View last indexed data on elasticsearch

ANU_SARA_VARGHESE · September 27, 2016, 1:57pm

Hi,

How can I see the last or the latest indexed data on elasticsearch?

I tried out the url

http://x.x.x.x:9200/myindex_name

But I can only see the the field names which I had filtered in logstash and not any data.

jpountz · September 27, 2016, 2:56pm

Do something like

curl -XGET `http://x.x.x.x:9200/myindex_name/_search -d '
{
  "sort": [ {"_doc": "desc"} ]
}
'

ANU_SARA_VARGHESE · September 28, 2016, 10:37am

Hi Adrien,

I had tried this out. But I am not getting the current indexed data.

In kibana, I could see the latest data indexed. But through the url I am only able to see data which dates some 2 weeks ago. Moreover, I could even see the exact total counts using the url

http://x.x.x.x:9200/_cat/count

Why is that I am not able to see the current indexed data?

jpountz · September 28, 2016, 3:20pm

I think you are just not sorting based on the appropriate field? I did not know you had a timestamp field, so maybe what you are looking after is the following API call:

curl -XGET `http://x.x.x.x:9200/myindex_name/_search -d '
{
  "sort": [ {"timestamp": "desc"} ]
}
'

Just make sure to replace timestamp with the actual name of your timestamp field.

ANU_SARA_VARGHESE · September 29, 2016, 5:56am

Thanks Adrien. It worked

Topic		Replies	Views
Elasticsearch consistently showing data as now - 24h Elasticsearch	3	413	August 11, 2021
Viewing the most recent data Kibana	4	767	December 10, 2021
Last data shown is for December 6th 23:59:36 Kibana	2	705	July 6, 2017
Unable to see data Elasticsearch	2	405	November 14, 2018
No results found in kabana discover page Kibana	3	370	April 16, 2021

View last indexed data on elasticsearch

Related topics