github.com/jcarley/cli@v0.0.0-20180201210820-966d90434c30/commands/logs/es.go (about)

     1  package logs
     2  
     3  import (
     4  	"bytes"
     5  	"encoding/json"
     6  	"fmt"
     7  	"strings"
     8  	"time"
     9  )
    10  
    11  func chooseQueryGenerator(version string) queryGenerator {
    12  	generator := generateES5Query
    13  	if strings.HasPrefix(version, "1.") {
    14  		generator = generateES1Query
    15  	} else if strings.HasPrefix(version, "2.") {
    16  		generator = generateES2Query
    17  	}
    18  	return generator
    19  }
    20  
    21  func generateES5Query(queryString, appLogsIdentifier, appLogsValue string, timestamp time.Time, from int, hostNames []string, fileName string) ([]byte, error) {
    22  	hostFilter, fileFilter := createFilters(hostNames, fileName)
    23  	query := `{
    24  	"_source": ["@timestamp", "message", "` + appLogsIdentifier + `"],
    25  	"query": {
    26  		"bool": {
    27  			"must": [
    28  				{"wildcard": {"message": "` + queryString + `"}},
    29  				{"term": {"` + appLogsIdentifier + `": "` + appLogsValue + `"}},` + fileFilter + `
    30  				{"range": {"@timestamp": {"gt": "` + fmt.Sprintf("%04d-%02d-%02dT%02d:%02d:%02dZ", timestamp.Year(), timestamp.Month(), timestamp.Day(), timestamp.Hour(), timestamp.Minute(), timestamp.Second()) + `"}}}
    31  			]` + hostFilter + `
    32  		}
    33  	},
    34  	"sort": [
    35  		{
    36  			"@timestamp": {
    37  				"order": "asc",
    38  				"unmapped_type":"boolean"
    39  			}
    40  		},
    41  		{
    42  			"message.raw": {
    43  				"order": "asc",
    44  				"unmapped_type":"boolean"
    45  			}
    46  		}
    47  	],
    48  	"from": ` + fmt.Sprintf("%d", from) + `,
    49  	"size": ` + fmt.Sprintf("%d", size) + `
    50  	}`
    51  	var buf bytes.Buffer
    52  	err := json.Compact(&buf, []byte(query))
    53  	if err != nil {
    54  		return nil, err
    55  	}
    56  	return buf.Bytes(), nil
    57  }
    58  
    59  func generateES2Query(queryString, appLogsIdentifier, appLogsValue string, timestamp time.Time, from int, hostNames []string, fileName string) ([]byte, error) {
    60  	hostFilter, fileFilter := createFilters(hostNames, fileName)
    61  	query := `{
    62  	"fields": ["@timestamp", "message", "` + appLogsIdentifier + `"],
    63  	"query": {
    64  		"wildcard": {
    65  			"message": "` + queryString + `"
    66  		}
    67  	},
    68  	"filter": {
    69  		"query": {
    70  			"bool": {
    71  				"must": [
    72  					{"term": {"` + appLogsIdentifier + `": "` + appLogsValue + `"}},
    73  					` + fileFilter + `
    74  					{"range": {"@timestamp": {"gt": "` + fmt.Sprintf("%04d-%02d-%02dT%02d:%02d:%02dZ", timestamp.Year(), timestamp.Month(), timestamp.Day(), timestamp.Hour(), timestamp.Minute(), timestamp.Second()) + `"}}}
    75  				]` + hostFilter + `
    76  			}
    77  		}
    78  	},
    79  	"sort": [
    80  		{
    81  			"@timestamp": {
    82  				"order": "asc",
    83  				"unmapped_type":"boolean"
    84  			}
    85  		},
    86  		{
    87  			"message.raw": {
    88  				"order": "asc",
    89  				"unmapped_type":"boolean"
    90  			}
    91  		}
    92  	],
    93  	"from": ` + fmt.Sprintf("%d", from) + `,
    94  	"size": ` + fmt.Sprintf("%d", size) + `
    95  	}`
    96  	var buf bytes.Buffer
    97  	err := json.Compact(&buf, []byte(query))
    98  	if err != nil {
    99  		return nil, err
   100  	}
   101  	return buf.Bytes(), nil
   102  }
   103  
   104  func generateES1Query(queryString, appLogsIdentifier, appLogsValue string, timestamp time.Time, from int, hostNames []string, fileName string) ([]byte, error) {
   105  	hostFilter, fileFilter := createFilters(hostNames, fileName)
   106  	query := `{
   107  	"fields": ["@timestamp", "message", "` + appLogsIdentifier + `"],
   108  	"query": {
   109  		"wildcard": {
   110  			"message": "` + queryString + `"
   111  		}
   112  	},
   113  	"filter": {
   114  		"query": {
   115  			"bool": {
   116  				"must": [
   117  					{"term": {"` + appLogsIdentifier + `": "` + appLogsValue + `"}},
   118  					` + fileFilter + `
   119  					{"range": {"@timestamp": {"gt": "` + fmt.Sprintf("%04d-%02d-%02dT%02d:%02d:%02dZ", timestamp.Year(), timestamp.Month(), timestamp.Day(), timestamp.Hour(), timestamp.Minute(), timestamp.Second()) + `"}}}
   120  				]` + hostFilter + `
   121  			}
   122  		}
   123  	},
   124  	"sort": {
   125  		"@timestamp": {
   126  			"order": "asc"
   127  		},
   128  		"message": {
   129  			"order": "asc"
   130  		}
   131  	},
   132  	"from": ` + fmt.Sprintf("%d", from) + `,
   133  	"size": ` + fmt.Sprintf("%d", size) + `
   134  	}`
   135  	var buf bytes.Buffer
   136  	json.Compact(&buf, []byte(query))
   137  	return buf.Bytes(), nil
   138  }
   139  
   140  func createFilters(hostNames []string, fileName string) (string, string) {
   141  	var hostFilter string
   142  	var fileFilter string
   143  	if len(hostNames) > 0 {
   144  		formattedHostNames := make([]string, len(hostNames))
   145  		for i, hostName := range hostNames {
   146  			formattedHostNames[i] = fmt.Sprintf(`"%s"`, hostName)
   147  		}
   148  		hostFilter = `,
   149  			"should": [`
   150  		for _, hostName := range hostNames {
   151  			hostFilter += `
   152  				{"match_phrase": {"host": "` + hostName + `"}},`
   153  		}
   154  		hostFilter = strings.TrimSuffix(hostFilter, ",")
   155  		hostFilter += `
   156  			],
   157  			"minimum_should_match": 1`
   158  	} else if len(fileName) > 0 {
   159  		fileFilter += `
   160  		{"match_phrase": {"file": "` + fileName + `"}},`
   161  	}
   162  	return hostFilter, fileFilter
   163  }