A little ELK zsh script to make working repetive tasks a bit easier

elk.zsh

#!/usr/bin/env zsh

emulate -L zsh || return 1

# Top level variables
eshost="http://support.internal.sevenmatches.com"
esport=9200 beat=(top packet file) beats=(${^beat}beat)

#
# Task handler
#
function task()
{
    # variable declaration
    typeset -a o_verb o_obj o_expr o_pred o_eol # one dim arrs
    local verb obj xpr pred eol # local member variables

    # defaults to the function as tupples (cons nodes)
    o_verb=(-v starting) o_obj=(-o something) # notification strings
    o_expr=(-e 'print foo') o_pred=(-p foo) # execution and evaluation
    # extras such as line ending, the carriage return forcing overwrite of previous message
    o_eol=(-l '\r')
    
    # process function argument switches and values
    zparseopts -K -- v:=o_verb o:=o_obj e:=o_expr p:=o_pred
    
    # set variables to the linked list value (zsh arrs start at 1)
    verb=${o_verb[2]} obj=${o_obj[2]} xpr=${o_expr[2]} pred=${o_pred[2]} eol=${o_eol[2]}

    # pre notification publish string printed
    print -Pn "%F{yellow}؟%f ${verb} ${obj}"

    # execution of expression
    result=$(eval ${(e)xpr}) # hence nothing else is needed here, but store the result

    # conclusion of premise (post-execution return value comparison or evaluation of result)
    if [[ ${result} == ${pred} ]]; then retval=1; else retval=0; fi

    # colorful response string format with ternary expressions
    fmt="%F{%(c.red.green)}%(c.✗.✓)%f ${verb} ${obj} %(c.failed miserably.succeeded) [%F{%(c.red.green)}%(c.FAIL.GOOD)%f]"
    zformat -f tmp ${fmt} "c:${retval}"

    sleep 1 # always delay a little bit in between (1 second)

    # print final output success or failure, write newline or overwrite pre
    print -P "${eol}${tmp}"
 
}

#
# Elasticsearch operations:
# get     main (general status info)
# get     cat  (show all registered indices)
# get     idxarr (array of all indices)
# delete  idx (delete a index by name)
# delete  all (delete all indices)
# Note that deleted indices may just re-add themselves straight
# away (real-time remember)
#
function es-{get-{main,cat,idxarr},delete-{idx,all}}
{
  # local member variables parsing the zsh function family names
  : ${name::=${0#*-}} ${verb::=${name%-*}} ${cmd::=${name##*-}}

  # internal helper function to execute Elasticsearch HTTP REST API calls
  function es() { eval "curl -s -X${(U)verb} ${eshost}:${esport}/${1}" }

  # Command execution conditional branches based on the verb (second word
  # of hyphen seperated function name) first.
  case ${(U)verb} in

      (GET) # HTTP Request
        # next on third word (command)
        case ${cmd} in
          (main)   es ;;
          (cat)    es _cat/indices ;;
          # call our own function as helper before further processing
          (idxarr) es-get-cat | awk '{print $3}' | tr '\n' ' ' ;;
        esac
        ;;

      (DELETE) # HTTP Request
        case ${cmd} in
          (idx) es ${1} ;;
          (all) for x ($(es-get-idxarr)) es-delete-idx ${x} ;;
        esac
        ;;

  esac
}


#
# Registers a beat with elasticsearch
#
function register_beats()
{
  # iterate beats known atm
  for b (${beats}) {
    # ensure it is installed on the system before
    test -z ${commands[${b}]} || {
      # execute registration of the beat at elasticsearch
      task -v registering -o ${b} -e \
          "curl -s -XPUT '${eshost:-localhost}:${esport:-9200}/_template/${b}' -d@/etc/${b}/${b}.template.json"\
          -p '{"acknowledged":true}'
      # restart the systemd service
      task -v restarting -o ${b} -e \
          "sudo systemctl restart ${b}" \
          -p '' # success should return no output, failure does
    }
  }
}