一键创建kibana工作区(space)和对应只读角色的脚本:修订间差异
来自三线的随记
(创建页面,内容为“一键创建kibana工作区(space),配置工作区对应的index——patters,和创建对应只读角色的脚本 <pre><nowiki> #!/bin/env bash set -eu #######…”) |
小无编辑摘要 |
||
第1行: | 第1行: | ||
一键创建kibana工作区(space) | 一键创建kibana工作区(space),配置工作区对应的index_patters,和创建对应只读角色的脚本 | ||
<pre><nowiki> | <pre><nowiki> |
2022年10月27日 (四) 18:00的版本
一键创建kibana工作区(space),配置工作区对应的index_patters,和创建对应只读角色的脚本
#!/bin/env bash set -eu #################################################################### # Author: sanXian # Version: v1.0 # Description: Script to create kibana space, # space's index patterns and corresponding viewer role #################################################################### kibana_url="http://your_kibana_url" username=$1 password=$2 space_info=$3 kibana_version="7.12.1" # dev will create "${space_name}-uat-*" and "${space_name}-sit-*" index pattern # prd will only create "${space_info}-prd-*" index pattern env=dev #dev / prd curl_options=( "-u" "$username:$password" "-H" "kbn-version: ${kibana_version}" "-H" "Content-Type: application/json" "-s" ) function echo_green(){ echo -en "\e[32m" echo -n "$*" echo -e "\e[0m" } printf "%-35s%s\n" "`echo_green Kibana URL:`" ${kibana_url} printf "%-35s%s\n" "`echo_green Kibana Space Name:`" ${space_info} # Create the Kibana space, exists will get an error msg echo_green Trying to create kibana space ${space_info}... curl "${kibana_url}/api/spaces/space" "${curl_options[@]}" \ --data-binary @- << EOF { "id": "${space_info}", "name": "${space_info}", "description": "${space_info}", "initials": "", "disabledFeatures": [ "siem", "logs", "infrastructure", "apm", "uptime", "enterpriseSearch", "advancedSettings", "savedObjectsManagement", "savedObjectsTagging", "fleet", "actions", "stackAlerts", "monitoring" ] } EOF echo # 先判断pattern是否存在于特定space,存在则不创建 index_patterns_res=`curl "${kibana_url}/s/${space_info}/api/saved_objects/_find?fields=title&fields=type&per_page=10000&type=index-pattern" "${curl_options[@]}"| jq -c .saved_objects[]` printf "%-35s" "`echo_green Current Index Patterns:`" index_patterns=(`echo "$index_patterns_res"| jq -r .attributes.title`) if [[ ${#index_patterns[@]} == 0 ]] then echo -n "No index patterns configuration found!" else for i in ${index_patterns[@]} do echo -n $i "" done fi echo function create_index_pattern(){ printf "%-35s%s %s\n" "`echo_green Expected Index patterns:`" "${expected_index_patterns[@]}" for i in ${expected_index_patterns[@]} do if [[ ${#index_patterns[@]} != 0 && "${index_patterns[*]}" =~ "$i" ]] then echo "index pattern $i already exist, continue" continue fi echo "index pattern $i creating..." curl "${kibana_url}/s/${space_info}/api/saved_objects/index-pattern" "${curl_options[@]}" \ --data-binary @- << EOF { "attributes": { "fieldAttrs": "{}", "title": "$i", "timeFieldName": "@timestamp", "sourceFilters": "[{\"value\":\"kubernetes.*label*\"},{\"value\":\"agent.*\"}]", "fields": "[]", "runtimeFieldMap": "{}" } } EOF echo done } if [[ "$env" == "prd" ]] then expected_index_patterns=( "${space_info}-prd-*" ) else expected_index_patterns=( "${space_info}-uat-*" "${space_info}-sit-*" ) fi create_index_pattern # Change the index pattern columns settings # API: /s/${space_info}/api/saved_objects/_find?fields=title&per_page=10&type=index-pattern&filter=index-pattern.attributes.title:%22${index-pattern}%22 # API: /s/${space_info}/api/saved_objects/_find?fields=title&per_page=10&type=index-pattern&search=%22${index-pattern}%22 for i in ${expected_index_patterns[@]} do index_patterns_id=`curl "${kibana_url}/s/${space_info}/api/saved_objects/_find?fields=title&fields=type&per_page=10&type=index-pattern&search=$i" "${curl_options[@]}" | jq -cr .saved_objects[0].id` if [[ $index_patterns_id == "null" ]]; then echo "Something Error occurred while getting the index_pattern id! exit... ";exit;fi echo_green "index pattern $i id is ${index_patterns_id}, settings of the index mode column is being changed" curl -XPUT "${kibana_url}/s/${space_info}/api/saved_objects/index-pattern/${index_patterns_id}" "${curl_options[@]}" \ --data-binary @- << EOF { "attributes": { "fieldAttrs": "{}", "title": "$i", "timeFieldName": "@timestamp", "sourceFilters": "[{\"value\":\"kubernetes.*label*\"},{\"value\":\"agent.*\"}]", "fields": "[]", "runtimeFieldMap": "{}" } } EOF echo done # Create corresponding kibana role echo_green "Corresponding kibana viewer role creating..." curl -XPUT "${kibana_url}/s/${space_info}/api/security/role/${space_info}" "${curl_options[@]}" -i \ --data-binary @- << EOF { "elasticsearch": { "cluster": [], "indices": [ { "names": [ "${space_info}-*" ], "privileges": [ "read" ] } ], "run_as": [] }, "kibana": [ { "spaces": [ "${space_info}" ], "base": [ "read" ], "feature": {} } ] } EOF echo echo "End of script."