The Discover page provides every document in every index that matches the selected index pattern (realtime and historic). You can perform the following actions on the Discover page:
Search for the events
Submit search queries
Filter the search results
View document data for a time range
View the number of documents that match the search query
Get field value statistics
Setting an index pattern is important to drill down, explore, and visualize the data. You can use both the Kibana Query Language (KQL) and Lucene query syntax for simplified query.
You can also view and share reports of the data search using Snapshot or Saved objects.
For more information about Discover, see Discover in the Kibana Guide.
To view an index pattern for exploring and visualizing the data, perform the following steps:
Click Management > Kibana > Index Patterns.
Select realtime or historic pattern. You can view all the index patterns along with the associated fields as recorded.
After you create a visualization, click Share. This generates an iframe code as a short URL or long URL for saved object. You can share reports by using Saved object or by using a Snapshot.
To share a report with the data in the Discover tab, perform the following steps:
Click Discover.
Save the index with a unique name for which you want to generate the data.
Click Share.
Generate the link as Snapshot using Short URL or Saved object to view or share the report.
NOTE:If you have a new and unsaved visualization that uses the snapshot link and you save that visualization and then create a snapshot link, the new snapshot link will be a reference to the initial object also adding the changes made on top of them. Therefore, if you delete the object, the snapshot link will not work.