Hello, right now I am using the following address to get to my packet beat data:
“http://:9200//_search?pretty=true”
I am using this in C#, and I can then take the string value of this web page and parse it as JSON data. What I want to do is get the nicer, more condensed data that I see in Kibana for each ID that I see.
This is a screencap of my Kibana, what I want to do is get the data under the JSON tab with an HTTP request.
I know that you can do it if you have the ID of each packet, like this:
http://:9200//flow/?pretty
but then how do i get the most recent ID? I couldn't find any command that I could use to get that.
I am running packetbeat through Logstash, if that matters.