Get data from visualize/ dashboard using the API

Elastic Stack Kibana
1

Hi,
I want to fetch my visualize/ dashboard data in Kibana from the API
How do I approach this issue ?
I need is to get the data from, e.g., data table

10x in advance

1 Like
2

If you click the little arrow at the bottom of most visualizations you see a Request button. If you click that you can see the query that the visualization uses to get the data. So you could use that directly with Elasticsearch.

And there's links below that to export Raw or Formatted csv data (I think Formatted only changes unix date longs into Date strings).
Is that the data you want to get via API? I don't know if a documented way to do that, but maybe there is a way. Let me know if that's what you're trying to get and I'll look into it a bit more.

Regards,
Lee

1 Like
3

Tnx @LeeDr for the input !
Actually I want to create script that fetch data from Elastic API with and render it for my needs
The most important is get the data itself
E.g.
Data table - gets only the tabular data
Bar/ linear chart - gets only the graph

4

When you say "Elastic API" you're referring to Elasticsearch API (not Kibana)?

That's where you would use the Request that you can see by clicking that button. You can use that query to get the data from Elasticsearch. It won't be tabular data. It will be JSON output format.
Do you need help getting that to work?

I have seen some third-party Elasticsearch plugins designed to return query results in CSV or some other formats. I've tried one of those and didn't get it to work, but your mileage may vary.

5

Yes I meant to ElasticSearch API to fetch the data
I'll be happy for help/ tutorial to get it work. A json in just the input I need :+1:

Out out curiosity, what your mileage may vary means? I'm not familiar with that phrase :smirk:

6

your mileage may vary = your experience may be different.

So basically I'm saying I didn't get those third-party plugins for CSV output to work, but I could have done something wrong and they may work just fine for someone else.

If I have this random visualization;

image.png1718×1361 55.5 KB

I click the arrow under the chart and then I see this;

image.png1259×1240 26.8 KB

Click the Request button (and optionally the expand icon circled in red);

image.jpg1229×720 61 KB

If I copy that query and go to the Kibana > Dev Tools > Console, I can paste it along with GET <my index pattern>/_search like this;

GET test4/_search
{
  "query": {
    "query_string": {
      "analyze_wildcard": true,
      "query": "*"
    }
  },
  "size": 0,
  "_source": {
    "excludes": []
  },
  "aggs": {
    "2": {
      "histogram": {
        "field": "number",
        "interval": 1,
        "min_doc_count": 1
      },
      "aggs": {
        "1": {
          "max": {
            "field": "count"
          }
        }
      }
    }
  }
}

and I get the results like in the data table of the visualization;

{
  "took": 1,
  "timed_out": false,
  "_shards": {
    "total": 5,
    "successful": 5,
    "failed": 0
  },
  "hits": {
    "total": 4,
    "max_score": 0,
    "hits": []
  },
  "aggregations": {
    "2": {
      "buckets": [
        {
          "1": {
            "value": 20
          },
          "key": 1,
          "doc_count": 1
        },
        {
          "1": {
            "value": 30
          },
          "key": 2,
          "doc_count": 1
        },
        {
          "1": {
            "value": 50
          },
          "key": 3,
          "doc_count": 1
        },
        {
          "1": {
            "value": 40
          },
          "key": 4,
          "doc_count": 1
        }
      ]
    }
  }
}

I can click the wrench in the Console to copy that query as curl;

image.png1045×309 31 KB

In my case, I need to add authentication and -k to ignore my invalid ssl certificate. The results are at the bottom.
You'll probably have to scroll over to see them;

$ curl -k -XGET "https://elastic:changeit@localhost:9200/test4/_search" -H 'Content-Type: application/json' -d'
{
  "query": {
    "query_string": {
      "analyze_wildcard": true,
      "query": "*"
    }
  },
  "size": 0,
  "_source": {
    "excludes": []
  },
  "aggs": {
    "2": {
      "histogram": {
        "field": "number",
        "interval": 1,
        "min_doc_count": 1
      },
      "aggs": {
        "1": {
          "max": {
            "field": "count"
          }
        }
      }
    }
  }
}'
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   738  100   336  100   402   1953   2337 --:--:-- --:--:-- --:--:--  2337{"took":0,"timed_out":false,"_shards":{"total":5,"successful":5,"failed":0},"hits":{"total":4,"max_score":0.0,"hits":[]},"aggregations":{"2":{"buckets":[{"key":1.0,"doc_count":1,"1":{"value":20.0}},{"key":2.0,"doc_count":1,"1":{"value":30.0}},{"key":3.0,"doc_count":1,"1":{"value":50.0}},{"key":4.0,"doc_count":1,"1":{"value":40.0}}]}}}

You could use any language or library that does http GET requests.

Hope this helps.

Regards,
Lee

8 Likes
7

@LeeDr Tnx for the detailed explanation !
It looks very useful. I want to understand few things:

  • What's the output of the cURL ?

  • I need to create automate process without using the UI (AKA Kibana). Is there a way ?

:thumbsup:

8

As I said above, the output of the curl command is in my previous post. Scroll over to the right at the bottom.

1104×856 15.9 KB

Didn't I just explain that? Request the data directly from Elasticsearch and you don't have to use the Kibana UI.

You could also use our Reporting product in X-Pack to generate PDF documents containing graphs from Kibana. Is that what you're trying to do?

Lee

9

Tnx @LeeDr
Sorry for repeating my Q again
About reporting - I've tested it and it quite useful. Dealing with the subscription now :slight_smile:
Best

10

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.