diff --git a/pkg/simple/client/auditing/elasticsearch/elasticsearch.go b/pkg/simple/client/auditing/elasticsearch/elasticsearch.go index 8dbbb9bb49a3f8ef706b0fa53c4c16c57adad6c0..2ea556efcca13ce99a58187863dc01d139964405 100644 --- a/pkg/simple/client/auditing/elasticsearch/elasticsearch.go +++ b/pkg/simple/client/auditing/elasticsearch/elasticsearch.go @@ -114,14 +114,14 @@ func parseToQueryPart(f *auditing.Filter) *query.Query { bi := query.NewBool().WithMinimumShouldMatch(mini) for k, v := range f.ObjectRefNamespaceMap { bi.AppendShould(query.NewBool(). - AppendFilter(query.NewMatchPhrase("ObjectRef.Namespace", k)). + AppendFilter(query.NewMatchPhrase("ObjectRef.Namespace.keyword", k)). AppendFilter(query.NewRange("RequestReceivedTimestamp"). WithGTE(v))) } for k, v := range f.WorkspaceMap { bi.AppendShould(query.NewBool(). - AppendFilter(query.NewMatchPhrase("Workspace", k)). + AppendFilter(query.NewMatchPhrase("Workspace.keyword", k)). AppendFilter(query.NewRange("RequestReceivedTimestamp"). WithGTE(v))) } @@ -159,10 +159,10 @@ func parseToQueryPart(f *auditing.Filter) *query.Query { b.AppendFilter(bi) b.AppendFilter(query.NewBool(). - AppendMultiShould(query.NewMultiMatchPhrase("Verb", f.Verbs)). + AppendMultiShould(query.NewMultiMatchPhrase("Verb.keyword", f.Verbs)). WithMinimumShouldMatch(mini)) b.AppendFilter(query.NewBool(). - AppendMultiShould(query.NewMultiMatchPhrase("Level", f.Levels)). + AppendMultiShould(query.NewMultiMatchPhrase("Level.keyword", f.Levels)). WithMinimumShouldMatch(mini)) bi = query.NewBool().WithMinimumShouldMatch(mini) @@ -197,7 +197,7 @@ func parseToQueryPart(f *auditing.Filter) *query.Query { AppendShould(query.NewTerms("ResponseStatus.code", f.ResponseCodes)). WithMinimumShouldMatch(mini)) b.AppendFilter(query.NewBool(). - AppendMultiShould(query.NewMultiMatchPhrase("ResponseStatus.status", f.ResponseStatus)). + AppendMultiShould(query.NewMultiMatchPhrase("ResponseStatus.status.keyword", f.ResponseStatus)). WithMinimumShouldMatch(mini)) r := query.NewRange("RequestReceivedTimestamp") diff --git a/pkg/simple/client/auditing/elasticsearch/elasticsearch_test.go b/pkg/simple/client/auditing/elasticsearch/elasticsearch_test.go index d17e20cf67bff7ecd7ad5065255a831dc3863dae..a1270d074d44dfa2f54c9972bc2c1bb164af6f2e 100644 --- a/pkg/simple/client/auditing/elasticsearch/elasticsearch_test.go +++ b/pkg/simple/client/auditing/elasticsearch/elasticsearch_test.go @@ -154,7 +154,7 @@ func TestParseToQueryPart(t *testing.T) { "filter":[ { "match_phrase":{ - "ObjectRef.Namespace":"kubesphere-system" + "ObjectRef.Namespace.keyword":"kubesphere-system" } }, { @@ -172,7 +172,7 @@ func TestParseToQueryPart(t *testing.T) { "filter":[ { "match_phrase":{ - "Workspace":"system-workspace" + "Workspace.keyword":"system-workspace" } }, { @@ -218,7 +218,7 @@ func TestParseToQueryPart(t *testing.T) { "should":[ { "match_phrase":{ - "Verb":"create" + "Verb.keyword":"create" } } ], @@ -230,7 +230,7 @@ func TestParseToQueryPart(t *testing.T) { "should":[ { "match_phrase":{ - "Level":"Metadata" + "Level.keyword":"Metadata" } } ], @@ -328,7 +328,7 @@ func TestParseToQueryPart(t *testing.T) { "should":[ { "match_phrase":{ - "ResponseStatus.status":"Failure" + "ResponseStatus.status.keyword":"Failure" } } ], diff --git a/pkg/simple/client/es/response.go b/pkg/simple/client/es/response.go index 75674703feccc572a0c6cffeb0e8834b60962d8f..946cb7f41635b772dc3d22dcae0135f18678ac93 100644 --- a/pkg/simple/client/es/response.go +++ b/pkg/simple/client/es/response.go @@ -6,9 +6,9 @@ import ( ) type Response struct { - ScrollId string `json:"_scroll_id,omitempty"` - Hits `json:"hits,omitempty"` - *Aggregations `json:"aggregations,omitempty"` + ScrollId string `json:"_scroll_id,omitempty"` + Hits `json:"hits,omitempty"` + Aggregations `json:"aggregations,omitempty"` } type Hits struct { @@ -22,8 +22,8 @@ type Hit struct { } type Aggregations struct { - *CardinalityAggregation `json:"cardinality_aggregation,omitempty"` - *DateHistogramAggregation `json:"date_histogram_aggregation,omitempty"` + CardinalityAggregation `json:"cardinality_aggregation,omitempty"` + DateHistogramAggregation `json:"date_histogram_aggregation,omitempty"` } type CardinalityAggregation struct { diff --git a/pkg/simple/client/events/elasticsearch/elasticsearch.go b/pkg/simple/client/events/elasticsearch/elasticsearch.go index b45ca151a4c07c38bc8cd2758a078b14c2646ed8..c990adf8b20bb7f47f7606d6e912444fe8050ef2 100644 --- a/pkg/simple/client/events/elasticsearch/elasticsearch.go +++ b/pkg/simple/client/events/elasticsearch/elasticsearch.go @@ -74,9 +74,6 @@ func (c *client) CountOverTime(filter *events.Filter, interval string) (*events. if err != nil { return nil, err } - if resp == nil || resp.Aggregations.DateHistogramAggregation == nil { - return &events.Histogram{}, nil - } histo := events.Histogram{Total: c.c.GetTotalHitCount(resp.Total)} for _, bucket := range resp.Buckets { @@ -98,9 +95,6 @@ func (c *client) StatisticsOnResources(filter *events.Filter) (*events.Statistic if err != nil { return nil, err } - if resp == nil || resp.Aggregations.CardinalityAggregation == nil { - return &events.Statistics{}, nil - } return &events.Statistics{ Resources: resp.Value,