Get data from visualize/ dashboard using the API

avivc · April 26, 2017, 11:23am

Hi,
I want to fetch my visualize/ dashboard data in Kibana from the API
How do I approach this issue ?
I need is to get the data from, e.g., data table

10x in advance

LeeDr · April 26, 2017, 1:53pm

If you click the little arrow at the bottom of most visualizations you see a Request button. If you click that you can see the query that the visualization uses to get the data. So you could use that directly with Elasticsearch.

And there's links below that to export Raw or Formatted csv data (I think Formatted only changes unix date longs into Date strings).
Is that the data you want to get via API? I don't know if a documented way to do that, but maybe there is a way. Let me know if that's what you're trying to get and I'll look into it a bit more.

Regards,
Lee

avivc · April 26, 2017, 3:08pm

Tnx @LeeDr for the input !
Actually I want to create script that fetch data from Elastic API with and render it for my needs
The most important is get the data itself
E.g.
Data table - gets only the tabular data
Bar/ linear chart - gets only the graph

LeeDr · April 26, 2017, 5:33pm

When you say "Elastic API" you're referring to Elasticsearch API (not Kibana)?

That's where you would use the Request that you can see by clicking that button. You can use that query to get the data from Elasticsearch. It won't be tabular data. It will be JSON output format.
Do you need help getting that to work?

I have seen some third-party Elasticsearch plugins designed to return query results in CSV or some other formats. I've tried one of those and didn't get it to work, but your mileage may vary.

avivc · April 27, 2017, 6:09am

Yes I meant to ElasticSearch API to fetch the data
I'll be happy for help/ tutorial to get it work. A json in just the input I need

Out out curiosity, what your mileage may vary means? I'm not familiar with that phrase

LeeDr · April 27, 2017, 1:23pm

your mileage may vary = your experience may be different.

So basically I'm saying I didn't get those third-party plugins for CSV output to work, but I could have done something wrong and they may work just fine for someone else.

If I have this random visualization;

I click the arrow under the chart and then I see this;

Click the Request button (and optionally the expand icon circled in red);

If I copy that query and go to the Kibana > Dev Tools > Console, I can paste it along with GET <my index pattern>/_search like this;

GET test4/_search
{
  "query": {
    "query_string": {
      "analyze_wildcard": true,
      "query": "*"
    }
  },
  "size": 0,
  "_source": {
    "excludes": []
  },
  "aggs": {
    "2": {
      "histogram": {
        "field": "number",
        "interval": 1,
        "min_doc_count": 1
      },
      "aggs": {
        "1": {
          "max": {
            "field": "count"
          }
        }
      }
    }
  }
}

and I get the results like in the data table of the visualization;

{
  "took": 1,
  "timed_out": false,
  "_shards": {
    "total": 5,
    "successful": 5,
    "failed": 0
  },
  "hits": {
    "total": 4,
    "max_score": 0,
    "hits": []
  },
  "aggregations": {
    "2": {
      "buckets": [
        {
          "1": {
            "value": 20
          },
          "key": 1,
          "doc_count": 1
        },
        {
          "1": {
            "value": 30
          },
          "key": 2,
          "doc_count": 1
        },
        {
          "1": {
            "value": 50
          },
          "key": 3,
          "doc_count": 1
        },
        {
          "1": {
            "value": 40
          },
          "key": 4,
          "doc_count": 1
        }
      ]
    }
  }
}

I can click the wrench in the Console to copy that query as curl;

In my case, I need to add authentication and -k to ignore my invalid ssl certificate. The results are at the bottom.
You'll probably have to scroll over to see them;

$ curl -k -XGET "https://elastic:changeit@localhost:9200/test4/_search" -H 'Content-Type: application/json' -d'
{
  "query": {
    "query_string": {
      "analyze_wildcard": true,
      "query": "*"
    }
  },
  "size": 0,
  "_source": {
    "excludes": []
  },
  "aggs": {
    "2": {
      "histogram": {
        "field": "number",
        "interval": 1,
        "min_doc_count": 1
      },
      "aggs": {
        "1": {
          "max": {
            "field": "count"
          }
        }
      }
    }
  }
}'
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   738  100   336  100   402   1953   2337 --:--:-- --:--:-- --:--:--  2337{"took":0,"timed_out":false,"_shards":{"total":5,"successful":5,"failed":0},"hits":{"total":4,"max_score":0.0,"hits":[]},"aggregations":{"2":{"buckets":[{"key":1.0,"doc_count":1,"1":{"value":20.0}},{"key":2.0,"doc_count":1,"1":{"value":30.0}},{"key":3.0,"doc_count":1,"1":{"value":50.0}},{"key":4.0,"doc_count":1,"1":{"value":40.0}}]}}}

You could use any language or library that does http GET requests.

Hope this helps.

Regards,
Lee

avivc · April 30, 2017, 8:16am

@LeeDr Tnx for the detailed explanation !
It looks very useful. I want to understand few things:

What's the output of the cURL ?
I need to create automate process without using the UI (AKA Kibana). Is there a way ?

LeeDr · May 1, 2017, 1:25pm

As I said above, the output of the curl command is in my previous post. Scroll over to the right at the bottom.

Didn't I just explain that? Request the data directly from Elasticsearch and you don't have to use the Kibana UI.

You could also use our Reporting product in X-Pack to generate PDF documents containing graphs from Kibana. Is that what you're trying to do?

Lee

avivc · May 3, 2017, 8:58am

Tnx @LeeDr
Sorry for repeating my Q again
About reporting - I've tested it and it quite useful. Dealing with the subscription now
Best

system · May 31, 2017, 9:01am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.