Representing a Kibana query in a REST, curl form

Related searches

I have a Kibana server in a classic ELK configuration, querying an Elasticsearch instance.

I use the Kibana console to execute sophisticated queries on elasticsearch. I would like to use some of these queries in the command linem using cURL or any other http tool.

How can I convert a Kibana search into a direct, cURL-like REST call to elasticsearch?

At the bottom of your visualization, there is a small caret you can click in order to view more details about the underlying query:

Then you can click on the "Request" button in order to view the underlying query, which you can copy/paste and do whatever suits you with it.

UPDATE

Then you can copy/paste the query from the "Request" textarea and simply paste it in a curl like this:

curl -XPOST localhost:9200/your_index/your_type/_search -d '{
  "query": {
    "filtered": {
      "query": {
        "query_string": {
          "analyze_wildcard": true,
          "query": "blablabla AND blablabla"
        }
      },
      "filter": {
        "bool": {
          "must": [
            {
              "range": {
                "@timestamp": {
                  "gte": 1439762400000,
                  "lte": 1439848799999
                }
              }
            }
          ],
          "must_not": []
        }
      }
    }
  },
  "highlight": {
    "pre_tags": [
      "@kibana-highlighted-field@"
    ],
    "post_tags": [
      "@/kibana-highlighted-field@"
    ],
    "fields": {
      "*": {}
    }
  },
  "size": 420,
  "sort": {
    "@timestamp": "desc"
  },
  "aggs": {
    "2": {
      "date_histogram": {
        "field": "@timestamp",
        "interval": "30m",
        "pre_zone": "+02:00",
        "pre_zone_adjust_large_interval": true,
        "min_doc_count": 0,
        "extended_bounds": {
          "min": 1439762400000,
          "max": 1439848799999
        }
      }
    }
  },
  "fields": [
    "*",
    "_source"
  ],
  "script_fields": {},
  "fielddata_fields": [
    "@timestamp"
  ]
}'

You may need to tweak a few stuff (like pre/post highlight tags, etc)

http - Representing a Kibana query in a REST, curl form, At the bottom of your visualization, there is a small caret you can click in order to view more details about the underlying query: View more info. Then you can  Hello, You can open inspector in discover and look at the request & copy it and modify it for using from curl:

In case you are online using a Chrome browser you can go to your Kibana dashboard, open the developer console and write your query while having the Network tab open in the developer console. When you search for your query in the Kibana dashboard you will see the request appear in the developer console. There you can "right click" and select Copy as cURL, which will copy the curl command to your clipboard. Note that credentials of your basic auth may be copied as well. So be careful where you paste it.

How to have Kibana convert KQL to request (cURL command , I am using Kibana 7.2 I want to have Kibana convert KQL that I use in /​representing-a-kibana-query-in-a-rest-curl-form/53408911#53408911. Querying for exact match in Kibana. Representing a Kibana query in a REST, curl form. 0. Kibana query exact match of entire value. 18.

Another option would be to query Elastic Search using lucene queries (same syntax Kibana uses) using the ES search API query_string queries:

https://www.elastic.co/guide/en/elasticsearch/reference/current/query-dsl-query-string-query.html

Taken from one of the doc example, you would query ES using something like this:

GET /_search
{
    "query": {
        "query_string" : {
            "default_field" : "content",
            "query" : "this AND that OR thus"
        }
    }
}

Search API | Elasticsearch Reference [7.7], Descriptionedit. Allows you to execute a search query and get back search hits that match the query. You can provide search queries using the  Hi, I am completely new to Kibana ,elasticsearch etc. I followed a tutorial and set up kibana , elastic search logtash etc. My requirement is as following : 1.I have some json data which loads when i open a url. I want to add a dashboard and set it up in such a way that when i click on the dashboard it should call the URL, get the values and display it on dashboard. 2. If i am able to change

Representing a Kibana query in a REST, curl form, I have a Kibana server in a classic ELK configuration, querying an Elasticsearch instance. I use the Kibana console to execute sophisticated queries on  REST APIedit Some Kibana features are provided via a REST API, which is ideal for creating an integration with Kibana, or automating certain aspects of configuring and deploying Kibana. Each API is experimental and can include breaking changes in any version of Kibana, or might be entirely removed from Kibana.

Curl Syntax In Elasticsearch With Examples, Curl Syntax - This tutorial makes a clear note on an example regarding HTTP This is also the standard practice to describe requests made to ElasticSearch within the user community. curl -XPOST "https://localhost:9200/_search" -d' { "​query": { "query_string": { "query": "hello" } } }' A C# class representing a message. Some Kibana features are provided via a REST API, which is ideal for creating an integration with Kibana, or automating certain aspects of configuring and deploying Kibana. Each API is experimental and can include breaking changes in any version of Kibana, or might be entirely removed from Kibana. « Scale and performance Using the APIs ».

The easiest way to enter the JSON DSL query is to use the query editor since it creates the query object for you: Save the query, giving it some name: Kibana Query Language (KBL) versus Lucene You can use KBL or Lucene in Kibana. They are basically the same except that KBL provides some simplification and supports scripting. Here are some

Comments
  • // , Is the relevant documentation here: elastic.co/guide/en/elasticsearch/reference/current/search.html
  • It's not clear to me what values to put into your_index and your_type
  • @RoyTruelove Whatever index/type you want to query
  • But, where does one find the index/type to put in 'your_index' and 'your_type' ?
  • @David feel free to ask another question related to your case referencing this one.