def queryAlertsWithoutIP(maxAlerts, clientDomain):
""" Get IP addresses from alerts in elasticsearch """
try:
res = es.search(index=esindex, body={
"query": {
"match": {
"clientDomain": clientDomain
}
},
"sort": {
"recievedTime": {
"order": "desc"
}
},
"size": maxAlerts,
"_source": [
"createTime",
"peerType",
"country",
"originalRequestString",
"location",
"targetCountry",
"countryName",
"locationDestination",
"recievedTime",
"username",
"password",
"login"
]
})
return res["hits"]["hits"]
except ElasticsearchException as err:
print('ElasticSearch error: %s' % err)
return False
评论列表
文章目录
