How to retrieve data from a data stream using Elasticsearch API keys

YUUTA.INOUE-JPN · January 18, 2024, 9:50am

Hello from Japan
I have a question for you respected engineers.

I would like to know about Elasticsearch API keys.
I am using Winlogbeat (Ver8.11.1) to send Windows log information to Elasticsearch (Ver8.11.1).
I would like to retrieve information stored in Elasticsearch using an API key, but after upgrading to V8, the log information sent by Winlogbeat is stored as a data stream instead of an index. I found out about this.

In V7 of Elasticsearch, I was able to retrieve the contents of the index using the API key, but since V8, I am having trouble figuring out how to retrieve the contents of the data stream.

Is it possible to obtain information in the data stream using an API key?
If it is possible please tell me how.

I would like help from all of you respected ELASTIC engineers.
I await your replies and information.
Thank you

yago82 · January 22, 2024, 3:03pm

Hi,

You can use the same API key that you used to retrieve information from an index in Elasticsearch version 7.

Please note that the user associated with the API key needs to have the appropriate permissions to read from the data stream.

Regards

YUUTA.INOUE-JPN · January 24, 2024, 12:41am

Hello yago82 .
Thank you for your reply.
After outputting the API in the Elastic environment, we plan to verify information acquisition in the data stream.
Your answer helped us.
thank you

system · February 21, 2024, 12:41am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.