本文整理匯總了Python中elastalert.elastalert.ElastAlerter.process_hits方法的典型用法代碼示例。如果您正苦於以下問題:Python ElastAlerter.process_hits方法的具體用法?Python ElastAlerter.process_hits怎麽用?Python ElastAlerter.process_hits使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類elastalert.elastalert.ElastAlerter的用法示例。
在下文中一共展示了ElastAlerter.process_hits方法的2個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: mock_hits
# 需要導入模塊: from elastalert.elastalert import ElastAlerter [as 別名]
# 或者: from elastalert.elastalert.ElastAlerter import process_hits [as 別名]
def mock_hits(self, rule, start, end, index):
""" Mocks the effects of get_hits using global data instead of Elasticsearch. """
docs = []
for doc in self.data:
if start <= ts_to_dt(doc[rule['timestamp_field']]) < end:
docs.append(doc)
# Remove all fields which don't match 'include'
for doc in docs:
for field in doc:
if field != '_id':
if not any([re.match(incl.replace('*', '.*'), field) for incl in rule['include']]):
doc.pop(field)
# Separate _source and _id, convert timestamps
resp = [{'_source': doc, '_id': doc['_id']} for doc in docs]
for doc in resp:
doc['_source'].pop('_id')
ElastAlerter.process_hits(rule, resp)
return resp示例2: mock_hits
# 需要導入模塊: from elastalert.elastalert import ElastAlerter [as 別名]
# 或者: from elastalert.elastalert.ElastAlerter import process_hits [as 別名]
def mock_hits(self, rule, start, end, index):
""" Mocks the effects of get_hits using global data instead of Elasticsearch. """
docs = []
for doc in self.data:
if start <= ts_to_dt(doc[rule["timestamp_field"]]) < end:
docs.append(doc)
# Remove all fields which don't match 'include'
for doc in docs:
fields_to_remove = []
for field in doc:
if field != "_id":
if not any([re.match(incl.replace("*", ".*"), field) for incl in rule["include"]]):
fields_to_remove.append(field)
map(doc.pop, fields_to_remove)
# Separate _source and _id, convert timestamps
resp = [{"_source": doc, "_id": doc["_id"]} for doc in docs]
for doc in resp:
doc["_source"].pop("_id")
ElastAlerter.process_hits(rule, resp)
return resp