Is there a way to run a scheduled query in Kibana? Basically, we want to run our queries through the night so the reports will be available when we arrive to work.
Hi Shaunak...Thanks for the reply, and insight! I'm actually just starting
to set up Watcher, and since I'm new to it, have no idea on how to go about
doing that. I don't want to take your time, but is it possible to provide a
little direction on how I can accomplish this, as it would go hand in hand
with everything else I'm working on.
I'd suggest watching this webinar on Watcher as a gentle introduction: https://www.elastic.co/webinars/watcher-alerting-for-elasticsearch
Then I'd suggest reading the docs starting here: https://www.elastic.co/guide/en/watcher/current/introduction.html
Thanks Shaunak
Check out this scheduled reporting product for ELK.
http://guidanz.com/blog/report-scheduler-for-kibana/
I have it running in production and am very happy with it.
Thanks Paul! Definitely looks useful, and I think that may do the trick!
Hi Shaunak...I've gone through the links you provided, and I'm having trouble seeing how to accomplish my goals. To be more specific, the individual I'm creating this for wants to have their queries run in the middle of the night, and have a link to a Kibana visualization sent to them via email when they arrive to work. I can see how to run queries, and how to send an email via Watcher, but not how to translate that into a Kibana visualization, and then forward a link, or screen capture.
Hi Mike,
Kibana visualizations run queries against Elasticsearch on-the-fly. So couldn't the user just go to the Kibana visualization every morning to see updated data?
Ideally you'd start with the Kibana Visualization (or Dashboard, if you want to have a collection of several Visualizations). Once you have the data you want represented in Kibana, you can use that URL in the scheduled daily email. If you need to show a fixed time, as opposed to, say "the last day", then you can modify those parameters in the URL before you send that email.
That part I find confusing about your question is the "have their queries run in the middle of the night" part. If you're using Kibana, there are no "queries" to "run", as it's talking to Elasticsearch so the data source is (near) realtime. Unless I'm completely missing your specific use case here...