首页 > 代码库 > 【ES】代码例子
【ES】代码例子
#!/usr/bin/env python #coding=utf-8 from elasticsearch import Elasticsearch from elasticsearch_dsl import Search class ES(object): def __init__(self): self.es = Elasticsearch(hosts="localhost:9200",timeout=60) def get_es_data(self, query = ""): resp = self.es.search(index="test", body=query, scroll="1m",size=10000) scroll_id = resp[‘_scroll_id‘] resp_docs = resp["hits"]["hits"] total = resp[‘hits‘][‘total‘] print total count = len(resp_docs) datas = resp_docs while len(resp_docs) > 0: scroll_id = resp[‘_scroll_id‘] resp = self.es.scroll(scroll_id=scroll_id, scroll="1m") resp_docs = resp["hits"]["hits"] datas.extend(resp_docs) count += len(resp_docs) if count >= total: break return datas def get_ip_data(self, start_time, end_time, ip): query = {"query": { "bool":{ "filter":{"range":{"timestamp":{"gte":start_time, "lt":end_time}}}, "must":{"match_phrase":{"src_ip": ip}} } } } data = self.get_es_data(query) print len(data) data = [d["_source"] for d in data] print len(data) print data[0:5] return data def get_ips(self, start_time, end_time): query = { "query":{ "bool":{ "filter":{"range":{"timestamp":{"gte":start_time, "lt":end_time}}}, "must":{"exists":{"field":"src_ip"}} } } } data = self.get_es_data(query) ips = [d["_source"]["src_ip"] for d in data] print len(ips) ips = list(set(ips)) print len(ips) print ips return ips if __name__ == "__main__": es_obj = ES() #es_obj.get_ips("2017-06-01T00:00:00", "2017-06-01T01:00:00") es_obj.get_ip_data("2016-11-14T00:00:00", "2016-11-15T00:00:00","192.168.0.45")
【ES】代码例子
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。