I need to query messages that are sent from syslog server to logstash via filebeat . I need to curl some data out of the filebeat index. How can I write that query to get the field that what I need? Anyone? Thank you.
Yes you can.
If you are looking to learn how to write them to get the data you want, the easiest way is to build a dashboard in Kibana and then copy the query that it sends over to Elasticsearch.
I am trying to curl that field from elasticsearch. will that work by copying the dashboard query.. ?
Yep.
1 Like
Thank you. I will give that a try.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.