python 实现elk接口获取数据

[root@ctum2A0703016 ~]# cat jiaoyihao.py
#!/usr/bin/python2.7

-- coding:utf-8 --

from datetime import datetime
from elasticsearch import Elasticsearch
import time
import datetime
import sys
import json
import urllib
import urllib2
import re
import time
import math
import chardet

def obtain(number):
es = Elasticsearch(
['10.24.0.13', '10.24.0.13'],
http_auth=('elastic', 'elastic'),
)

str_search= number + " AND " + "code"
res = es.search(index="logstash-*", body={
    "query": {
        "bool": {
            "must": [{"query_string": { "query": str_search }},
        {"match_phrase": { "fields.filename": {"query": "app-wanda-credit-ds.log"}}}                    
        ]
        }
    }
}
)
print ("Got %d Hits:" % res['hits']['total'])
for hit in res['hits']['hits']:
 s = json.loads(hit["_source"]["logmessage"].split(' ')[2])
code_value = s["code"]
msg_value = s["msg"] 
print "code : %s , msg : %s"%(code_value,msg_value)

print s_zidian

key = s_zidian.iterkeys()

CODE = key.next()

MSG = key.next()

print CODE

print MSG

result = dict(zip(CODE,MSG))

print result

if name == 'main':
number=sys.argv[1]
obtain(number)

转载于:https://blog.51cto.com/13945009/2166107

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值