I have a custom search command `nbclosest` that returns a subset of search results used like:
index="muni" | nbclosest
That is if there were results containing log entries A, B, C, D, E, it would return a subset, say, A, B, D.
It works (in that only a subset of log entries are returned), but when I run the search, the UI always shows the **Statistics** tab containing _every_ field in column format ( `_raw`, `_time`, ... `date_wday`, ...).
I want it to show the **Events** tab as usual, but only the returned subset. (The **Events** tab shows all the original pre-filtered log entries.)
![alt text][1]
How can I get what I want?
FYI, my `commands.conf` is:
[nbclosest]
filename = nbclosest.py
enableheader = false
overrides_timeorder = true
required_fields = _time,vehicle_id,vehicle_distance,stop_tag
The script is:
#! /usr/bin/env python
import csv
import operator
import sys
K_STAG = 'stop_tag'
K_TIME = '_time'
K_VDISTANCE = 'vehicle_distance'
K_VID = 'vehicle_id'
vehicle_dict = { }
try:
reader = csv.DictReader( sys.stdin )
headers = reader.fieldnames
writer = csv.DictWriter( sys.stdout, headers )
writer.writeheader()
for row in reader:
vid = row[ K_VID ]
if vid not in vehicle_dict:
vehicle_dict[ vid ] = row
else:
old_row = vehicle_dict[ vid ]
old_stop = old_row[ K_STAG ]
new_stop = row[ K_STAG ]
if new_stop == old_stop:
old_distance = int( old_row[ K_VDISTANCE ] )
new_distance = int( row[ K_VDISTANCE ] )
if new_distance <= old_distance:
vehicle_dict[ vid ] = row
else:
writer.writerow( old_row )
vehicle_dict[ vid ] = row
remaining_rows = vehicle_dict.values()
for row in sorted( remaining_rows, key=operator.itemgetter( K_TIME ) ):
writer.writerow( row )
except Exception as e:
import traceback
stack = traceback.format_exc()
print >>sys.stderr, "Unhandled exception: %s; %s" % (e, stack)
[1]: /storage/temp/155229-screen-shot-2016-08-27-at-63404-pm.png
↧