diff options
author | ac2550 <ac2550@intl.att.com> | 2018-03-20 12:35:48 +0100 |
---|---|---|
committer | ac2550 <ac2550@intl.att.com> | 2018-03-20 13:13:38 +0100 |
commit | 5082fd7ed2037dfdb9c37ae60b77bc3165262663 (patch) | |
tree | 2c78b8ff995d15b245b878bdde187a70bad016e5 /extra/docker/elk/tools/EsAutoQuery | |
parent | 3dc5f2a4a5c066a57ef0ce346be884b045ae73c9 (diff) |
Adding CLAMP Dashboard
Change-Id: I0496fa7303dbeaf72b00e4382f71bdb0069abb9a
Issue-ID: CLAMP-77
Signed-off-by: ac2550 <ac2550@intl.att.com>
Diffstat (limited to 'extra/docker/elk/tools/EsAutoQuery')
3 files changed, 112 insertions, 0 deletions
diff --git a/extra/docker/elk/tools/EsAutoQuery/autoQueryLoop.sh b/extra/docker/elk/tools/EsAutoQuery/autoQueryLoop.sh new file mode 100755 index 000000000..492941208 --- /dev/null +++ b/extra/docker/elk/tools/EsAutoQuery/autoQueryLoop.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +QUERY_FILE=${1:-query.json} +INDEX=${2:-logstash-*} +HOST_URL=${3:-http://localhost:9200} +URL=$HOST_URL/$INDEX/_search + +function usage() { + echo "Usage: $0 [QUERY_FILE [INDEX [HOST_URL]]]" + echo + echo "This script automatically sends the query file to elasticsearch" + echo "each time it's modified." +} + +if [ "${1}" == "--help" ]; +then + usage + exit 0 +fi + +echo "Querying '$URL' with '$QUERY_FILE'" +while [ 1 ]; +do + curl -XGET "$URL" -H 'Content-Type: application/json' -d"@$QUERY_FILE" | js-beautify + echo + inotifywait -e modify query.json +done diff --git a/extra/docker/elk/tools/EsAutoQuery/closedLoopAlarmDuration.json b/extra/docker/elk/tools/EsAutoQuery/closedLoopAlarmDuration.json new file mode 100644 index 000000000..5a295454b --- /dev/null +++ b/extra/docker/elk/tools/EsAutoQuery/closedLoopAlarmDuration.json @@ -0,0 +1,34 @@ +{ + "query" : { + "bool": { + "must": [ + { "match": { "closedLoopEventStatus": "ABATED" } } + ] + } + }, + "script_fields" : { + "closedLoopAlarmDuration" : { + "script" : { + "lang": "painless", + "source": " +if (doc.get('closedLoopEventStatus.keyword').value == 'ABATED') { + return doc.get('closedLoopAlarmEnd').value - doc.get('closedLoopAlarmStart').value; +} +return null +" + } + } + , "closedLoopAlarmStart" : { + "script" : { + "lang": "painless", + "source": "doc['closedLoopAlarmStart']" + } + } + , "closedLoopAlarmEnd" : { + "script" : { + "lang": "painless", + "source": "doc['closedLoopAlarmEnd']" + } + } + } +} diff --git a/extra/docker/elk/tools/EsAutoQuery/timeSince.json b/extra/docker/elk/tools/EsAutoQuery/timeSince.json new file mode 100644 index 000000000..6ee14933d --- /dev/null +++ b/extra/docker/elk/tools/EsAutoQuery/timeSince.json @@ -0,0 +1,51 @@ +{ + "query" : { + "match_all": {} + }, + "script_fields" : { + "timeSince" : { + "script" : { + "lang": "painless", + "source": " +long now = System.currentTimeMillis(); +if (doc.get('closedLoopEventStatus.keyword').value == 'ABATED') { + return now - doc.get('closedLoopAlarmEnd').value; +} +if (doc.get('closedLoopEventStatus.keyword').value == 'ONSET') { + return now - doc.get('closedLoopAlarmStart').value; +} +if (doc.containsKey('notification.keyword')) { + return now - doc.get('notificationTime').value; +} + +return null +" + } + } + , "closedLoopAlarmStart" : { + "script" : { + "lang": "painless", + "source": "doc['closedLoopAlarmStart']" + } + } + , "closedLoopEventStatus" : { + "script" : { + "lang": "painless", + "source": "doc['closedLoopEventStatus.keyword']" + } + } + , "notification" : { + "script" : { + "lang": "painless", + "source": "doc['notification.keyword']" + } + } + , "notificationTime" : { + "script" : { + "lang": "painless", + "source": "doc['notificationTime'].value" + } + } + + } +} |