Elasticsearch
Get version of ES
curl http://localhost:9200/
Get all indices in a cluster
curl http://localhost:9200/_aliases
Get all indices in a cluster (pretty):
curl http://localhost:9200/_aliases?pretty=true
Show index creation time
curl http://localhost:9200/_cat/indices?h=health,status,index,id,pri,rep,docs.count,docs.deleted,store.size,creation.date.string&v=
Resource: https://stackoverflow.com/questions/17426521/list-all-indexes-on-elasticsearch-server
Get number of docs in a cluster
curl http://localhost:9200/_cat/count?v
Get number of docs in an index
curl http://localhost:9200/index/_count
Get Roles
This is where you can get answers to questions like “what do I have access to?”
curl http://localhost:9200/_security/role
Resource: https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-role.html
Get all users
curl http://localhost:9200/_security/user
Resource: https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-user.html
List all API keys
curl http://localhost:9200/_security/api_key
Get Schema for all indices
curl http://localhost:9200/*/_mapping
Get Schema for an index
curl http://localhost:9200/index_name/_mapping
Resource: https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-get-mapping.html
Get contents of an index
curl http://localhost:9200/index_name/_search?pretty=true
Resource: https://stackoverflow.com/questions/14565888/how-can-i-view-the-contents-of-an-elasticsearch-index
Get 100 results back from an index
curl -XPOST "http://localhost:9200/index_name/_search?pretty=true" \
-H 'Content-Type: application/json' -d '
{
"size": 100
}'
Search contents of an index with regex
This particular example will look for documents with ip addresses in the body of the log field:
curl -XPOST "http://localhost:9200/index_name/_search?pretty=true" \
-H 'Content-Type: application/json' -d '
{
"query": {
"regexp": {
"log": "/[0-9]|[0-9][0-9]|[0-9]/"
}
}
}'
Resource: https://stackoverflow.com/questions/25313051/elasticsearch-and-regex-queries