Availavility reports

zenkovac · August 11, 2023, 5:14pm

hi, im looking for a way to have an availability report with maintenance windows exluded from the calculation.
I have an index with availavility events that have basic status of 0 or 1, i can easily calculate the percentage of ok status over a period of time and calculate the percentage, I need to also take into account multiple maintenance windows that occur during a month, so events inbetween those windows wont afect the availavility report:

example of events:

■availavility events
value=1/0 (1=ok,0=nok)
timestamp=date an time of event
type=status

■maintenance window events
start_date=date for start of window
end_datedate for end of window
type=maintenance_window

can anyone give me a hint?

regards

zenkovac · August 16, 2023, 12:47pm

anyone?

zenkovac · August 17, 2023, 3:16pm

is it possible to do something like this with painless?

zenkovac · August 21, 2023, 2:24pm

something like this:

{
"query": {
"bool": {
"must_not": {
"bool": {
"should": [
{
"range": {
"timestamp": {
"gte": "exceptions_index.start_time",
"lte": "exceptions_index.end_time"
}
}
}
],
"minimum_should_match": 1
}
}
}
}
}

but its not wotking

Request error: date_time_parse_exception, Failed to parse with all enclosed parsers in failed to parse date field [[ RANGE exceptions_index.start_time TO exceptions_index.end_time ]] with format [strict_date_optional_time||epoch_millis]

zenkovac · August 24, 2023, 7:03pm

solution was to enrich availability events because there is no such functionality like joins or sql "exists" in elk

in processor output do an update_by_query with the help of a painless script:

    http {
        url => "http://IP:9200/availavility_events/_update_by_query"
        headers => { "Authorization" => "Basic xxxxxx" }
        http_method => "post"
        format => "message"
        content_type => "application/json"
        message => '{"script":{"source":"ctx._source.maintenance_window = 1","lang":"painless"},"query":{"bool":{"filter":[{"range":{"time":{"gte":"%{start_time}","lte":"%{end_time}"}}}]}}}'
    }

The basic authentication field "xxxxxx" can be obtained with a base64 of user:password for the elastic api

system · September 21, 2023, 7:04pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.