我想找到 1 天前的日期时间,以便我可以在观察者发送的电子邮件中创建指向 kibana 的链接。使用 Elasticsearch 5.0.2
我试过下面的 watch ,但它返回错误
ScriptException[runtime error]; nested: IllegalArgumentException[Unable to find dynamic method [minusDays] with [1] arguments for class [org.joda.time.DateTime].];
joda DateTime 中确实存在减号。规范
但它在 elastic codebase 中不存在
这是 watch
PUT /_xpack/watcher/watch/errors-prod
{
"trigger": {
"schedule": {
"daily": {
"at": [
"08:36"
]
}
}
},
"input": {
"search": {
"request": {
"search_type": "query_then_fetch",
"indices": [
"<das-logstash-{now}>",
"<das-logstash-{now-1d}>"
],
"types": [
"redis-input"
],
"body": {
"size": 0,
"query": {
"match_all": {}
}
}
}
}
},
"actions": {
"send_email": {
"transform": {
"script" : "return [ 'from' : ctx.trigger.scheduled_time.minusDays(1) ]"
},
"email": {
"profile": "standard",
"from": "noreply@email.com",
"to": [
"me@email.com"
],
"subject": "errors",
"body": {
"html": "<html><body><p>from {{ctx.payload.from}}</p><p>to {{ctx.trigger.scheduled_time}}</p></body></html>"
}
}
}
}
}
最佳答案
我需要类似的东西,并且能够通过修改几乎来自弹性论坛的评论来解决这个问题。
"transform": {
"script" : {
"source" : "def payload = ctx.payload; DateFormat df = new SimpleDateFormat(\"yyyy-MM-dd'T'HH:mm:ss.SSS'Z'\"); ctx.payload.from = df.format(Date.from(Instant.ofEpochMilli(ctx.execution_time.getMillis() - (24 * 60 * 60 * 1000) ))); return payload"
}
},
希望有帮助!
关于elasticsearch - 弹性观察者电子邮件中的日期数学,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47573996/