URI query help

Trying to pull a query via the url without the index information just the data and querying the log file path. I've tried adding ?q=log.file.path:"*TeamViewer11_Logfile.log" and the full path to the url query with no luck.

What I want to remove
{"took":0,"timed_out":false,"_shards":{"total":1,"successful":1,"skipped":0,"failed":0},"hits":{"total":{"value":9,"relation":"eq"},"max_score":1.0,"hits":[{"_index":"filebeat-7.0.0-(w ...etcetera

http://192.168.0.2:9200/filebeat-7.0.0-2019.07.12/_search

Returns this data

{"took":0,"timed_out":false,"_shards":{"total":1,"successful":1,"skipped":0,"failed":0},"hits":{"total":{"value":9,"relation":"eq"},"max_score":1.0,"hits":[{"_index":"filebeat-7.0.0-2019.07.12","_type":"_doc","_id":"LN76_2sBXuGUNdNL_j6G","_score":1.0,"_source":{"@timestamp":"2019-07-12T02:42:42.407Z","agent":{"version":"7.0.0","type":"filebeat","id":"1d6e7753-8d12-4c44-9f51-5312a0facffd","ephemeral_id":"2862da84-cb0f-41ac-9c1a-a412a2c7e111","hostname":"server1"},"host":{"name":"server1","os":{"family":"windows","name":"Windows Server 2012 R2 Standard","kernel":"6.3.9600.19000 (winblue_ltsb.180410-0600)","build":"9600.0","platform":"windows","version":"6.3"},"id":"fe47919d-537a-44d0-9f95-8a2b24c377b2","architecture":"x86_64","hostname":"server1"},"ecs":{"version":"1.0.0"},"log":{"file":{"path":"C:\\Program Files (x86)\\TeamViewer\\TeamViewer11_Logfile.log"},"offset":369879},"@version":"1","message":["2019/07/11 22:42:38.857 8132 15436 S0 TVRouterClock: received router time: 20190712T024346.270873"," S0 TVRouterClock: received router time: 20190712T024346.270873"],"tags":["beats_input_codec_plain_applied"],"logtime":"19/07/11 22:42:38.857","input":{"type":"log"},"id1":"8132","id2":"15436"}},{"_index":"filebeat-7.0.0-2019.07.12","_type":"_doc","_id":"Ld76_2sBXuGUNdNL_j6G","_score":1.0,"_source":{"@timestamp":"2019-07-12T14:42:41.950Z","agent":{"hostname":"server1","type":"filebeat","id":"1d6e7753-8d12-4c44-9f51-5312a0facffd","version":"7.0.0","ephemeral_id":"2862da84-cb0f-41ac-9c1a-a412a2c7e111"},"host":{"os":{"family":"windows","name":"Windows Server 2012 R2 Standard","kernel":"6.3.9600.19000 (winblue_ltsb.180410-0600)","build":"9600.0","platform":"windows","version":"6.3"},"name":"server1","id":"fe47919d-537a-44d0-9f95-8a2b24c377b2","architecture":"x86_64","hostname":"server1"},"log":{"file":{"path":"C:\\Program Files (x86)\\TeamViewer\\TeamViewer11_Logfile.log"},"offset":370671},"ecs":{"version":"1.0.0"},"@version":"1","message":["2019/07/12 10:42:40.964 17064 12500 G2 TAF: Received answer is empty."," G2 TAF: Received answer is empty."],"tags":["beats_input_codec_plain_applied"],"logtime":"19/07/12 10:42:40.964","input":{"type":"log"},"id1":"17064","id2":"12500"}},{"_index":"filebeat-7.0.0-2019.07.12","_type":"_doc","_id":"cd76_2sBXuGUNdNL_jxn","_score":1.0,"_source":{"@timestamp":"2019-07-12T14:42:38.929Z","agent":{"version":"7.0.0","type":"filebeat","id":"1d6e7753-8d12-4c44-9f51-5312a0facffd","ephemeral_id":"2862da84-cb0f-41ac-9c1a-a412a2c7e111","hostname":"server1"},"host":{"name":"server1","architecture":"x86_64","os":{"family":"windows","name":"Windows Server 2012 R2 Standard","kernel":"6.3.9600.19000 (winblue_ltsb.180410-0600)","build":"9600.0","platform":"windows","version":"6.3"},"id":"fe47919d-537a-44d0-9f95-8a2b24c377b2","hostname":"server1"},"ecs":{"version":"1.0.0"},"log":{"file":{"path":"C:\\Program Files (x86)\\TeamViewer\\TeamViewer11_Logfile.log"},"offset":370179},"@version":"1","message":["2019/07/12 10:42:38.880 8132 6820 S0 TVRouterClock: received router time: 20190712T144346.507067"," S0 TVRouterClock: received router time: 20190712T144346.507067"],"tags":["beats_input_codec_plain_applied"],"logtime":"19/07/12 10:42:38.880","input":{"type":"log"},"id1":"8132","id2":"6820"}},{"_index":"filebeat-7.0.0-2019.07.12","_type":"_doc","_id":"2d76_2sBXuGUNdNL_jx3","_score":1.0,"_source":{"@timestamp":"2019-07-12T14:42:41.950Z","agent":{"version":"7.0.0","type":"filebeat","id":"1d6e7753-8d12-4c44-9f51-5312a0facffd","ephemeral_id":"2862da84-cb0f-41ac-9c1a-a412a2c7e111","hostname":"server1"},"host":{"architecture":"x86_64","os":{"family":"windows","name":"Windows Server 2012 R2 Standard","kernel":"6.3.9600.19000 (winblue_ltsb.180410-0600)","build":"9600.0","platform":"windows","version":"6.3"},"id":"fe47919d-537a-44d0-9f95-8a2b24c377b2","name":"server1","hostname":"server1"},"log":{"file":{"path":"C:\\Program Files (x86)\\TeamViewer\\TeamViewer11_Logfile.log"},"offset":370576},"ecs":{"version":"1.0.0"},"@version":"1","message":["2019/07/12 10:42:40.823 17064 19548 G2 TAF::ListRequestThreadRun: License 31204 for request"," G2 TAF::ListRequestThreadRun: License 31204 for request"],"tags":["beats_input_codec_plain_applied"],"logtime":"19/07/12 10:42:40.823","input":{"type":"log"},"id1":"17064","id2":"19548"}},{"_index":"filebeat-7.0.0-2019.07.12","_type":"_doc","_id":"l977_2sBXuGUNdNLAD4s","_score":1.0,"_source":

Is there any plugin that will allow me to get clean json data out?

Working on pulling this into another application "dglux5" that has the ability to visualize it in many ways.

Trying to get a clean table out

http://wiki.dglogik.com/dglux5_wiki:dataflow:dataflow_blocks_reference:table_operations:json_parser

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.