status-im
/
infra-utils
mirror of https://github.com/status-im/infra-utils.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

esclean.py: add support for source IP and tags 

Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
Jakub Sokołowski 2020-05-27 13:02:10 +02:00
parent 55ba86a864
commit 7baff3493d
No known key found for this signature in database
GPG Key ID: 4EF064D0E6D63020
1 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
elasticsearch/esclean.py
View File

@ -16,6 +16,8 @@ def parse_opts():
help='ElasticSearch port.') help='ElasticSearch port.')
parser.add_option('-i', '--index-pattern', default='logstash-*', parser.add_option('-i', '--index-pattern', default='logstash-*',
help='Patter for matching indices.') help='Patter for matching indices.')
parser.add_option('-t', '--tag',
help='Had given tag.')
parser.add_option('-p', '--program', parser.add_option('-p', '--program',
help='Program to query for.') help='Program to query for.')
parser.add_option('-m', '--message', parser.add_option('-m', '--message',
@ -24,6 +26,8 @@ def parse_opts():
help='Fleet to query for.') help='Fleet to query for.')
parser.add_option('-s', '--severity', parser.add_option('-s', '--severity',
help='Log severity/level.') help='Log severity/level.')
parser.add_option('-I', '--logsource-ip',
help='IP of log source.')
parser.add_option('-o', '--older-than', parser.add_option('-o', '--older-than',
help='How old the logs should be, in days.') help='How old the logs should be, in days.')
parser.add_option('-d', '--delete', action='store_true', parser.add_option('-d', '--delete', action='store_true',
@ -37,8 +41,8 @@ def print_logs(docs):
for doc in docs: for doc in docs:
log = doc['_source'] log = doc['_source']
print('{:26} {:21} {:38} {}'.format( print('{:26} {:21} {:38} {}'.format(
log['@timestamp'], log['program'], log['@timestamp'], log.get('program', 'unknown'),
log['logsource'], log['message'][:90] log.get('logsource', 'unknown'), log['message'][:2000]
)) ))
@retry(ConflictError, tries=5, delay=120, backoff=2) @retry(ConflictError, tries=5, delay=120, backoff=2)
@ -60,12 +64,16 @@ def main():
indices = es.indices.get(index=opts.index_pattern).keys() indices = es.indices.get(index=opts.index_pattern).keys()
queries = [] queries = []
if opts.tag:
queries.append({'match': {'tags': opts.tag}})
if opts.program: if opts.program:
queries.append({'term': {'program': opts.program}}) queries.append({'term': {'program': opts.program}})
if opts.fleet: if opts.fleet:
queries.append({'term': {'fleet': opts.fleet}}) queries.append({'term': {'fleet': opts.fleet}})
if opts.severity: if opts.severity:
queries.append({'term': {'severity_name': opts.severity}}) queries.append({'term': {'severity_name': opts.severity}})
if opts.logsource_ip:
queries.append({'term': {'logsource_ip': opts.logsource_ip}})
if opts.message: if opts.message:
queries.append({'match_phrase':{'message': opts.message}}) queries.append({'match_phrase':{'message': opts.message}})
if opts.query: if opts.query: