Hi,
When I type in:
GET filebeat-*/log/_search
{
"query": {
"term" : {"terminationCause": "SUCCESS"}
}
}
I get:
{
"took": 25,
"timed_out": false,
"_shards": {
"total": 5,
"successful": 5,
"failed": 0
},
"hits": {
"total": 96,
"max_score": 3.1475947,
"hits": [
{
"_index": "filebeat-2017.03.19",
etc,
Now I want only to get the "total" field only to get the number 96.
I will be happy for any help 
Hello, exist different json parsers, one of them: Redirecting to jqlang.github.io
jq '.hits' find necesary json param, then with grep and tr we will take total result:
curl -s localhost:9200/twitte/_search?q=: | jq '.hits' |grep total |tr -cd '[[:digit:]]'
i don't sure that this method is optimized, so you should found another solution.
But this - return correct result.
Set size: 0 to reduce the returned JSON.
There is also https://www.elastic.co/guide/en/elasticsearch/reference/current/common-options.html#common-options-response-filtering
Add -s param to curl , and try to use without pretty
Tomer you should use this solution:
curl -s localhost:9200/twitte/_search?filter_path=hits.total | tr -cd '[[:digit:]]'
Yes,
It did work with jq
Add size=0 to have better response time
Thx, it does take sometime, where should I add this?
curl -s "localhost:9200/twitter/_search?filter_path=hits.total&size=0" | tr -cd '[[:digit:]]'This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.