| /* global _ */ |
| |
| /* |
| * Complex scripted Logstash dashboard |
| * This script generates a dashboard object that Kibana can load. It also takes a number of user |
| * supplied URL parameters, none are required: |
| * |
| * index :: Which index to search? If this is specified, interval is set to 'none' |
| * pattern :: Does nothing if index is specified. Set a timestamped index pattern. Default: [logstash-]YYYY.MM.DD |
| * interval :: Sets the index interval (eg: day,week,month,year), Default: day |
| * |
| * split :: The character to split the queries on Default: ',' |
| * query :: By default, a comma separated list of queries to run. Default: * |
| * |
| * from :: Search this amount of time back, eg 15m, 1h, 2d. Default: 15m |
| * timefield :: The field containing the time to filter on, Default: @timestamp |
| * |
| * fields :: comma separated list of fields to show in the table |
| * sort :: comma separated field to sort on, and direction, eg sort=@timestamp,desc |
| * |
| */ |
| |
| |
| |
| // Setup some variables |
| var dashboard, queries, _d_timespan; |
| |
| // All url parameters are available via the ARGS object |
| var ARGS; |
| |
| // Set a default timespan if one isn't specified |
| _d_timespan = '1d'; |
| |
| // Intialize a skeleton with nothing but a rows array and service object |
| dashboard = { |
| rows : [], |
| services : {} |
| }; |
| |
| // Set a title |
| dashboard.title = 'Logstash Search'; |
| |
| // Allow the user to set the index, if they dont, fall back to logstash. |
| if(!_.isUndefined(ARGS.index)) { |
| dashboard.index = { |
| default: ARGS.index, |
| interval: 'none' |
| }; |
| } else { |
| // Don't fail to default |
| dashboard.failover = false; |
| dashboard.index = { |
| default: ARGS.index||'ADD_A_TIME_FILTER', |
| pattern: ARGS.pattern||'[logstash-]YYYY.MM.DD', |
| interval: ARGS.interval||'day' |
| }; |
| } |
| |
| // In this dashboard we let users pass queries as comma separated list to the query parameter. |
| // Or they can specify a split character using the split aparameter |
| // If query is defined, split it into a list of query objects |
| // NOTE: ids must be integers, hence the parseInt()s |
| if(!_.isUndefined(ARGS.query)) { |
| queries = _.object(_.map(ARGS.query.split(ARGS.split||','), function(v,k) { |
| return [k,{ |
| query: v, |
| id: parseInt(k,10), |
| alias: v |
| }]; |
| })); |
| } else { |
| // No queries passed? Initialize a single query to match everything |
| queries = { |
| 0: { |
| query: '*', |
| id: 0, |
| } |
| }; |
| } |
| |
| // Now populate the query service with our objects |
| dashboard.services.query = { |
| list : queries, |
| ids : _.map(_.keys(queries),function(v){return parseInt(v,10);}) |
| }; |
| |
| // Lets also add a default time filter, the value of which can be specified by the user |
| dashboard.services.filter = { |
| list: { |
| 0: { |
| from: "now-"+(ARGS.from||_d_timespan), |
| to: "now", |
| field: ARGS.timefield||"@timestamp", |
| type: "time", |
| active: true, |
| id: 0, |
| } |
| }, |
| ids: [0] |
| }; |
| |
| // Ok, lets make some rows. The Filters row is collapsed by default |
| dashboard.rows = [ |
| { |
| title: "Chart", |
| height: "300px" |
| }, |
| { |
| title: "Events", |
| height: "400px" |
| } |
| ]; |
| |
| // And a histogram that allows the user to specify the interval and time field |
| dashboard.rows[0].panels = [ |
| { |
| title: 'events over time', |
| type: 'histogram', |
| time_field: ARGS.timefield||"@timestamp", |
| auto_int: true, |
| span: 12 |
| } |
| ]; |
| |
| // And a table row where you can specify field and sort order |
| dashboard.rows[1].panels = [ |
| { |
| title: 'all events', |
| type: 'table', |
| fields: !_.isUndefined(ARGS.fields) ? ARGS.fields.split(',') : [], |
| sort: !_.isUndefined(ARGS.sort) ? ARGS.sort.split(',') : [ARGS.timefield||'@timestamp','desc'], |
| overflow: 'expand', |
| span: 12 |
| } |
| ]; |
| |
| // Now return the object and we're good! |
| return dashboard; |