Playing with elasticsearch indices

Author Date

List all indices

curl -X GET "localhost:9200/_cat/indices?v"

List indices matching a pattern


curl -XGET localhost:9200/_cat/indices/syslog*?v

health status index             uuid                   pri rep docs.count docs.deleted store.size pri.store.size
yellow open   syslog-2019.03.17 YOl_8xiaRxSWbOTzIfM6UQ   5   1    5503949            0    940.9mb        940.9mb
yellow open   syslog-2019.03.15 LRj4X2zQSa23cDAua1Glpw   5   1    4595158            0    771.6mb        771.6mb
yellow open   syslog-2019.03.14 a_ii5ZknRrW9UodC3t_p5A   5   1    1546130            0    219.6mb        219.6mb
yellow open   syslog-2019.03.16 2crctt3aSxuj0bK82IdmkA   5   1    5454493            0    817.7mb        817.7mb
yellow open   syslog-2019.03.18 ZLQXHFgzTdK124Zp0iMQNw   5   1     726255            0    182.4mb        182.4mb

Delete an index


curl -X DELETE "localhost:9200/syslog-2019.03.13"

{"acknowledged":true}

Fetch available fields in an index


curl -X GET "localhost:9200/syslog-2019.03.17/"
{
   "syslog-2019.03.17":{
      "aliases":{

      },
      "mappings":{
         "fluentd":{
            "properties":{
               "@timestamp":{
                  "type":"date"
               },
               "host":{
                  "type":"text",
                  "fields":{
                     "keyword":{
                        "type":"keyword",
                        "ignore_above":256
                     }
                  }
               },
               "ident":{
                  "type":"text",
                  "fields":{
                     "keyword":{
                        "type":"keyword",
                        "ignore_above":256
                     }
                  }
               },
               "message":{
                  "type":"text",
                  "fields":{
                     "keyword":{
                        "type":"keyword",
                        "ignore_above":256
                     }
                  }
               },
               "pid":{
                  "type":"text",
                  "fields":{
                     "keyword":{
                        "type":"keyword",
                        "ignore_above":256
                     }
                  }
               },
               "tag":{
                  "type":"text",
                  "fields":{
                     "keyword":{
                        "type":"keyword",
                        "ignore_above":256
                     }
                  }
               }
            }
         }
      },
      "settings":{
         "index":{
            "creation_date":"1552780803151",
            "number_of_shards":"5",
            "number_of_replicas":"1",
            "uuid":"YOl_8xiaRxSWbOTzIfM6UQ",
            "version":{
               "created":"6060199"
            },
            "provided_name":"syslog-2019.03.17"
         }
      }
   }
}

Search something within an index


curl -X GET "localhost:9200/<index name>/_search?q=<query>"

List all items in an index


curl -H 'Content-Type: application/json' -X GET http://localhost:9200/myapi-2019.09.03/_search?pretty

{
  "took" : 1,
  "timed_out" : false,
  "_shards" : {
    "total" : 5,
    "successful" : 5,
    "skipped" : 0,
    "failed" : 0
  },
  "hits" : {
    "total" : 32,
    "max_score" : 1.0,
    "hits" : [
      {
        "_index" : "myapi-2019.09.03",
        "_type" : "fluentd",
        "_id" : "lPEK92wB38336n--SHkH",
        "_score" : 1.0,
        "_source" : {
          "url" : "http://xx.xx.xx.xx/login",
          "retCode" : 200,
          "resSize" : 8195,
          "resTime" : 0.025218,
          "@timestamp" : "2019-09-03T17:41:20.645166699+05:30",
          "tag" : "myapi.portal.status"
        }
      },