Python CardinalityRule.add_terms_data Beispiele

Programmiersprache: Python

Namespace / Paketname: elastalert.ruletypes

Klasse / Typ: CardinalityRule

Methode / Funktion: add_terms_data

Beispiele auf hotexamples.com: 4

Python CardinalityRule.add_terms_data - 4 Beispiele gefunden. Dies sind die am besten bewerteten Python Beispiele für die elastalert.ruletypes.CardinalityRule.add_terms_data, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Häufig verwendete Methoden

Anzeigen Verbergen

CardinalityRule(6)

add_data(4)

garbage_collect(4)

matches(3)

add_terms_data(2)

Beispiel #1

Datei anzeigen

Datei: rules_test.py Projekt: zlosim/elastalert

def test_cardinality_min():
    rules = {'min_cardinality': 4,
             'timeframe': datetime.timedelta(minutes=10),
             'query_key': 'user',
             'timestamp_field': '@timestamp'}
    rule = CardinalityRule(rules)

    # Add 2 different usernames, alert
    users = ['foo', 'bar']
    terms = {datetime.datetime.now(): [{"key": user} for user in users]}
    rule.add_terms_data(terms)
    assert len(rule.matches) == 1
    rule.matches = []
    # Add 3 more unique
    users = ['foo', 'bar', "baz", "hoo"]
    terms = {datetime.datetime.now(): [{"key": user} for user in users]}
    rule.add_terms_data(terms)
    assert len(rule.matches) == 0

Beispiel #2

Datei anzeigen

Datei: rules_test.py Projekt: zlosim/elastalert

def test_cardinality_max():
    rules = {'max_cardinality': 4,
             'timeframe': datetime.timedelta(minutes=10),
             'query_key': 'user',
             'timestamp_field': '@timestamp'}
    rule = CardinalityRule(rules)

    # Add 4 different usernames
    users = ['bill', 'coach', 'zoey', 'louis']
    terms = {datetime.datetime.now(): [{"key": user} for user in users]}
    rule.add_terms_data(terms)
    assert len(rule.matches) == 0

    # Next unique will trigger
    users2 = ['bill', 'coach', 'zoey', 'louis', "me"]
    terms = {datetime.datetime.now(): [{"key": user} for user in users2]}
    rule.add_terms_data(terms)
    assert len(rule.matches) == 1

Beispiel #3

Datei anzeigen

def test_cardinality_min():
    rules = {
        'min_cardinality': 4,
        'timeframe': datetime.timedelta(minutes=10),
        'query_key': 'user',
        'timestamp_field': '@timestamp'
    }
    rule = CardinalityRule(rules)

    # Add 2 different usernames, alert
    users = ['foo', 'bar']
    terms = {datetime.datetime.now(): [{"key": user} for user in users]}
    rule.add_terms_data(terms)
    assert len(rule.matches) == 1
    rule.matches = []
    # Add 3 more unique
    users = ['foo', 'bar', "baz", "hoo"]
    terms = {datetime.datetime.now(): [{"key": user} for user in users]}
    rule.add_terms_data(terms)
    assert len(rule.matches) == 0

Beispiel #4

Datei anzeigen

def test_cardinality_max():
    rules = {
        'max_cardinality': 4,
        'timeframe': datetime.timedelta(minutes=10),
        'query_key': 'user',
        'timestamp_field': '@timestamp'
    }
    rule = CardinalityRule(rules)

    # Add 4 different usernames
    users = ['bill', 'coach', 'zoey', 'louis']
    terms = {datetime.datetime.now(): [{"key": user} for user in users]}
    rule.add_terms_data(terms)
    assert len(rule.matches) == 0

    # Next unique will trigger
    users2 = ['bill', 'coach', 'zoey', 'louis', "me"]
    terms = {datetime.datetime.now(): [{"key": user} for user in users2]}
    rule.add_terms_data(terms)
    assert len(rule.matches) == 1