10.ElasticSearch预警服务-Watcher详解-管理Watcher服务
编程技术 / houtizong 发布于 3年前 74
ElasticSearch预警服务-Watcher详解-管理Watcher服务
1.监听
Watcher相关的数据存储在.watches索引中,该索引具有只读权限,
必须通过API来创建,更新和删除。
GET .watches/_search{ "fields" : [], "query" : {"match_all" : { } }} 2.通过Kibana监控Watcher历史数据
在kibana中配置 setting>indices
配置.watch_history*索引
时间字段选择 trigger_event.schedule.triggered_time
在Discover页面查询相关数据
3.查询历史记录
GET .watch_history-2015.05.11/_search{ "query" : { "match_all" : {} }} 查询所有的历史记录
GET .watch_history*/_search{ "query" : { "match" : { "watch_id": "rss_watch"}}} 4.查询所有的state数据
GET .watch_history*/_search{ "query" : { "match" : { "state": "throttled"}}} 5.查询时间段的触发记录
GET .watch_history*/_search{ "query": { "filtered": { "query": { "query_string": { "query": "*", "analyze_wildcard": true } }, "filter": { "bool": { "must": [ { "range": { "trigger_event.schedule.scheduled_time": { "gte": 1430438400000, "lte": 1431820800000 } } } ], "must_not": [] } } } }, "size": 0, "aggs": { "2": { "date_histogram": { "field": "trigger_event.schedule.scheduled_time", "interval": "30s", "pre_zone": "-07:00", "pre_zone_adjust_large_interval": true, "min_doc_count": 1, "extended_bounds": { "min": 1430438400000, "max": 1431820800000 } } } }} 6.管理历史记录索引
PUT _watcher/watch/manage_history{ "metadata": { "keep_history_days": 7 }, "trigger": { "schedule": { "interval": "1d" } }, "input": { "simple": {} }, "condition": { "always": {} }, "transform": { "script" : "return [ dateToDelete : '/.watch_history-' + ctx.execution_time.minusDays(ctx.metadata.keep_history_days).toString('yyyy.MM.dd') ]" }, "actions": { "delete_old_index": { "webhook": { "method": "DELETE", "host": "localhost", "port": 9200, "path": "{{ctx.payload.dateToDelete}}" } } }}
请勿发布不友善或者负能量的内容。与人为善,比聪明更重要!
技术博客集 - 网站简介:
前后端技术:
后端基于Hyperf2.1框架开发,前端使用Bootstrap可视化布局系统生成
网站主要作用:
1.编程技术分享及讨论交流,内置聊天系统;
2.测试交流框架问题,比如:Hyperf、Laravel、TP、beego;
3.本站数据是基于大数据采集等爬虫技术为基础助力分享知识,如有侵权请发邮件到站长邮箱,站长会尽快处理;
4.站长邮箱:[email protected];
文章归档
文章标签
友情链接
