Export to CSV Wazuh Discovery view results?

[nbent...@gmail.com]

Hi,

Is it possible to export the results of a refined search (with the _source fields) to a CSV file from the Wazuh plugin in Kibana? If I visit the Discover button on the upper left I can direct in Kibana but _source isn't a field I can select.

 Thanks,

[Yana Zaeva]

Hi,

You can export data in CSV format if you go to Kibana -> Discover and click on Save. In the default visualization, the field _source is already there, so you won't have to select it again. Once you click on Save, you will have to select a name for the search:

Once you have this search saved, go to the Reporting module on the top right side and click on Generate CSV:

Once the file is generated, it will be automatically downloaded and you will see this message displayed: 

Also, you can go directly to the Open Distro menu, and look for the Reporting module and check all of the generated reports from here: 

You can also generate other CSV files from here. 

Lastly, in order to make use of the Reporting module, you will need Open Distro v1.13.0. 

Hope I was helpful. Let me know if you have any questions.

Regards,

Yana.