Not getting Updated data from Elastic search DB

HI ,

I am using below command to retrieve the data from Elasticsearch DB .

curl -XGET 'http://localhost:9200/vm_expiry/_search?pretty=1'
Facing below issues .

  1. Not getting the latest data . But in Kibana console latest data showing properly .
  2. Getting incomplete output . Suppose , the above query should return 52 results , but getting only 12 . In Kibana console , getting as expected .

Please help me with a command , which I need to run in linux backend for a script , to get all latest output .

Hard to say exactly , your not really "searching" for anything not even using wild card:

Try reading on the 2 search methods

Also in kibana, you can view the search it is issuing, by a little "^" in the bottom center of the graph, which will show you the actual request kibana issued.

Also not sure how your getting 12 results, the default size of returned data is 10

Thanks for your quick response . I never expected this much quick reply . Thanks again for responding my query .
Actually I am new to Elasticsearch . Need help on below topics
1.Is it possible to have the latest data only from an index .
2. What is the command for having all the data from an index .
3. How can I get the data of a specific date for an index .
4. Any cheat sheet available for elasticalert commands .

Thanks .

  1. you have to define latest. No you can't say just the updated data.
  2. You have to write a search that finds the data you want. And pay attention to the default settings an adjust.
  3. I don't know how your loading the data or what it looks like but hopefully you inserted a timestamp field which you have to query against (like Kibana does)
  4. I am sure some people have written some time cheat sheets but I do not know of any. The Elastic doc site is filled with examples for every thing

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.