09 Feb 2016
Elasticsearch cat API
Recently I was involved in an Elasticsearch project. Task was to deploy a complete ELK stack. This included an Elasticsearch Cluster on AWS, one or more Kibana instances and one or more logstash instances. Adding to that filebeat was used to ship the logs from the clients through logstash to the EL cluster. We based the configuration on a lot of really good community cookbooks that are available.
Elasticsearch queries are basically rest API calls and as such return json formatted data, which usually a good thing. However, if you try to write a small, concise bash script its a bit of a handful to deal with json data. Yes, there is jq and it is awesome. But then there is the cat API that Elasticsearch itself provides.
It’s a work in progress and many features that I would have liked to see there are not implemented, especially in the version (1.7.3) we were using. But at least I was able to detect the Elasticsearch master with a simple curl query:
curl -s -XGET 'http://localhost:9200/_cat/master?h=host'
Easy enough….
If you need the IP address or Elasticsearch ID it can also be retrieved with:
https://localhost:9200/_cat/master?v
id host ip node
UPXABY11KKGUc0XdOYK80x node1.example.com 171.168.5.203 node1.example.comHere is the complete set that is available with Elasticsearch 1.7.3:
curl https://localhost:9200/_cat/
=^.^=
/_cat/allocation
/_cat/shards
/_cat/shards/{index}
/_cat/master
/_cat/nodes
/_cat/indices
/_cat/indices/{index}
/_cat/segments
/_cat/segments/{index}
/_cat/count
/_cat/count/{index}
/_cat/recovery
/_cat/recovery/{index}
/_cat/health
/_cat/pending_tasks
/_cat/aliases
/_cat/aliases/{alias}
/_cat/thread_pool
/_cat/plugins
/_cat/fielddata
/_cat/fielddata/{fields}As mentioned earlier there are options available in newer versions especially neat is an addition for checking snapshots. However, what would really be nice is an option to create snapshots.
Til next time,
E.E
at 11:44