I have log file which has XML data and I am using XML filter to insert it into Elasticsearch. Now i want to retrieve data from Elasticsearch using Elasticsearch_DSL python library. I am not able to retrieve it. The JSON response I am getting from Elasticsearch does not contain any data of the XML fields but I can see them in Kibana. is there any way to access it?
Here is the mapping using GET /_mapping.
below is the code I use to get the data
from elasticsearch import Elasticsearch
from elasticsearch_dsl import Search
import json
client = Elasticsearch(['http://localhost:9200'])
s = Search(using=client, index="activedir-*", doc_type = 'doc').filter('range', **{'@timestamp': {'gte': 'now-30m' , 'lt': 'now'}})
response = s.execute()
# print(response.to_dict())
for hit in s.scan():
print(hit.to_dict())
print("---------------------------")
print(hit.parsed_xml.EventID)
I am getting this error
Traceback (most recent call last):
File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/site-packages/elasticsearch_dsl/utils.py", line 123, in __getattr__
return self.__getitem__(attr_name)
File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/site-packages/elasticsearch_dsl/utils.py", line 136, in __getitem__
return _wrap(self._d_[key])
KeyError: 'parsed_xml'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "Fitness_AD_Eventid_Alert.py", line 16, in <module>
print(hit.parsed_xml.EventID)
File "/Library/Frameworks/Python.framework/Versions/3.7/lib/python3.7/site-packages/elasticsearch_dsl/utils.py", line 126, in __getattr__
'%r object has no attribute %r' % (self.__class__.__name__, attr_name))
AttributeError: 'Hit' object has no attribute 'parsed_xml'
Miltons-MacBook-Air:user_test samvidkulkarni$