We have a bunch of log lines from various sources (in different formats) in elasticsearch v1.3. We don't have control over the logstash config that puts them in there, so it's basically just one field containing the log line.
Using simple queries looking for string matches, we've been able to do some pretty cool things in Kibana (v3), but I'd love to do some of the things we'd be able to easily do if the data were more structured (aggregates based on extracted numeric values, topN lists of substrings of the log lines, etc).
Is there a way to have Kibana or Elasticsearch do some simple parsing of the log lines?
