Skip to content

Commit b41b46c

Browse files
taraslayshchuktaraslayshchuk
committed
Better way to build query and use any indexes without being bound to time span.
1 parent 44991f3 commit b41b46c

File tree

8 files changed

+305
-404
lines changed

8 files changed

+305
-404
lines changed

Gemfile

-4
This file was deleted.

README.md

+17-12
Original file line numberDiff line numberDiff line change
@@ -1,24 +1,29 @@
1-
stash-query
1+
es-query-export
22
===========
33

4-
A CLI Tool for Querying Logstash/Elasticsearch and Exporting the results. Uses the Lucene query syntax that Kibana utilizes, but provides the option for exporting.
4+
A CLI Tool for Querying Elasticsearch and Exporting the results in CSV format. Uses the Lucene query syntax that Kibana utilizes.
55

66
Usage:
77
```
8-
-c, --connect_host [HOST] Elasticsearch host to run query on (defaults to: localhost)
9-
-p, --port [PORT] Elasticsearch port (defaults to: 9200)
10-
-i, --index-prefix [PREFIX] Index name prefix. Defaults to 'logstash-'
11-
-w, --write [FILE] Write output file location (defaults to nil)
12-
-d, --debug Debug mode
13-
-s, --start [DATE] Start date. Format: YYYY-MM-DDThh:mm:ss.SSSZ. Ex: 2013-12-01T12:00:00.000Z
14-
-e, --end [DATE] End date. Format: YYYY-MM-DDThh:mm:ss.SSSZ
8+
9+
-u, --url [URL] URL to Elasticsearch host to run query on (default: http://localhost:9200)
10+
-i, --index-prefix [PREFIX] Index name prefix(es). Defaults to 'logstash-*'. Comma delimited
1511
-q, --query [QUERY] Query string
1612
-t, --tags [TAGS] Tags to query. Comma delimited
17-
-f, --write-fields [FIELDS] Comma delimited list of Logstash fields to write to output file. Defaults to "message"
18-
-l, --delimiter [DELIMITER] Delimiter to use in output file. Defaults to ","
13+
-w, --write [FILE] Write output file location
14+
-f, --fields [FIELDS] Comma delimited list of docs fields in output. Defaults to "_all" fields
15+
-l, --delimiter [DELIMITER] Delimiter to use in output. Defaults to ","
16+
-d, --debug Debug mode
17+
-s, --silent Run silently
18+
-m, --max [INTEGER] Maximum number of results to return. Non-integer arguments default to 0.
19+
1920
```
2021

2122
Examples:
2223
```
23-
stash-query -s 2013-12-01T00:00:00.000Z -e 2013-12-02T00:00:00.000Z -t my_tag -q 'message:hello_world' -w /tmp/my_query.txt
24+
es-query-export -u http://kibana.com:80/es -i logstash-2015.10.* -q host:localhost and host:127.0.0.1 -f message,date,host -w output.csv -l ';'
25+
es-query-export -u kibana.com:80/es -i logstash-2015.10.11,logstash-2015.10.03,logstash-2015.10.25 -q host:localhost -f _all
26+
es-query-export -u http://localhost:9200 -i _all -q cluster:c2 -t prod,dev
27+
es-query-export -u localhost:9200 -i _all -q *:* -f _all -w output.csv
28+
es-query-export -q *:*
2429
```

bin/stash-query

-70
This file was deleted.

0 commit comments

Comments
 (0)