查询elasticsearch索引日志条数
只是用来记录一些简单的报警脚本
看看就行
]# cat es_index_count.sh
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin
#dhger的2台服务器
for i in {2008,2008-2};
do
curl -u elastic:elk_123 -X GET http://127.0.0.1:9200/dhger-*/_count -H 'Content-Type: application/json' -d '
{
"query": {
"bool": {
"must": [],
"filter": [
{ "match_phrase":
{"agent.hostname.keyword": {"query": "'$i'" }
}
},
{"range": {
"@timestamp": {"from": "now-15m"}
}
}
]
}
}
}' > /soft/ecc-${i}.txt
y=`awk -F '[:,]' '{print $2}' /soft/ecc-${i}.txt`
if [ $y -eq 0 ];then
#/bin/bash /soft/alert.sh "dhgner-$i" "$y"
/usr/bin/python /soft/python3 "`date +%H:%M` dhger服务 $i" "$y"
sleep 10
echo $y
fi
done
#dher的2台服务器
for i in {dh-2008,ct-2008-2};
do
curl -u elastic:elk_123 -X GET http://127.0.0.1:9200/dher-*/_count -H 'Content-Type: application/json' -d '
{
"query": {
"bool": {
"must": [],
"filter": [
{ "match_phrase":
{"agent.hostname.keyword": {"query": "'$i'" }
}
},
{"range": {
"@timestamp": {"from": "now-15m"}
}
}
]
}
}
}' > /soft/signer-${i}.txt
y=`awk -F '[:,]' '{print $2}' /soft/dher-${i}.txt`
if [ $y -eq 0 ];then
#/bin/bash /soft/alert.sh "dher-$i" "$y"
/usr/bin/python /soft/python3 "`date +%H:%M` siger服务 $i" "$y"
sleep 10
echo $y
fi
done
You have mail in /var/spool/mail/root
配置定时任务
*/5 8-19 * * * /bin/bash /soft/es_index_count.sh &>/var/es_count.log