maxmustermann/kibana
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
kibana/docs/getting-started/tutorial-define-index.asciidoc
gchaps a6b8036283
Updates getting started guide (#41778) 
* [DOCS] Updates images in Getting Started

* [DOCS] Updates getting started

* [DOCS] Updated gs based on review comments

* [DOCS] Updates links to sample data

* [DOCS] Fixes broken links

* [DOCS] Minor edits to GS
2019-07-25 13:46:23 -07:00

54 lines
1.8 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[[tutorial-define-index]]
=== Define your index patterns
Index patterns tell Kibana which Elasticsearch indices you want to explore.
An index pattern can match the name of a single index, or include a wildcard
(*) to match multiple indices.
For example, Logstash typically creates a
series of indices in the format `logstash-YYYY.MMM.DD`. To explore all
of the log data from May 2018, you could specify the index pattern
`logstash-2018.05*`.
[float]
==== Create your first index pattern
First you'll create index patterns for the Shakespeare data set, which has an
index named `shakespeare,` and the accounts data set, which has an index named
`bank`. These data sets don't contain time series data.
. In Kibana, open *Management*, and then click *Index Patterns.*
. If this is your first index pattern, the *Create index pattern* page opens automatically.
Otherwise, click *Create index pattern*.
. Enter `shakes*` in the *Index pattern* field.
+
[role="screenshot"]
image::images/tutorial-pattern-1.png[]
. Click *Next step*.
. In *Configure settings*, click *Create index pattern*.
+
Youre presented a table of all fields and associated data types in the index.
. Return to the *Index patterns* overview page and define a second index pattern named `ba*`.
[float]
==== Create an index pattern for time series data
Now create an index pattern for the Logstash index, which
contains time series data.
. Define an index pattern named `logstash*`.
. Click *Next step*.
. Open the *Time Filter field name* dropdown and select *@timestamp*.
. Click *Create index pattern*.
NOTE: When you define an index pattern, the indices that match that pattern must
exist in Elasticsearch and they must contain data. To check which indices are
available, go to *Dev Tools > Console* and enter `GET _cat/indices`. Alternately, use
`curl -XGET "http://localhost:9200/_cat/indices"`.
Reference in a new issue View git blame Copy permalink