以REST，curl形式表示Kibana查询 [英] Representing a Kibana query in a REST, curl form

问题描述

我在一个经典的

然后您可以点击请求按钮，以查看基本查询，您可以复制/粘贴并做任何适合您。

< a>

UPDATE

Requesttextarea，并简单地将其粘贴成卷曲如下：

  curl -XPOST localhost：9200 / your_index / your_type / _search -d'{
query：{
filtered：{
query：{
query_string：{
analyze_wildcard 
query：blablabla AND blablabla
} 
}，
filter：{
bool：{
must [
 {
range：{
@timestamp：{
gte：1439762400000，
lte：1439848799999 
} 
} 
} 
]，
must_not：[] 
} 
} 
} 
}，
 highlight：{
pre_tags：[
@ kibana-highlighted-field @
]，
post_tags：[
@ / kibana -highlighted-field @
]，
fields：{
*：{} 
} 
}，
size 420，
sort：{
@timestamp：desc
}，
aggs：{
2：{
date_histogram：{
field：@timestamp，
interval：30m，
pre_zone：+02：00，
 pre_zone_adjust_large_interval：true，
min_doc_count：0，
extended_bounds：{
min：1439762400000，
max：1439848799999 
} b $ b} 
} 
}，
fields：[
*，
_source
] script_fields：{}，
fielddata_fields：[
@timestamp
] 
}'
  

您可能需要调整一些内容（例如前/后高亮标记等）

I have a Kibana server in a classic ELK configuration, querying an Elasticsearch instance.

I use the Kibana console to execute sophisticated queries on elasticsearch. I would like to use some of these queries in the command linem using cURL or any other http tool.

How can I convert a Kibana search into a direct, cURL-like REST call to elasticsearch?

解决方案

At the bottom of your visualization, there is a small caret you can click in order to view more details about the underlying query:

Then you can click on the "Request" button in order to view the underlying query, which you can copy/paste and do whatever suits you with it.

UPDATE

Then you can copy/paste the query from the "Request" textarea and simply paste it in a curl like this:

curl -XPOST localhost:9200/your_index/your_type/_search -d '{
  "query": {
    "filtered": {
      "query": {
        "query_string": {
          "analyze_wildcard": true,
          "query": "blablabla AND blablabla"
        }
      },
      "filter": {
        "bool": {
          "must": [
            {
              "range": {
                "@timestamp": {
                  "gte": 1439762400000,
                  "lte": 1439848799999
                }
              }
            }
          ],
          "must_not": []
        }
      }
    }
  },
  "highlight": {
    "pre_tags": [
      "@kibana-highlighted-field@"
    ],
    "post_tags": [
      "@/kibana-highlighted-field@"
    ],
    "fields": {
      "*": {}
    }
  },
  "size": 420,
  "sort": {
    "@timestamp": "desc"
  },
  "aggs": {
    "2": {
      "date_histogram": {
        "field": "@timestamp",
        "interval": "30m",
        "pre_zone": "+02:00",
        "pre_zone_adjust_large_interval": true,
        "min_doc_count": 0,
        "extended_bounds": {
          "min": 1439762400000,
          "max": 1439848799999
        }
      }
    }
  },
  "fields": [
    "*",
    "_source"
  ],
  "script_fields": {},
  "fielddata_fields": [
    "@timestamp"
  ]
}'

You may need to tweak a few stuff (like pre/post highlight tags, etc)

这篇关于以REST，curl形式表示Kibana查询的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！