如果 ES 中存在索引，是否有基于 API 的方法在 Kibana 中创建索引模式

Question

我在 ES.I 中有一个索引，需要使用 API call.In 在 .kibana 中创建相同的索引模式，我什至想设置列这将是时间戳 column.Any 帮助将不胜感激。

Answer 1

你可以做到，但你需要自己构建整个结构。索引模式定义如下所示：

PUT .kibana/doc/index-pattern:<some-uuid>
{
      "type": "index-pattern",
      "updated_at": "2018-01-27T07:12:05.373Z",
      "index-pattern": {
        "title": "test*",
        "timeFieldName": "@timestamp",
        "fields": """ ... """,
      }
}

title 是您的索引模式的名称，与您通过 UI
timeFieldName是时间戳字段的名字
fields 是一个包含索引模式中所有字段定义的 JSON 数组的字符串（见下文）

字段定义如下所示：

[
  {
    "name": "@timestamp",
    "type": "date",
    "count": 0,
    "scripted": false,
    "searchable": true,
    "aggregatable": true,
    "readFromDocValues": true
  },
  {
    "name": "_id",
    "type": "string",
    "count": 0,
    "scripted": false,
    "searchable": true,
    "aggregatable": true,
    "readFromDocValues": false
  },
  {
    "name": "_index",
    "type": "string",
    "count": 0,
    "scripted": false,
    "searchable": true,
    "aggregatable": true,
    "readFromDocValues": false
  },
  {
    "name": "_score",
    "type": "number",
    "count": 0,
    "scripted": false,
    "searchable": false,
    "aggregatable": false,
    "readFromDocValues": false
  },
  {
    "name": "_source",
    "type": "_source",
    "count": 0,
    "scripted": false,
    "searchable": false,
    "aggregatable": false,
    "readFromDocValues": false
  },
  {
    "name": "_type",
    "type": "string",
    "count": 0,
    "scripted": false,
    "searchable": true,
    "aggregatable": true,
    "readFromDocValues": false
  },
  {
    "name": "referer",
    "type": "string",
    "count": 0,
    "scripted": false,
    "searchable": true,
    "aggregatable": false,
    "readFromDocValues": false
  },
  ...
]

因此您需要为每个字段创建此数组，然后将其字符串化并将字符串放入 fields 字段中。

这是一个表示索引模式的示例文档：

 {
      "type": "index-pattern",
      "updated_at": "2018-01-27T07:12:05.373Z",
      "index-pattern": {
        "title": "test*",
        "timeFieldName": "@timestamp",
        "fields": """[{"name":"@timestamp","type":"date","count":0,"scripted":false,"searchable":true,"aggregatable":true,"readFromDocValues":true},{"name":"_id","type":"string","count":0,"scripted":false,"searchable":true,"aggregatable":true,"readFromDocValues":false},{"name":"_index","type":"string","count":0,"scripted":false,"searchable":true,"aggregatable":true,"readFromDocValues":false},{"name":"_score","type":"number","count":0,"scripted":false,"searchable":false,"aggregatable":false,"readFromDocValues":false},{"name":"_source","type":"_source","count":0,"scripted":false,"searchable":false,"aggregatable":false,"readFromDocValues":false},{"name":"_type","type":"string","count":0,"scripted":false,"searchable":true,"aggregatable":true,"readFromDocValues":false},{"name":"referer","type":"string","count":0,"scripted":false,"searchable":true,"aggregatable":false,"readFromDocValues":false},{"name":"referer.keyword","type":"string","count":0,"scripted":false,"searchable":true,"aggregatable":true,"readFromDocValues":true},{"name":"status","type":"number","count":0,"scripted":false,"searchable":true,"aggregatable":true,"readFromDocValues":true},{"name":"url","type":"string","count":0,"scripted":false,"searchable":true,"aggregatable":false,"readFromDocValues":false},{"name":"url.keyword","type":"string","count":0,"scripted":false,"searchable":true,"aggregatable":true,"readFromDocValues":true}]"""
      }
    }

如果 ES 中存在索引，是否有基于 API 的方法在 Kibana 中创建索引模式

Is there API based method to create an index pattern in Kibana if its index is present in ES

elasticsearch

kibana