Skip to main content

Discover

The discover page is used to view and query raw data with a GUI.

View the OpenSearch Discover Documentation to learn how to interact with this tool.

You may notice when selecting index patterns, there will be many that appear to have two index patterns seperated by a comma. For example *:logs-atr-fh-*,logs-atr-fh-*

These patterns string together searches across multiple regions (clusters). This means that when selecting these patterns, you may also be able to view data that is stored in EU for GDPR purposes.

In the example provided above, if you were to use the logs-atr-fh-* index pattern in isolation, without *:logs-atr-fh-*, then the search will not execute across EU storage, and therefore will not return EU data.

Remember

To check the time filter that you are searching data across. You may need to adjust the time for your search.

The indices you can view are based on your permissions - refer to !index permissions page and index list page to add!