【发布时间】:2019-12-16 07:20:01
【问题描述】:
我正在使用 python elasticsearch 模块通过使用关键字搜索 filebeat 日志。与我在“Kibana Discover”中所做的相同,但我的搜索没有返回任何内容。
# make sure ES is up and running
import requests
res = requests.get('http://xxxxx:9200')
print(res.content)
# Import Elasticsearch package
from elasticsearch import Elasticsearch
# Connect to the elastic cluster
es=Elasticsearch([{'host':'xxxxx','port':9200}],timeout=30)
es
es.search(index='*', body={
'query': {
'match': {
'message': 'SocketTimeoutException',
}
}
})
es
它应该给我这样的日志文件,但它没有。
消息:14:20:01,387 错误 [com.yuma.jca.sockets.concox](默认线程 - 37)imei 的 MessageWork SocketTimeoutException:0358735075610732-> 读取超时 @timestamp:2019 年 8 月 8 日 @ 15: 20:01.559 ecs.version:1.0.0
但我是这样的,只有打印连接
b'{\n "name" : "kibana",\n "cluster_name" : "elasticsearch",\n "cluster_uuid" : "pspfiiegRre8OOFSsLWIhQ",\n "version" : {\n "number" : " 7.2.0",\n "build_flavor" : "default",\n "build_type" : "deb",\n "build_hash" : "508c38a",\n "build_date" : "2019-06-20T15:54: 18.811730Z",\n "build_snapshot" : false,\n "lucene_version" : "8.0.0",\n "minimum_wire_compatibility_version" : "6.8.0",\n "minimum_index_compatibility_version" : "6.0.0-beta1"\ n },\n "tagline" : "You Know, for Search"\n}\n'
【问题讨论】:
标签: python-3.x elasticsearch filebeat kibana-7