Warning: Your Elasticsearch / ELK stack based logging solution may take a huge amount of disk space, and indexing of large amounts of data may also take so long that it can't keep up with the logs being generated.
In short, you need massive/cluster/cloud resources to support Elasticsearch.
Search:
curl '{endpoint}/_search?q=title:jones&size=5&pretty=true'
List indexes:
curl -s '{endpoint}/_cat/indices?v' | sort
Upload a template:
curl -X POST -H "Content-Type: application/json" -d @path/to/template.json 'http://elastic:changeme@localhost:9200/_template/testlog?pretty'
Add a document:
curl -X POST -H "Content-Type: application/json" -d '{ "timestamp": "2019-04-06T14:13:31", "message": "bar baz qux" }' http://elastic:changeme@localhost:9200/testlog/footype?pretty
Range query:
curl -X GET -H "Content-Type: application/json" -d '{ "query": { "range" : { "timestamp" : { "gte" : "2019-04-02T15:13:31", "lte" : "2019-05-09T14:13:31", "boost" : 2.0 } } } }' http://elastic:changeme@localhost:9200/testlog/_search?pretty
A piggy bank of commands, fixes, succinct reviews, some mini articles and technical opinions from a (mostly) Perl developer.
Posts
