Use _source_includes instead of _source_include, which was depcrated …

…in the 6.x line of Elasticsearch and removed in the 7.x line
jertel · Apr 9, 2020 · ec4fb12 · ec4fb12
1 parent 3443511
commit ec4fb12
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/elastalerthelp.py b/src/elastalerthelp.py
@@ -10,7 +10,7 @@
 def findNewestAlert(es, index, recentMinutes, name):
   alert = None
   details = None
-  res = es.search(index=index, size=1, sort='alert_time:desc', q='alert_time:[now-' + str(recentMinutes) + 'm TO now] AND !rule_name:Deadman* AND rule_name:' + name , _source_include=['rule_name', 'match_body'])
+  res = es.search(index=index, size=1, sort='alert_time:desc', q='alert_time:[now-' + str(recentMinutes) + 'm TO now] AND !rule_name:Deadman* AND rule_name:' + name , _source_includes=['rule_name', 'match_body'])
   if res['hits']['hits']:
     alert = res['hits']['hits'][0]['_source']['rule_name']
     details = res['hits']['hits'][0]['_source']['match_body']