How i put a response into a kibana URL

Hello all,

I have a script that will execute at a Unix serve

curl -X POST  "htt..xxxxx/xxxxx*/_search?pretty="  -H 'authorization: Basic xxxxxxxx'  -H 'content-type: application/json'   -d '{
  "aggs": {
    "2": {
      "terms": {
        "field": "app.name.keyword",
        "order": {
          "_count": "desc"
        },
        "size": 10000
      },
      "aggs": {
        "3": {
          "terms": {
            "field": "apiproxy.name.keyword",
            "order": {
              "_count": "desc"
            },
            "size": 10000
          },
          "aggs": {
            "4": {
              "filters": {
                "filters": {
                  "message.status.code >299 and message.status.code <499 and NOT message.status.code =429": {
                    "bool": {
                      "must": [],
                      "filter": [
                        {
                          "bool": {
                            "filter": [
                              {
                                "bool": {
                                  "should": [
                                    {
                                      "range": {
                                        "message.status.code": {
                                          "gt": 299
                                        }
                                      }
                                    }
                                  ],
                                  "minimum_should_match": 1
                                }
                              },
                              {
                                "bool": {
                                  "filter": [
                                    {
                                      "bool": {
                                        "should": [
                                          {
                                            "range": {
                                              "message.status.code": {
                                                "lt": 499
                                              }
                                            }
                                          }
                                        ],
                                        "minimum_should_match": 1
                                      }
                                    },
                                    {
                                      "bool": {
                                        "must_not": {
                                          "multi_match": {
                                            "type": "best_fields",
                                            "query": "message.status.code =429",
                                            "lenient": true
                                          }
                                        }
                                      }
                                    }
                                  ]
                                }
                              }
                            ]
                          }
                        }
                      ],
                      "should": [],
                      "must_not": []
                    }
                  },
                  "message.status.code <299": {
                    "bool": {
                      "must": [],
                      "filter": [
                        {
                          "bool": {
                            "should": [
                              {
                                "range": {
                                  "message.status.code": {
                                    "lt": 299
                                  }
                                }
                              }
                            ],
                            "minimum_should_match": 1
                          }
                        }
                      ],
                      "should": [],
                      "must_not": []
                    }
                  },
                  "message.status.code >499": {
                    "bool": {
                      "must": [],
                      "filter": [
                        {
                          "bool": {
                            "should": [
                              {
                                "range": {
                                  "message.status.code": {
                                    "gt": 499
                                  }
                                }
                              }
                            ],
                            "minimum_should_match": 1
                          }
                        }
                      ],
                      "should": [],
                      "must_not": []
                    }
                  },
                  "message.status.code = 429": {
                    "bool": {
                      "must": [],
                      "filter": [
                        {
                          "multi_match": {
                            "type": "best_fields",
                            "query": "message.status.code = 429",
                            "lenient": true
                          }
                        }
                      ],
                      "should": [],
                      "must_not": []
                    }
                  }
                }
              },
              "aggs": {
                "5": {
                  "filters": {
                    "filters": {
                      "totalLatency > 3000": {
                        "bool": {
                          "must": [],
                          "filter": [
                            {
                              "bool": {
                                "should": [
                                  {
                                    "range": {
                                      "totalLatency": {
                                        "gt": 3000
                                      }
                                    }
                                  }
                                ],
                                "minimum_should_match": 1
                              }
                            }
                          ],
                          "should": [],
                          "must_not": []
                        }
                      },
                      "totalLatency < 3000": {
                        "bool": {
                          "must": [],
                          "filter": [
                            {
                              "bool": {
                                "should": [
                                  {
                                    "range": {
                                      "totalLatency": {
                                        "lt": 3000
                                      }
                                    }
                                  }
                                ],
                                "minimum_should_match": 1
                              }
                            }
                          ],
                          "should": [],
                          "must_not": []
                        }
                      }
                    }
                  }
                }
              }
            }
          }
        }
      }
    }
  },
  "size": 0,
  "_source": {
    "excludes": []
  },
  "stored_fields": [
    "*"
  ],
  "script_fields": {},
  "docvalue_fields": [
    {
      "field": "client.received.start.datetime",
      "format": "date_time"
    },
    {
      "field": "received.datetime",
      "format": "date_time"
    }
  ],
  "query": {
    "bool": {
      "must": [],
      "filter": [
        {
          "match_all": {}
        },
        {
          "match_all": {}
        },
        {
          "range": {
            "client.received.start.datetime": {
              "format": "strict_date_optional_time",
              "gte": "2024-01-03T12:17:55.095Z",
              "lte": "2024-01-03T12:32:55.095Z"
            }
          }
        }
      ],
      "should": [],
      "must_not": []
    }
  }
}'

but the curl ht…://xxxx/onlineapigeecampinasprod*/_search?pretty= they send me to a page with a kibana response how i change this?

image1600×900 196 KB

by the end i want to extract kibana logs

Hi @Natanael_Rodrigues Welcome to the community.

What version are you running?

It is not clear what your issue is... or what you installation you used.

Do you want to view your logs in Kibana? (I see kibana Tabs... old Kibana)

Have you installed Kibana?

Is there a proxy?

I am not clear what you mean ... generally curl responds on the command line I am not sure why it is opening a browser.

Apologies... It is not clear what you are trying to accomplish.

Hi Stephen, thanks u
I think I didn't explain it correctly, I have a Unix server and I need to create a script so that it extracts data from a visualization that I have ready in Kibana (I don't have full access to Elasticsearch, just Kibana) and I already have a script ready and running, however it has another IP and on that IP link when I click it opens a page with the kibana request a */_search?pretty=" I wanted to know if I can make an API like this just with KIBANA

Hi @Natanael_Rodrigues

I am so sorry I am still not quite clear.. we do have other members that most likely speak your native language... you could try that. Your english is great! it is probably just me

I do not know what "it has another IP" means or what its impact is? Perhaps that is the elasticsearch IP?

I also do not know what "make an API like this just with KIBANA" means sorry I just do not understand,

If I go back to your 1st post that Code is Elasticsearch DSL and no there is no documented Kibana API to just pass through Elasticsearch DSL _search endpoint through Kibana if that is what you are asking

1st What version are you on?

2nd What kind of Visualization?

3rd is that the full request */_search?pretty=" the _search endpoint is an Elasticsearch Endpoint, not a Kibana API endpoint. There is no equivalent in Kibana API

If you are writing a script to scrape data from the Kibana web app, I do not think I can help/have the expertise.

The proper way to get data from Elasticsearch / Kibana is

Elasticsearch APIs this is where the _search endpoint lives

Kibana APIs

Kibana report Generations

Downloading CSV data from Tables or Discover etc in Kibana

Perhaps if you have access to Kibana you can create Data Tables with the Same Aggregations and download the data from that.

Let me know what you think...

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.