Thursday, June 21, 2018

Using Perl to read from elasticsearch

A perl script to read into elasticsearch
use Search::Elasticsearch; use URI::Escape; use DateTime;
$dt = DateTime->now; $start_timestamp = join ' ', $dt->ymd, '00:00:00'; $end_timestamp = join ' ', $dt->ymd, '23:59:59';
my $client = "something";
my $es = Search::Elasticsearch->new(trace_to => ['File','/var/log/perl/log-'.$start_timestamp.'.log'],nodes=>['http://10.9.8.x:9200/']);
my $scroll = $es->search(index => 'logstash-*',body => {"_source" => ["Name","syslogHostName"],"query" => { "match" => { "ClientName.raw" => "$client" } } }, size => 3000);

my @results = @{ $scroll->{hits}{hits} }; print "Total number of hosts: ".scalar @results."\n\n"; for (my $i=0 ; $i < (scalar @results); $i++ ) { print $results[$i]->{_source}->{syslogHostName}."\n"; }

No comments: