本文整理汇总了Python中elastalert.elastalert.ElastAlerter.process_hits方法的典型用法代码示例。如果您正苦于以下问题:Python ElastAlerter.process_hits方法的具体用法?Python ElastAlerter.process_hits怎么用?Python ElastAlerter.process_hits使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类elastalert.elastalert.ElastAlerter的用法示例。
在下文中一共展示了ElastAlerter.process_hits方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: mock_hits
# 需要导入模块: from elastalert.elastalert import ElastAlerter [as 别名]
# 或者: from elastalert.elastalert.ElastAlerter import process_hits [as 别名]
def mock_hits(self, rule, start, end, index):
""" Mocks the effects of get_hits using global data instead of Elasticsearch. """
docs = []
for doc in self.data:
if start <= ts_to_dt(doc[rule['timestamp_field']]) < end:
docs.append(doc)
# Remove all fields which don't match 'include'
for doc in docs:
for field in doc:
if field != '_id':
if not any([re.match(incl.replace('*', '.*'), field) for incl in rule['include']]):
doc.pop(field)
# Separate _source and _id, convert timestamps
resp = [{'_source': doc, '_id': doc['_id']} for doc in docs]
for doc in resp:
doc['_source'].pop('_id')
ElastAlerter.process_hits(rule, resp)
return resp示例2: mock_hits
# 需要导入模块: from elastalert.elastalert import ElastAlerter [as 别名]
# 或者: from elastalert.elastalert.ElastAlerter import process_hits [as 别名]
def mock_hits(self, rule, start, end, index):
""" Mocks the effects of get_hits using global data instead of Elasticsearch. """
docs = []
for doc in self.data:
if start <= ts_to_dt(doc[rule["timestamp_field"]]) < end:
docs.append(doc)
# Remove all fields which don't match 'include'
for doc in docs:
fields_to_remove = []
for field in doc:
if field != "_id":
if not any([re.match(incl.replace("*", ".*"), field) for incl in rule["include"]]):
fields_to_remove.append(field)
map(doc.pop, fields_to_remove)
# Separate _source and _id, convert timestamps
resp = [{"_source": doc, "_id": doc["_id"]} for doc in docs]
for doc in resp:
doc["_source"].pop("_id")
ElastAlerter.process_hits(rule, resp)
return resp