My settings
Consider a stream of logs continuously sent to an Elasticsearch cluster using Filebeat.
My problem
I would like to continuously read the stream of logs from Elasticsearch. Needless to say, ES does not feature a streaming API, so I have to paginate using consecutive HTTP calls.
What have I tried
- Using
from/size - Using Search After
Query body for reference
{
"size": 5,
"from": 0,
"sort": [
{
"@timestamp": {
"order": "desc",
"unmapped_type": "boolean"
}
}
],
"query": {
"bool": {
"must": [
{
"query_string": {
"query": "source:*.log",
"analyze_wildcard": true
}
}
]
}
},
"_source": {
"include": ["message", "@timestamp"],
"exclude": "_*"
}
}
My question
How can I paginate a stream of log entries from Elasticsearch?
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/Ad383.png', '推荐 叛逆 的文章《Elasticsearch: Paginating a stream of results》','https://www.manongdao.com/article-777300.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}