Example 6 with GetRequest
use of org.apache.metron.indexing.dao.search.GetRequest in project metron by apache.
the class ElasticsearchMetaAlertIntegrationTest method shouldCreateMetaAlert.
@Test
public void shouldCreateMetaAlert() throws Exception {
// Load alerts
List<Map<String, Object>> alerts = buildAlerts(3);
elasticsearchAdd(alerts, INDEX, SENSOR_NAME);
// Verify load was successful
findCreatedDocs(Arrays.asList(new GetRequest("message_0", SENSOR_NAME), new GetRequest("message_1", SENSOR_NAME), new GetRequest("message_2", SENSOR_NAME)));
{
MetaAlertCreateRequest metaAlertCreateRequest = new MetaAlertCreateRequest() {
{
setAlerts(new ArrayList<GetRequest>() {
{
add(new GetRequest("message_1", SENSOR_NAME));
add(new GetRequest("message_2", SENSOR_NAME, INDEX));
}
});
setGroups(Collections.singletonList("group"));
}
};
MetaAlertCreateResponse metaAlertCreateResponse = metaDao.createMetaAlert(metaAlertCreateRequest);
{
// Verify metaAlert was created
findCreatedDoc(metaAlertCreateResponse.getGuid(), MetaAlertDao.METAALERT_TYPE);
}
{
// Verify alert 0 was not updated with metaalert field
Document alert = metaDao.getLatest("message_0", SENSOR_NAME);
Assert.assertEquals(4, alert.getDocument().size());
Assert.assertNull(alert.getDocument().get(METAALERT_FIELD));
}
{
// Verify alert 1 was properly updated with metaalert field
Document alert = metaDao.getLatest("message_1", SENSOR_NAME);
Assert.assertEquals(5, alert.getDocument().size());
Assert.assertEquals(1, ((List) alert.getDocument().get(METAALERT_FIELD)).size());
Assert.assertEquals(metaAlertCreateResponse.getGuid(), ((List) alert.getDocument().get(METAALERT_FIELD)).get(0));
}
{
// Verify alert 2 was properly updated with metaalert field
Document alert = metaDao.getLatest("message_2", SENSOR_NAME);
Assert.assertEquals(5, alert.getDocument().size());
Assert.assertEquals(1, ((List) alert.getDocument().get(METAALERT_FIELD)).size());
Assert.assertEquals(metaAlertCreateResponse.getGuid(), ((List) alert.getDocument().get(METAALERT_FIELD)).get(0));
}
}
}
Also used :
GetRequest(org.apache.metron.indexing.dao.search.GetRequest)
ArrayList(java.util.ArrayList)
MetaAlertCreateResponse(org.apache.metron.indexing.dao.metaalert.MetaAlertCreateResponse)
MetaAlertCreateRequest(org.apache.metron.indexing.dao.metaalert.MetaAlertCreateRequest)
Document(org.apache.metron.indexing.dao.update.Document)
Map(java.util.Map)
HashMap(java.util.HashMap)
Test(org.junit.Test)
Example 7 with GetRequest
use of org.apache.metron.indexing.dao.search.GetRequest in project metron by apache.
the class HBaseDao method getAllLatest.
@Override
public Iterable<Document> getAllLatest(List<GetRequest> getRequests) throws IOException {
List<Get> gets = new ArrayList<>();
for (GetRequest getRequest : getRequests) {
gets.add(buildGet(getRequest));
}
Result[] results = getTableInterface().get(gets);
List<Document> allLatest = new ArrayList<>();
for (Result result : results) {
Document d = getDocumentFromResult(result);
if (d != null) {
allLatest.add(d);
}
}
return allLatest;
}
Also used :
Get(org.apache.hadoop.hbase.client.Get)
GetRequest(org.apache.metron.indexing.dao.search.GetRequest)
ArrayList(java.util.ArrayList)
Document(org.apache.metron.indexing.dao.update.Document)
Result(org.apache.hadoop.hbase.client.Result)
Example 8 with GetRequest
use of org.apache.metron.indexing.dao.search.GetRequest in project metron by apache.
the class HBaseDaoIntegrationTest method shouldGetAllLatest.
@Test
public void shouldGetAllLatest() throws Exception {
// Load alerts
List<Document> alerts = buildAlerts(15);
alerts.stream().collect(Collectors.toMap(Document::getGuid, document -> Optional.empty()));
Map<Document, Optional<String>> updates = alerts.stream().collect(Collectors.toMap(document -> document, document -> Optional.empty()));
hbaseDao.batchUpdate(updates);
int expectedCount = 12;
List<GetRequest> getRequests = new ArrayList<>();
for (int i = 1; i < expectedCount + 1; i++) {
getRequests.add(new GetRequest("message_" + i, SENSOR_TYPE));
}
Iterator<Document> results = hbaseDao.getAllLatest(getRequests).iterator();
for (int i = 0; i < expectedCount; i++) {
Document expectedDocument = alerts.get(i + 1);
Document actualDocument = results.next();
Assert.assertEquals(expectedDocument, actualDocument);
}
Assert.assertFalse("Result size should be 12 but was greater", results.hasNext());
}
Also used :
Document(org.apache.metron.indexing.dao.update.Document)
HBASE_CF(org.apache.metron.indexing.dao.HBaseDao.HBASE_CF)
AccessConfig(org.apache.metron.indexing.dao.AccessConfig)
Iterator(java.util.Iterator)
BeforeClass(org.junit.BeforeClass)
IndexDao(org.apache.metron.indexing.dao.IndexDao)
IOException(java.io.IOException)
HashMap(java.util.HashMap)
Test(org.junit.Test)
Hex(org.apache.commons.codec.binary.Hex)
GetRequest(org.apache.metron.indexing.dao.search.GetRequest)
HBaseDao(org.apache.metron.indexing.dao.HBaseDao)
Collectors(java.util.stream.Collectors)
MockHBaseTableProvider(org.apache.metron.hbase.mock.MockHBaseTableProvider)
ArrayList(java.util.ArrayList)
List(java.util.List)
HBASE_TABLE(org.apache.metron.indexing.dao.HBaseDao.HBASE_TABLE)
Map(java.util.Map)
After(org.junit.After)
Optional(java.util.Optional)
Assert(org.junit.Assert)
Optional(java.util.Optional)
GetRequest(org.apache.metron.indexing.dao.search.GetRequest)
ArrayList(java.util.ArrayList)
Document(org.apache.metron.indexing.dao.update.Document)
Test(org.junit.Test)
Example 9 with GetRequest
use of org.apache.metron.indexing.dao.search.GetRequest in project metron by apache.
the class MetaAlertControllerIntegrationTest method shouldUpdateStatus.
@Test
public void shouldUpdateStatus() throws Exception {
MetaAlertCreateRequest metaAlertCreateRequest = new MetaAlertCreateRequest();
metaAlertCreateRequest.setGroups(Arrays.asList("group_one", "group_two"));
metaAlertCreateRequest.setAlerts(new ArrayList<GetRequest>() {
{
add(new GetRequest("bro_1", "bro", "bro_index_2017.01.01.01"));
add(new GetRequest("snort_2", "snort", "snort_index_2017.01.01.01"));
}
});
MetaAlertCreateResponse metaAlertCreateResponse = metaAlertService.create(metaAlertCreateRequest);
ResultActions result = this.mockMvc.perform(post(metaalertUrl + "/update/status/" + metaAlertCreateResponse.getGuid() + "/inactive").with(httpBasic(user, password)).with(csrf()).contentType(MediaType.parseMediaType("application/json;charset=UTF-8")));
result.andExpect(status().isOk()).andExpect(content().string("true"));
result = this.mockMvc.perform(post(metaalertUrl + "/update/status/" + metaAlertCreateResponse.getGuid() + "/inactive").with(httpBasic(user, password)).with(csrf()).contentType(MediaType.parseMediaType("application/json;charset=UTF-8")));
result.andExpect(status().isOk()).andExpect(content().string("false"));
}
Also used :
GetRequest(org.apache.metron.indexing.dao.search.GetRequest)
MetaAlertCreateResponse(org.apache.metron.indexing.dao.metaalert.MetaAlertCreateResponse)
ResultActions(org.springframework.test.web.servlet.ResultActions)
MetaAlertCreateRequest(org.apache.metron.indexing.dao.metaalert.MetaAlertCreateRequest)
SearchIntegrationTest(org.apache.metron.indexing.dao.SearchIntegrationTest)
Test(org.junit.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 10 with GetRequest
use of org.apache.metron.indexing.dao.search.GetRequest in project metron by apache.
the class ElasticsearchDao method getAllLatest.
@Override
public Iterable<Document> getAllLatest(final List<GetRequest> getRequests) throws IOException {
Collection<String> guids = new HashSet<>();
Collection<String> sensorTypes = new HashSet<>();
for (GetRequest getRequest : getRequests) {
guids.add(getRequest.getGuid());
sensorTypes.add(getRequest.getSensorType());
}
List<Document> documents = searchByGuids(guids, sensorTypes, hit -> {
Long ts = 0L;
String doc = hit.getSourceAsString();
String sourceType = Iterables.getFirst(Splitter.on("_doc").split(hit.getType()), null);
try {
return Optional.of(new Document(doc, hit.getId(), sourceType, ts));
} catch (IOException e) {
throw new IllegalStateException("Unable to retrieve latest: " + e.getMessage(), e);
}
});
return documents;
}
Also used :
GetRequest(org.apache.metron.indexing.dao.search.GetRequest)
IOException(java.io.IOException)
Document(org.apache.metron.indexing.dao.update.Document)
HashSet(java.util.HashSet)
Aggregations
GetRequest (org.apache.metron.indexing.dao.search.GetRequest)19
Test (org.junit.Test)13
HashMap (java.util.HashMap)10
ArrayList (java.util.ArrayList)9
Map (java.util.Map)9
Document (org.apache.metron.indexing.dao.update.Document)9
MetaAlertCreateResponse (org.apache.metron.indexing.dao.metaalert.MetaAlertCreateResponse)6
MetaAlertCreateRequest (org.apache.metron.indexing.dao.metaalert.MetaAlertCreateRequest)5
IOException (java.io.IOException)4
List (java.util.List)4
SearchRequest (org.apache.metron.indexing.dao.search.SearchRequest)4
SearchResponse (org.apache.metron.indexing.dao.search.SearchResponse)4
ElasticsearchDao (org.apache.metron.elasticsearch.dao.ElasticsearchDao)3
SortField (org.apache.metron.indexing.dao.search.SortField)3
HashSet (java.util.HashSet)2
Optional (java.util.Optional)2
Collectors (java.util.stream.Collectors)2
JSONUtils (org.apache.metron.common.utils.JSONUtils)2
AccessConfig (org.apache.metron.indexing.dao.AccessConfig)2
IndexDao (org.apache.metron.indexing.dao.IndexDao)2
