more work done
This commit is contained in:
parent
c8208aee21
commit
987002d8e8
|
|
@ -10,14 +10,31 @@ my $search;
|
|||
my $options;
|
||||
my $output;
|
||||
my $elastic;
|
||||
|
||||
my $module;
|
||||
my $invert;
|
||||
GetOptions(
|
||||
's=s' => \$search,
|
||||
'g=s' => \$options,
|
||||
'o=s' => \$output,
|
||||
'e=s' => \$elastic,
|
||||
'm=s' => \$module,
|
||||
'i' => \$invert,
|
||||
);
|
||||
|
||||
# Use module as the base to use allowing
|
||||
# the other settings to override it if defined.
|
||||
if (defined( $module )){
|
||||
if (!defined( $options )){
|
||||
$options=$module;
|
||||
}
|
||||
if (!defined( $output )){
|
||||
$output=$module;
|
||||
}
|
||||
if (!defined( $search )){
|
||||
$search=$module;
|
||||
}
|
||||
}
|
||||
|
||||
my $ess = Search::ESsearcher->new();
|
||||
|
||||
# reels in the options
|
||||
|
|
@ -39,7 +56,12 @@ my $results=$ess->search_run;
|
|||
|
||||
# processes the results
|
||||
$ess->load_output;
|
||||
$ess->results_process( $results );
|
||||
my @formatted=$ess->results_process( $results );
|
||||
#invert if requested
|
||||
if ($invert){
|
||||
@formatted=reverse(@formatted);
|
||||
}
|
||||
print join("\n", @formatted)."\n";
|
||||
|
||||
#use Data::Dumper;
|
||||
#print Dumper( $results );
|
||||
|
|
|
|||
|
|
@ -645,9 +645,7 @@ sub results_process{
|
|||
|
||||
@formatted=reverse(@formatted);
|
||||
|
||||
my $formatted_string=join("\n", @formatted);
|
||||
|
||||
print $formatted_string;
|
||||
return @formatted;
|
||||
}
|
||||
|
||||
=head search_get
|
||||
|
|
@ -704,7 +702,7 @@ sub search_fill_in{
|
|||
$self->{search_filled_in}=$processed;
|
||||
|
||||
$self->{search_usable}=undef;
|
||||
|
||||
#print $processed;
|
||||
eval {
|
||||
my $decoded=$self->{j}->decode( $processed );
|
||||
$self->{search_hash}=$decoded;
|
||||
|
|
|
|||
|
|
@ -59,6 +59,7 @@ return '
|
|||
[% DEFAULT o.facility = "*" %]
|
||||
[% DEFAULT o.severity = "*" %]
|
||||
[% DEFAULT o.pid = "*" %]
|
||||
[% DEFAULT o.msg = "*" %]
|
||||
[% DEFAULT o.size = "50" %]
|
||||
{
|
||||
"index": "logstash-*",
|
||||
|
|
@ -99,6 +100,11 @@ return '
|
|||
"query": [% o.pid.json %]
|
||||
}
|
||||
},
|
||||
{"query_string": {
|
||||
"default_field": "message",
|
||||
"query": [% o.msg.json %]
|
||||
}
|
||||
},
|
||||
[% IF o.dgt %]
|
||||
{"range": {
|
||||
"@timestamp": {
|
||||
|
|
@ -157,6 +163,7 @@ dgt=s
|
|||
dgte=s
|
||||
dlt=s
|
||||
dlte=s
|
||||
msg=s
|
||||
';
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue