Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option "--formatted-output" to make stdout print JSON formatted test results #1897

Merged
merged 3 commits into from
Sep 11, 2018
Merged

Add option "--formatted-output" to make stdout print JSON formatted test results #1897

merged 3 commits into from
Sep 11, 2018

Conversation

johnsusek
Copy link
Contributor

@johnsusek johnsusek commented Sep 11, 2018
edited
Loading

Hello, we are writing a GUI to create alerts, built on top of bitsensor's api.

When testing a rule, the output that comes back isn't structured, so can't be parsed easily by a client.

This change adds a new option --formatted-output for elastalert.test_rule that outputs JSON results.

If this gets merged, a companion PR will get submitted to bitsensor's fork to take advantage of it.

Here is an example output for full run:

{
  "writeback": {
    "elastalert_status": {
      "hits": 11,
      "matches": 11,
      "@timestamp": "2018-09-11 16:55:07.546522+00:00",
      "rule_name": "test321",
      "starttime": "2018-09-10 16:55:03.854197+00:00",
      "endtime": "2018-09-11 16:55:03.854197+00:00",
      "time_taken": 3.6562910079956055
    }
  },
  "hits": 11,
  "terms": {
    "syslog_severity_code": 6,
    "service": "Vpxa",
    "tags": [],
    "syslog_severity": "informational",
    "@timestamp": "2018-09-10T18:16:23.461Z",
    "syslog_facility": "user-level",
    "host": "c5014-cesx121.ms",
    "@version": "1",
    "dept_id": "ms",
    "message": "- - [Originator@68762018-09-10T18:16:23.450Z Vpxa: verbose vpxa[FFC9AAE0] [Originator@6876[VpxaHalCnxHostagent::ProcessUpdate] Applying updates from 11843011 to 11843012 (at 11843011)",
    "syslog_pri": "14",
    "type": "syslog",
    "syslog_facility_code": 1
  },
  "name": "test321",
  "success": true,
  "days": 1
}

Here is an example output for countOnly:

{
  "hits": 11,
  "terms": {
    "syslog_severity_code": 6,
    "service": "Vpxa",
    "tags": [],
    "syslog_severity": "informational",
    "@timestamp": "2018-09-10T18:16:23.461Z",
    "syslog_facility": "user-level",
    "host": "c5014-cesx121.ms",
    "@version": "1",
    "dept_id": "ms",
    "message": "- - [Originator@68762018-09-10T18:16:23.450Z Vpxa: verbose vpxa[FFC9AAE0] [Originator@6876[VpxaHalCnxHostagent::ProcessUpdate] Applying updates from 11843011 to 11843012 (at 11843011)",
    "syslog_pri": "14",
    "type": "syslog",
    "syslog_facility_code": 1
  },
  "name": "test321",
  "success": true,
  "days": 1
}

Here is an example output for schemaOnly:

{
  "name": "test321",
  "success": true
}

@Qmando
Copy link
Member

Qmando commented Sep 11, 2018

Looks good. Could you add a small bit in the documentation?

@Qmando Qmando merged commit 298df6c into Yelp:master Sep 11, 2018
This was referenced Sep 11, 2018
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@johnsusek @Qmando