def test_format_index():
pattern = 'logstash-%Y.%m.%d'
pattern2 = 'logstash-%Y.%W'
date = dt('2018-06-25T12:00:00Z')
date2 = dt('2018-06-26T12:00:00Z')
assert sorted(format_index(pattern, date, date).split(',')) == ['logstash-2018.06.25']
assert sorted(format_index(pattern, date, date2).split(',')) == ['logstash-2018.06.25', 'logstash-2018.06.26']
assert sorted(format_index(pattern, date, date2, True).split(',')) == ['logstash-2018.06.24',
'logstash-2018.06.25',
'logstash-2018.06.26']
assert sorted(format_index(pattern2, date, date2, True).split(',')) == ['logstash-2018.25', 'logstash-2018.26']
def alert(self, matches):
alert_content = {
'alert_subject': self.create_title(matches),
'alert_text': self.create_alert_body(matches)
}
es_document = {}
es_all_data = dict((k, v) for k, v in matches[0].iteritems())
es_all_data.update(alert_content)
self.populate_match_data(self.es_data, es_all_data, es_document)
# Init the ElasticSearchClient object
es_client = elasticsearch_client(self.conf)
now = ts_now()
es_target_index = format_index(self.es_index, now, now)
# Check the index exists (creates one if it does not yet exist)
if not es_client.indices.exists(es_target_index):
settings = {
'index': {
'number_of_shards': 2,
'number_of_replicas': 2,
'mapper': {
'dynamic': True
}
}
}
es_client.indices.create(es_target_index)
es_client.indices.put_settings(index=es_target_index,
body=settings)
elastalert_logger.info('Index \'%s\' created' % es_target_index)
# Write to target index
es_client.index(index=es_target_index,
doc_type=self.es_doc_type,
body=es_document)
elastalert_logger.info('Alert written into index %s' % es_target_index)