Unable to use variable in curl bash script

Jose_H · July 6, 2020, 12:42pm

Hi guys. I've been trying to use a variable called "Time Period Variable" in my bash script, but im unable to make it work:

#!/bin/bash

ES EVENT Threshold

number=10

Time Period Variable

es_period=now-1d

Elasticsearch query - Value Count

es_query=$(curl -s --cacert /etc/elasticsearch/certs/ca.crt -u elastic:PASSWORD -XGET "https://elastic.local:9200/csco-fmc-ms/_search" -H 'Content-Type: application/json' -d'{ "from" : 0, "size" : 1000, "query": { "bool" : { "must" : { "wildcard" : { "@computed.message.keyword": "*" } }, "filter": { "range": { "@timestamp": { "gte": "$es_period", "lte": "now" } } } } }}')

Execution

if [[ "$es_query" -ge "$number" ]]; then
echo "Threshold violated!";
else
echo "Threshold not violated.";
fi

I've tried to escape the quote as so

"gte: \"$es_period\"

but this is to no avail.

Any ideas how I can tackle this?

Yang_Wang · July 7, 2020, 6:39am

Variable substitution does not work inside single quotes. You can try something like the follows:

es_query=$(curl -s --cacert /etc/elasticsearch/certs/ca.crt -u elastic:PASSWORD -XGET "https://elastic.local:9200/csco-fmc-ms/_search 1" -H 'Content-Type: application/json' -d'{ "from" : 0, "size" : 1000, "query": { "bool" : { "must" : { "wildcard" : { "@computed.message.keyword": "*" } }, "filter": { "range": { "@timestamp": { "gte": "'$es_period'", "lte": "now" } } } } }}')

Jose_H · July 9, 2020, 11:03am

Worked great, thank you.

system · August 6, 2020, 11:03am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.