Nemesis Elasticsearch Resources

All the Elasticsearch Resources supported for nemesis.

Alias

class nemesis.resources.elasticsearch.alias.Alias(filter: Optional[nemesis.resources.elasticsearch.querydsl.QueryDSL], index_routing: Optional[str], is_hidden: Optional[bool], is_write_index: Optional[bool], routing: Optional[str], search_routing: Optional[str])

Manage an Elasticsearch Index

Parameters

  • filter (QueryDSL, optional) – Query used to limit documents the alias can access.

  • index_routing (str, optional) – Value used to route indexing operations to a specific shard. If specified, this overwrites the routing value for indexing operations. Data stream aliases don’t support this parameter.

  • is_hidden (bool, optional) – If true, the alias is hidden. Defaults to false. All data streams or indices for the alias must have the same is_hidden value.

  • is_write_index (bool, optional) – If true, sets the write index or data stream for the alias.

  • routing (str, optional) – Value used to route indexing and search operations to a specific shard. Data stream aliases don’t support this parameter.

  • search_routing (str, optional) – Value used to route search operations to a specific shard. If specified, this overwrites the routing value for search operations. Data stream aliases don’t support this parameter.

Index

class nemesis.resources.elasticsearch.index.Index(name: str, aliases: Optional[nemesis.resources.elasticsearch.alias.Alias] = None, mappings: Optional[dict] = None, settings: Optional[nemesis.resources.elasticsearch.index.IndexSettings] = None)

Manage an Elasticsearch Index

Parameters

  • name (str) – Name of the index you wish to interact with.

  • aliases (Alias, optional) – Aliases for the index.

  • mappings (dict, optional) – Mapping for fields in the index.

  • settings (IndexSettings, optional) – Configuration options for the index

asdict()

Return Index as a dictionary

create(client, *args, **kwargs)

Create an index in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

delete(client)

Delete an index from Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

classmethod get(client, name)

Get an index from Elasticsearch

Parameters

  • client (Elasticsearch) – Elasticsearch Client

  • name (str) – Index name

class nemesis.resources.elasticsearch.index.IndexSettings(index: Optional[dict] = None)

Manage Elasticsearch Index Settings

Parameters

index (dict, optional) – Index settings

Index Template

class nemesis.resources.elasticsearch.index_template.IndexTemplate(name: str, index_patterns: list, template: nemesis.resources.elasticsearch.index_template.Template, version: Optional[int] = None, priority: Optional[int] = None, composed_of: Optional[list] = None, meta: Optional[dict] = None)

Manage Index Template

Parameters

  • name (str) – Name of the index you wish to interact with.

  • index_patterns (list) – Array of wildcard (*) expressions used to match the names of data streams and indices during creation.

  • template (Template) – Template to be applied. It may optionally include an aliases, mappings, or settings configuration.

  • version (int, optional) – Version number used to manage index templates externally. This number is not automatically generated by Elasticsearch

  • priority (int, optional) – Priority to determine index template precedence when a new data stream or index is created. The index template with the highest priority is chosen. If no priority is specified the template is treated as though it is of priority 0 (lowest priority). This number is not automatically generated by Elasticsearch.

  • meta (dict, optional) – Optional user metadata about the index template. May have any contents. This map is not automatically generated by Elasticsearch.

  • composed_of (list, optional) – An ordered list of component template names. Component templates are merged in the order specified, meaning that the last component template specified has the highest precedence. See Composing multiple component templates for an example.

asdict()

The “name” field isn’t part of the actual body sent to Elasticsearch. But it’s nice to have on the object we are dealing with.

create(client)

Create an index template in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

delete(client)

Delete an index template in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

classmethod get(client, name)

Get an index template from Elasticsearch

Parameters

  • client (Elasticsearch) – Elasticsearch Client

  • name (str) – Index template name

update(client)

Update an index template in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

class nemesis.resources.elasticsearch.index_template.Template(settings: Optional[nemesis.resources.elasticsearch.index.IndexSettings] = None, mappings: Optional[dict] = None, aliases: Optional[nemesis.resources.elasticsearch.alias.Alias] = None)

Template object for IndexTemplate

Parameters

  • aliases (Alias, optional) – Aliases for the index.

  • mappings (dict, optional) – Mapping for fields in the index.

  • settings (IndexSettings, optional) – Configuration options for the index

Ingest Pipeline

class nemesis.resources.elasticsearch.ingest_pipeline.IngestPipeline(id: str, processors: list, description: Optional[str] = None, on_failure: Optional[list] = None, version: Optional[int] = None, _meta: Optional[dict] = None)

Manage an Ingest Pipeline

Parameters

  • id (str) – ID of an ingest pipeline

  • processors (list) – List of Processors for an ingest pipeline.

  • description (str, optional) – Description of the Ingest Pipeline.

  • on_failure (list) – List of Processors in case of failure.

  • version (str, optional) – Version number of the ingest pipeline

  • _meta (dict, optional) – Optional metadata about the ingest pipeline

create(client)

Create an ingest pipeline in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

delete(client)

Delete an ingestpipeline from Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

classmethod get(client, pipeline_id)

Get an ingest pipeline from Elasticsearch

Parameters

  • client (Elasticsearch) – Elasticsearch Client

  • pipeline_id (str) – Ingest pipeline id

simulate(client, docs)

Simulate an ingest pipeline in Elasticsearch

Parameters

  • client (Elasticsearch) – Elasticsearch Client

  • docs (list) – List of Documents to simulate in the ingest pipeline

update(client)

Update an ingest pipeline in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

Logstash Pipeline

class nemesis.resources.elasticsearch.logstash_pipeline.LogstashPipeline(id: str, last_modified: datetime.datetime, pipeline: str, pipeline_metadata: dict, pipeline_settings: dict, username: str, description: Optional[str] = None)

Manage a Logstash Pipeline

Parameters

  • id (str) – id of the Logstash Pipeline.

  • last_modified (datetime, optional) – Timestamp for the logstash pipeline to track when it was last modified.

  • pipeline (str) – String representation of the logstash pipeline.

  • pipeline_metadata (dict, optional) – Optional metadata for the logstash pipeline

  • pipeline_settings (dict, optional) – Optional settings for the logstash pipeline

  • username (str, optional) – username of the person or account who edited the logstash pipeline

  • description (str, optional) – Description of the logstash pipeline

asdict()

Return Logstash Pipeline as a dictionary

create(client)

Create a logstash pipeline in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

delete(client)

Delete a logstash pipeline from Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

classmethod get(client, pipeline_id)

Get a logstash pipeline from Elasticsearch

Parameters

  • client (Elasticsearch) – Elasticsearch Client

  • pipeline_id (str) – Ingest pipeline id

update(client)

Update a logstash pipeline in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

nemesis.resources.elasticsearch.logstash_pipeline.time_format(dt)

timeformat must match Elasticsearch strict_date_time format: https://www.elastic.co/guide/en/elasticsearch/reference/7.16/mapping-date-format.html

Query DSL

class nemesis.resources.elasticsearch.querydsl.QueryDSL(id: Optional[str] = None, bool: Optional[dict] = None, boolstring: Optional[dict] = None, common: Optional[dict] = None, constant_score: Optional[dict] = None, custom_filters_score: Optional[dict] = None, dis_max: Optional[dict] = None, distance_feature: Optional[dict] = None, exists: Optional[dict] = None, field: Optional[dict] = None, function_score: Optional[dict] = None, fuzzy: Optional[dict] = None, geo_shape: Optional[dict] = None, has_child: Optional[dict] = None, has_parent: Optional[dict] = None, ids: Optional[dict] = None, indices: Optional[dict] = None, match: Optional[dict] = None, match_all: Optional[dict] = None, match_phrase: Optional[dict] = None, match_phrase_prefix: Optional[dict] = None, nested: Optional[dict] = None, percolate: Optional[dict] = None, prefix: Optional[dict] = None, query_string: Optional[dict] = None, range: Optional[dict] = None, regexp: Optional[dict] = None, script: Optional[dict] = None, simple_query_string: Optional[dict] = None, span_containing: Optional[dict] = None, span_first: Optional[dict] = None, span_multi: Optional[dict] = None, span_near: Optional[dict] = None, span_not: Optional[dict] = None, span_or: Optional[dict] = None, span_term: Optional[dict] = None, span_within: Optional[dict] = None, term: Optional[dict] = None, wildcard: Optional[dict] = None, wrapper: Optional[dict] = None)

Manage a query for Elasticsearch

Parameters

  • id (str, optional) – Unique ID for a query.

  • bool (dict, optional) – Bool query

  • boolstring (dict, optional) – boolstring query

  • common (dict, optional) – Common query

  • constant_score (dict, optional) – Constant score query

  • custom_filters_score (dict, optional) – custom filters score query

  • dis_max (dict, optional) – dis_max query

  • distance_feature (dict, optional) – distance feature query

  • exists (dict, optional) – exists query

  • field (dict, optional) – Field query

  • function_score (dict, optional) – function score query

  • fuzzy (dict, optional) – fuzzy query

  • geo_shape (dict, optional) – geo_shape query

  • has_child (dict, optional) – has child query

  • has_parent (dict, optional) – has_parent query

  • ids (dict, optional) – IDs query

  • indices (dict, optional) – indices query

  • match (dict, optional) – Match query

  • match_all (dict, optional) – Match all query

  • match_phrase (dict, optional) – match_phrase query

  • match_phrase_prefix (dict, optional) – Match phrase prefix query

  • nested (dict, optional) – Nested query

  • percolate (dict, optional) – percolate query

  • prefix (dict, optional) – Prefix query

  • query_string (dict, optional) – query string query

  • range (dict, optional) – range query

  • regexp (dict, optional) – Regex query

  • script (dict, optional) – script

  • simple_query_string (dict, optional) – simple_query_string query

  • span_containing (dict, optional) – span containing query

  • span_first (dict, optional) – span first query

  • span_multi (dict, optional) – span multi query

  • span_near (dict, optional) – span near query

  • span_not (dict, optional) – span not query

  • span_or (dict, optional) – span or query

  • span_term (dict, optional) – Span term query

  • span_within (dict, optional) – Span within query

  • term (dict, optional) – Term query

  • wildcard (dict, optional) – Wildcard Query

  • wrapper (dict, optional) – Wrapper query

asdict()

The “id” field isn’t part of the actual body sent to Elasticsearch. But it’s nice to have on the object we are dealing with.

Security

class nemesis.resources.elasticsearch.security.Application(application: str, privileges: list, resources: list)

Application for an Elasticsearch Role

Parameters

  • application (str) – Application name

  • privileges (list) – Privileges for the application

  • resources (list) – Resources the application has access to

class nemesis.resources.elasticsearch.security.Index(names: list, privileges: list, query: Optional[nemesis.resources.elasticsearch.querydsl.QueryDSL] = None, field_security: Optional[dict] = None, allow_restricted_indices: Optional[bool] = None)

Index for an Elasticsearch Role

Parameters

  • name (str) – index name

  • privileges (list) – Privileges for the index

  • field_security (bool, optionl) – Field level security

  • allow_restricted_indices – Allow restricted indices

class nemesis.resources.elasticsearch.security.Role(name: str, applications: list, cluster: list, indices: list, metadata: Optional[dict] = None, run_as: Optional[list] = None, _global: Optional[dict] = None)

Security Role for a Elasticsearch

Parameters

  • name (str) – Role name

  • applications (list) – List of application

  • cluster (list, optional) – List of clusters

  • indices (list) – List of Index

  • metadata (dict, optionl) – Optional Role metadata

  • run_as (list, optionl) – Optional list of users to run as for this role.

  • _global (bool, optional) – Optional global setting for this role

asdict()

The “name” field isn’t part of the actual body sent to Elasticsearch. But it’s nice to have on the object we are dealing with.

create(client)

Create a Role in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

delete(client)

Delete a Role in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

classmethod get(client, name)

Get a role from Elasticsearch

Parameters

  • client (Elasticsearch) – Elasticsearch Client

  • name (str) – Role name

update(client)

Update a Role in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

class nemesis.resources.elasticsearch.security.RoleMapping(name: str, enabled: bool, rules: dict, roles: Optional[list] = None, role_templates: Optional[list] = None, metadata: Optional[dict] = None)

Manage a RoleMapping in Elasticsearch

Parameters

  • name (str) – Name of the role mapping

  • enabled (bool) – Enable or disable the role mapping.

  • rules (dict) – Rules for this role mapping

  • roles (list, optional) – List of Role to associate to this role mapping.

  • role_templates (list, optional) – List of Role templates.

  • metadata (dict, optional) – Optional metadata to associate to this role mapping

asdict()

The “name” field isn’t part of the actual body sent to Elasticsearch. But it’s nice to have on the object we are dealing with.

create(client)

Create a RoleMapping in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

delete(client)

Delete a RoleMapping in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

classmethod get(client, name)

Get a RoleMapping from Elasticsearch

Parameters

  • client (Elasticsearch) – Elasticsearch Client

  • pipeline_id (str) – Ingest pipeline id

update(client)

Update a RoleMapping in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

Transform

class nemesis.resources.elasticsearch.transform.Dest(index: str, pipeline: Optional[str] = None)

Transform Destination

Parameters

  • index (str) – Destination index to put transform results in.

  • pipeline (str, optional) – Optional Pipeline to ingest documents through.

class nemesis.resources.elasticsearch.transform.Latest(sort: str, unique_key: list)

Transform Latest

Parameters

  • sort (str) –

  • unique_key (list, optional) –

class nemesis.resources.elasticsearch.transform.Pivot(aggregations: dict, group_by: dict, max_page_search_size: Optional[int] = None)

Transform Pivot

Parameters

  • aggregations (dict) – Dictionary query of aggregations.

  • group_by (dict) –

class nemesis.resources.elasticsearch.transform.RetentionPolicy(time: nemesis.resources.elasticsearch.transform.RetentionPolicyTime)

Transform RetentionPolicyTime

Parameters

time (RetentionPolicyTime) – RetentionPolicyTime

class nemesis.resources.elasticsearch.transform.RetentionPolicyTime(field: str, max_age: str)

Transform RetentionPolicyTime

Parameters

  • field (str) – Field name

  • max_age (str) –

class nemesis.resources.elasticsearch.transform.Settings(docs_per_second: Optional[float], dates_as_epoch_millis: Optional[bool], align_checkpoints: Optional[bool], max_page_search_size: Optional[int])

Transform Settings

Parameters

  • docs_per_second (float, optional) – Optional docs per second.

  • dates_as_epoch_millis (bool, optional) – use epoch millisecond precision.

  • align_checkpoints (bool, optional) – Align checkpoints.

  • max_page_search_size (int, optional) – Max page search size

class nemesis.resources.elasticsearch.transform.Source(index: list, runtime_mappings: Optional[dict] = None, query: Optional[nemesis.resources.elasticsearch.querydsl.QueryDSL] = None)

Source is a required parameter of Transform

Parameters

  • index (list) – List of inxex names

  • runtime_mappings (dict, optional) – Optional runtime mappings to use for source.

  • query (QueryDSL, optional) – Query to use to gather source documents

class nemesis.resources.elasticsearch.transform.Sync(time: nemesis.resources.elasticsearch.transform.SyncTime)

Transform Sync

Parameters

time (SyncTime) – SyncTime

class nemesis.resources.elasticsearch.transform.SyncTime(field: str, delay: str = '60s')

Transform SyncTime

Parameters

  • field (str) – Field name

  • delay (str) –

class nemesis.resources.elasticsearch.transform.Transform(source: nemesis.resources.elasticsearch.transform.Source, dest: nemesis.resources.elasticsearch.transform.Dest, id: Optional[str] = None, pivot: Optional[nemesis.resources.elasticsearch.transform.Pivot] = None, latest: Optional[nemesis.resources.elasticsearch.transform.Latest] = None, sync: Optional[nemesis.resources.elasticsearch.transform.Sync] = None, retention_policy: Optional[nemesis.resources.elasticsearch.transform.RetentionPolicy] = None, settings: Optional[nemesis.resources.elasticsearch.transform.Settings] = None, description: Optional[str] = None, frequency: str = '1m')

Manage an Elasticsearch Transform

Parameters

  • source (Source) – Transform Source

  • dest (Dest) – Destination for transform results

  • id (str, optional) – Transform ID

  • description (str, optional) – Transform Description

  • frequency (str, optional) – Transform frequency

  • pivot (Pivot, optional) – Transform Pivot

  • latest (Latest, optional) – Transform Latest

  • sync (Sync, optional) – Transform Sync

  • retention_policy (RetentionPolicy, optional) – Transform Retention Policy

  • settings (Settings, optional) – Transform settings

create(client, defer_validation=False, *args, **kwargs)

Create a Transform in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

delete(client, force=False, *args, **kwargs)

Delete a Transform in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

classmethod get(client, transform_id)

Get a Transform from Elasticsearch

Parameters

  • client (Elasticsearch) – Elasticsearch Client

  • transform_id (str) – Transform id

start(client, timeout='30s', *args, **kwargs)

Start a transform

stop(client, allow_no_match=True, force=False, timeout='30s', wait_for_checkpoint=False, wait_for_completion=False, *args, **kwargs)

Stop a Transform

update(client, *args, **kwargs)

Update a Transform in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

Watcher

class nemesis.resources.elasticsearch.watcher.Body(query: nemesis.resources.elasticsearch.querydsl.QueryDSL, size: Optional[int] = None, sort: Optional[dict] = None)

Watch Body

Parameters

  • query (QueryDSL) – Schedule to trigger a watch.

  • size (int, optional) – Optional size parameter.

  • sort (dict, optional) – Sort Dictionary

class nemesis.resources.elasticsearch.watcher.Chain(inputs: list)

Watch Chain

Parameters

inputs (list) – Input parameters

class nemesis.resources.elasticsearch.watcher.Condition(always: Optional[dict] = None, never: Optional[dict] = None, compare: Optional[dict] = None, array_compare: Optional[dict] = None, script: Optional[dict] = None)

Watch Condition.

Parameters

  • always (dict, optional) – Always condition

  • never – Never Condition

  • compare – Compare Condition

  • array_compare – Array compare Condition

  • script – Script Condition

class nemesis.resources.elasticsearch.watcher.EmailAction(id: str, account: str, profile: str, to: list, cc: list, bcc: list, reply_to: list, _from: str, subject: str, body: str, body_text: str, body_html: str, priority: str, attachments: str)

Watch Email Action

Parameters

  • id (str) – Email action id

  • account (str) – Email account to use

  • profile (str) – email profile to use

  • to (list) – List of email addresses to send too

  • cc (list) – List of email addresses to cc

  • bcc (list) – List of email addresses to bcc

  • reply_to (list) – Reply to address

  • _from (str) – Who the email is from

  • subject (str) – Email subject

  • body (str) – Email body

  • body_text (str) – Email body text

  • body_html (str) – email body html

  • priority (str) – Priory

  • attachments (str) – email attachments

class nemesis.resources.elasticsearch.watcher.Http(request: nemesis.resources.elasticsearch.watcher.HttpRequest)

Watch HTTP object

Parameters

request (HttpRequest) – Http Request object

class nemesis.resources.elasticsearch.watcher.HttpRequest(scheme: Optional[str] = 'http', host: Optional[str] = None, port: Optional[int] = None, path: Optional[str] = None, url: Optional[str] = None, method: Optional[str] = 'get', body: Optional[str] = None, params: Optional[dict] = None, headers: Optional[dict] = None, auth: Optional[dict] = None, proxy: Optional[dict] = None, connection_timeout: Optional[str] = '10s', read_timeout: Optional[str] = '10s', extract: Optional[list] = None, response_content_type: Optional[str] = 'json')

http request object

Parameters

  • scheme (str, optional) – http url scheme.

  • host (str, optional) – Url host

  • port (str, optional) – url port.

  • url (str, optional) – Request URL.

  • method (str, optional) – Request method.

  • body (str, optional) – Request body.

  • params (str, optional) – Request params.

  • headers (str, optional) – Request headers.

  • auth (str, optional) – Request auth.

  • proxy (str, optional) – Request proxy.

  • connection_timeout (str, optional) – Request connection timeout.

  • read_timeout (str, optional) – Request read timeout.

  • extract (str, optional) – Request extract.

  • response_content_type (str, optional) – Request response content type.

class nemesis.resources.elasticsearch.watcher.Input(simple: Optional[dict] = None, search: Optional[nemesis.resources.elasticsearch.watcher.Search] = None, http: Optional[nemesis.resources.elasticsearch.watcher.Http] = None, chain: Optional[nemesis.resources.elasticsearch.watcher.Chain] = None)

Watch Input

Parameters

  • simple (dict) – Optiona dict of simple inputs

  • search (Search) – Optional Search input

  • http (Http) – Optional HTTP input

  • chain (Chain) – Optional Chain input

class nemesis.resources.elasticsearch.watcher.Search(request: nemesis.resources.elasticsearch.watcher.SearchRequest, extract: Optional[list] = None)

Watch Search

Parameters

  • request – Watch Search Request.

  • extract (list, optional) – Optional list to extract

class nemesis.resources.elasticsearch.watcher.SearchRequest(indices: list, body: nemesis.resources.elasticsearch.watcher.Body, template: Optional[nemesis.resources.elasticsearch.watcher.SearchTemplate] = None)

Watch Search Request

Parameters

  • indices (list) – List of indices to search.

  • body (Body) – Watch Body

  • template (SearchTemplate, optional) – SearchTemplate

class nemesis.resources.elasticsearch.watcher.SearchTemplate(id: str, params: dict)

Watch Search Template

Parameters

  • id (str) – Search template id

  • params (dict) – Search template parameters

class nemesis.resources.elasticsearch.watcher.Trigger(schedule: dict)

Watch Trigger

Parameters

schedule (dict) – Schedule to trigger a watch.

class nemesis.resources.elasticsearch.watcher.Watch(watch_id: str, trigger: nemesis.resources.elasticsearch.watcher.Trigger, input: nemesis.resources.elasticsearch.watcher.Input, condition: nemesis.resources.elasticsearch.watcher.Condition, actions: dict, metadata: Optional[dict] = None, throttle_period: Optional[int] = None, throttle_period_in_millis: Optional[int] = None)

Elasticsearch Watch

Parameters

  • watch_id (str) – watch id

  • trigger (Trigger) – Watch trigger

  • input (Input) – Watch input

  • condition (Condition) – Watch condition

  • actions (dict) – Watch actions to perform

  • metadata (dict, optional) – Optional metadata for the watch.

  • throttle_period (int, optional) – Optional throttle period

  • throttle_period_in_millis (int, optional) – Optional throttle period in milliseconds.

create(client)

Create a watcher in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

delete(client)

Delete a watcher in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client

classmethod get(client, watch_id)

Get a Watcher from Elasticsearch

Parameters

  • client (Elasticsearch) – Elasticsearch Client

  • name (str) – Index template name

update(client)

Update a watcher in Elasticsearch

Parameters

client (Elasticsearch) – Elasticsearch Client