From 5082fd7ed2037dfdb9c37ae60b77bc3165262663 Mon Sep 17 00:00:00 2001 From: ac2550 Date: Tue, 20 Mar 2018 12:35:48 +0100 Subject: Adding CLAMP Dashboard Change-Id: I0496fa7303dbeaf72b00e4382f71bdb0069abb9a Issue-ID: CLAMP-77 Signed-off-by: ac2550 --- extra/docker/elk/tools/EsAutoQuery/timeSince.json | 51 +++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 extra/docker/elk/tools/EsAutoQuery/timeSince.json (limited to 'extra/docker/elk/tools/EsAutoQuery/timeSince.json') diff --git a/extra/docker/elk/tools/EsAutoQuery/timeSince.json b/extra/docker/elk/tools/EsAutoQuery/timeSince.json new file mode 100644 index 000000000..6ee14933d --- /dev/null +++ b/extra/docker/elk/tools/EsAutoQuery/timeSince.json @@ -0,0 +1,51 @@ +{ + "query" : { + "match_all": {} + }, + "script_fields" : { + "timeSince" : { + "script" : { + "lang": "painless", + "source": " +long now = System.currentTimeMillis(); +if (doc.get('closedLoopEventStatus.keyword').value == 'ABATED') { + return now - doc.get('closedLoopAlarmEnd').value; +} +if (doc.get('closedLoopEventStatus.keyword').value == 'ONSET') { + return now - doc.get('closedLoopAlarmStart').value; +} +if (doc.containsKey('notification.keyword')) { + return now - doc.get('notificationTime').value; +} + +return null +" + } + } + , "closedLoopAlarmStart" : { + "script" : { + "lang": "painless", + "source": "doc['closedLoopAlarmStart']" + } + } + , "closedLoopEventStatus" : { + "script" : { + "lang": "painless", + "source": "doc['closedLoopEventStatus.keyword']" + } + } + , "notification" : { + "script" : { + "lang": "painless", + "source": "doc['notification.keyword']" + } + } + , "notificationTime" : { + "script" : { + "lang": "painless", + "source": "doc['notificationTime'].value" + } + } + + } +} -- cgit 1.2.3-korg