How to query logstash elasticsearch API to get all data (Im only seeing data fields, not the actual data)

Elastic Stack Elasticsearch
1

Hello, im trying to query the elasticsearch index that contains all of my logstash data (http://localhost:9200/logstash-*) but for some reason im not receiving the actual data documents, only the data field names and type. For an example, if i had a data field named "host", when i query the URL above i get back a field "host": {"type": "text", "norms": false, "fields": { "keyword": { "type": "keyword" }}},

Im sure that Im just specifying the wrong URL or something. Can someone tell me how I can query a rest api to return all of my logstash documents?

Thanks

2

Hello Garrett,
try using this:
http://localhost:9200/logstash-*/_search

By default you will get 10 documents. If you need more give the size parameter a try:
/_search?size=20

Try not to make the size too large (>10.000)
We talk about the reasons in this chapter of the definitive guide.
https://www.elastic.co/guide/en/elasticsearch/guide/current/pagination.html
Please note that the book is based on 2.x but the same principles still apply.

Let me know if that helps :slight_smile:

Luca

1 Like
3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.