1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
// This file is autogenerated, DO NOT EDIT
// how-to/use-elasticsearch-for-time-series-data.asciidoc:101
[source, python]
----
resp = client.search(
index="my-data-stream",
runtime_mappings={
"source.ip": {
"type": "ip",
"script": "\n String sourceip=grok('%{IPORHOST:sourceip} .*').extract(doc[ \"message\" ].value)?.sourceip;\n if (sourceip != null) emit(sourceip);\n "
}
},
query={
"bool": {
"filter": [
{
"range": {
"@timestamp": {
"gte": "now-1d/d",
"lt": "now/d"
}
}
},
{
"range": {
"source.ip": {
"gte": "192.0.2.0",
"lte": "192.0.2.255"
}
}
}
]
}
},
fields=[
"*"
],
source=False,
sort=[
{
"@timestamp": "desc"
},
{
"source.ip": "desc"
}
],
)
print(resp)
----
|
