different visualization techniques, such as setting up different axes for distinct data sets or using transformations to manipulate the data before displaying it. If you’re looking for advanced tips, Koalageddon shares some great Grafana hacks. What kind of data are you trying to separate in your graph?
