i am using python elasticsearch module to search filebeat log by using using keyword. same as i do in "Kibana Discover" but my search does not return anything.
# make sure ES is up and running
import requests
res = requests.get('http://xxxxx:9200')
print(res.content)
# Import Elasticsearch package
from elasticsearch import Elasticsearch
# Connect to the elastic cluster
es=Elasticsearch([{'host':'xxxxx','port':9200}],timeout=30)
es
es.search(index='*', body={
'query': {
'match': {
'message': 'SocketTimeoutException',
}
}
})
es
it should give me log file like this but it does not.
message:14:20:01,387 ERROR [com.yuma.jca.sockets.concox] (default-threads - 37) MessageWork SocketTimeoutException for imei: 0358735075610732-> Read timed out @timestamp:Aug 8, 2019 @ 15:20:01.559 ecs.version:1.0.0
but i get like this, only the print connection
b'{\n "name" : "kibana",\n "cluster_name" : "elasticsearch",\n "cluster_uuid" : "pspfiiegRre8OOFSsLWIhQ",\n "version" : {\n "number" : "7.2.0",\n "build_flavor" : "default",\n "build_type" : "deb",\n "build_hash" : "508c38a",\n "build_date" : "2019-06-20T15:54:18.811730Z",\n "build_snapshot" : false,\n "lucene_version" : "8.0.0",\n "minimum_wire_compatibility_version" : "6.8.0",\n "minimum_index_compatibility_version" : "6.0.0-beta1"\n },\n "tagline" : "You Know, for Search"\n}\n'
