DocumentationChaosSearch Blog
Documentation
StatusHome Page

ChaosSearch Elasticsearch V4 Example

A sample Postman collection template for Elastic _msearch queries

Suggest Edits

The following code is a sample Postman collection that you can import and use to create Elasticsearch queries to the /elastic/_msearch API with V4 signing. Within the sample, replace secretKey and accessKey with the API Keys configured in the target ChaosSearch console. Replace your-domain-name with the correct ChaosSearch console value, and your-refinery-view with the target view/index name. Within the body, you can adjust the query as needed. 

{
	"info": {
		"_postman_id": "f26e9955-b907-4f94-adb3-b1fdacdd1da2",
		"name": "ChaosSearch V4 Elastic Example",
		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
	},
	"item": [
		{
			"name": "/elastic/_msearch",
			"request": {
				"auth": {
					"type": "awsv4",
					"awsv4": [
						{
							"key": "secretKey",
							"value": "secretkey",
							"type": "string"
						},
						{
							"key": "accessKey",
							"value": "accesskey",
							"type": "string"
						},
						{
							"key": "region",
							"value": "us-east-1",
							"type": "string"
						},
						{
							"key": "addAuthDataToQuery",
							"value": false,
							"type": "boolean"
						},
						{
							"key": "service",
							"value": "s3",
							"type": "string"
						}
					]
				},
				"method": "POST",
				"header": [],
				"body": {
					"mode": "raw",
					"raw": "{\"index\": \"your-refinery-view\"}\n{\n  \"version\": true,\n  \"size\": 500,\n  \"sort\": [\n    {\n      \"LOG_TIME\": {\n        \"order\": \"desc\",\n        \"unmapped_type\": \"boolean\"\n      }\n    }\n  ],\n  \"aggs\": {\n    \"2\": {\n      \"date_histogram\": {\n        \"field\": \"LOG_TIME\",\n        \"fixed_interval\": \"30s\",\n        \"time_zone\": \"America/Los_Angeles\",\n        \"min_doc_count\": 1\n      }\n    }\n  },\n  \"stored_fields\": [\n    \"*\"\n  ],\n  \"script_fields\": {},\n  \"docvalue_fields\": [\n    {\n      \"field\": \"RESPONSE_HEADERS.Date\",\n      \"format\": \"date_time\"\n    },\n    {\n      \"field\": \"LOG_TIME\",\n      \"format\": \"date_time\"\n    },\n    {\n      \"field\": \"Runtime.StartTime\",\n      \"format\": \"date_time\"\n    },\n    {\n      \"field\": \"DATETIME\",\n      \"format\": \"date_time\"\n    }\n  ],\n  \"_source\": {\n    \"excludes\": []\n  },\n  \"query\": {\n    \"bool\": {\n      \"must\": [],\n      \"filter\": [\n        {\n          \"match_all\": {}\n        },\n        {\n          \"range\": {\n            \"LOG_TIME\": {\n              \"gte\": \"now-15m\",\n              \"lte\": \"now\"\n            }\n          }\n        }\n      ],\n      \"should\": [],\n      \"must_not\": []\n    }\n  }\n}",
					"options": {
						"raw": {
							"language": "json"
						}
					}
				},
				"url": {
					"raw": "https://your-domain-name.chaossearch.io/elastic/_msearch",
					"protocol": "https",
					"host": [
						"your-domain-name",
						"chaossearch",
						"io"
					],
					"path": [
						"elastic",
						"_msearch"
					]
				}
			},
			"response": []
		}
	]
}

To import the collection to Postman:

  1. Copy the content of the code window and save it as a JSON file such as example_postman_collection_elastic_endpoint.json on your workstation.
  2. In your Postman application, click Import and select the JSON file. After importing, you should see a ChaosSearch V4 Elastic Example collection in the list.
1094
  1. In the Post statement, update the URL to the correct name for your target console.
  2. In the Authorization tab, copy and paste the ChaosSearch API Keys values for the console that you want to query.
  3. In the Body, update the your-refinery-view value to the correct target index that you want to query and, if needed, the query definition.
  4. Run the query in Postman to review and verify results.

Updated about 1 year ago