Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/battleroid/es-export-csv

Script to export ES query results to CSV
https://github.com/battleroid/es-export-csv

csv elasticsearch python tooling

Last synced: 23 days ago
JSON representation

Script to export ES query results to CSV

Host: GitHub
URL: https://github.com/battleroid/es-export-csv
Owner: Battleroid
Created: 2018-05-11T15:16:36.000Z (almost 7 years ago)
Default Branch: master
Last Pushed: 2023-07-25T21:12:46.000Z (over 1 year ago)
Last Synced: 2024-11-22T21:48:37.790Z (3 months ago)
Topics: csv, elasticsearch, python, tooling
Language: Python
Homepage:
Size: 14.6 KB
Stars: 0
Watchers: 2
Forks: 1
Open Issues: 1
Metadata Files:
- Readme: readme.md

Awesome Lists containing this project

README

        # es-export-csv

This will perform a basic match all query within the date math specific date range (against `@timestamp` field), returning results as a CSV file. By default returns as a match all type query, the query string can be specified however.

## Usage

```

usage: es_export_csv.py [-h] [-q QUERY] [-t TOTAL] [-e HOST]

                        [--from RANGE_FROM] [--to RANGE_TO] [-o OUTPUT]

                        [--only-source] [--no-header] [-u USERNAME]

                        [-p PASSWORD]

                        index [fields [fields ...]]

positional arguments:

  index                 index to export

  fields                limit output to fields (if set) or return all fields

                        (default: None)

optional arguments:

  -h, --help            show this help message and exit

  -q QUERY, --query QUERY

                        query_string to submit, empty (return everything) by

                        default (default: None)

  -t TOTAL, --total TOTAL

                        max docs to return (default: 500)

  -e HOST, --host HOST  cluster API (default: localhost:9200)

  --from RANGE_FROM     range start (default: now-1d/d)

  --to RANGE_TO         range end (default: now/d)

  -o OUTPUT, --output OUTPUT

                        output file (default: results.csv)

  --only-source         only return source fields; exclude metadata fields

                        (default: True)

  --no-header           do not write csv header (default: False)

  -u USERNAME, --username USERNAME

                        basic auth username (default: cweed)

  -p PASSWORD, --password PASSWORD

                        basic auth password (default: None)

```

`--range-from` and `--range-to` accept [date math](https://www.elastic.co/guide/en/elasticsearch/reference/6.2/common-options.html#date-math) formatted strings. This should give you great flexibility in date range selection without knowing epochs.