Last active
March 3, 2017 15:04
-
-
Save filipposc5/50f1efa81e7980f88592063c01fe3cf5 to your computer and use it in GitHub Desktop.
dump from logstash to json serially
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import elasticsearch | |
| from elasticsearch import helpers | |
| import json | |
| es = elasticsearch.Elasticsearch() | |
| zz= helpers.scan(es, | |
| query={"query":{"filtered": {"filter": {"bool": {"must_not": [], "must": [ | |
| {"range": {"@timestamp": {"gte": 1488365745648, "lte": 1488378342740}}}]}}, "query": {"query_string": {"analyze_wildcard": True, "query": "project: \"fr-staffapp\""}}}}}, | |
| index="logstash-*" | |
| ,size=1000 | |
| ) | |
| v = 0 | |
| prevOne = '' | |
| sp = '' | |
| with open("fr-staffapp.json", "w") as f: | |
| f.write('[\n') | |
| for __, g in enumerate(zz): | |
| v += 1 | |
| if prevOne: | |
| f.write(json.dumps(prevOne) + ',\n') | |
| prevOne = g | |
| if v == 1: | |
| sp = '' | |
| if prevOne: | |
| f.write(sp + json.dumps(prevOne)) | |
| print "Wrote ", v, " records" | |
| f.write('\n]') | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment