elasticsearch 是否有一个python函数可以在elastic中创建alertindex

def alertindexes(data): print(data) data = [{'indexname': 'awsbill-octopusenabled*', 'presentday': 301, 'previousday': 301}, {'indexname': 'awsbill-octopusrole*', 'presentday': 335, 'previousday': 334}, {'indexname': 'awsbill-usernrole*', 'presentday': 279, 'previousday': 279}, {'indexname': 'awsbill-gc-rbac*', 'presentday': 3914, 'previousday': 3917}, {'indexname': 'awsbill-awsallusernrole*', 'presentday': 235, 'previousday': 234}, {'indexname': 'awsbill_ec2volupd*', 'presentday': 31911, 'previousday': 32010}, {'indexname': 'awsbill-predicted-ec2vol*', 'presentday': 5649, 'previousday': 4826}, {'indexname': 'awsbill-isdsaws-accounts*', 'presentday': 6026, 'previousday': 6026}, {'indexname': 'awsbill-users-account-info*', 'presentday': 11236, 'previousday': 11222}, {'indexname': 'awsbill-config*', 'presentday': 101736, 'previousday': 101808}, {'indexname': 'awsbill-budgets*', 'presentday': 568, 'previousday': 568}, {'indexname': 'awsbill-cases*', 'presentday': 35, 'previousday': 36}, {'indexname': 'awsbill-cost-usage*', 'presentday': 11279, 'previousday': 11654}, {'indexname': 'awsbill_s3_metrics_bsize*', 'presentday': 698, 'previousday': 698}, {'indexname': 'awsbill_s3api_list_objects*', 'presentday': 954, 'previousday': 954}, {'indexname': 'awsbill_s3api_object_versions*', 'presentday': 954, 'previousday': 954}, {'indexname': 'awsbill-ec2*', 'presentday': 11963, 'previousday': 12260}, {'indexname': 'awsbill_ec2upd*', 'presentday': 9092, 'previousday': 9300}, {'indexname': 'awsbill-elasticcache*', 'presentday': 241, 'previousday': 241}, {'indexname': 'awsbill-iam-policies*', 'presentday': 5244, 'previousday': 5239}, {'indexname': 'awsbill-iam-roles*', 'presentday': 49473, 'previousday': 49468}, {'indexname': 'awsbill-images*', 'presentday': 571712, 'previousday': 572146}, {'indexname': 'awsbill-kms*', 'presentday': 9373, 'previousday': 9301}, {'indexname': 'awsbill-rds*', 'presentday': 2294, 'previousday': 2280}, {'indexname': 'awsbill_rdsupd*', 'presentday': 2294, 'previousday': 2280}, {'indexname': 'awsbill-s3*', 'presentday': 4563, 'previousday': 4555}, {'indexname': 'awsbill-ssm*', 'presentday': 122475, 'previousday': 122475}, {'indexname': 'awsbill-support*', 'presentday': 12458, 'previousday': 12562}, {'indexname': 'awsbill-vol*', 'presentday': 39673, 'previousday': 39723}, {'indexname': 'awsbill_ctrail*', 'presentday': 189, 'previousday': 268}, {'indexname': 'awsbill-health*', 'presentday': 66583, 'previousday': 65313}, {'indexname': 'awsbill_costusage*', 'presentday': 0, 'previousday': 14120}, {'indexname': 'awsbill_eks_cluster*', 'presentday': 111, 'previousday': 111}, {'indexname': 'awsbill_eks_nodes*', 'presentday': 0, 'previousday': 0}, {'indexname': 'awsbill_eks_namespaces*', 'presentday': 0, 'previousday': 0}, {'indexname': 'awsbill_eks_pods*', 'presentday': 0, 'previousday': 0}, {'indexname': 'awsbill-grand-central*', 'presentday': 6026, 'previousday': 6026}, {'indexname': 'gcpbill_disks*', 'presentday': 14, 'previousday': 14}, {'indexname': 'gcpbill_iam_roles*', 'presentday': 1097, 'previousday': 1097}, {'indexname': 'gcpbill_instances*', 'presentday': 4, 'previousday': 4}, {'indexname': 'agg-awsbill-cwperc-cpuutilization-v2*', 'presentday': 6848, 'previousday': 6640}, {'indexname': 'agg-awsbill-cwperc-mem-cached-v2*', 'presentday': 5866, 'previousday': 5256}, {'indexname': 'agg-awsbill-cwperc-mem-total-v2*', 'presentday': 2322, 'previousday': 2859}, {'indexname': 'agg-awsbill-cwperc-mem-used-v2*', 'presentday': 462, 'previousday': 882}, {'indexname': 'agg-awsbill-cwperc-volumereadops*', 'presentday': 0, 'previousday': 0}, {'indexname': 'agg-awsbill-cwperc-volumewriteops*', 'presentday': 0, 'previousday': 0}, {'indexname': 'rollup-awsbill-cwperc-cpuutilization-p99-v2*', 'presentday': 11593, 'previousday': 11423}, {'indexname': 'rollup-awsbill-cwperc-mem-cached-p99-v2*', 'presentday': 5355, 'previousday': 5260}, {'indexname': 'rollup-awsbill-cwperc-mem-total-p99-v2*', 'presentday': 2163, 'previousday': 2094}, {'indexname': 'rollup-awsbill-cwperc-mem-used-p99-v2*', 'presentday': 871, 'previousday': 871}, {'indexname': 'rollup-awsbill-cwvol-volumereadops-v3*', 'presentday': 0, 'previousday': 0}, {'indexname': 'rollup-awsbill-cwvol-awsbill_cwvol_volumewriteops-v3*', 'presentday': 0, 'previousday': 0}] indexda = alertindexes(data)

您的思路是正确的，只需要添加一些逻辑检查。
数据本身包含一个dict列表，所以我给出了第一个dict（索引=0）的例子。
presentday和previousday似乎都出现在每个dict中，所以如果您想对每个dict进行测试，那么您应该执行for loop或list comprehension。

data = [{'indexname': 'awsbill-octopusenabled*', 'presentday': 301, 'previousday': 301}, {'indexname': 'awsbill-octopusrole*', 'presentday': 335, 'previousday': 334}, {'indexname': 'awsbill-usernrole*', 'presentday': 279, 'previousday': 279}, {'indexname': 'awsbill-gc-rbac*', 'presentday': 3914, 'previousday': 3917}, {'indexname': 'awsbill-awsallusernrole*', 'presentday': 235, 'previousday': 234}, {'indexname': 'awsbill_ec2volupd*', 'presentday': 31911, 'previousday': 32010}, {'indexname': 'awsbill-predicted-ec2vol*', 'presentday': 5649, 'previousday': 4826}, {'indexname': 'awsbill-isdsaws-accounts*', 'presentday': 6026, 'previousday': 6026}, {'indexname': 'awsbill-users-account-info*', 'presentday': 11236, 'previousday': 11222}, {'indexname': 'awsbill-config*', 'presentday': 101736, 'previousday': 101808}, {'indexname': 'awsbill-budgets*', 'presentday': 568, 'previousday': 568}, {'indexname': 'awsbill-cases*', 'presentday': 35, 'previousday': 36}, {'indexname': 'awsbill-cost-usage*', 'presentday': 11279, 'previousday': 11654}, {'indexname': 'awsbill_s3_metrics_bsize*', 'presentday': 698, 'previousday': 698}, {'indexname': 'awsbill_s3api_list_objects*', 'presentday': 954, 'previousday': 954}, {'indexname': 'awsbill_s3api_object_versions*', 'presentday': 954, 'previousday': 954}, {'indexname': 'awsbill-ec2*', 'presentday': 11963, 'previousday': 12260}, {'indexname': 'awsbill_ec2upd*', 'presentday': 9092, 'previousday': 9300}, {'indexname': 'awsbill-elasticcache*', 'presentday': 241, 'previousday': 241}, {'indexname': 'awsbill-iam-policies*', 'presentday': 5244, 'previousday': 5239}, {'indexname': 'awsbill-iam-roles*', 'presentday': 49473, 'previousday': 49468}, {'indexname': 'awsbill-images*', 'presentday': 571712, 'previousday': 572146}, {'indexname': 'awsbill-kms*', 'presentday': 9373, 'previousday': 9301}, {'indexname': 'awsbill-rds*', 'presentday': 2294, 'previousday': 2280}, {'indexname': 'awsbill_rdsupd*', 'presentday': 2294, 'previousday': 2280}, {'indexname': 'awsbill-s3*', 'presentday': 4563, 'previousday': 4555}, {'indexname': 'awsbill-ssm*', 'presentday': 122475, 'previousday': 122475}, {'indexname': 'awsbill-support*', 'presentday': 12458, 'previousday': 12562}, {'indexname': 'awsbill-vol*', 'presentday': 39673, 'previousday': 39723}, {'indexname': 'awsbill_ctrail*', 'presentday': 189, 'previousday': 268}, {'indexname': 'awsbill-health*', 'presentday': 66583, 'previousday': 65313}, {'indexname': 'awsbill_costusage*', 'presentday': 0, 'previousday': 14120}, {'indexname': 'awsbill_eks_cluster*', 'presentday': 111, 'previousday': 111}, {'indexname': 'awsbill_eks_nodes*', 'presentday': 0, 'previousday': 0}, {'indexname': 'awsbill_eks_namespaces*', 'presentday': 0, 'previousday': 0}, {'indexname': 'awsbill_eks_pods*', 'presentday': 0, 'previousday': 0}, {'indexname': 'awsbill-grand-central*', 'presentday': 6026, 'previousday': 6026}, {'indexname': 'gcpbill_disks*', 'presentday': 14, 'previousday': 14}, {'indexname': 'gcpbill_iam_roles*', 'presentday': 1097, 'previousday': 1097}, {'indexname': 'gcpbill_instances*', 'presentday': 4, 'previousday': 4}, {'indexname': 'agg-awsbill-cwperc-cpuutilization-v2*', 'presentday': 6848, 'previousday': 6640}, {'indexname': 'agg-awsbill-cwperc-mem-cached-v2*', 'presentday': 5866, 'previousday': 5256}, {'indexname': 'agg-awsbill-cwperc-mem-total-v2*', 'presentday': 2322, 'previousday': 2859}, {'indexname': 'agg-awsbill-cwperc-mem-used-v2*', 'presentday': 462, 'previousday': 882}, {'indexname': 'agg-awsbill-cwperc-volumereadops*', 'presentday': 0, 'previousday': 0}, {'indexname': 'agg-awsbill-cwperc-volumewriteops*', 'presentday': 0, 'previousday': 0}, {'indexname': 'rollup-awsbill-cwperc-cpuutilization-p99-v2*', 'presentday': 11593, 'previousday': 11423}, {'indexname': 'rollup-awsbill-cwperc-mem-cached-p99-v2*', 'presentday': 5355, 'previousday': 5260}, {'indexname': 'rollup-awsbill-cwperc-mem-total-p99-v2*', 'presentday': 2163, 'previousday': 2094}, {'indexname': 'rollup-awsbill-cwperc-mem-used-p99-v2*', 'presentday': 871, 'previousday': 871}, {'indexname': 'rollup-awsbill-cwvol-volumereadops-v3*', 'presentday': 0, 'previousday': 0}, {'indexname': 'rollup-awsbill-cwvol-awsbill_cwvol_volumewriteops-v3*', 'presentday': 0, 'previousday': 0}]

def alertindexes(data):
    # do a logic checks
    d = data[0]
    if d['presentday'] == d['previousday']:
        print('present = previous')
        return 1    
    if d['presentday'] >= d['previousday']*1.2:
        print('more than 20%')    
        return 2

indexda = alertindexes(data)

实验结果：

present = previous

EDIT：（循环示例）。
如果你想测试列表中的每一个dict，那么你可以这样做：

def alertindexes_loop(data):

    for d in data:
        # do a logic checks

        if d['presentday'] == d['previousday']:
            print('present = previous')

        if d['presentday'] >= d['previousday']*1.2:
            print('more than 20%')    

    return 'done'    

indexda = alertindexes_loop(data)

elasticsearch 是否有一个python函数可以在elastic中创建alertindex

1条答案

相关问题

热门标签

最新问答