what does it mean

cdm                 Continuous Diagnostics Mitigation
cdm                 client data master

Add password to .netrc and use curl -n to use creds

~/.netrc 
machine localhost
login <username>
password <password>

count entries in index

GET /<indicie>/_count

get latest content from indicies.

curl -n -sk -X GET "https://localhost:9200/<index>/_search
 {
   "size": 1,
   "sort": [
     { "@timestamp": { "order": "desc" } }
   ]
 }

Stats of elasticsearch

curl -n -sk -X GET "https://localhost:9200/_nodes/stats/jvm?pretty"

Who is master

curl -n -sk -X GET "https://localhost:9200/_cat/master?v"

Are we recovering

curl -n -sk -X GET "https://localhost:9200/_cat/recovery?active_only=true"

List indicies by size

curl -n -sk -X GET "https://localhost:9200/_cat/indices?v&bytes=b&s=store.size:desc"

View 5 log entries from biggest indicie

curl -n -X GET "https://localhost:9200/<indicie>/_search?size=5&pretty"

Search for a string of a log entry in the biggest indicie.

curl -n -X GET "https://localhost:9200/.ds-logs-system.syslog-default-2022.08.22-000006/_search?pretty" -H 'Content-Type: application/json' -d'{
  "query": {
    "match": {
      "message": "<string>"
    }
  }
}' | jq -r .hits.hits[]._source.message

list snapshot setup

curl -n -sk -X GET "https://localhost:9200/_cat/indices?v&bytes=b&s=store.size:desc"

Remove all indices

curl -n -sk -X GET "https://localhost:9200/_cat/indices?h=index&s=store.size:desc" | while read INDEX ; do echo '*' "${INDEX}" ; echo curl -n -sk -X DELETE "https://localhost:9200/${INDEX}" ; done