Example 16 with QueryResult
use of org.graylog.plugins.views.search.QueryResult in project graylog2-server by Graylog2.
the class ElasticsearchBackendMultiSearchTest method oneFailingSearchTypeReturnsPartialResults.
@Test
public void oneFailingSearchTypeReturnsPartialResults() throws Exception {
final ESGeneratedQueryContext queryContext = this.elasticsearchBackend.generate(searchJob, query, new SearchConfig(Period.ZERO));
final MultiSearchResponse response = TestMultisearchResponse.fromFixture("partiallySuccessfulMultiSearchResponse.json");
final List<MultiSearchResponse.Item> items = Arrays.stream(response.getResponses()).collect(Collectors.toList());
when(client.msearch(any(), any())).thenReturn(items);
final QueryResult queryResult = this.elasticsearchBackend.doRun(searchJob, query, queryContext);
assertThat(queryResult.errors()).hasSize(1);
final SearchTypeError searchTypeError = (SearchTypeError) new ArrayList<>(queryResult.errors()).get(0);
assertThat(searchTypeError.description()).isEqualTo("Unable to perform search query: \n" + "\n" + "Elasticsearch exception [type=illegal_argument_exception, reason=Expected numeric type on field [field1], but got [keyword]].");
assertThat(searchTypeError.searchTypeId()).isEqualTo("pivot1");
assertThat(queryResult.searchTypes()).containsOnlyKeys("pivot2");
final PivotResult pivot2Result = (PivotResult) queryResult.searchTypes().get("pivot2");
assertThat(pivot2Result.rows().get(0)).isEqualTo(PivotResult.Row.builder().key(ImmutableList.of()).source("leaf").addValue(PivotResult.Value.create(Collections.singletonList("max(field2)"), 42.0, true, "row-leaf")).build());
}
Also used :
MultiSearchResponse(org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.MultiSearchResponse)
QueryResult(org.graylog.plugins.views.search.QueryResult)
SearchTypeError(org.graylog.plugins.views.search.errors.SearchTypeError)
PivotResult(org.graylog.plugins.views.search.searchtypes.pivot.PivotResult)
ArrayList(java.util.ArrayList)
SearchConfig(org.graylog.plugins.views.search.engine.SearchConfig)
Test(org.junit.Test)
Example 17 with QueryResult
use of org.graylog.plugins.views.search.QueryResult in project graylog2-server by Graylog2.
the class ElasticsearchBackendTest method executesSearchForEmptySearchTypes.
@Test
public void executesSearchForEmptySearchTypes() throws Exception {
final Query query = Query.builder().id("query1").query(ElasticsearchQueryString.of("")).timerange(RelativeRange.create(300)).build();
final Search search = Search.builder().queries(ImmutableSet.of(query)).build();
final SearchJob job = new SearchJob("deadbeef", search, "admin");
final ESGeneratedQueryContext queryContext = mock(ESGeneratedQueryContext.class);
final QueryResult queryResult = backend.doRun(job, query, queryContext);
assertThat(queryResult).isNotNull();
assertThat(queryResult.searchTypes()).isEmpty();
assertThat(queryResult.executionStats()).isNotNull();
assertThat(queryResult.errors()).isEmpty();
}
Also used :
QueryResult(org.graylog.plugins.views.search.QueryResult)
Query(org.graylog.plugins.views.search.Query)
Search(org.graylog.plugins.views.search.Search)
SearchJob(org.graylog.plugins.views.search.SearchJob)
Test(org.junit.Test)
Example 18 with QueryResult
use of org.graylog.plugins.views.search.QueryResult in project graylog2-server by Graylog2.
the class PivotAggregationSearch method doSearch.
@Override
public AggregationResult doSearch() throws EventProcessorException {
final SearchJob searchJob = getSearchJob(parameters, searchOwner, config.searchWithinMs(), config.executeEveryMs());
final QueryResult queryResult = searchJob.results().get(QUERY_ID);
final QueryResult streamQueryResult = searchJob.results().get(STREAMS_QUERY_ID);
final Set<SearchError> aggregationErrors = firstNonNull(queryResult.errors(), Collections.emptySet());
final Set<SearchError> streamErrors = firstNonNull(streamQueryResult.errors(), Collections.emptySet());
if (!aggregationErrors.isEmpty() || !streamErrors.isEmpty()) {
final Set<SearchError> errors = aggregationErrors.isEmpty() ? streamErrors : aggregationErrors;
errors.forEach(error -> {
if (error instanceof QueryError) {
final QueryError queryError = (QueryError) error;
final String backtrace = queryError.backtrace() != null ? queryError.backtrace() : "";
if (error instanceof EmptyParameterError) {
LOG.debug("Aggregation search query <{}> with empty Parameter: {}\n{}", queryError.queryId(), queryError.description(), backtrace);
} else {
LOG.error("Aggregation search query <{}> returned an error: {}\n{}", queryError.queryId(), queryError.description(), backtrace);
}
} else {
LOG.error("Aggregation search returned an error: {}", error);
}
});
// If we have only EmptyParameterErrors, just return an empty Result
if (!(errors.stream().filter(e -> !(e instanceof EmptyParameterError)).count() > 1)) {
return AggregationResult.empty();
}
if (errors.size() > 1) {
throw new EventProcessorException("Pivot search failed with multiple errors.", false, eventDefinition);
} else {
throw new EventProcessorException(errors.iterator().next().description(), false, eventDefinition);
}
}
final PivotResult pivotResult = (PivotResult) queryResult.searchTypes().get(PIVOT_ID);
final PivotResult streamsResult = (PivotResult) streamQueryResult.searchTypes().get(STREAMS_PIVOT_ID);
return AggregationResult.builder().keyResults(extractValues(pivotResult)).effectiveTimerange(pivotResult.effectiveTimerange()).totalAggregatedMessages(pivotResult.total()).sourceStreams(extractSourceStreams(streamsResult)).build();
}
Also used :
EventProcessorException(org.graylog.events.processor.EventProcessorException)
EmptyParameterError(org.graylog.plugins.views.search.errors.EmptyParameterError)
QueryResult(org.graylog.plugins.views.search.QueryResult)
PivotResult(org.graylog.plugins.views.search.searchtypes.pivot.PivotResult)
SearchError(org.graylog.plugins.views.search.errors.SearchError)
SearchJob(org.graylog.plugins.views.search.SearchJob)
ElasticsearchQueryString(org.graylog.plugins.views.search.elasticsearch.ElasticsearchQueryString)
QueryError(org.graylog.plugins.views.search.errors.QueryError)
Aggregations
QueryResult (org.graylog.plugins.views.search.QueryResult)18
Test (org.junit.Test)10
SearchJob (org.graylog.plugins.views.search.SearchJob)7
Query (org.graylog.plugins.views.search.Query)6
SearchConfig (org.graylog.plugins.views.search.engine.SearchConfig)6
SearchError (org.graylog.plugins.views.search.errors.SearchError)6
PivotResult (org.graylog.plugins.views.search.searchtypes.pivot.PivotResult)6
ArrayList (java.util.ArrayList)5
SearchTypeError (org.graylog.plugins.views.search.errors.SearchTypeError)5
MultiSearchResponse (org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.MultiSearchResponse)5
Optional (java.util.Optional)4
Set (java.util.Set)4
SearchType (org.graylog.plugins.views.search.SearchType)4
QueryError (org.graylog.plugins.views.search.errors.QueryError)4
MultiSearchResult (io.searchbox.core.MultiSearchResult)3
Collections (java.util.Collections)3
List (java.util.List)3
Objects (java.util.Objects)3
Collectors (java.util.stream.Collectors)3
GlobalOverride (org.graylog.plugins.views.search.GlobalOverride)3
