107 lines
2.0 KiB
Plaintext
107 lines
2.0 KiB
Plaintext
// This file is autogenerated, DO NOT EDIT
|
|
// Use `node scripts/generate-docs-examples.js` to generate the docs examples
|
|
|
|
[source, js]
|
|
----
|
|
const response = await client.transform.putTransform({
|
|
transform_id: "suspicious_client_ips",
|
|
source: {
|
|
index: "kibana_sample_data_logs",
|
|
},
|
|
dest: {
|
|
index: "sample_weblogs_by_clientip",
|
|
},
|
|
sync: {
|
|
time: {
|
|
field: "timestamp",
|
|
delay: "60s",
|
|
},
|
|
},
|
|
pivot: {
|
|
group_by: {
|
|
clientip: {
|
|
terms: {
|
|
field: "clientip",
|
|
},
|
|
},
|
|
},
|
|
aggregations: {
|
|
url_dc: {
|
|
cardinality: {
|
|
field: "url.keyword",
|
|
},
|
|
},
|
|
bytes_sum: {
|
|
sum: {
|
|
field: "bytes",
|
|
},
|
|
},
|
|
"geo.src_dc": {
|
|
cardinality: {
|
|
field: "geo.src",
|
|
},
|
|
},
|
|
agent_dc: {
|
|
cardinality: {
|
|
field: "agent.keyword",
|
|
},
|
|
},
|
|
"geo.dest_dc": {
|
|
cardinality: {
|
|
field: "geo.dest",
|
|
},
|
|
},
|
|
"responses.total": {
|
|
value_count: {
|
|
field: "timestamp",
|
|
},
|
|
},
|
|
success: {
|
|
filter: {
|
|
term: {
|
|
response: "200",
|
|
},
|
|
},
|
|
},
|
|
error404: {
|
|
filter: {
|
|
term: {
|
|
response: "404",
|
|
},
|
|
},
|
|
},
|
|
error5xx: {
|
|
filter: {
|
|
range: {
|
|
response: {
|
|
gte: 500,
|
|
lt: 600,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
"timestamp.min": {
|
|
min: {
|
|
field: "timestamp",
|
|
},
|
|
},
|
|
"timestamp.max": {
|
|
max: {
|
|
field: "timestamp",
|
|
},
|
|
},
|
|
"timestamp.duration_ms": {
|
|
bucket_script: {
|
|
buckets_path: {
|
|
min_time: "timestamp.min.value",
|
|
max_time: "timestamp.max.value",
|
|
},
|
|
script: "(params.max_time - params.min_time)",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
});
|
|
console.log(response);
|
|
----
|