Examples with LookupKV org.apache.metron.enrichment.lookup.LookupKV used on opensource projects

Search in sources :

Example 11 with LookupKV

use of org.apache.metron.enrichment.lookup.LookupKV in project metron by apache.

the class TransformFilterExtractorDecoratorTest method filters_values.

@Test
public void filters_values() throws Exception {
    final String indicatorVal = "val2";
    EnrichmentKey lookupKey = new EnrichmentKey("testenrichment", indicatorVal);
    EnrichmentValue lookupValue = new EnrichmentValue(new HashMap<String, Object>() {

        {
            put("foo", "val1");
            put("bar", indicatorVal);
            put("baz", "");
        }
    });
    LookupKV lkv = new LookupKV<>(lookupKey, lookupValue);
    List<LookupKV> extractedLkvs = new ArrayList<>();
    extractedLkvs.add(lkv);
    Mockito.when(extractor.extract("val1,val2,")).thenReturn(extractedLkvs);
    Iterable<LookupKV> extracted = decorator.extract("val1,val2,");
    Assert.assertThat(extracted, CoreMatchers.equalTo(new ArrayList<>()));
}
Also used : LookupKV(org.apache.metron.enrichment.lookup.LookupKV) EnrichmentKey(org.apache.metron.enrichment.converter.EnrichmentKey) EnrichmentValue(org.apache.metron.enrichment.converter.EnrichmentValue) Test(org.junit.Test)

Example 12 with LookupKV

use of org.apache.metron.enrichment.lookup.LookupKV in project metron by apache.

the class URIHandlerTest method testURIHandler.

@Test
public void testURIHandler() throws Exception {
    StixExtractor extractor = new StixExtractor();
    extractor.initialize(new HashMap<>());
    Iterable<LookupKV> kvs = extractor.extract(uriHandlerObject);
    Assert.assertEquals(1, Iterables.size(kvs));
    LookupKV kv = Iterables.getFirst(kvs, null);
    EnrichmentKey key = (EnrichmentKey) kv.getKey();
    Assert.assertEquals("http://www.kotimi.com/alpha/gtex/", key.getIndicator());
    Assert.assertEquals("uriobjecttype", key.type);
}
Also used : LookupKV(org.apache.metron.enrichment.lookup.LookupKV) EnrichmentKey(org.apache.metron.enrichment.converter.EnrichmentKey) Test(org.junit.Test)

Example 13 with LookupKV

use of org.apache.metron.enrichment.lookup.LookupKV in project metron by apache.

the class SimpleEnrichmentFlatFileLoaderIntegrationTest method testLocalLineByLine.

@Test
public void testLocalLineByLine() throws Exception {
    String[] argv = { "-c cf", "-t enrichment", "-e " + lineByLineExtractorConfigFile.getPath(), "-i " + multilineFile.getPath(), "-p 2", "-b 128", "-q" };
    SimpleEnrichmentFlatFileLoader.main(config, argv);
    EnrichmentConverter converter = new EnrichmentConverter();
    ResultScanner scanner = testTable.getScanner(Bytes.toBytes(cf));
    List<LookupKV<EnrichmentKey, EnrichmentValue>> results = new ArrayList<>();
    for (Result r : scanner) {
        results.add(converter.fromResult(r, cf));
        testTable.delete(new Delete(r.getRow()));
    }
    Assert.assertEquals(NUM_LINES, results.size());
    Assert.assertTrue(results.get(0).getKey().indicator.startsWith("google"));
    Assert.assertEquals(results.get(0).getKey().type, "enrichment");
    Assert.assertEquals(results.get(0).getValue().getMetadata().size(), 2);
    Assert.assertTrue(results.get(0).getValue().getMetadata().get("meta").toString().startsWith("foo"));
    Assert.assertTrue(results.get(0).getValue().getMetadata().get("host").toString().startsWith("google"));
}
Also used : Delete(org.apache.hadoop.hbase.client.Delete) EnrichmentConverter(org.apache.metron.enrichment.converter.EnrichmentConverter) ResultScanner(org.apache.hadoop.hbase.client.ResultScanner) LookupKV(org.apache.metron.enrichment.lookup.LookupKV) ArrayList(java.util.ArrayList) Result(org.apache.hadoop.hbase.client.Result) Test(org.junit.Test)

Example 14 with LookupKV

use of org.apache.metron.enrichment.lookup.LookupKV in project metron by apache.

the class SimpleEnrichmentFlatFileLoaderIntegrationTest method custom_extractor_transforms_and_filters_indicators_and_value_metadata.

@Test
public void custom_extractor_transforms_and_filters_indicators_and_value_metadata() throws Exception {
    String[] argv = { "-c cf", "-t enrichment", "-e " + customLineByLineExtractorConfigFile.getPath(), "-i " + multilineFile.getPath(), "-p 2", "-b 128", "-q" };
    SimpleEnrichmentFlatFileLoader.main(config, argv);
    EnrichmentConverter converter = new EnrichmentConverter();
    ResultScanner scanner = testTable.getScanner(Bytes.toBytes(cf));
    List<LookupKV<EnrichmentKey, EnrichmentValue>> results = new ArrayList<>();
    for (Result r : scanner) {
        results.add(converter.fromResult(r, cf));
        testTable.delete(new Delete(r.getRow()));
    }
    Assert.assertEquals(NUM_LINES, results.size());
    Assert.assertThat(results.get(0).getKey().getIndicator(), startsWith("GOOGLE"));
    Assert.assertThat(results.get(0).getKey().type, equalTo("enrichment"));
    Assert.assertThat(results.get(0).getValue().getMetadata().size(), equalTo(2));
    Assert.assertThat(results.get(0).getValue().getMetadata().get("meta").toString(), startsWith("foo"));
    Assert.assertThat(results.get(0).getValue().getMetadata().get("host").toString(), startsWith("GOOGLE"));
}
Also used : Delete(org.apache.hadoop.hbase.client.Delete) EnrichmentConverter(org.apache.metron.enrichment.converter.EnrichmentConverter) ResultScanner(org.apache.hadoop.hbase.client.ResultScanner) LookupKV(org.apache.metron.enrichment.lookup.LookupKV) ArrayList(java.util.ArrayList) Result(org.apache.hadoop.hbase.client.Result) Test(org.junit.Test)

Example 15 with LookupKV

use of org.apache.metron.enrichment.lookup.LookupKV in project metron by apache.

the class ThreatIntelAdapterTest method setup.

@Before
public void setup() throws Exception {
    final MockHTable trackerTable = (MockHTable) MockHBaseTableProvider.addToCache(atTableName, cf);
    final MockHTable threatIntelTable = (MockHTable) MockHBaseTableProvider.addToCache(threatIntelTableName, cf);
    EnrichmentHelper.INSTANCE.load(threatIntelTable, cf, new ArrayList<LookupKV<EnrichmentKey, EnrichmentValue>>() {

        {
            add(new LookupKV<>(new EnrichmentKey("10.0.2.3", "10.0.2.3"), new EnrichmentValue(new HashMap<>())));
        }
    });
    BloomAccessTracker bat = new BloomAccessTracker(threatIntelTableName, 100, 0.03);
    PersistentAccessTracker pat = new PersistentAccessTracker(threatIntelTableName, "0", trackerTable, cf, bat, 0L);
    lookup = new EnrichmentLookup(threatIntelTable, cf, pat);
    JSONParser jsonParser = new JSONParser();
    expectedMessage = (JSONObject) jsonParser.parse(expectedMessageString);
}
Also used : EnrichmentLookup(org.apache.metron.enrichment.lookup.EnrichmentLookup) LookupKV(org.apache.metron.enrichment.lookup.LookupKV) HashMap(java.util.HashMap) BloomAccessTracker(org.apache.metron.enrichment.lookup.accesstracker.BloomAccessTracker) PersistentAccessTracker(org.apache.metron.enrichment.lookup.accesstracker.PersistentAccessTracker) JSONParser(org.json.simple.parser.JSONParser) MockHTable(org.apache.metron.hbase.mock.MockHTable) EnrichmentKey(org.apache.metron.enrichment.converter.EnrichmentKey) EnrichmentValue(org.apache.metron.enrichment.converter.EnrichmentValue) Before(org.junit.Before)

Aggregations

LookupKV (org.apache.metron.enrichment.lookup.LookupKV)33 Test (org.junit.Test)19 EnrichmentKey (org.apache.metron.enrichment.converter.EnrichmentKey)16 EnrichmentValue (org.apache.metron.enrichment.converter.EnrichmentValue)14 ArrayList (java.util.ArrayList)12 EnrichmentConverter (org.apache.metron.enrichment.converter.EnrichmentConverter)10 Result (org.apache.hadoop.hbase.client.Result)9 Delete (org.apache.hadoop.hbase.client.Delete)7 ResultScanner (org.apache.hadoop.hbase.client.ResultScanner)7 MockHTable (org.apache.metron.hbase.mock.MockHTable)6 HashMap (java.util.HashMap)5 Put (org.apache.hadoop.hbase.client.Put)3 WriterConfiguration (org.apache.metron.common.configuration.writer.WriterConfiguration)3 SimpleHbaseEnrichmentWriter (org.apache.metron.enrichment.writer.SimpleHbaseEnrichmentWriter)3 JSONObject (org.json.simple.JSONObject)3 Before (org.junit.Before)3 File (java.io.File)2 ImmutableBytesWritable (org.apache.hadoop.hbase.io.ImmutableBytesWritable)2 ConfigUploadComponent (org.apache.metron.enrichment.integration.components.ConfigUploadComponent)2 EnrichmentLookup (org.apache.metron.enrichment.lookup.EnrichmentLookup)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial