Created
July 18, 2018 16:06
-
-
Save SebastienGautier/5e00d1466294f99d59832dea94265687 to your computer and use it in GitHub Desktop.
Get daily computer usage based on explorer.exe running time with Elasticsearch and Metricbeats
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $client = ClientBuilder::create()->setHosts(['127.0.0.1'])->build(); | |
| $params = [ | |
| 'index' => 'metricbeat-*', | |
| 'body' => [ | |
| 'query' => [ | |
| 'bool' => [ | |
| 'must' => [ | |
| [ | |
| 'term' => [ | |
| 'system.process.name' => 'explorer.exe' | |
| ] | |
| ], | |
| /*[ | |
| 'range' => [ | |
| '@timestamp' => [ | |
| 'gte' => 'now-24h', | |
| 'lte' => 'now' | |
| ] | |
| ], | |
| ]*/ | |
| ], | |
| ] | |
| ], | |
| 'aggs' => [ | |
| 'group_by_username' => [ | |
| 'terms' => [ | |
| 'field' => 'system.process.username' | |
| ], | |
| 'aggs' => [ | |
| 'per_day' => [ | |
| 'date_histogram' => [ | |
| 'field' => '@timestamp', | |
| 'interval' => 'day', | |
| //'time_zone' => '+02:00' | |
| ], | |
| ] | |
| ], | |
| ], | |
| ] | |
| ] | |
| ]; | |
| $response = $client->search($params); | |
| foreach ($response['aggregations']['group_by_username']['buckets'] as $groupByUsername) { | |
| $username = $groupByUsername['key']; | |
| echo "<br>\n$username: <br>\n"; | |
| foreach ($groupByUsername['per_day']['buckets'] as $groupByDay) { | |
| $date = $groupByDay['key_as_string']; | |
| // We multiply per 10 because I'm sending the processes every 10 seconds, change this according to your update interval | |
| $hours = $groupByDay['doc_count'] * 10 / 60 / 60; | |
| echo "$date: $hours<br>\n"; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment