|
⇤ ← Revision 1 vom 2017-01-19 20:12:22
Größe: 91
Kommentar:
|
← Revision 2 vom 2020-10-13 11:21:06 ⇥
Größe: 5686
Kommentar:
|
| Gelöschter Text ist auf diese Art markiert. | Hinzugefügter Text ist auf diese Art markiert. |
| Zeile 6: | Zeile 6: |
== Dev-Tools == === 1 === {{{ GET _search { "query": { "match_all": {} } } PUT heartbeat-2019_reindex7 PUT postgres*/_settings { "index": { "blocks": { "read_only_allow_delete": "false" } } } GET _cluster/allocation/explain POST _cluster/reroute?retry_failed=true PUT postgres-2020-07 { "settings" : { "index" : { "number_of_shards" : 1, "number_of_replicas" : 0 } } } PUT metricbeat-2020-07 { "settings" : { "index" : { "number_of_shards" : 1, "number_of_replicas" : 0 } } } DELETE postgres-2020.06.* DELETE heartbeat-*-2020.06.* GET heartbeat-2020-05 POST _reindex { "source": { "index": "metricbeat-*2020.07*" }, "dest": { "index": "metricbeat-2020-07" } } POST _reindex { "source": { "index": "postgres-2020.07.*" }, "dest": { "index": "postgres-2020-07" } } POST heartbeat-*-2020.04.*/_open DELETE heartbeat-*-2020.04* POST _reindex { "source": { "index": "heartbeat-2019" }, "dest": { "index": "heartbeat-2019_reindex7" } } }}} === 2 === {{{ GET _search { "query": { "match_all": {} } } GET filebeat-2018.12.20/_mapping/doc/field/logmessage PUT _template/filebeat { "index_patterns": ["filebeat-*"], "mappings":{ "doc":{ "properties": { "logmessage" : { "type" : "text", "fields" : { "keyword" : { "type" : "keyword", "ignore_above" : 10000 } } } } }}} GET _template/filebeat PUT filebeat-2019.03.20/_mapping/doc { "properties": { "logmessage" : { "type" : "text", "fields" : { "keyword" : { "type" : "keyword", "ignore_above" : 10000 } } } } } DELETE filebeat-2019.* GET filebeat-2019.03.20-ri/_mapping/doc GET filebeat-2019.03.20-ri/doc/1 PUT filebeat-2020-07 PUT filebeat-2018.07.17-ri POST _reindex { "source": { "index": "filebeat-2020.07.*" }, "dest": { "index": "filebeat-2020-07" } } POST filebeat-2019.03.20-ri/_update_by_query { "script" : "ctx._source['host.name'] = ctx._source['beat.hostname']" } GET _refresh POST filebeat-2019.03.20-ri/_search PUT _template/filebeat { "index_patterns": ["filebeat-*"], "mappings":{ "doc":{ "properties": { "logmessage" : { "type" : "text", "fields" : { "keyword" : { "type" : "keyword", "ignore_above" : 10000 } } } } }}} GET _template/filebeat PUT filebeat-2018 DELETE filebeat-2017.* POST _reindex { "source": { "index": "filebeat-2018.*" }, "dest": { "index": "filebeat-2018" } } GET filebeat-*2018.* POST /filebeat-*2018.*/_close POST /_reindex { "source": { "index": "filebeat-2018.*" }, "dest": { "index": "filebeat-2018"}, "script": { "inline": " ctx._source.host = ctx._source.beat.hostname;\n ctx._type = \"doc\";" } } }}} == Scripted Fields == === Username === {{{ String path = doc['logmessage.keyword'].value; String logger = doc['logger.keyword'].value; if (path != null && path.toLowerCase().contains("user")) { if ("ClientSessionInitializer".equals(logger)) { int firstIndex = path.indexOf("'"); int lastIndex = path.lastIndexOf("'"); if (lastIndex > 0) { return path.substring(firstIndex+1,lastIndex); } } if ("PermissionManager".equals(logger)) { int lastCollon = path.lastIndexOf(":"); if (lastCollon > 0) { return path.substring(lastCollon+1); } } } return ""; }}} === Dashboard === {{{ String path = doc['logmessage.keyword'].value; String logger = doc['logger.keyword'].value; if (path != null && path.toLowerCase().contains("report")) { if ("DashboardReporter".equals(logger)) { int firstIndex = path.indexOf("'"); int lastIndex = path.lastIndexOf("'"); if (lastIndex > 0) { return path.substring(firstIndex+1,lastIndex); } } } return ""; }}} === Number of Agents === {{{ String path = doc['logmessage.keyword'].value; String logger = doc['logger.keyword'].value; if (path != null && path.toLowerCase().contains("number of agents")) { if ("AgentPeerPool".equals(logger)) { int firstIndex = path.indexOf("agents:"); int lastIndex = path.length(); if (lastIndex > 0) { return Integer.parseInt(path.substring(firstIndex+8,lastIndex)); } } } return ""; }}} === Class cache size === {{{ String path = doc['logmessage.keyword'].value; String logger = doc['logger.keyword'].value; if (path != null && path.toLowerCase().contains("class cache")) { if ("ClassCacheWritingThread".equals(logger)) { int firstIndex = path.indexOf("("); int lastIndex = path.lastIndexOf("."); if (lastIndex > 0) { return Integer.parseInt(path.substring(firstIndex+1,lastIndex)); } } } return ""; }}} |
Kibana
/usr/local/kibana-5.1.2-linux-x86_64/bin/kibana -p 80 -H 0.0.0.0&
Dev-Tools
1
GET _search
{
"query": {
"match_all": {}
}
}
PUT heartbeat-2019_reindex7
PUT postgres*/_settings
{
"index": {
"blocks": {
"read_only_allow_delete": "false"
}
}
}
GET _cluster/allocation/explain
POST _cluster/reroute?retry_failed=true
PUT postgres-2020-07
{
"settings" : {
"index" : {
"number_of_shards" : 1,
"number_of_replicas" : 0
}
}
}
PUT metricbeat-2020-07
{
"settings" : {
"index" : {
"number_of_shards" : 1,
"number_of_replicas" : 0
}
}
}
DELETE postgres-2020.06.*
DELETE heartbeat-*-2020.06.*
GET heartbeat-2020-05
POST _reindex
{
"source": {
"index": "metricbeat-*2020.07*"
},
"dest": {
"index": "metricbeat-2020-07"
}
}
POST _reindex
{
"source": {
"index": "postgres-2020.07.*"
},
"dest": {
"index": "postgres-2020-07"
}
}
POST heartbeat-*-2020.04.*/_open
DELETE heartbeat-*-2020.04*
POST _reindex
{
"source": {
"index": "heartbeat-2019"
},
"dest": {
"index": "heartbeat-2019_reindex7"
}
}
2
GET _search
{
"query": {
"match_all": {}
}
}
GET filebeat-2018.12.20/_mapping/doc/field/logmessage
PUT _template/filebeat
{
"index_patterns": ["filebeat-*"],
"mappings":{
"doc":{
"properties": {
"logmessage" : {
"type" : "text",
"fields" : {
"keyword" : {
"type" : "keyword",
"ignore_above" : 10000
}
}
}
}GET _template/filebeat
PUT filebeat-2019.03.20/_mapping/doc { "properties": {
- "logmessage" : {
- "type" : "text", "fields" : {
- "keyword" : {
- "type" : "keyword", "ignore_above" : 10000
- "keyword" : {
- "type" : "text", "fields" : {
- }
}
DELETE filebeat-2019.*
GET filebeat-2019.03.20-ri/_mapping/doc
GET filebeat-2019.03.20-ri/doc/1
PUT filebeat-2020-07
PUT filebeat-2018.07.17-ri
POST _reindex {
- "source": {
- "index": "filebeat-2020.07.*"
- "index": "filebeat-2020-07"
}
POST filebeat-2019.03.20-ri/_update_by_query {
- "script" : "ctx._source['host.name'] = ctx._source['beat.hostname']"
}
GET _refresh
POST filebeat-2019.03.20-ri/_search
PUT _template/filebeat {
- "index_patterns": ["filebeat-*"], "mappings":{
- "doc":{
"properties": {
- "logmessage" : {
- "type" : "text", "fields" : {
- "keyword" : {
- "type" : "keyword", "ignore_above" : 10000
- "keyword" : {
- "type" : "text", "fields" : {
- }
}}}
GET _template/filebeat
PUT filebeat-2018
DELETE filebeat-2017.*
POST _reindex {
- "source": {
- "index": "filebeat-2018.*"
- "index": "filebeat-2018"
}
GET filebeat-*2018.*
POST /filebeat-*2018.*/_close
POST /_reindex { "source": { "index": "filebeat-2018.*" },
- "dest": {
- "index": "filebeat-2018"},
- "inline": " ctx._source.host = ctx._source.beat.hostname;\n ctx._type = \"doc\";"
- }
}}}
Scripted Fields
Username
String path = doc['logmessage.keyword'].value;
String logger = doc['logger.keyword'].value;
if (path != null && path.toLowerCase().contains("user")) {
if ("ClientSessionInitializer".equals(logger)) {
int firstIndex = path.indexOf("'");
int lastIndex = path.lastIndexOf("'");
if (lastIndex > 0) {
return path.substring(firstIndex+1,lastIndex);
}
}
if ("PermissionManager".equals(logger)) {
int lastCollon = path.lastIndexOf(":");
if (lastCollon > 0) {
return path.substring(lastCollon+1);
}
}
}
return "";
Dashboard
String path = doc['logmessage.keyword'].value;
String logger = doc['logger.keyword'].value;
if (path != null && path.toLowerCase().contains("report")) {
if ("DashboardReporter".equals(logger)) {
int firstIndex = path.indexOf("'");
int lastIndex = path.lastIndexOf("'");
if (lastIndex > 0) {
return path.substring(firstIndex+1,lastIndex);
}
}
}
return "";
Number of Agents
String path = doc['logmessage.keyword'].value;
String logger = doc['logger.keyword'].value;
if (path != null && path.toLowerCase().contains("number of agents")) {
if ("AgentPeerPool".equals(logger)) {
int firstIndex = path.indexOf("agents:");
int lastIndex = path.length();
if (lastIndex > 0) {
return Integer.parseInt(path.substring(firstIndex+8,lastIndex));
}
}
}
return "";
Class cache size
String path = doc['logmessage.keyword'].value;
String logger = doc['logger.keyword'].value;
if (path != null && path.toLowerCase().contains("class cache")) {
if ("ClassCacheWritingThread".equals(logger)) {
int firstIndex = path.indexOf("(");
int lastIndex = path.lastIndexOf(".");
if (lastIndex > 0) {
return Integer.parseInt(path.substring(firstIndex+1,lastIndex));
}
}
}
return "";