Examples with SearchJob org.graylog.plugins.views.search.SearchJob used on opensource projects

Example 46 with SearchJob

use of org.graylog.plugins.views.search.SearchJob in project graylog2-server by Graylog2.

the class ElasticsearchBackendTest method executesSearchForEmptySearchTypes.

@Test
public void executesSearchForEmptySearchTypes() throws Exception {
    final Query query = Query.builder().id("query1").query(ElasticsearchQueryString.of("")).timerange(RelativeRange.create(300)).build();
    final Search search = Search.builder().queries(ImmutableSet.of(query)).build();
    final SearchJob job = new SearchJob("deadbeef", search, "admin");
    final ESGeneratedQueryContext queryContext = mock(ESGeneratedQueryContext.class);
    final QueryResult queryResult = backend.doRun(job, query, queryContext);
    assertThat(queryResult).isNotNull();
    assertThat(queryResult.searchTypes()).isEmpty();
    assertThat(queryResult.executionStats()).isNotNull();
    assertThat(queryResult.errors()).isEmpty();
}

Example 47 with SearchJob

use of org.graylog.plugins.views.search.SearchJob in project graylog2-server by Graylog2.

the class ElasticsearchBackendTest method generatesSearchForEmptySearchTypes.

@Test
public void generatesSearchForEmptySearchTypes() throws Exception {
    final Query query = Query.builder().id("query1").query(ElasticsearchQueryString.of("")).timerange(RelativeRange.create(300)).build();
    final Search search = Search.builder().queries(ImmutableSet.of(query)).build();
    final SearchJob job = new SearchJob("deadbeef", search, "admin");
    backend.generate(job, query, new SearchConfig(Period.ZERO));
}

Example 48 with SearchJob

use of org.graylog.plugins.views.search.SearchJob in project graylog2-server by Graylog2.

the class PivotAggregationSearch method doSearch.

@Override
public AggregationResult doSearch() throws EventProcessorException {
    final SearchJob searchJob = getSearchJob(parameters, searchOwner, config.searchWithinMs(), config.executeEveryMs());
    final QueryResult queryResult = searchJob.results().get(QUERY_ID);
    final QueryResult streamQueryResult = searchJob.results().get(STREAMS_QUERY_ID);
    final Set<SearchError> aggregationErrors = firstNonNull(queryResult.errors(), Collections.emptySet());
    final Set<SearchError> streamErrors = firstNonNull(streamQueryResult.errors(), Collections.emptySet());
    if (!aggregationErrors.isEmpty() || !streamErrors.isEmpty()) {
        final Set<SearchError> errors = aggregationErrors.isEmpty() ? streamErrors : aggregationErrors;
        errors.forEach(error -> {
            if (error instanceof QueryError) {
                final QueryError queryError = (QueryError) error;
                final String backtrace = queryError.backtrace() != null ? queryError.backtrace() : "";
                if (error instanceof EmptyParameterError) {
                    LOG.debug("Aggregation search query <{}> with empty Parameter: {}\n{}", queryError.queryId(), queryError.description(), backtrace);
                } else {
                    LOG.error("Aggregation search query <{}> returned an error: {}\n{}", queryError.queryId(), queryError.description(), backtrace);
                }
            } else {
                LOG.error("Aggregation search returned an error: {}", error);
            }
        });
        // If we have only EmptyParameterErrors, just return an empty Result
        if (!(errors.stream().filter(e -> !(e instanceof EmptyParameterError)).count() > 1)) {
            return AggregationResult.empty();
        }
        if (errors.size() > 1) {
            throw new EventProcessorException("Pivot search failed with multiple errors.", false, eventDefinition);
        } else {
            throw new EventProcessorException(errors.iterator().next().description(), false, eventDefinition);
        }
    }
    final PivotResult pivotResult = (PivotResult) queryResult.searchTypes().get(PIVOT_ID);
    final PivotResult streamsResult = (PivotResult) streamQueryResult.searchTypes().get(STREAMS_PIVOT_ID);
    return AggregationResult.builder().keyResults(extractValues(pivotResult)).effectiveTimerange(pivotResult.effectiveTimerange()).totalAggregatedMessages(pivotResult.total()).sourceStreams(extractSourceStreams(streamsResult)).build();
}

Example 49 with SearchJob

use of org.graylog.plugins.views.search.SearchJob in project graylog2-server by Graylog2.

the class MoreSearch method decorateQuery.

/**
 * Substitute query string parameters using ESQueryDecorators.
 */
private String decorateQuery(Set<Parameter> queryParameters, TimeRange timeRange, String queryString) {
    // TODO
    // We need to create a dummy SearchJob and a Query to use the decorator API.
    // Maybe the decorate call could be refactored to make this easier.
    org.graylog.plugins.views.search.Search search = org.graylog.plugins.views.search.Search.builder().parameters(ImmutableSet.copyOf(queryParameters)).build();
    SearchJob searchJob = new SearchJob("1234", search, "events backend");
    Query dummyQuery = Query.builder().id("123").timerange(timeRange).query(ElasticsearchQueryString.of(queryString)).build();
    return esQueryDecorators.decorate(queryString, searchJob, dummyQuery);
}