I've used Fscrawler to index some files from the file system to ES and hoped to hook up ES to Kibana to get a visual representation but after defining an index pattern for Kibana it doesn't display anything under the discover tab...
I've have used the same index name for all inputs and they all have date modified and i can see the _source is full in ES but under discover i can't find any results on _source and * (i've even tried setting it to past 7 days etc).
Any ideas?
Are you sure you have records in the last 7 days? I'm guessing you are...
Are you sure that Elasticsearch is correctly parsing the date you are giving it? Can you see the data if you query Elasticsearch directly, without using Kibana?
Actually double checking based on what you have said, apparently if i go back more than a year i can see data, this is kind of stupid isn't there a way to make it show all data from all time?
Currently, no. Im not sure there's an API in Elasticsearch to find out where your data starts and ends, and if there's not, there's no way for Kibana to get that time range.
The more common use case is to use Kibana to view current data, so that's why the last 15 minutes is the default. You can change the default in advanced settings if you need to though.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.