yes please, I did as such

You appear to be doing spath on data, then only keeping data which makes the spath redundant! What timestamps are in the events returned by the curl command?

Because i don't see the events in from searching the index I created, I can't tell the timestamp. I added 

| eval _time=now()

to the query so that it would put the recent time when the endpoint was reached

Another possibility is to try

| table data

instead of fields

So, with the spath removed and the _time field added, do you events now show up in the index (after the collect command)? If not, what does the search log say for the search with the collect command?

I tried using

| table data

but there is still no data when searching the index.

 With the spath removed and the _time field added there are still no events in the index and the search log can be seen below. There is still data coming through the search.

This is not the search log. You get a search log when you click the "Job" button and pick "Inspect Job". On top of the screen you'll have a link to search log.

  The search log

There's no point doing spath if in the next step you leave only the original data field. But that's beside the point.

First step in debugging this would be to remove the collect command from your pipeline and see what the results look like.

so there is a field in the log named data and that's where i need my log from. I also removed spath command from the query. Removing the collect command still shows the log curled from the endpoint.

There was no logs showing after i searched the index, sorry

What about the logs after the collect?