Search Commands
Refer to https://www.elastic.co/guide/en/elasticsearch/guide/current/_talking_to_elasticsearch.html
You can use "curl" command to query elastic search:
curl -XGET 'http://uxlpdipacd00001:5151/audit-default-2020*/_search?pretty&size=1000&q=Object\%20Name:00386109914%20or%20Object\%20Name:00386109914' -u admin:changeit
You can pipe the output into a file with the pipe command:
curl -XGET 'http://uxlpdipacd00001:5151/audit-default-2020*/_search?pretty&size=1000&q=Object\%20Name:00386109914%20or%20Object\%20Name:00386109914' -u admin:changeit > test.out
Report Commmands
Automatic installation of default report templates
If you want to reports automatically you can remove "asreports" index in ES by command
...
and restart AuditServer, default templates will be installed automatically
Manual installation of report templates
Or you can install them manually with "curl" command:
...
curl XPOST http://ES_HOST:9200/asreports/content -d @ReportName.json
Export report templates
To export all report templates from ES you can use also a "curl" command:
...
Save page as file (probably better in chrome or firefox)
Mapping Template
If you extend your elasticSearch with new content type you have to add a "mapping template". This is a JSON file, that discribes the content of your index. For example to load the mapping template for workflow index:
curl -XPOST http://localhost:9200/_template/workflow_template -d @es_workflow-template.json