github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-25 02:09:32 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/docs/getting-started/tutorial-define-index.asciidoc
ncheckin 97fd0dfbef
Update tutorial-define-index.asciidoc (#76975) 
* Update tutorial-define-index.asciidoc

Forgot to update alt text in previous pr. Additionally, it is unclear in the image where the "time field" dropdown is located.

* Update docs/getting-started/tutorial-define-index.asciidoc

Co-authored-by: Kaarina Tungseth <kaarina.tungseth@elastic.co>
2020-09-28 10:27:27 -05:00

56 lines
2 KiB
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[[tutorial-define-index]]
=== Define your index patterns
Index patterns tell {kib} which {es} indices you want to explore.
An index pattern can match the name of a single index, or include a wildcard
(*) to match multiple indices.
For example, Logstash typically creates a
series of indices in the format `logstash-YYYY.MMM.DD`. To explore all
of the log data from May 2018, you could specify the index pattern
`logstash-2018.05*`.
[float]
==== Create the index patterns
First you'll create index patterns for the Shakespeare data set, which has an
index named `shakespeare,` and the accounts data set, which has an index named
`bank`. These data sets don't contain time series data.
. Open the menu, then go to *Stack Management > {kib} > Index Patterns*.
. If this is your first index pattern, the *Create index pattern* page opens.
. In the *Index pattern name* field, enter `shakes*`.
+
[role="screenshot"]
image::images/tutorial-pattern-1.png[Image showing how to enter shakes* in Index Pattern Name field]
. Click *Next step*.
. On the *Configure settings* page, *Create index pattern*.
+
Youre presented a table of all fields and associated data types in the index.
. Create a second index pattern named `ba*`.
[float]
==== Create an index pattern for the time series data
Create an index pattern for the Logstash index, which
contains the time series data.
. Create an index pattern named `logstash*`, then click *Next step*.
. From the *Time field* dropdown, select *@timestamp, then click *Create index pattern*.
+
[role="screenshot"]
image::images/tutorial_index_patterns.png[Image showing how to create an index pattern]
NOTE: When you define an index pattern, the indices that match that pattern must
exist in Elasticsearch and they must contain data. To check if the indices are
available, open the menu, go to *Dev Tools > Console*, then enter `GET _cat/indices`. Alternately, use
`curl -XGET "http://localhost:9200/_cat/indices"`.
For Windows, run `Invoke-RestMethod -Uri "http://localhost:9200/_cat/indices"` in Powershell.
Reference in a new issue View git blame Copy permalink