Elastic Case Creation
Create a Nuix Elasticsearch case.
less than a minute
Now that you are authenticated, you can create an Elasticsearch case.
Prerequisites
- Have an Elasticsearch cluster configured
- Note down the Elasticsearch cluster name and hostname
- Have a working knowledge of sharding strategies and replicas
Note
Note: Elasticsearch configuration steps and information on sharding strategies and replicas are outside the scope of this tutorial.Create an Elasticsearch case
For this example, you will use a single shard and zero replicas.
curl --location --request POST 'http://localhost:8080/nuix-restful-service/svc/v1/cases' \
--header 'nuix-auth-token: 9729a460-eda7-48dc-ba70-d12b3aae3c8d' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--data-raw '{
"name":"HelloElasticCase",
"location":"inventory0",
"description":"My first Nuix Elasticsearch case",
"compound":false,
"investigator":"Inspector Gadget",
"elasticSearchSettings": {
"cluster.name": "elasticsearch",
"index.number_of_shards": 1,
"index.number_of_replicas": 0,
"nuix.transport.hosts": ["127.0.0.1"],
"nuix.http.hosts": ["127.0.0.1"]
}
}
'
{
"caseId": "776a45b03d1841379b1dea524098a33b",
"name": "HelloElasticCase",
"path": "/Cases/HelloElasticCase",
"description": "My first Nuix Elasticsearch case",
"investigator": "Inspector Gadget",
"creationDate": 1613068118333,
"compound": false,
"elastic": true,
"binaryStoreLocation": "/Cases/HelloElasticCase/Stores/BinaryStore",
"indexId": "nuix-776a45b03d1841379b1dea524098a33b",
"caseSize": 0,
"casePathParent": "/Cases",
"caseInvestigationTimeZone": "America/New_York",
"hasExclusions": null,
"hasNuixSystemTags": null,
"hasProductionSets": null,
"hasCalculatedAuditSize": null,
"caseName": "HelloElasticCase",
"casePath": "/Cases/HelloElasticCase",
"caseDescription": "My first Nuix Elasticsearch case",
"caseCreationDate": 1613068118333,
"caseInvestigator": "Inspector Gadget"
}
You have now successfully created your first Elasticsearch case! Now, you can proceed to Part 5: Ingestion.
Feedback
Was this page helpful?
Thank you for your feedback.
Thank you for your feedback.