I have created a web based front end to my data set. My front end program extracts the data and inserts it into ELK via logstash. I then want to create a visualization followed by dashboards via saved_objects REST API.
When logstash completes, there is an index shown in Elasticsearch Index Management panel. There is no index shown in the Kibana Index Patterns panel. i.e. one must be created manually. This involves selecting the index by name and then assigning a time field (normally @timestamp).
If you do a GET REST operation after logstash completes (either by curl or Postman) you get back:
Once you create the index via Kibana Index Pattern manually, you get back the proper JSON.
Question: What is the Kibana REST API that needs to be used to create an kibana index from logstash ? Keep in mind that the only an ID gets created is after the manual kibana process.
If its the Create Object REST API, what JSON attributes needs to be defined.
Since the index is defined as an Elastiscsearch index, do I use Update Object?
Again,what JSON attributes needs to be defined?
Keep in mind that the GET returns no information after logstash has ingested the data.
If I understand correctly, you want to create an Index Pattern for Kibana. An index pattern can include a wildcard to match multiple index names in Elasticsearch.
Nick,
Got the create object for a index-pattern to work.
Where can I get the JSON Payload format required to Create a Visualization required in the attributes?
Hi Peter. I don't think that visualization saved objects JSON schema is documented anywhere. I would recommend creating the visualization(s) you want in Kibana and then export the saved objects to get the schema.
You can also watch the API calls in your browser's developer tools as you save a visualization to see how the payload gets sent.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.