Stack Overflow
Stack Overflow

Questions tagged [elasticsearch-opendistro]

An Apache 2.0-licensed distribution of Elasticsearch enhanced with enterprise security, alerting, SQL, and more. Links:

https://opendistro.github.io/for-elasticsearch

https://www.elastic.co/products/elasticsearch

This solution is provided by AWS with a "fork" of elasticsearch engine (more detail on this post)

134 questions
0
votes
1 answer

How to execute parameterized SQL with OpenDistro

We are using OpenDistro with elastic search. Before executing the query it is compiled and translated in DSL format. Currently we are passing static SQL queries and each query is compiled before execution. Let us take an example SQL:Select * from…
Ravik
  • 694
  • 7
  • 12
0
votes
1 answer

Observability section not visible in ELK Open Distro 1.13.3

I am using Open Distro 1.13.3 , Kibana v 7.10.2 but I am unable to see the observability section in Kibana. I am trying to implement HeartBeat and use uptime to monitor URL's but unable to see observability section. Any idea what could be the reason…
Navin
  • 684
  • 1
  • 11
  • 24
0
votes
0 answers

How to keep the monitoring working always on the recent added indice in opendistro or opensearch?

I am trying to setup monitors that detect any penetration attempts to a website. For that, I am using the Alert functionality in open distro ( older version of opensearch ). The problem is we have indices for the actual day and the 29 day before.…
Zorghost
  • 29
  • 7
0
votes
1 answer

Full Log in Aggregation - Open Distro

I want to know how I can put the full log from the event in aggregation, because the full log is not a field. I know how I can put, for example, the agent.name, but full log, I don't know.
amy
  • 1
0
votes
0 answers

perform calculation on more than one series using kibana TSVB

I using open distro kibana in order to show up some visuals, I am using TSVB in order to perform some KPIs, the issue that I wan to do some calculation on two indexes therefore I have created two series and done the calculation for each one like the…
kikicoder
  • 383
  • 3
  • 16
0
votes
0 answers

Elastic \ Opensearch life cycle management - what is the difference between read_write & open actions

I want to use life cycle management, the goal is to delete messages after 14 days What should be the action in the first stage? Open or Read_write What is the difference between the two actions? { "policy": { "policy_id":…
dzbeda
  • 173
  • 2
  • 9
0
votes
0 answers

How to delete indices older than 30 days using automated policies in Open Distro for elasticsearch?

I am using Open Distro for elastic search and want to create a policy that deletes indices older than 30 days. I have seen this doc: https://opendistro.github.io/for-elasticsearch-docs/docs/im/index-rollups/ but the steps are not clear.
Bakesoft Pro
  • 1
  • 1
0
votes
0 answers

gpg: no valid openpgp data found while installating and configuring Opendistroforelasticsearch

I am working on virtual machine and I am installing and configuring opendistro for Elasticsearch by following this page: https://opendistro.github.io/for-elasticsearch-docs/docs/install/deb/ by running this command: wget -qO…
ahsan yazdani
  • 60
  • 7
0
votes
0 answers

Cannot read field "dynamic" because "this.config" is null

Elasticsearch Version: 7.10.2 Open Distro Security Version: 1.13.1.0 I'm getting following error when I try to enable opendistro_security in my elasticsearch cluster. Here is the command I was using : bash…
Madura Dissanayake
  • 8,309
  • 5
  • 25
  • 34
0
votes
2 answers

Explanation for the following SQL query

I came across this SQL query and am not able to understand how is it working. SELECT answer AS answer FROM (SELECT answer FROM "default"."enriched-responses-dev") AS virtual_table LIMIT 1000; And how is it different from this? SELECT answer AS…
Arpit Shukla
  • 9,612
  • 1
  • 14
  • 40
0
votes
1 answer

opendistro query for last n minutes

{ "query": "SELECT COUNT(*) AS result FROM my-index WHERE ['field1'] > 3" } above query gives result. I am trying to filter count on last 15 minutes. Tried below query { "query": "SELECT COUNT(*) AS result FROM my-index WHERE ['field1'] >…
gourav kumar
  • 141
  • 1
  • 11
0
votes
1 answer

how to retrieve the index name when translating SQL query in elasticsearch/opensearch

According to the official doc of elasticsearch/opendistro, the SQL translate API could translate SQL query into elasticsearch DSL. However, it only returns columns, filters, size and sorting operators without any index/table name. E.g., given sql…
shawnzhu
  • 7,233
  • 4
  • 35
  • 51
0
votes
1 answer

Geo Data In OpenDistro ELK Cluster

We have some application which is directly send data to Elasticsearch. we don't want involve logstash. any possibility to get Geo Information from original IP without using logstash? Is there any post script we can run? please suggest any idea.
Dharmin Fadia
  • 1
  • 1
0
votes
2 answers

create index for elasticsearch as namespaces names

im useing elasticsearch opendistro whith fluentd and i want to collect my kubernetes cluster logs , i want collect logs per namespace in index's . im lookin this answer but still having problem.also i added…
zone sd
  • 15
  • 7
0
votes
1 answer

Ship logs from AWS Cloudwatch log group to Opendistro EFK

Is there a way to ship logs from AWS Cloudwatch log group to Opendistro EFK? I am using opendistro which has the elasticsearch version 7.10.2, that has been provisioned using helm in an EKS cluster. I tried with functionbeat 7.10.2, but once I tried…
merilstack
  • 703
  • 9
  • 29
1 2 3
8 9