ES2CSV

Usage

Starting container

docker run -it -v $PWD/configs:/es2csv/configs -v $PWD/data:/es2csv/data es2csv bash

Running extraction

es2csv -u 'http://localhost:9200' -i 'index-pattern-*' -r -q @configs/query.json -o data/output.csv -s 10000

Query example

{
  "sort": { "@timestamp": "asc" },
  "query": {
    "bool": {
      "must": [
        {
          "range": {
            "@timestamp": {
              "format": "strict_date_optional_time",
              "gte": "2020-05-29T19:28:26.866Z",
              "lte": "2020-05-29T19:43:26.866Z"
            }
          }
        }
      ],
      "filter": [
        {
          "match_all": {}
        }
      ],
      "should": [],
      "must_not": [
        {
          "match_phrase": {
            "source": {
              "query": "nginx"
            }
          }
        },
      ]
    }
  }
}

Talkdesk/es2csv-docker

ES2CSV

Usage

Starting container

Running extraction

Query example