Bootstrap FreeKB - ELK (Elastic Search, Logstash, Kibana) - List Spaces using the REST API
ELK (Elastic Search, Logstash, Kibana) - List Spaces using the REST API
Updated:   |  ELK (Elastic Search, Logstash, Kibana) articles

ELK is the abbreviation for (Elastic Search, Logstash, Kibana) which is a system that parses log data from one or more systems and displays the log data in a web console, used for Observability, Alerting, Logging, and Monitoring.

This assumes you are already familiar with the ELK REST API. If not, check out my article ELK (Elastic Search, Logstash, Kibana) - Getting Started with the REST API.

Here is an example of how to submit a GET request to return the Spaces using cURL.

curl \
--request GET \
--url https://elk.kb.us-east-1.aws.elastic-cloud.com/api/spaces/space \
--header "Authorization: ApiKey K8jd76md65MDpfm45GKHmx8d93mAKDdkz0339c8DMz9dj1kd0z2kdnFyZw=="

 

Something like this should be return, a JSON list for each space.

[
    {
        "_reserved": true,
        "color": "#00bfb3",
        "description": "This is your default space!",
        "disabledFeatures": [],
        "id": "default",
        "name": "Default"
    },
    {
        "color": "#54B399",
        "description": "foo space",
        "disabledFeatures": [],
        "id": "foo",
        "imageUrl": "",
        "initials": "F",
        "name": "foo"
    },
    {
        "color": "#E7664C",
        "description": "bar space",
        "disabledFeatures": [
            "monitoring",
            "fleet",
            "fleetv2",
            "stackAlerts",
            "actions",
            "savedObjectsManagement",
            "filesSharedImage",
            "filesManagement"
        ],
        "id": "bar",
        "imageUrl": "",
        "initials": "B",
        "name": "bar"
    }
]

 

Or to return the JSON for a specific space. In this example, this will return the JSON for the "foo" space.

curl \
--request GET \
--url https://elk.kb.us-east-1.aws.elastic-cloud.com/api/spaces/space/foo \
--header "Authorization: ApiKey K8jd76md65MDpfm45GKHmx8d93mAKDdkz0339c8DMz9dj1kd0z2kdnFyZw=="

 

Something like this should be returned.

{
 "id":"123456",
 "name":"foo",
 "description":"foo space",
 "color":"#CA8EAE",
 "initials":"foo",
 "imageUrl":"",
 "disabledFeatures": [
   "enterpriseSearch",
   "siem",
   "securitySolutionCases",
   "generalCases",
   "observabilityCases",
   "canvas",
   "maps",
   "osquery"
 ]
}

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter e6534d in the box below so that we can be sure you are a human.