Examples with StreamRouterEngine org.graylog2.streams.StreamRouterEngine used on opensource projects

Example 1 with StreamRouterEngine

use of org.graylog2.streams.StreamRouterEngine in project graylog2-server by Graylog2.

the class StreamResource method testMatch.

@POST
@Path("/{streamId}/testMatch")
@Timed
@ApiOperation(value = "Test matching of a stream against a supplied message")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid or missing Stream id.") })
@NoAuditEvent("only used for testing stream matches")
public TestMatchResponse testMatch(@ApiParam(name = "streamId", required = true) @PathParam("streamId") String streamId, @ApiParam(name = "JSON body", required = true) @NotNull Map<String, Map<String, Object>> serialisedMessage) throws NotFoundException {
    checkPermission(RestPermissions.STREAMS_READ, streamId);
    final Stream stream = streamService.load(streamId);
    // This is such a hack...
    final Map<String, Object> m = new HashMap<>(serialisedMessage.get("message"));
    final String timeStamp = firstNonNull((String) m.get(Message.FIELD_TIMESTAMP), DateTime.now(DateTimeZone.UTC).toString(ISODateTimeFormat.dateTime()));
    m.put(Message.FIELD_TIMESTAMP, Tools.dateTimeFromString(timeStamp));
    final Message message = new Message(m);
    final ExecutorService executor = Executors.newSingleThreadExecutor(new ThreadFactoryBuilder().setNameFormat("stream-" + streamId + "-test-match-%d").build());
    final StreamRouterEngine streamRouterEngine = streamRouterEngineFactory.create(Lists.newArrayList(stream), executor);
    final List<StreamRouterEngine.StreamTestMatch> streamTestMatches = streamRouterEngine.testMatch(message);
    final StreamRouterEngine.StreamTestMatch streamTestMatch = streamTestMatches.get(0);
    final Map<String, Boolean> rules = Maps.newHashMap();
    for (Map.Entry<StreamRule, Boolean> match : streamTestMatch.getMatches().entrySet()) {
        rules.put(match.getKey().getId(), match.getValue());
    }
    return TestMatchResponse.create(streamTestMatch.isMatched(), rules);
}

Example 2 with StreamRouterEngine

use of org.graylog2.streams.StreamRouterEngine in project graylog2-server by Graylog2.

the class StreamRouterEngineTest method testMultipleStreamWithDifferentMatching.

@Test
public void testMultipleStreamWithDifferentMatching() {
    final String dummyField = "dummyField";
    final String dummyValue = "dummyValue";
    final StreamRule streamRule1 = getStreamRuleMock("StreamRule1Id", StreamRuleType.EXACT, dummyField, dummyValue);
    final StreamRule streamRule2 = getStreamRuleMock("StreamRule2Id", StreamRuleType.EXACT, dummyField, "not" + dummyValue);
    final Stream stream1 = mock(Stream.class);
    when(stream1.getId()).thenReturn("Stream1Id");
    when(stream1.getMatchingType()).thenReturn(Stream.MatchingType.OR);
    when(stream1.getStreamRules()).thenReturn(Lists.newArrayList(streamRule1, streamRule2));
    final Stream stream2 = mock(Stream.class);
    when(stream2.getId()).thenReturn("Stream2Id");
    when(stream2.getMatchingType()).thenReturn(Stream.MatchingType.AND);
    when(stream2.getStreamRules()).thenReturn(Lists.newArrayList(streamRule1, streamRule2));
    final Message message = mock(Message.class);
    when(message.getField(eq(dummyField))).thenReturn(dummyValue);
    final StreamRouterEngine engine = newEngine(Lists.newArrayList(stream1, stream2));
    final List<Stream> result = engine.match(message);
    assertThat(result).hasSize(1);
    assertThat(result).contains(stream1);
    assertThat(result).doesNotContain(stream2);
}

Example 3 with StreamRouterEngine

use of org.graylog2.streams.StreamRouterEngine in project graylog2-server by Graylog2.

the class StreamRouterEngineTest method testPresenceMatch.

@Test
public void testPresenceMatch() throws Exception {
    final StreamMock stream = getStreamMock("test");
    final StreamRuleMock rule = new StreamRuleMock(ImmutableMap.of("_id", new ObjectId(), "field", "testfield", "type", StreamRuleType.PRESENCE.toInteger(), "stream_id", stream.getId()));
    stream.setStreamRules(Lists.newArrayList(rule));
    final StreamRouterEngine engine = newEngine(Lists.newArrayList(stream));
    final Message message = getMessage();
    // Without testfield in the message.
    assertTrue(engine.match(message).isEmpty());
    // With field in the message.
    message.addField("testfield", "testvalue");
    assertEquals(Lists.newArrayList(stream), engine.match(message));
}

Example 4 with StreamRouterEngine

use of org.graylog2.streams.StreamRouterEngine in project graylog2-server by Graylog2.

the class StreamRouterEngineTest method testEmptyStreamRulesNonMatch.

@Test
public void testEmptyStreamRulesNonMatch() {
    final Stream stream = mock(Stream.class);
    when(stream.getStreamRules()).thenReturn(Collections.emptyList());
    final Message message = mock(Message.class);
    final StreamRouterEngine engine = newEngine(Lists.newArrayList(stream));
    final List<Stream> result = engine.match(message);
    assertThat(result).isEmpty();
    assertThat(result).doesNotContain(stream);
}

Example 5 with StreamRouterEngine

use of org.graylog2.streams.StreamRouterEngine in project graylog2-server by Graylog2.

the class StreamRouterEngineTest method testOrTestMatch.

@Test
public void testOrTestMatch() throws Exception {
    final StreamMock stream = getStreamMock("test", Stream.MatchingType.OR);
    final StreamRuleMock rule1 = new StreamRuleMock(ImmutableMap.of("_id", new ObjectId(), "field", "testfield1", "type", StreamRuleType.PRESENCE.toInteger(), "stream_id", stream.getId()));
    final StreamRuleMock rule2 = new StreamRuleMock(ImmutableMap.of("_id", new ObjectId(), "field", "testfield2", "value", "^test", "type", StreamRuleType.REGEX.toInteger(), "stream_id", stream.getId()));
    stream.setStreamRules(Lists.newArrayList(rule1, rule2));
    final StreamRouterEngine engine = newEngine(Lists.newArrayList(stream));
    // Without testfield1 and testfield2 in the message.
    final Message message1 = getMessage();
    final StreamRouterEngine.StreamTestMatch testMatch1 = engine.testMatch(message1).get(0);
    final Map<StreamRule, Boolean> matches1 = testMatch1.getMatches();
    assertFalse(testMatch1.isMatched());
    assertFalse(matches1.get(rule1));
    assertFalse(matches1.get(rule2));
    // With testfield1 but no-matching testfield2 in the message.
    final Message message2 = getMessage();
    message2.addField("testfield1", "testvalue");
    message2.addField("testfield2", "no-testvalue");
    final StreamRouterEngine.StreamTestMatch testMatch2 = engine.testMatch(message2).get(0);
    final Map<StreamRule, Boolean> matches2 = testMatch2.getMatches();
    assertTrue(testMatch2.isMatched());
    assertTrue(matches2.get(rule1));
    assertFalse(matches2.get(rule2));
    // With testfield1 and matching testfield2 in the message.
    final Message message3 = getMessage();
    message3.addField("testfield1", "testvalue");
    message3.addField("testfield2", "testvalue2");
    final StreamRouterEngine.StreamTestMatch testMatch3 = engine.testMatch(message3).get(0);
    final Map<StreamRule, Boolean> matches3 = testMatch3.getMatches();
    assertTrue(testMatch3.isMatched());
    assertTrue(matches3.get(rule1));
    assertTrue(matches3.get(rule2));
}