当前位置: 首页>>代码示例>>Python>>正文


Python FlatlineRule.add_data方法代码示例

本文整理汇总了Python中elastalert.ruletypes.FlatlineRule.add_data方法的典型用法代码示例。如果您正苦于以下问题:Python FlatlineRule.add_data方法的具体用法?Python FlatlineRule.add_data怎么用?Python FlatlineRule.add_data使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在elastalert.ruletypes.FlatlineRule的用法示例。


在下文中一共展示了FlatlineRule.add_data方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_flatline

# 需要导入模块: from elastalert.ruletypes import FlatlineRule [as 别名]
# 或者: from elastalert.ruletypes.FlatlineRule import add_data [as 别名]
def test_flatline():
    events = hits(10)
    rules = {"timeframe": datetime.timedelta(seconds=30), "threshold": 2, "timestamp_field": "@timestamp"}

    rule = FlatlineRule(rules)

    # 1 hit should cause an alert until after at least 30 seconds pass
    rule.add_data(hits(1))
    assert rule.matches == []

    rule.add_data(events)

    # This will be run at the end of the hits
    rule.garbage_collect(ts_to_dt("2014-09-26T12:00:11Z"))
    assert rule.matches == []

    # This would be run if the query returned nothing for a future timestamp
    rule.garbage_collect(ts_to_dt("2014-09-26T12:00:45Z"))
    assert len(rule.matches) == 1
开发者ID:mesozoic,项目名称:elastalert,代码行数:21,代码来源:rules_test.py

示例2: test_flatline_query_key

# 需要导入模块: from elastalert.ruletypes import FlatlineRule [as 别名]
# 或者: from elastalert.ruletypes.FlatlineRule import add_data [as 别名]
def test_flatline_query_key():
    rules = {'timeframe': datetime.timedelta(seconds=30),
             'threshold': 1,
             'use_query_key': True,
             'query_key': 'qk',
             'timestamp_field': '@timestamp'}

    rule = FlatlineRule(rules)

    # Adding two separate query keys, the flatline rule should trigger for both
    rule.add_data(hits(1, qk='key1'))
    rule.add_data(hits(1, qk='key2'))
    rule.add_data(hits(1, qk='key3'))
    assert rule.matches == []

    # This will be run at the end of the hits
    rule.garbage_collect(ts_to_dt('2014-09-26T12:00:11Z'))
    assert rule.matches == []

    # Add new data from key3. It will not immediately cause an alert
    rule.add_data([create_event(ts_to_dt('2014-09-26T12:00:20Z'), qk='key3')])

    # key1 and key2 have not had any new data, so they will trigger the flatline alert
    timestamp = '2014-09-26T12:00:45Z'
    rule.garbage_collect(ts_to_dt(timestamp))
    assert len(rule.matches) == 2
    assert set(['key1', 'key2']) == set([m['key'] for m in rule.matches if m['@timestamp'] == timestamp])

    # Next time the rule runs, the key1 and key2 will have been forgotten. Now key3 will cause an alert
    timestamp = '2014-09-26T12:01:20Z'
    rule.garbage_collect(ts_to_dt(timestamp))
    assert len(rule.matches) == 3
    assert set(['key3']) == set([m['key'] for m in rule.matches if m['@timestamp'] == timestamp])
开发者ID:danielstorytel,项目名称:elastalert,代码行数:35,代码来源:rules_test.py

示例3: test_flatline_query_key

# 需要导入模块: from elastalert.ruletypes import FlatlineRule [as 别名]
# 或者: from elastalert.ruletypes.FlatlineRule import add_data [as 别名]
def test_flatline_query_key():
    rules = {
        "timeframe": datetime.timedelta(seconds=30),
        "threshold": 1,
        "use_query_key": True,
        "query_key": "qk",
        "timestamp_field": "@timestamp",
    }

    rule = FlatlineRule(rules)

    # Adding two separate query keys, the flatline rule should trigger for both
    rule.add_data(hits(1, qk="key1"))
    rule.add_data(hits(1, qk="key2"))
    rule.add_data(hits(1, qk="key3"))
    assert rule.matches == []

    # This will be run at the end of the hits
    rule.garbage_collect(ts_to_dt("2014-09-26T12:00:11Z"))
    assert rule.matches == []

    # Add new data from key3. It will not immediately cause an alert
    rule.add_data([create_event(ts_to_dt("2014-09-26T12:00:20Z"), qk="key3")])

    # key1 and key2 have not had any new data, so they will trigger the flatline alert
    timestamp = "2014-09-26T12:00:45Z"
    rule.garbage_collect(ts_to_dt(timestamp))
    assert len(rule.matches) == 2
    assert set(["key1", "key2"]) == set([m["key"] for m in rule.matches if m["@timestamp"] == timestamp])

    # Next time the rule runs, the key1 and key2 will have been forgotten. Now key3 will cause an alert
    timestamp = "2014-09-26T12:01:20Z"
    rule.garbage_collect(ts_to_dt(timestamp))
    assert len(rule.matches) == 3
    assert set(["key3"]) == set([m["key"] for m in rule.matches if m["@timestamp"] == timestamp])
开发者ID:mesozoic,项目名称:elastalert,代码行数:37,代码来源:rules_test.py

示例4: test_flatline

# 需要导入模块: from elastalert.ruletypes import FlatlineRule [as 别名]
# 或者: from elastalert.ruletypes.FlatlineRule import add_data [as 别名]
def test_flatline():
    events = hits(40)
    rules = {
        'timeframe': datetime.timedelta(seconds=30),
        'threshold': 2,
        'timestamp_field': '@timestamp',
    }

    rule = FlatlineRule(rules)

    # 1 hit should cause an alert until after at least 30 seconds pass
    rule.add_data(hits(1))
    assert rule.matches == []

    # Add hits with timestamps 2014-09-26T12:00:00 --> 2014-09-26T12:00:09
    rule.add_data(events[0:10])

    # This will be run at the end of the hits
    rule.garbage_collect(ts_to_dt('2014-09-26T12:00:11Z'))
    assert rule.matches == []

    # This would be run if the query returned nothing for a future timestamp
    rule.garbage_collect(ts_to_dt('2014-09-26T12:00:45Z'))
    assert len(rule.matches) == 1

    # After another garbage collection, since there are still no events, a new match is added
    rule.garbage_collect(ts_to_dt('2014-09-26T12:00:50Z'))
    assert len(rule.matches) == 2

    # Add hits with timestamps 2014-09-26T12:00:30 --> 2014-09-26T12:00:39
    rule.add_data(events[30:])

    # Now that there is data in the last 30 minutes, no more matches should be added
    rule.garbage_collect(ts_to_dt('2014-09-26T12:00:55Z'))
    assert len(rule.matches) == 2

    # After that window passes with no more data, a new match is added
    rule.garbage_collect(ts_to_dt('2014-09-26T12:01:11Z'))
    assert len(rule.matches) == 3
开发者ID:kureus,项目名称:elastalert,代码行数:41,代码来源:rules_test.py


注:本文中的elastalert.ruletypes.FlatlineRule.add_data方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。