diff --git a/src/service/alert_overview.go b/src/service/alert_overview.go index 9d2b1b33c2613012fd4a6c89f63287e5541e4ce1..ad2b879730378346df06f4718be96b3c50722af0 100644 --- a/src/service/alert_overview.go +++ b/src/service/alert_overview.go @@ -6,6 +6,7 @@ import ( "fmt" "github.com/jinzhu/copier" json "github.com/json-iterator/go" + "github.com/opensearch-project/opensearch-go" "github.com/opensearch-project/opensearch-go/opensearchapi" "github.com/spf13/cast" "github.com/tidwall/gjson" @@ -94,7 +95,7 @@ func (a *AlertOverviewSvc) AlertOverview(req request.DetailAlertOverview) (resp req.EndTime = time.Now().Add(time.Hour * 24).Format("2006-01-02") } - content := strings.NewReader(fmt.Sprintf(`{ + content := fmt.Sprintf(`{ "size": 0, "query": { "range": { @@ -129,22 +130,9 @@ func (a *AlertOverviewSvc) AlertOverview(req request.DetailAlertOverview) (resp } } } -}`, req.StartTime, req.EndTime)) +}`, req.StartTime, req.EndTime) - res := opensearchapi.SearchRequest{ - Index: []string{OpenSearchIndex}, - Body: content, - } - do, err := res.Do(context.Background(), cli) - if err != nil { - return - } - defer do.Body.Close() - if do.StatusCode < http.StatusOK && do.StatusCode > http.StatusIMUsed { - err = errors.New(do.String()) - return - } - body, err := io.ReadAll(do.Body) + body, err := executeQuery(cli, OpenSearchIndex, content) if err != nil { return } @@ -202,40 +190,7 @@ func (a *AlertOverviewSvc) RiskLevelDistribution(req request.DetailAlertOverview req.EndTime = time.Now().Add(time.Hour * 24).Format("2006-01-02") } - content := strings.NewReader(fmt.Sprintf(`{ - "size": 0, - "query": { - "range": { - "created_at": { - "gte": "%s", - "lte": "%s" - } - } - }, - "aggs": { - "group": { - "terms": { - "field": "risk_level", - "size": 10 - } - } - } -}`, req.StartTime, req.EndTime)) - - res := opensearchapi.SearchRequest{ - Index: []string{OpenSearchIndex}, - Body: content, - } - do, err := res.Do(context.Background(), cli) - if err != nil { - return - } - defer do.Body.Close() - if do.StatusCode < http.StatusOK && do.StatusCode > http.StatusIMUsed { - err = errors.New(do.String()) - return - } - body, err := io.ReadAll(do.Body) + body, err := executeQuery(cli, OpenSearchIndex, buildAggQueryContent(req.StartTime, req.EndTime, "risk_level")) if err != nil { return } @@ -280,44 +235,10 @@ func (a *AlertOverviewSvc) AlertStatusDistribution(req request.DetailAlertOvervi req.EndTime = time.Now().Add(time.Hour * 24).Format("2006-01-02") } - content := strings.NewReader(fmt.Sprintf(`{ - "size": 0, - "query": { - "range": { - "created_at": { - "gte": "%s", - "lte": "%s" - } - } - }, - "aggs": { - "group": { - "terms": { - "field": "status", - "size": 10 - } - } - } -}`, req.StartTime, req.EndTime)) - - res := opensearchapi.SearchRequest{ - Index: []string{OpenSearchIndex}, - Body: content, - } - do, err := res.Do(context.Background(), cli) + body, err := executeQuery(cli, OpenSearchIndex, buildAggQueryContent(req.StartTime, req.EndTime, "status")) if err != nil { return } - defer do.Body.Close() - if do.StatusCode < http.StatusOK && do.StatusCode > http.StatusIMUsed { - err = errors.New(do.String()) - return - } - body, err := io.ReadAll(do.Body) - if err != nil { - return - } - result := gjson.GetBytes(body, "aggregations") err = json.Unmarshal([]byte(result.String()), &sources) if err != nil { @@ -358,40 +279,7 @@ func (a *AlertOverviewSvc) AlertClassDistribution(req request.DetailAlertOvervie req.EndTime = time.Now().Add(time.Hour * 24).Format("2006-01-02") } - content := strings.NewReader(fmt.Sprintf(`{ - "size": 0, - "query": { - "range": { - "created_at": { - "gte": "%s", - "lte": "%s" - } - } - }, - "aggs": { - "group": { - "terms": { - "field": "class_id", - "size": 10 - } - } - } -}`, req.StartTime, req.EndTime)) - - res := opensearchapi.SearchRequest{ - Index: []string{OpenSearchIndex}, - Body: content, - } - do, err := res.Do(context.Background(), cli) - if err != nil { - return - } - defer do.Body.Close() - if do.StatusCode < http.StatusOK && do.StatusCode > http.StatusIMUsed { - err = errors.New(do.String()) - return - } - body, err := io.ReadAll(do.Body) + body, err := executeQuery(cli, OpenSearchIndex, buildAggQueryContent(req.StartTime, req.EndTime, "class_id")) if err != nil { return } @@ -445,7 +333,7 @@ func (a *AlertOverviewSvc) AlertFrequencyDistribution(req request.DetailAlertOve "gte": "2023-07-17", "lte": "2023-07-18" */ - content := strings.NewReader(`{ + content := `{ "size": 0, "query": { "range": { @@ -465,22 +353,9 @@ func (a *AlertOverviewSvc) AlertFrequencyDistribution(req request.DetailAlertOve } } } - }`) + }` - res := opensearchapi.SearchRequest{ - Index: []string{OpenSearchIndex}, - Body: content, - } - do, err := res.Do(context.Background(), cli) - if err != nil { - return - } - defer do.Body.Close() - if do.StatusCode < http.StatusOK && do.StatusCode > http.StatusIMUsed { - err = errors.New(do.String()) - return - } - body, err := io.ReadAll(do.Body) + body, err := executeQuery(cli, OpenSearchIndex, content) if err != nil { return } @@ -510,6 +385,52 @@ func (a *AlertOverviewSvc) AlertFrequencyDistribution(req request.DetailAlertOve } +func buildAggQueryContent(startTime, endTime string, field string) string { + return fmt.Sprintf(`{ + "size": 0, + "query": { + "range": { + "created_at": { + "gte": "%s", + "lte": "%s" + } + } + }, + "aggs": { + "group": { + "terms": { + "field": "%s", + "size": 10 + } + } + } + }`, startTime, endTime, field) +} + +func executeQuery(cli *opensearch.Client, index string, content string) ([]byte, error) { + res := opensearchapi.SearchRequest{ + Index: []string{index}, + Body: strings.NewReader(content), + } + + do, err := res.Do(context.Background(), cli) + if err != nil { + return nil, err + } + defer do.Body.Close() + + if do.StatusCode < http.StatusOK && do.StatusCode > http.StatusIMUsed { + return nil, errors.New(do.String()) + } + + body, err := io.ReadAll(do.Body) + if err != nil { + return nil, err + } + + return body, nil +} + func (a *AlertOverviewSvc) List(req request.ListAlertOverview) (resp response.AlertOverviewList, err error) { db, err := client.GetDbClient() if err != nil {