Example 1 with Match
use of io.krakens.grok.api.Match in project graylog2-server by Graylog2.
the class GrokMatch method evaluate.
@Override
public GrokResult evaluate(FunctionArgs args, EvaluationContext context) {
final String value = valueParam.required(args, context);
final String pattern = patternParam.required(args, context);
final boolean onlyNamedCaptures = namedOnly.optional(args, context).orElse(false);
if (value == null || pattern == null) {
return null;
}
final Grok grok = grokPatternRegistry.cachedGrokForPattern(pattern, onlyNamedCaptures);
final Match match = grok.match(value);
;
return new GrokResult(match.captureFlattened());
}Example 2 with Match
use of io.krakens.grok.api.Match in project graylog2-server by Graylog2.
the class GrokTesterResource method doTestGrok.
private GrokTesterResponse doTestGrok(String string, String pattern, boolean namedCapturesOnly) throws GrokException {
final Set<GrokPattern> grokPatterns = grokPatternService.loadAll();
final GrokCompiler grokCompiler = GrokCompiler.newInstance();
for (GrokPattern grokPattern : grokPatterns) {
grokCompiler.register(grokPattern.name(), grokPattern.pattern());
}
final Grok grok;
try {
grok = grokCompiler.compile(pattern, namedCapturesOnly);
} catch (Exception e) {
return GrokTesterResponse.createError(pattern, string, e.getMessage());
}
final Match match = grok.match(string);
final Map<String, Object> matches = match.captureFlattened();
final GrokTesterResponse response;
if (matches.isEmpty()) {
response = GrokTesterResponse.createSuccess(false, Collections.<GrokTesterResponse.Match>emptyList(), pattern, string);
} else {
final List<GrokTesterResponse.Match> responseMatches = Lists.newArrayList();
for (final Map.Entry<String, Object> entry : matches.entrySet()) {
final Object value = entry.getValue();
if (value != null) {
responseMatches.add(GrokTesterResponse.Match.create(entry.getKey(), value.toString()));
}
}
response = GrokTesterResponse.createSuccess(true, responseMatches, pattern, string);
}
return response;
}
Also used :
Grok(io.krakens.grok.api.Grok)
GrokCompiler(io.krakens.grok.api.GrokCompiler)
GrokException(io.krakens.grok.api.exception.GrokException)
Match(io.krakens.grok.api.Match)
GrokPattern(org.graylog2.grok.GrokPattern)
Map(java.util.Map)
GrokTesterResponse(org.graylog2.rest.resources.tools.responses.GrokTesterResponse)
Example 3 with Match
use of io.krakens.grok.api.Match in project graylog2-server by Graylog2.
the class GrokExtractor method run.
@Override
protected Result[] run(String value) {
final Grok grok = grokPatternRegistry.cachedGrokForPattern(this.pattern, this.namedCapturesOnly);
// the extractor instance is rebuilt every second anyway
final Match match = grok.match(value);
final Map<String, Object> matches = match.captureFlattened();
final List<Result> results = new ArrayList<>(matches.size());
for (final Map.Entry<String, Object> entry : matches.entrySet()) {
// never add null values to the results, those don't make sense for us
if (entry.getValue() != null) {
results.add(new Result(entry.getValue(), entry.getKey(), -1, -1));
}
}
return results.toArray(new Result[0]);
}Aggregations
Grok (io.krakens.grok.api.Grok)3
Match (io.krakens.grok.api.Match)3
Map (java.util.Map)2
GrokCompiler (io.krakens.grok.api.GrokCompiler)1
GrokException (io.krakens.grok.api.exception.GrokException)1
ArrayList (java.util.ArrayList)1
GrokPattern (org.graylog2.grok.GrokPattern)1
GrokTesterResponse (org.graylog2.rest.resources.tools.responses.GrokTesterResponse)1
