All Documents
Current Document

Content is empty

If you don't find the content you expect, please try another search term

Documentation

Discover

Last updated:2022-01-11 13:43:17

The Discover page allows you to explore your data in an interactive manner. For example, you can access all documents of indexes that match the specified index pattern, submit search requests, filter search results, view data in documents, view the number of searched documents, and obtain statistical information about field values. If the time field is configured for an index pattern, you can find a bar chart of time-based document distribution on the top of the Discover page.

图片7.png

Search for data using the search bar

Enter a condition in the search bar to search for data based on indexes that match the specified index pattern. You can use character strings, the Lucene syntax, or the query domain specific language (DSL) of JSON-based Elasticsearch to search for data. The following examples describe how to use the Lucene syntax to search data:

  • Search data by field name that is used as the prefix. For example, you can enter status:200 to search for documents whose status field contains the keyword 200.
  • Search data by using character strings. For example, when you Search web server logs, you can enter safari to search for documents containing the safari field.
  • Specify a range to search by using square brackets ([]) in the following format: [Start value TO End value]. For example, you can enter status:[400 TO 499] to search for documents whose status field is 4xx.
  • Specify more detailed search conditions by using Boolean operators AND, OR, and NOT. For example, you can enter status:[400 TO 499] AND (extension:php OR extension:html) to search for documents whose status field is 4xx or whose file name extension is php or html.

Set a time selector

After you set a time selector, Kibana displays search results based on the specified time range. The default time range is the latest 15 minutes. You can change the time range and refresh the frequency by using the time picker on the top of the Discover page.

On this page
Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen
Feedback