Elastic Search CSV Download limited to 10,000 rows

[Martin Gluckman]

Hi,

We are exporting a report using the Open Distro for Elasticsearch section of Wazuh (version v 7.10.2).

We can see there is data there for 30 days but when we export the report it only has 10,000 rows and does not have the full 30 days of data.

Please could anyone help and advise how to resolve this.

Thank you!

Martin

[mayte...@wazuh.com]

Hi Martin Gluckman!

It seems that there is already a feature request to include this option. It was created for Open Distro and has been moved to Opensearch:

- An option to export CSV file with 10,000 rows limitation [Open Distro]

- An option to export CSV file with 10,000 rows limitation [OpenSearch]

The OpenSearch issue has recently been updated asking for a workaround until the feature is included (although it has not been answered yet).

At the moment we are not aware of any workaround for this purpose.

Best regards,

Mayte Ariza

[Martin Gluckman]

Crazy in this day and age to have a limit of 10,000 rows for a CSV export, is there anyone who has any ideas how to overcome this limit?

[Martin Gluckman]

Has this been resolved?