Kibana data views make indices and data streams available to Discover, visualizations, and dashboards by defining a match pattern and an optional default time field. A correctly scoped data view keeps analysis fast and predictable, especially when many indices share the same naming scheme.

A data view is stored in Kibana as a saved object and referenced by its unique id. The title typically contains an index pattern like logs-* (or a data stream name), while settings such as timeFieldName control time-based filtering and histogram behavior.

API access requires authentication to Kibana plus sufficient permissions to manage data views and read metadata from the target indices. In deployments using Spaces or a reverse proxy, the Kibana base URL or API base path may differ from http://localhost:5601.

Steps to create a Kibana data view:

  1. Create the data view with the API. 
    $ curl -s -u elastic:password -H "kbn-xsrf: true" -H "Content-Type: application/json" -X POST "http://localhost:5601/api/data_views/data_view" -d '{
  "data_view": {
    "title": "logs-*",
    "name": "Logs",
    "timeFieldName": "@timestamp"
  }
}'
{
  "data_view": {
    "id": "9f28f1c0-7b51-11ee-98e5-69b85a31d6b2",
    "title": "logs-*"
  }
}

    The returned id uniquely identifies the data view for later API calls and saved object references.

    Avoid embedding long-lived privileged credentials in shell history; prefer a least-privileged role and short-lived secrets for automation.

  2. Fetch the data view by id to confirm creation. 
    $ curl -s -u elastic:password -H "kbn-xsrf: true" "http://localhost:5601/api/data_views/data_view/9f28f1c0-7b51-11ee-98e5-69b85a31d6b2"
{
  "data_view": {
    "id": "9f28f1c0-7b51-11ee-98e5-69b85a31d6b2",
    "name": "Logs",
    "title": "logs-*"
  }
}

    Matching id, name, and title confirms the saved object exists and is readable through the API.