Create index-patterns from console with Kibana 6.0 or 7+ (v7.0.1)

Question

I recently upgraded my ElasticStack instance from 5.5 to 6.0, and it seems that some of the breaking changes of this version has harmed my pipeline. I had a script that, dep

Answer 1

For Kibana 7.7.0 with Open Distro security plugin (amazon/opendistro-for-elasticsearch-kibana:1.8.0 Docker image to be precise), this worked for me:

curl -X POST \
-u USERNAME:PASSWORD \
KIBANA_HOST/api/saved_objects/index-pattern \
-H "kbn-version: 7.7.0" \
-H "kbn-xsrf: true" \
-H "content-type: application/json; charset=utf-8" \
-d '{"attributes":{"title":"INDEX-PATTERN*","timeFieldName":"@timestamp","fields":"[]"}}'

Please note, that kbn-xsrf header is required, but it seems like it's useless as from security point of view.

Output was like:

{"type":"index-pattern","id":"UUID","attributes":{"title":"INDEX-PATTERN*","timeFieldName":"@timestamp","fields":"[]"},"references":[],"migrationVersion":{"index-pattern":"7.6.0"},"updated_at":"TIMESTAMP","version":"VERSION"}

I can't tell why migrationVersion.index-pattern is "7.6.0".

For other Kibana versions you should be able to:

1. Open Kibana UI in browser
2. Open Developers console, navigate to Network tab
3. Create index pattern using UI
4. Open POST request in the Developers console, take a look on URL and headers, than rewrite it to cURL