Bootstrap FreeKB - ELK (Elastic Search, Logstash, Kibana) - Getting Started with the REST API
ELK (Elastic Search, Logstash, Kibana) - Getting Started with the REST API
Updated:   |  ELK (Elastic Search, Logstash, Kibana) articles

ELK is the abbreviation for (Elastic Search, Logstash, Kibana) which is a system that parses log data from one or more systems and displays the log data in a web console, used for Observability, Alerting, Logging, and Monitoring.

Let's say the URL for your Kibana console is https://elk.kibana.example.com. Typically, you will first need to create an API Key that will be used when submitting REST requests. In the Kibana console, go to Stack Management > Create API Key and create a Personal API key with the default settings, just for the purpose of getting started. This should return something like this. Make note of this value, as this is the only time you will be able to view the API key.

K8jd76md65MDpfm45GKHmx8d93mAKDdkz0339c8DMz9dj1kd0z2kdnFyZw==

 

Here is an example of how you could submit a GET request to Kibana to return basic information about the "foo" space using using cURL.

curl \
--request GET \
--url https://elk.kb.us-east-1.aws.elastic-cloud.com/api/spaces/space/foo \
--header "Authorization: ApiKey K8jd76md65MDpfm45GKHmx8d93mAKDdkz0339c8DMz9dj1kd0z2kdnFyZw=="

 

Something like this should be returned.

{
 "id":"123456",
 "name":"foo",
 "description":"foo space",
 "color":"#CA8EAE",
 "initials":"foo",
 "imageUrl":"",
 "disabledFeatures": [
   "enterpriseSearch",
   "siem",
   "securitySolutionCases",
   "generalCases",
   "observabilityCases",
   "canvas",
   "maps",
   "osquery"
 ]
}

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter a2c8ea in the box below so that we can be sure you are a human.