aboutsummaryrefslogtreecommitdiffstats
path: root/extra/docker/elk/tools/EsAutoQuery
diff options
context:
space:
mode:
Diffstat (limited to 'extra/docker/elk/tools/EsAutoQuery')
-rwxr-xr-xextra/docker/elk/tools/EsAutoQuery/autoQueryLoop.sh27
-rw-r--r--extra/docker/elk/tools/EsAutoQuery/closedLoopAlarmDuration.json34
-rw-r--r--extra/docker/elk/tools/EsAutoQuery/timeSince.json51
3 files changed, 0 insertions, 112 deletions
diff --git a/extra/docker/elk/tools/EsAutoQuery/autoQueryLoop.sh b/extra/docker/elk/tools/EsAutoQuery/autoQueryLoop.sh
deleted file mode 100755
index 49294120..00000000
--- a/extra/docker/elk/tools/EsAutoQuery/autoQueryLoop.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/bin/bash
-
-QUERY_FILE=${1:-query.json}
-INDEX=${2:-logstash-*}
-HOST_URL=${3:-http://localhost:9200}
-URL=$HOST_URL/$INDEX/_search
-
-function usage() {
- echo "Usage: $0 [QUERY_FILE [INDEX [HOST_URL]]]"
- echo
- echo "This script automatically sends the query file to elasticsearch"
- echo "each time it's modified."
-}
-
-if [ "${1}" == "--help" ];
-then
- usage
- exit 0
-fi
-
-echo "Querying '$URL' with '$QUERY_FILE'"
-while [ 1 ];
-do
- curl -XGET "$URL" -H 'Content-Type: application/json' -d"@$QUERY_FILE" | js-beautify
- echo
- inotifywait -e modify query.json
-done
diff --git a/extra/docker/elk/tools/EsAutoQuery/closedLoopAlarmDuration.json b/extra/docker/elk/tools/EsAutoQuery/closedLoopAlarmDuration.json
deleted file mode 100644
index 5a295454..00000000
--- a/extra/docker/elk/tools/EsAutoQuery/closedLoopAlarmDuration.json
+++ /dev/null
@@ -1,34 +0,0 @@
-{
- "query" : {
- "bool": {
- "must": [
- { "match": { "closedLoopEventStatus": "ABATED" } }
- ]
- }
- },
- "script_fields" : {
- "closedLoopAlarmDuration" : {
- "script" : {
- "lang": "painless",
- "source": "
-if (doc.get('closedLoopEventStatus.keyword').value == 'ABATED') {
- return doc.get('closedLoopAlarmEnd').value - doc.get('closedLoopAlarmStart').value;
-}
-return null
-"
- }
- }
- , "closedLoopAlarmStart" : {
- "script" : {
- "lang": "painless",
- "source": "doc['closedLoopAlarmStart']"
- }
- }
- , "closedLoopAlarmEnd" : {
- "script" : {
- "lang": "painless",
- "source": "doc['closedLoopAlarmEnd']"
- }
- }
- }
-}
diff --git a/extra/docker/elk/tools/EsAutoQuery/timeSince.json b/extra/docker/elk/tools/EsAutoQuery/timeSince.json
deleted file mode 100644
index 6ee14933..00000000
--- a/extra/docker/elk/tools/EsAutoQuery/timeSince.json
+++ /dev/null
@@ -1,51 +0,0 @@
-{
- "query" : {
- "match_all": {}
- },
- "script_fields" : {
- "timeSince" : {
- "script" : {
- "lang": "painless",
- "source": "
-long now = System.currentTimeMillis();
-if (doc.get('closedLoopEventStatus.keyword').value == 'ABATED') {
- return now - doc.get('closedLoopAlarmEnd').value;
-}
-if (doc.get('closedLoopEventStatus.keyword').value == 'ONSET') {
- return now - doc.get('closedLoopAlarmStart').value;
-}
-if (doc.containsKey('notification.keyword')) {
- return now - doc.get('notificationTime').value;
-}
-
-return null
-"
- }
- }
- , "closedLoopAlarmStart" : {
- "script" : {
- "lang": "painless",
- "source": "doc['closedLoopAlarmStart']"
- }
- }
- , "closedLoopEventStatus" : {
- "script" : {
- "lang": "painless",
- "source": "doc['closedLoopEventStatus.keyword']"
- }
- }
- , "notification" : {
- "script" : {
- "lang": "painless",
- "source": "doc['notification.keyword']"
- }
- }
- , "notificationTime" : {
- "script" : {
- "lang": "painless",
- "source": "doc['notificationTime'].value"
- }
- }
-
- }
-}