Executing a command from Elasticsearch/kibana

T1330 · June 15, 2021, 3:17am

Could you please have any example that executing a command from Elasticsearch to another server etc.

i.e. moving from file "C:/aaa/a111.txt" to "C:/bbb/a111.txt"
or
displaying a pop-up by command Elasticsearch-kibana
note: a111.txt: normal text file, or any xlsx.docx would be fine (non Elastic-file)

I appreciate the detail method if you have.
Thanks so much for your help and co-operations.

warkolm · June 15, 2021, 3:21am

Neither of those will execute an external command. You'd need to look at using something like Logstash, or a custom app.

T1330 · June 15, 2021, 3:47am

Thank you for your comment.
Logstash, how can I insert mov command for relocate or rename as I have been looking?
I appreciate sample so I can understand on this matter.

Thanks so much for your help.

Christian_Dahlqvist · June 15, 2021, 3:51am

What is the problem you are trying to solve? Can you please provide some additional context? Why not move files using the OS utilities and commands?

T1330 · June 15, 2021, 4:38am

I have look into kibana/search for this probelm as I just setup in this v13 below.
(Location : c-drive logstash/ C:kibana/c:searh in windows10, a111.txt for test file.)
To move the text file from file "C:/aaa/a111.txt" to "C:/bbb/a111.txt".

quote
input {
file {
mode => "read"
path => ["C:/tmp/tet*.csv"]
sincedb_path => "nul"
start_position => "beginning"
}
}

filter {
csv {
columns => ["STATUS1","AGGREGATION_STATUS","SEVERITY","EVENT_TIME","HOST","NAME","EVENT_ID","CONTENTS"]
separator => ","
}
date {
match => ["EVENT_TIME", "YYYYMMDD:hh:mm:ss" ]
}

}

output {
elasticsearch {
hosts => ["127.0.0.1:9201"]
user => "elastic"
password => "P@ssw0rd!"
index => "q123"
}
}

unquote
Thanks and regards

warkolm · June 15, 2021, 4:42am

There's nothing in the Elastic Stack that can do that for you unfortunately.

T1330 · June 15, 2021, 4:59am

I did not find out the command using kibana-search development console so far.
I wonder you mention that something like Logstash, can work if we modify on this point in logstash. so I asked.
Have you ever obtain the information that any customer solve the problem like this ?
Thanks you so much.

warkolm · June 15, 2021, 5:02am

This needs to be handled outside of the Elastic Stack. I am not aware of any direct solutions to this.

T1330 · June 15, 2021, 7:15am

warkolm Mark
Thanks very much for your quickly response.
I will invest the further other application around elastic environments
in this case.
I hope elastic will invole as option in the future version.
Thanks again T1330

T1330 · June 15, 2021, 8:55am

One question
regarding Alerts Kibana Action (Elastic subscription Gold/Platinum)
: mail WebHook Jira Microsoft Teams PagerDuty Slack are available,
which means the sending the alert from elastic and will rectify by their own
application, not sending command by elastic.
Could you tell us on this points?
Thanks for your help and co-operations

warkolm · June 15, 2021, 10:08pm

Tell you what sorry?

system · July 13, 2021, 10:08pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.