Skip to main content

Discover

The discover page is used to view and query raw data.

View the OpenSearch Discover Documentation to learn how to interact with this tool.

You may notice when selecting index patterns, there will be many that appear to have two index patterns seperated by a comma. For example *:logs-atr-fh-*,logs-atr-fh-*

These patterns string together searches across multiple clusters. This means that when selecting these patterns, you may also be able to view data that is stored in Europe for GDPR purposes.

In the example provided above, if you were to use the logs-atr-fh-* index pattern in isolation, without *:logs-atr-fh-*, then the search would not execute across European storage, and therefore will not return Europe data.

Remember

To check the time filter that you are searching data across. You may need to adjust the time for your search.

The indices you can view are based on your permissions - refer to !index permissions page and index list page to add!