How i put a response into a kibana URL

Natanael_Rodrigues · January 4, 2024, 8:18pm

Hello all,

I have a script that will execute at a Unix serve

curl -X POST  "htt..xxxxx/xxxxx*/_search?pretty="  -H 'authorization: Basic xxxxxxxx'  -H 'content-type: application/json'   -d '{
  "aggs": {
    "2": {
      "terms": {
        "field": "app.name.keyword",
        "order": {
          "_count": "desc"
        },
        "size": 10000
      },
      "aggs": {
        "3": {
          "terms": {
            "field": "apiproxy.name.keyword",
            "order": {
              "_count": "desc"
            },
            "size": 10000
          },
          "aggs": {
            "4": {
              "filters": {
                "filters": {
                  "message.status.code >299 and message.status.code <499 and NOT message.status.code =429": {
                    "bool": {
                      "must": [],
                      "filter": [
                        {
                          "bool": {
                            "filter": [
                              {
                                "bool": {
                                  "should": [
                                    {
                                      "range": {
                                        "message.status.code": {
                                          "gt": 299
                                        }
                                      }
                                    }
                                  ],
                                  "minimum_should_match": 1
                                }
                              },
                              {
                                "bool": {
                                  "filter": [
                                    {
                                      "bool": {
                                        "should": [
                                          {
                                            "range": {
                                              "message.status.code": {
                                                "lt": 499
                                              }
                                            }
                                          }
                                        ],
                                        "minimum_should_match": 1
                                      }
                                    },
                                    {
                                      "bool": {
                                        "must_not": {
                                          "multi_match": {
                                            "type": "best_fields",
                                            "query": "message.status.code =429",
                                            "lenient": true
                                          }
                                        }
                                      }
                                    }
                                  ]
                                }
                              }
                            ]
                          }
                        }
                      ],
                      "should": [],
                      "must_not": []
                    }
                  },
                  "message.status.code <299": {
                    "bool": {
                      "must": [],
                      "filter": [
                        {
                          "bool": {
                            "should": [
                              {
                                "range": {
                                  "message.status.code": {
                                    "lt": 299
                                  }
                                }
                              }
                            ],
                            "minimum_should_match": 1
                          }
                        }
                      ],
                      "should": [],
                      "must_not": []
                    }
                  },
                  "message.status.code >499": {
                    "bool": {
                      "must": [],
                      "filter": [
                        {
                          "bool": {
                            "should": [
                              {
                                "range": {
                                  "message.status.code": {
                                    "gt": 499
                                  }
                                }
                              }
                            ],
                            "minimum_should_match": 1
                          }
                        }
                      ],
                      "should": [],
                      "must_not": []
                    }
                  },
                  "message.status.code = 429": {
                    "bool": {
                      "must": [],
                      "filter": [
                        {
                          "multi_match": {
                            "type": "best_fields",
                            "query": "message.status.code = 429",
                            "lenient": true
                          }
                        }
                      ],
                      "should": [],
                      "must_not": []
                    }
                  }
                }
              },
              "aggs": {
                "5": {
                  "filters": {
                    "filters": {
                      "totalLatency > 3000": {
                        "bool": {
                          "must": [],
                          "filter": [
                            {
                              "bool": {
                                "should": [
                                  {
                                    "range": {
                                      "totalLatency": {
                                        "gt": 3000
                                      }
                                    }
                                  }
                                ],
                                "minimum_should_match": 1
                              }
                            }
                          ],
                          "should": [],
                          "must_not": []
                        }
                      },
                      "totalLatency < 3000": {
                        "bool": {
                          "must": [],
                          "filter": [
                            {
                              "bool": {
                                "should": [
                                  {
                                    "range": {
                                      "totalLatency": {
                                        "lt": 3000
                                      }
                                    }
                                  }
                                ],
                                "minimum_should_match": 1
                              }
                            }
                          ],
                          "should": [],
                          "must_not": []
                        }
                      }
                    }
                  }
                }
              }
            }
          }
        }
      }
    }
  },
  "size": 0,
  "_source": {
    "excludes": []
  },
  "stored_fields": [
    "*"
  ],
  "script_fields": {},
  "docvalue_fields": [
    {
      "field": "client.received.start.datetime",
      "format": "date_time"
    },
    {
      "field": "received.datetime",
      "format": "date_time"
    }
  ],
  "query": {
    "bool": {
      "must": [],
      "filter": [
        {
          "match_all": {}
        },
        {
          "match_all": {}
        },
        {
          "range": {
            "client.received.start.datetime": {
              "format": "strict_date_optional_time",
              "gte": "2024-01-03T12:17:55.095Z",
              "lte": "2024-01-03T12:32:55.095Z"
            }
          }
        }
      ],
      "should": [],
      "must_not": []
    }
  }
}'

but the curl ht…://xxxx/onlineapigeecampinasprod*/_search?pretty= they send me to a page with a kibana response how i change this?

by the end i want to extract kibana logs

stephenb · January 4, 2024, 10:01pm

Hi @Natanael_Rodrigues Welcome to the community.

What version are you running?

It is not clear what your issue is... or what you installation you used.

Do you want to view your logs in Kibana? (I see kibana Tabs... old Kibana)

Have you installed Kibana?

Is there a proxy?

I am not clear what you mean ... generally curl responds on the command line I am not sure why it is opening a browser.

Apologies... It is not clear what you are trying to accomplish.

Natanael_Rodrigues · January 5, 2024, 2:10pm

Hi Stephen, thanks u
I think I didn't explain it correctly, I have a Unix server and I need to create a script so that it extracts data from a visualization that I have ready in Kibana (I don't have full access to Elasticsearch, just Kibana) and I already have a script ready and running, however it has another IP and on that IP link when I click it opens a page with the kibana request a */_search?pretty=" I wanted to know if I can make an API like this just with KIBANA

stephenb · January 5, 2024, 3:25pm

Hi @Natanael_Rodrigues

I am so sorry I am still not quite clear.. we do have other members that most likely speak your native language... you could try that. Your english is great! it is probably just me

I do not know what "it has another IP" means or what its impact is? Perhaps that is the elasticsearch IP?

I also do not know what "make an API like this just with KIBANA" means sorry I just do not understand,

If I go back to your 1st post that Code is Elasticsearch DSL and no there is no documented Kibana API to just pass through Elasticsearch DSL _search endpoint through Kibana if that is what you are asking

1st What version are you on?

2nd What kind of Visualization?

3rd is that the full request */_search?pretty=" the _search endpoint is an Elasticsearch Endpoint, not a Kibana API endpoint. There is no equivalent in Kibana API

If you are writing a script to scrape data from the Kibana web app, I do not think I can help/have the expertise.

The proper way to get data from Elasticsearch / Kibana is

Elasticsearch APIs this is where the _search endpoint lives

Kibana APIs

Kibana report Generations

Downloading CSV data from Tables or Discover etc in Kibana

Perhaps if you have access to Kibana you can create Data Tables with the Same Aggregations and download the data from that.

Let me know what you think...

system · February 2, 2024, 3:26pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Proper syntax of script fields Elasticsearch	4	519	February 13, 2017
How to convert KQL to curl command in bash Kibana kql-kibana-query-language	5	1047	April 11, 2022
Curl command to put value in Kibana 6.3 Kibana	4	2916	January 8, 2019
Help with aggregation query Elasticsearch	5	420	November 20, 2019
Data sent with curl into elastisearch are invisible in Kibana Kibana	4	757	January 8, 2018

How i put a response into a kibana URL

Related topics