pmuellr

#!/usr/bin/env node
'use strict'

// Processes Kibana logs queried from DevTools in an overview cluster,
// finding messages tagged with `query-result-out-of-time-range`.
// The output of the query should be saved to a file, which is then
// passed as an argument to this script.  The query is in a comment
// at the bottom of this file

const fs = require('fs')

pmuellr

sequenceDiagram
    participant Client
    participant Server
    Client->>Server: HTTP request
    Server->>Client: HTTP response

sequenceDiagram

pmuellr

#!/usr/bin/env node

const pathMod = require('node:path')

const PROGRAM = pathMod.basename(__filename)

const [issue, branch] = process.argv.slice(2)
if (!issue || !branch) {
	console.log(`
Usage: ${PROGRAM} <issue #> <git branch name>

pmuellr

# https://www.elastic.co/guide/en/elasticsearch/reference/master/esql.html

POST /_query
{
  "query": """
FROM .kibana-event-log-*

| WHERE event.provider == "alerting"
| WHERE event.action   == "execute"

pmuellr

{"attributes":{"fieldAttrs":"{\"provider_rule_type\":{\"count\":1},\"event.action\":{\"count\":1}}","fieldFormatMap":"{\"event.duration\":{\"id\":\"duration\",\"params\":{\"parsedUrl\":{\"origin\":\"https://pmuellr-8-7-0.kb.us-central1.gcp.cloud.es.io:9243\",\"pathname\":\"/app/management/kibana/dataViews/patterns/kibana-event-log\",\"basePath\":\"\"},\"inputFormat\":\"nanoseconds\",\"outputFormat\":\"asSeconds\",\"outputPrecision\":2,\"includeSpaceWithSuffix\":true,\"showSuffix\":true,\"useShortSuffix\":true}}}","fields":"[]","name":"ow23-05-event-log","runtimeFieldMap":"{\"provider_rule_type\":{\"type\":\"keyword\",\"script\":{\"source\":\"def provider = doc[\\\"event.provider\\\"];\\ndef ruleTyp1 = doc[\\\"rule.category\\\"];\\ndef ruleTyp2 = doc[\\\"kibana.alert.rule.rule_type_id\\\"];\\n\\nif (provider == null || provider.size() == 0) return;\\n\\nif (ruleTyp1 != null && ruleTyp1.size() != 0) {\\n    emit(provider.value + \\\"::\\\" + ruleTyp1.value);\\n    return;\\n} \\n\\nif (ruleTyp2 != null && ruleT

pmuellr

#!/usr/bin/env npx zx

import https from 'node:https'
import path from 'node:path'

const NAME = path.basename(import.meta.url)

$.verbose = false

const KBN_URL = process.env.KBN_URL

pmuellr

#!/usr/bin/env node

const fs = require('fs')

const [ fileName ] = process.argv.slice(2)

if (fileName == null) {
  console.error('input file with search response required')
  process.exit(0)
}

pmuellr

{
  "title": "saved object size",
  "data": {
    "values": [
    {
        "id": "ingest-download-sources:fleet-default-download-source",
        "coreMigrationVersion": "8.7.0",
        "type": "ingest-download-sources",
        "updatedAt": "2022-11-24T15:50:49.390Z",
        "size": 441

pmuellr

{"attributes":{"fieldAttrs":"{}","fields":"[]","name":"Task Manager","runtimeFieldMap":"{}","sourceFilters":"[]","timeFieldName":"task.runAt","title":".kibana_task_manager","typeMeta":"{}"},"coreMigrationVersion":"8.4.1","id":"c0766836-7fb8-4710-a7a5-f67c70145405","migrationVersion":{"index-pattern":"8.0.0"},"references":[],"type":"index-pattern","updated_at":"2022-10-05T22:27:48.679Z","version":"WzM3OTgwLDFd"}
{"attributes":{"description":"","state":{"datasourceStates":{"indexpattern":{"layers":{"fad2ab1a-f33d-47c8-bece-16d3b2ce0452":{"columnOrder":["aa331f51-914a-4329-a429-7cc0e771b6ab","aec91a26-7c5e-469a-ac39-544214281856","a35f50da-207e-4219-bcae-14f927450ec4"],"columns":{"a35f50da-207e-4219-bcae-14f927450ec4":{"dataType":"number","isBucketed":false,"label":"Count of records","operationType":"count","params":{"emptyAsNull":true},"scale":"ratio","sourceField":"___records___"},"aa331f51-914a-4329-a429-7cc0e771b6ab":{"dataType":"string","isBucketed":true,"label":"Top 3 values of task.taskType","operationTyp

pmuellr

POST .kibana-event-log-8.5.0/_search
{
  "size": 0,
  "query": {
    "bool" : {
      "must" : {
        "range": { "@timestamp": { "gte": "now-18s" }}
      },
      "filter": {
        "terms" : { "event.action" : ["new-instance", "active-instance", "recovered-instance"] }