Kibana-如何将日志显示为表格

On the Discover tab, create a view that has just the fields you want and then save that as a search.

On the Dashboard tab, click on Edit then hit the + Create new button to add a widget, but if you look at the top, there's a Searches tab. Select that and add your saved search in.

[Elastic 7.x / 2019 Update]

I was a bit confused when I read @Alcanzar's answer so I am sharing a little more noob-friendly step-by-step how-to here :

• STEP 1 : Create the Index Pattern

• STEP 2 : Go to the Dashboard view, and create a view on your index
  Select each column you want to include/add in your view by clicking "add" on it (The confusing part is that until you do that, you will have a "scrambled" view listing everything in a jumbled way.)

• STEP 3 : Go to the Dashboard view, and create a view on your index

The trick is to select the specific columns you want to include... and voila !
Don't forget to save your view, this will help a lot in the process.

The accepted solution has its pros (if, for simplicity, you see your index as a table, this is the only way to deal with rows naturally) but also cons (it allows the user to see too much information, by expanding the records that appear in the table; users cannot get an export of the values).

So if you plan to build tables to use in reports seen by users which should not see everthing and may want to get exports of the data, I recommend a different (hacky) approach using Table visualizations:

Say you have three columns A, B and C:

• If there are no duplicates considering the combined values of A and B, you can use these two vales as aggregation fields, and then set a Max or Top hit Metric for C.

• If even A, B and C have duplicates, then you can use the three of them as aggregation fields and add a Metric count, that will give you the number of repeated rows. This solution makes somehow sense, because instead of repeating the same row 'n' times you just tells you should have repeated 'n' times that row.

• If A and B have duplicates but A, B and C are unique, then there is, afaik, no elegant solution. You have to use the three of them as aggregation fields, but then you would have a dummy metric at the end (e.g. count, always equal to 1).

Why? why do we have to go through all of this? that is another question...

In Kibana 7.5.0 you can do it as follows:

1. Go to Discover section
2. Select fields you are interested in
3. Click on Save to save your discover search so you can use it in visualizations and dashboards
4. Click on Dashboard and create a new dashboard
5. Click on Add and select the panel
6. There is no step 6