Skip to content

/ examples

Home for Elasticsearch examples available to everyone. It's a great way to get started.

Apache-2.0 License
2.4k stars 1.1k forks
Star
Notifications
master
Switch branches/tags
45 branches 3 tags
Code
Clone

Use Git or checkout with SVN using the web URL.

Latest commit

@ypid-geberit
ypid-geberit Fix/improve watcher test scripts: YAML support, metadata-git-commit, …
dbc75a9 Jul 23, 2021
Fix/improve watcher test scripts: YAML support, metadata-git-commit, … 
…better error handling, --cacert, multiple time fields (#239)

* run_test.py: Improve/cleanup and add YAML support for input files

* Cleanup shell scripts according to ShellCheck recommendations

* run_test.py: Cleanup Indices after test to not pollute tests env

* run_test.py: More useful error message if logging action did not run

* run_test.py: Refactor

* run_test.py: Use load_file() for ES scripts as well to support YAML

* run_test.py: Implement --no-execute-watch needed for deployment

Needed for: elastic/elasticsearch#30112 (comment)

> I already have a workaround in place for this which consists of automatically deploying as many watches as I need to send different mails. Those watches are derived from my watch definition. For this, I extended [run_test.py](https://github.com/elastic/examples/blob/master/Alerting/Sample%20Watches/run_test.py) to inject Python code after the watch definition is read. Not ideal, but it is maintainable.

* run_test.py: Support to inject Python code, useful for deployment

Needed for: elastic/elasticsearch#30112 (comment)

> I already have a workaround in place for this which consists of automatically deploying as many watches as I need to send different mails. Those watches are derived from my watch definition. For this, I extended [run_test.py](https://github.com/elastic/examples/blob/master/Alerting/Sample%20Watches/run_test.py) to inject Python code after the watch definition is read. Not ideal, but it is maintainable.

* run_test.py: Implement --no-test-index needed for deployment

Needed for: elastic/elasticsearch#30112 (comment)

> I already have a workaround in place for this which consists of automatically deploying as many watches as I need to send different mails. Those watches are derived from my watch definition. For this, I extended [run_test.py](https://github.com/elastic/examples/blob/master/Alerting/Sample%20Watches/run_test.py) to inject Python code after the watch definition is read. Not ideal, but it is maintainable.

* run_test.py: Add --metadata-git-commit switch to augment watch metadata

* run_test.py: Add --cacert parameter

* run_test.py: More useful error message if logging action did not run

* run_test.py: Use `git rev-parse --short HEAD` for --metadata-git-commit

* run_test.py: More useful error message if transform failed

* run_test.py: Implement --minify-scripts

Workaround for: elastic/elasticsearch#35184

* "Scripts may be no longer than 16384 characters." is in ES<v6.6 not >6.6

* run_test.py: Improve compatibility with ES 7.0.x and index templates

* run_test.py: Better error message if expected_response is not defined

* run_test.py: Show watch exception on execution failure

* run_test.py: In case a transform fails the transform input is relevant

* run_test.py: Support multiple time fields

Useful when you have two time fields that in reality should be very
close so in testing it is enough to set them to the same value.

* [run_test.py] ES 7 support. Update to Py3 and drop elasticsearch_xpack.

* [run_test.py] Add --verbose parameter to debug ES responses

* [run_test.py] Comply with Python Enhancement Proposals

* [run_test.py] Comply with reuse.software

* [run_test.py] Avoid `not` in condition to make it easier to understand

* [run_test.py] Use str.format instead of "%s" % for consistency

* [run_test.py] Fix ./run_all_tests.sh test run. All passing again.

* [run_test.py] Support nested fields in time_fields test parameter

Example:

```yaml
time_fields:
  - '@timestamp'
  - 'event.created'
```

* [run_test.py] Use dict.get shortcut
dbc75a9

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
APM/Node.js/Kubernetes
update title
Jan 24, 2020
Alerting
Fix/improve watcher test scripts: YAML support, metadata-git-commit, …
Jul 23, 2021
Cloud Enterprise/Getting Started Examples
mionr bugfixes and better handling of sleep from variables.tf file
Jun 7, 2020
Common Data Formats
Update apache_template.json (#225)
Jun 20, 2018
Exploring Public Datasets
text only edit
Jun 10, 2019
GKE-On-Prem
fix label names
Oct 22, 2020
Graph
Update index_users.py
Aug 6, 2017
Machine Learning
Merge branch 'master' of https://github.com/elastic/examples
May 29, 2021
Maps/Getting Started Examples/geojson_upload_and_styling
Add maps geojson upload getting started example files
Jul 11, 2019
Miscellaneous
Add example using Beats modules for Kafka monitoring (#252)
Jun 12, 2019
MonitoringEKS
Update README.md
Apr 22, 2020
MonitoringKubernetes
update Beats to 7.6 and kube-state-metrics for k8s 1.14
Mar 13, 2020
Reference/Beats
Update README.md
Apr 2, 2020
Search
Move the java search example to 6.2.3 and the latest java client (#218)
Apr 6, 2018
Security Analytics
Fix typos (minor) (#266)
Dec 28, 2020
Speed Layer
Update README.md
Sep 16, 2019
beats-k8s-send-anywhere
select Metricbeat index pattern
Dec 27, 2020
blog
Update mozi-obfuscation-technique.yara
Jul 1, 2021
canvas
Fix index discrepancy in AMA canvas examples (#243)
Dec 1, 2018
k8s-observability-with-eck
add echo back
Jul 10, 2019
scraping-prometheus-k8s-with-metricbeat
specific version
Jul 12, 2019
.gitattributes
Repo Restructure
Jul 7, 2017
.gitignore
Update Requirements for cdc example
Nov 6, 2017
CONTRIBUTING.md
Update CONTRIBUTING.md
Aug 2, 2017
Installation and Setup.md
updates for security/malware (#217)
Apr 6, 2018
LICENSE
Initial commit
Sep 9, 2014
README.md
Retiring x-pack terminology (#278)
Dec 28, 2020
Introduction Contents Quick start Contributing Example catalog Common Data Formats Exploring Public Datasets Getting Started with Graph exploration Alerting on Elastic Stack Machine learning Search & API Examples Security Analytics Miscellaneous

README.md

Introduction

This is a collection of examples to help you get familiar with the Elastic Stack. Each example folder includes a README with detailed instructions for getting up and running with the particular example. The following information pertains to the examples repo as a whole.

Contents

Quick start

You have a few options to get started with the examples:

  • If you want to try them all, you can download the entire repo . Or, if you are familiar with Git, you can clone the repo. Then, simply follow the instructions in the individual README of the examples you're interested in to get started.

  • If you are only interested in a specific example or two, you can download the contents of just those examples - follow instructions in the individual READMEs OR you can use some of the options mentioned here.

Contributing

See here

Example catalog

Below is the list of examples available in this repo:

Common Data Formats

Exploring Public Datasets

Examples using the Elastic Stack for analyzing public dataset.

Getting Started with Graph exploration

Alerting on Elastic Stack

Alerting lets you set up watches (or rules) to detect and alert on changes in your Elasticsearch data. Below is a list of examples watches that configured to detect and alert on a few common scenarios:

Machine learning

Search & API Examples

Security Analytics

Miscellaneous

About

Home for Elasticsearch examples available to everyone. It's a great way to get started.

Resources

Readme

License

Apache-2.0 License

Releases 3

Final Release Prior to 5.0 Latest
Oct 28, 2016
+ 2 releases

Packages

No packages published

Contributors 72

+ 61 contributors

Languages