Examples with PipelineRuleParser org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser used on opensource projects

Search in sources :

Example 1 with PipelineRuleParser

use of org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser in project graylog2-server by Graylog2.

the class BaseParserTest method setup.

@Before
public void setup() {
    parser = new PipelineRuleParser(functionRegistry);
    // initialize before every test!
    actionsTriggered.set(false);
}
Also used : PipelineRuleParser(org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser) Before(org.junit.Before)

Example 2 with PipelineRuleParser

use of org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser in project graylog2-server by Graylog2.

the class PipelineInterpreterTest method testMetrics.

@Test
@SuppressForbidden("Allow using default thread factory")
public void testMetrics() {
    final RuleMetricsConfigService ruleMetricsConfigService = mock(RuleMetricsConfigService.class);
    when(ruleMetricsConfigService.get()).thenReturn(RuleMetricsConfigDto.createDefault());
    final ClusterEventBus clusterEventBus = new ClusterEventBus("cluster-event-bus", Executors.newSingleThreadExecutor());
    final RuleService ruleService = new InMemoryRuleService(clusterEventBus);
    ruleService.save(RuleDao.create("abc", "title", "description", "rule \"match_all\"\n" + "when true\n" + "then\n" + "end", Tools.nowUTC(), null));
    final PipelineService pipelineService = new InMemoryPipelineService(new ClusterEventBus());
    pipelineService.save(PipelineDao.create("cde", "title", "description", "pipeline \"pipeline\"\n" + "stage 0 match all\n" + "    rule \"match_all\";\n" + "stage 1 match all\n" + "    rule \"match_all\";\n" + "end\n", Tools.nowUTC(), null));
    final PipelineStreamConnectionsService pipelineStreamConnectionsService = new InMemoryPipelineStreamConnectionsService(clusterEventBus);
    pipelineStreamConnectionsService.save(PipelineConnections.create(null, DEFAULT_STREAM_ID, Collections.singleton("cde")));
    final FunctionRegistry functionRegistry = new FunctionRegistry(Collections.emptyMap());
    final PipelineRuleParser parser = new PipelineRuleParser(functionRegistry);
    final MetricRegistry metricRegistry = new MetricRegistry();
    final ConfigurationStateUpdater stateUpdater = new ConfigurationStateUpdater(ruleService, pipelineService, pipelineStreamConnectionsService, parser, ruleMetricsConfigService, metricRegistry, Executors.newScheduledThreadPool(1), mock(EventBus.class), (currentPipelines, streamPipelineConnections, ruleMetricsConfig) -> new PipelineInterpreter.State(currentPipelines, streamPipelineConnections, ruleMetricsConfig, new MetricRegistry(), 1, true));
    final PipelineInterpreter interpreter = new PipelineInterpreter(mock(MessageQueueAcknowledger.class), metricRegistry, stateUpdater);
    interpreter.process(messageInDefaultStream("", ""));
    final SortedMap<String, Meter> meters = metricRegistry.getMeters((name, metric) -> name.startsWith(name(Pipeline.class, "cde")) || name.startsWith(name(Rule.class, "abc")));
    assertThat(meters.keySet()).containsExactlyInAnyOrder(name(Pipeline.class, "cde", "executed"), name(Pipeline.class, "cde", "stage", "0", "executed"), name(Pipeline.class, "cde", "stage", "1", "executed"), name(Rule.class, "abc", "executed"), name(Rule.class, "abc", "cde", "0", "executed"), name(Rule.class, "abc", "cde", "1", "executed"), name(Rule.class, "abc", "matched"), name(Rule.class, "abc", "cde", "0", "matched"), name(Rule.class, "abc", "cde", "1", "matched"), name(Rule.class, "abc", "not-matched"), name(Rule.class, "abc", "cde", "0", "not-matched"), name(Rule.class, "abc", "cde", "1", "not-matched"), name(Rule.class, "abc", "failed"), name(Rule.class, "abc", "cde", "0", "failed"), name(Rule.class, "abc", "cde", "1", "failed"));
    assertThat(meters.get(name(Pipeline.class, "cde", "executed")).getCount()).isEqualTo(1L);
    assertThat(meters.get(name(Pipeline.class, "cde", "stage", "0", "executed")).getCount()).isEqualTo(1L);
    assertThat(meters.get(name(Pipeline.class, "cde", "stage", "1", "executed")).getCount()).isEqualTo(1L);
    assertThat(meters.get(name(Rule.class, "abc", "executed")).getCount()).isEqualTo(2L);
    assertThat(meters.get(name(Rule.class, "abc", "cde", "0", "executed")).getCount()).isEqualTo(1L);
    assertThat(meters.get(name(Rule.class, "abc", "cde", "1", "executed")).getCount()).isEqualTo(1L);
    assertThat(meters.get(name(Rule.class, "abc", "matched")).getCount()).isEqualTo(2L);
    assertThat(meters.get(name(Rule.class, "abc", "cde", "0", "matched")).getCount()).isEqualTo(1L);
    assertThat(meters.get(name(Rule.class, "abc", "cde", "1", "matched")).getCount()).isEqualTo(1L);
    assertThat(meters.get(name(Rule.class, "abc", "not-matched")).getCount()).isEqualTo(0L);
    assertThat(meters.get(name(Rule.class, "abc", "cde", "0", "not-matched")).getCount()).isEqualTo(0L);
    assertThat(meters.get(name(Rule.class, "abc", "cde", "1", "not-matched")).getCount()).isEqualTo(0L);
    assertThat(meters.get(name(Rule.class, "abc", "failed")).getCount()).isEqualTo(0L);
    assertThat(meters.get(name(Rule.class, "abc", "cde", "0", "failed")).getCount()).isEqualTo(0L);
    assertThat(meters.get(name(Rule.class, "abc", "cde", "1", "failed")).getCount()).isEqualTo(0L);
}
Also used : InMemoryRuleService(org.graylog.plugins.pipelineprocessor.db.memory.InMemoryRuleService) PipelineStreamConnectionsService(org.graylog.plugins.pipelineprocessor.db.PipelineStreamConnectionsService) MongoDbPipelineStreamConnectionsService(org.graylog.plugins.pipelineprocessor.db.mongodb.MongoDbPipelineStreamConnectionsService) InMemoryPipelineStreamConnectionsService(org.graylog.plugins.pipelineprocessor.db.memory.InMemoryPipelineStreamConnectionsService) InMemoryPipelineStreamConnectionsService(org.graylog.plugins.pipelineprocessor.db.memory.InMemoryPipelineStreamConnectionsService) MessageQueueAcknowledger(org.graylog2.shared.messageq.MessageQueueAcknowledger) Meter(com.codahale.metrics.Meter) MetricRegistry(com.codahale.metrics.MetricRegistry) PipelineRuleParser(org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser) ClusterEventBus(org.graylog2.events.ClusterEventBus) EventBus(com.google.common.eventbus.EventBus) InMemoryPipelineService(org.graylog.plugins.pipelineprocessor.db.memory.InMemoryPipelineService) ClusterEventBus(org.graylog2.events.ClusterEventBus) RuleMetricsConfigService(org.graylog.plugins.pipelineprocessor.db.RuleMetricsConfigService) Pipeline(org.graylog.plugins.pipelineprocessor.ast.Pipeline) FunctionRegistry(org.graylog.plugins.pipelineprocessor.parser.FunctionRegistry) PipelineService(org.graylog.plugins.pipelineprocessor.db.PipelineService) MongoDbPipelineService(org.graylog.plugins.pipelineprocessor.db.mongodb.MongoDbPipelineService) InMemoryPipelineService(org.graylog.plugins.pipelineprocessor.db.memory.InMemoryPipelineService) RuleService(org.graylog.plugins.pipelineprocessor.db.RuleService) MongoDbRuleService(org.graylog.plugins.pipelineprocessor.db.mongodb.MongoDbRuleService) InMemoryRuleService(org.graylog.plugins.pipelineprocessor.db.memory.InMemoryRuleService) Rule(org.graylog.plugins.pipelineprocessor.ast.Rule) Test(org.junit.Test) SuppressForbidden(org.graylog2.shared.SuppressForbidden)

Example 3 with PipelineRuleParser

use of org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser in project graylog2-server by Graylog2.

the class RuleResource method getPage.

@GET
@Path("/paginated")
@ApiOperation(value = "Get a paginated list of pipeline rules")
@Produces(MediaType.APPLICATION_JSON)
@RequiresPermissions(PipelineRestPermissions.PIPELINE_RULE_READ)
public PaginatedResponse<RuleSource> getPage(@ApiParam(name = "page") @QueryParam("page") @DefaultValue("1") int page, @ApiParam(name = "per_page") @QueryParam("per_page") @DefaultValue("50") int perPage, @ApiParam(name = "query") @QueryParam("query") @DefaultValue("") String query, @ApiParam(name = "sort", value = "The field to sort the result on", required = true, allowableValues = "title,description,id") @DefaultValue(RuleDao.FIELD_TITLE) @QueryParam("sort") String sort, @ApiParam(name = "order", value = "The sort direction", allowableValues = "asc, desc") @DefaultValue("asc") @QueryParam("order") String order) {
    SearchQuery searchQuery;
    try {
        searchQuery = searchQueryParser.parse(query);
    } catch (IllegalArgumentException e) {
        throw new BadRequestException("Invalid argument in search query: " + e.getMessage());
    }
    final PaginatedList<RuleDao> result = paginatedRuleService.findPaginated(searchQuery, page, perPage, sort, order);
    final List<RuleSource> ruleSourceList = result.stream().map(dao -> RuleSource.fromDao(pipelineRuleParser, dao)).collect(Collectors.toList());
    final PaginatedList<RuleSource> rules = new PaginatedList<>(ruleSourceList, result.pagination().total(), result.pagination().page(), result.pagination().perPage());
    return PaginatedResponse.create("rules", rules, prepareContextForPaginatedResponse(result.delegate()));
}
Also used : SearchQuery(org.graylog2.search.SearchQuery) RuleDao(org.graylog.plugins.pipelineprocessor.db.RuleDao) DateTimeZone(org.joda.time.DateTimeZone) Produces(javax.ws.rs.Produces) RuleDao(org.graylog.plugins.pipelineprocessor.db.RuleDao) RuleService(org.graylog.plugins.pipelineprocessor.db.RuleService) LoggerFactory(org.slf4j.LoggerFactory) Path(javax.ws.rs.Path) ApiParam(io.swagger.annotations.ApiParam) ApiOperation(io.swagger.annotations.ApiOperation) PaginatedList(org.graylog2.database.PaginatedList) MediaType(javax.ws.rs.core.MediaType) QueryParam(javax.ws.rs.QueryParam) PipelineService(org.graylog.plugins.pipelineprocessor.db.PipelineService) Consumes(javax.ws.rs.Consumes) SearchQueryField(org.graylog2.search.SearchQueryField) Map(java.util.Map) PluginRestResource(org.graylog2.plugin.rest.PluginRestResource) DefaultValue(javax.ws.rs.DefaultValue) PipelineRuleParser(org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser) BadRequestException(javax.ws.rs.BadRequestException) DELETE(javax.ws.rs.DELETE) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) ImmutableMap(com.google.common.collect.ImmutableMap) Collection(java.util.Collection) NotNull(javax.validation.constraints.NotNull) PipelineProcessorAuditEventTypes(org.graylog.plugins.pipelineprocessor.audit.PipelineProcessorAuditEventTypes) Collectors(java.util.stream.Collectors) List(java.util.List) RuleMetricsConfigDto(org.graylog.plugins.pipelineprocessor.db.RuleMetricsConfigDto) Response(javax.ws.rs.core.Response) RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication) PathParam(javax.ws.rs.PathParam) SearchQueryParser(org.graylog2.search.SearchQueryParser) GET(javax.ws.rs.GET) ParseException(org.graylog.plugins.pipelineprocessor.parser.ParseException) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Inject(javax.inject.Inject) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) RuleMetricsConfigService(org.graylog.plugins.pipelineprocessor.db.RuleMetricsConfigService) AuditEvent(org.graylog2.audit.jersey.AuditEvent) Api(io.swagger.annotations.Api) SearchQuery(org.graylog2.search.SearchQuery) Rule(org.graylog.plugins.pipelineprocessor.ast.Rule) Nonnull(javax.annotation.Nonnull) NotFoundException(org.graylog2.database.NotFoundException) Logger(org.slf4j.Logger) POST(javax.ws.rs.POST) DateTime(org.joda.time.DateTime) Function(org.graylog.plugins.pipelineprocessor.ast.functions.Function) RestResource(org.graylog2.shared.rest.resources.RestResource) PipelineServiceHelper(org.graylog.plugins.pipelineprocessor.db.PipelineServiceHelper) PaginatedRuleService(org.graylog.plugins.pipelineprocessor.db.PaginatedRuleService) PUT(javax.ws.rs.PUT) VisibleForTesting(com.google.common.annotations.VisibleForTesting) FunctionRegistry(org.graylog.plugins.pipelineprocessor.parser.FunctionRegistry) PaginatedResponse(org.graylog2.rest.models.PaginatedResponse) BadRequestException(javax.ws.rs.BadRequestException) PaginatedList(org.graylog2.database.PaginatedList) Path(javax.ws.rs.Path) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation)

Example 4 with PipelineRuleParser

use of org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser in project graylog2-server by Graylog2.

the class PipelineResource method getPage.

@GET
@Path("/paginated")
@ApiOperation(value = "Get a paginated list of pipelines")
@Produces(MediaType.APPLICATION_JSON)
public PaginatedResponse<PipelineSource> getPage(@ApiParam(name = "page") @QueryParam("page") @DefaultValue("1") int page, @ApiParam(name = "per_page") @QueryParam("per_page") @DefaultValue("50") int perPage, @ApiParam(name = "query") @QueryParam("query") @DefaultValue("") String query, @ApiParam(name = "sort", value = "The field to sort the result on", required = true, allowableValues = "title,description,id") @DefaultValue(PipelineDao.FIELD_TITLE) @QueryParam("sort") String sort, @ApiParam(name = "order", value = "The sort direction", allowableValues = "asc, desc") @DefaultValue("asc") @QueryParam("order") String order) {
    SearchQuery searchQuery;
    try {
        searchQuery = searchQueryParser.parse(query);
    } catch (IllegalArgumentException e) {
        throw new BadRequestException("Invalid argument in search query: " + e.getMessage());
    }
    Predicate<PipelineDao> filter = dao -> isPermitted(PipelineRestPermissions.PIPELINE_READ, dao.id());
    final PaginatedList<PipelineDao> result = paginatedPipelineService.findPaginated(searchQuery, filter, page, perPage, sort, order);
    final List<PipelineSource> pipelineList = result.stream().map(dao -> PipelineSource.fromDao(pipelineRuleParser, dao)).collect(Collectors.toList());
    final PaginatedList<PipelineSource> pipelines = new PaginatedList<>(pipelineList, result.pagination().total(), result.pagination().page(), result.pagination().perPage());
    return PaginatedResponse.create("pipelines", pipelines);
}
Also used : SearchQuery(org.graylog2.search.SearchQuery) DateTimeZone(org.joda.time.DateTimeZone) PathParam(javax.ws.rs.PathParam) Produces(javax.ws.rs.Produces) SearchQueryParser(org.graylog2.search.SearchQueryParser) GET(javax.ws.rs.GET) ParseException(org.graylog.plugins.pipelineprocessor.parser.ParseException) LoggerFactory(org.slf4j.LoggerFactory) Path(javax.ws.rs.Path) ApiParam(io.swagger.annotations.ApiParam) ArrayList(java.util.ArrayList) Inject(javax.inject.Inject) ApiOperation(io.swagger.annotations.ApiOperation) PaginatedList(org.graylog2.database.PaginatedList) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) MediaType(javax.ws.rs.core.MediaType) Lists(com.google.common.collect.Lists) QueryParam(javax.ws.rs.QueryParam) PipelineService(org.graylog.plugins.pipelineprocessor.db.PipelineService) Consumes(javax.ws.rs.Consumes) SearchQueryField(org.graylog2.search.SearchQueryField) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PluginRestResource(org.graylog2.plugin.rest.PluginRestResource) DefaultValue(javax.ws.rs.DefaultValue) PipelineRuleParser(org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser) BadRequestException(javax.ws.rs.BadRequestException) Api(io.swagger.annotations.Api) SearchQuery(org.graylog2.search.SearchQuery) NotFoundException(org.graylog2.database.NotFoundException) DELETE(javax.ws.rs.DELETE) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) Pipeline(org.graylog.plugins.pipelineprocessor.ast.Pipeline) Logger(org.slf4j.Logger) POST(javax.ws.rs.POST) ImmutableMap(com.google.common.collect.ImmutableMap) Predicate(java.util.function.Predicate) Collection(java.util.Collection) DateTime(org.joda.time.DateTime) RestResource(org.graylog2.shared.rest.resources.RestResource) PipelineDao(org.graylog.plugins.pipelineprocessor.db.PipelineDao) NotNull(javax.validation.constraints.NotNull) PipelineProcessorAuditEventTypes(org.graylog.plugins.pipelineprocessor.audit.PipelineProcessorAuditEventTypes) Collectors(java.util.stream.Collectors) List(java.util.List) Response(javax.ws.rs.core.Response) PaginatedPipelineService(org.graylog.plugins.pipelineprocessor.db.PaginatedPipelineService) PUT(javax.ws.rs.PUT) PaginatedResponse(org.graylog2.rest.models.PaginatedResponse) RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication) BadRequestException(javax.ws.rs.BadRequestException) PipelineDao(org.graylog.plugins.pipelineprocessor.db.PipelineDao) PaginatedList(org.graylog2.database.PaginatedList) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation)

Example 5 with PipelineRuleParser

use of org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser in project graylog2-server by Graylog2.

the class PipelineInterpreterTest method createPipelineInterpreter.

@SuppressForbidden("Allow using default thread factory")
private PipelineInterpreter createPipelineInterpreter(RuleService ruleService, PipelineService pipelineService, Map<String, Function<?>> functions) {
    final RuleMetricsConfigService ruleMetricsConfigService = mock(RuleMetricsConfigService.class);
    when(ruleMetricsConfigService.get()).thenReturn(RuleMetricsConfigDto.createDefault());
    final PipelineStreamConnectionsService pipelineStreamConnectionsService = mock(MongoDbPipelineStreamConnectionsService.class);
    final Set<String> pipelineIds = pipelineService.loadAll().stream().map(PipelineDao::id).collect(Collectors.toSet());
    final PipelineConnections pipelineConnections = PipelineConnections.create("p1", DEFAULT_STREAM_ID, pipelineIds);
    when(pipelineStreamConnectionsService.loadAll()).thenReturn(Collections.singleton(pipelineConnections));
    final FunctionRegistry functionRegistry = new FunctionRegistry(functions);
    final PipelineRuleParser parser = new PipelineRuleParser(functionRegistry);
    final ConfigurationStateUpdater stateUpdater = new ConfigurationStateUpdater(ruleService, pipelineService, pipelineStreamConnectionsService, parser, ruleMetricsConfigService, new MetricRegistry(), Executors.newScheduledThreadPool(1), mock(EventBus.class), (currentPipelines, streamPipelineConnections, ruleMetricsConfig) -> new PipelineInterpreter.State(currentPipelines, streamPipelineConnections, ruleMetricsConfig, new MetricRegistry(), 1, true));
    return new PipelineInterpreter(messageQueueAcknowledger, new MetricRegistry(), stateUpdater);
}
Also used : PipelineStreamConnectionsService(org.graylog.plugins.pipelineprocessor.db.PipelineStreamConnectionsService) MongoDbPipelineStreamConnectionsService(org.graylog.plugins.pipelineprocessor.db.mongodb.MongoDbPipelineStreamConnectionsService) InMemoryPipelineStreamConnectionsService(org.graylog.plugins.pipelineprocessor.db.memory.InMemoryPipelineStreamConnectionsService) PipelineConnections(org.graylog.plugins.pipelineprocessor.rest.PipelineConnections) FunctionRegistry(org.graylog.plugins.pipelineprocessor.parser.FunctionRegistry) MetricRegistry(com.codahale.metrics.MetricRegistry) PipelineRuleParser(org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser) ClusterEventBus(org.graylog2.events.ClusterEventBus) EventBus(com.google.common.eventbus.EventBus) RuleMetricsConfigService(org.graylog.plugins.pipelineprocessor.db.RuleMetricsConfigService) SuppressForbidden(org.graylog2.shared.SuppressForbidden)

Aggregations

PipelineRuleParser (org.graylog.plugins.pipelineprocessor.parser.PipelineRuleParser)6 FunctionRegistry (org.graylog.plugins.pipelineprocessor.parser.FunctionRegistry)4 PipelineService (org.graylog.plugins.pipelineprocessor.db.PipelineService)3 RuleMetricsConfigService (org.graylog.plugins.pipelineprocessor.db.RuleMetricsConfigService)3 ImmutableMap (com.google.common.collect.ImmutableMap)2 Api (io.swagger.annotations.Api)2 ApiOperation (io.swagger.annotations.ApiOperation)2 ApiParam (io.swagger.annotations.ApiParam)2 ArrayList (java.util.ArrayList)2 Collection (java.util.Collection)2 List (java.util.List)2 Collectors (java.util.stream.Collectors)2 Inject (javax.inject.Inject)2 NotNull (javax.validation.constraints.NotNull)2 BadRequestException (javax.ws.rs.BadRequestException)2 Consumes (javax.ws.rs.Consumes)2 DELETE (javax.ws.rs.DELETE)2 DefaultValue (javax.ws.rs.DefaultValue)2 GET (javax.ws.rs.GET)2 POST (javax.ws.rs.POST)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial