No results in kibana

marwa · July 22, 2017, 12:02pm

Hello,
i loaded data sets into elasticsearch that contains the field timestamp ,this is a part of json file i loaded
i used the command
curl -s -XPOST 'http://localhost:9200/_bulk' --data-binary @logs.jsonl

i defined the mapping in kibana dev tool PUT /logs-2015.05.18
{
"mappings": {
"log": {
"properties": {
"geo": {
"properties": {
"coordinates": {
"type": "geo_point"
}
}
}
}
}
}
}

PUT /logs-2015.05.19
{
"mappings": {
"log": {
"properties": {
"geo": {
"properties": {
"coordinates": {
"type": "geo_point"
}
}
}
}
}
}
}

PUT /logs-2015.05.20
{
"mappings": {
"log": {
"properties": {
"geo": {
"properties": {
"coordinates": {
"type": "geo_point"
}
}
}
}
}
}
}

then i created the index pattern with management tool but when i go to discover i found no data why and how can i fix this problem ??

Julien · July 22, 2017, 5:30pm

Have you selected the right time frame and not default of last 15 minutes?

Can you check in dev tool whether there is data or not for the indices
GET indexname/_search

If there is no data remove the silent switch to see the response of the curl post and check you are indexing to the 3 indices you are querying

marwa · July 22, 2017, 6:43pm

i changed the time range into this weak but nothing appear in discover tool ,i checked whether there is data and i found the data
but i don(t know why it deoesn't appear

hy data doesn't appear in the discover tool !!!!

marwa · July 22, 2017, 6:52pm

i tryed to recreate the logs index but with no timestamp field (not a time based event ) i did find the data

what should i do so i can make it with a time based event ????

Christian_Dahlqvist · July 22, 2017, 7:49pm

Have you tried setting the time-picker to cover the last 5 years, so you are sure to cover the events (as the timestamp is May 2015)?

marwa · July 22, 2017, 7:56pm

thank you ,this was the problem but i didn't understand the time range is used to filter the period when we had loaded data or it is likned to the timestamp ???
an other question ,if our data contains timestamp do we need to define the mapping of each date or what is the process to mapp the timestamp field ?
because i followed the example of loading data into elasticsearch in the official documentation and with csv file that contains timestamp equal to 2015.05.20,2015.05.19 and 2015.05.18 they did define 3 mappings ??
so what i want to know if my data contains timestamp ,how to mapp it ??

system · August 19, 2017, 7:56pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
For All Indexes and Timestamps Kibana Maps Shows "No results found" Kibana	2	705	August 7, 2020
Kibana 4 does not see _timestamp field Elasticsearch	4	1150	July 6, 2017
Kibana not showing any results in Discover with custom timestamp Kibana	5	1043	July 28, 2020
No results found (problem) Kibana	29	2906	February 3, 2019
Kibana Discover not showing data for any time range Kibana	10	9554	February 27, 2020

No results in kibana

Related topics