Examples with InvalidSearchException org.apache.metron.indexing.dao.search.InvalidSearchException used on opensource projects

Example 6 with InvalidSearchException

use of org.apache.metron.indexing.dao.search.InvalidSearchException in project metron by apache.

the class ElasticsearchDao method group.

/**
 * Defers to a provided {@link org.elasticsearch.index.query.QueryBuilder} for the query.
 * @param groupRequest The request defining the parameters of the grouping
 * @param queryBuilder The actual query to be run. Intended for if the SearchRequest requires wrapping
 * @return The results of the query
 * @throws InvalidSearchException When the query is malformed or the current state doesn't allow search
 */
protected GroupResponse group(GroupRequest groupRequest, QueryBuilder queryBuilder) throws InvalidSearchException {
    org.elasticsearch.action.search.SearchRequest esRequest;
    org.elasticsearch.action.search.SearchResponse esResponse;
    if (client == null) {
        throw new InvalidSearchException("Uninitialized Dao!  You must call init() prior to use.");
    }
    if (groupRequest.getGroups() == null || groupRequest.getGroups().size() == 0) {
        throw new InvalidSearchException("At least 1 group must be provided.");
    }
    esRequest = buildGroupRequest(groupRequest, queryBuilder);
    esResponse = requestSubmitter.submitSearch(esRequest);
    GroupResponse response = buildGroupResponse(groupRequest, esResponse);
    return response;
}

Example 7 with InvalidSearchException

use of org.apache.metron.indexing.dao.search.InvalidSearchException in project metron by apache.

the class ElasticsearchDao method buildGroupResponse.

/**
 * Build a group response.
 * @param groupRequest The original group request.
 * @param response The search response.
 * @return A group response.
 * @throws InvalidSearchException
 */
private GroupResponse buildGroupResponse(GroupRequest groupRequest, org.elasticsearch.action.search.SearchResponse response) throws InvalidSearchException {
    // build the search response
    Map<String, FieldType> commonColumnMetadata;
    try {
        commonColumnMetadata = getColumnMetadata(groupRequest.getIndices());
    } catch (IOException e) {
        throw new InvalidSearchException(String.format("Could not get common column metadata for indices %s", Arrays.toString(groupRequest.getIndices().toArray())));
    }
    GroupResponse groupResponse = new GroupResponse();
    groupResponse.setGroupedBy(groupRequest.getGroups().get(0).getField());
    groupResponse.setGroupResults(getGroupResults(groupRequest, 0, response.getAggregations(), commonColumnMetadata));
    return groupResponse;
}

Example 8 with InvalidSearchException

use of org.apache.metron.indexing.dao.search.InvalidSearchException in project metron by apache.

the class InMemoryMetaAlertDao method getAllMetaAlertsForAlert.

@Override
public SearchResponse getAllMetaAlertsForAlert(String guid) throws InvalidSearchException {
    SearchRequest request;
    try {
        String replacedQuery = metaAlertsForAlertQuery.replace("${GUID}", guid);
        request = JSONUtils.INSTANCE.load(replacedQuery, SearchRequest.class);
    } catch (IOException e) {
        throw new InvalidSearchException("Unable to process query:", e);
    }
    return search(request);
}

Example 9 with InvalidSearchException

use of org.apache.metron.indexing.dao.search.InvalidSearchException in project metron by apache.

the class InMemoryMetaAlertDao method createMetaAlert.

@SuppressWarnings("unchecked")
@Override
public MetaAlertCreateResponse createMetaAlert(MetaAlertCreateRequest request) throws InvalidCreateException, IOException {
    List<GetRequest> alertRequests = request.getAlerts();
    if (alertRequests.isEmpty()) {
        MetaAlertCreateResponse response = new MetaAlertCreateResponse();
        response.setCreated(false);
        return response;
    }
    // Build meta alert json.  Give it a reasonable GUID
    JSONObject metaAlert = new JSONObject();
    String metaAlertGuid = "meta_" + (InMemoryDao.BACKING_STORE.get(MetaAlertDao.METAALERTS_INDEX).size() + 1);
    metaAlert.put(GUID, metaAlertGuid);
    JSONArray groupsArray = new JSONArray();
    groupsArray.addAll(request.getGroups());
    metaAlert.put(MetaAlertDao.GROUPS_FIELD, groupsArray);
    // Retrieve the alert for each guid
    // For the purpose of testing, we're just using guids for the alerts field and grabbing the scores.
    JSONArray alertArray = new JSONArray();
    List<Double> threatScores = new ArrayList<>();
    Collection<String> alertGuids = new ArrayList<>();
    for (GetRequest alertRequest : alertRequests) {
        SearchRequest searchRequest = new SearchRequest();
        searchRequest.setIndices(ImmutableList.of(alertRequest.getIndex().get()));
        searchRequest.setQuery("guid:" + alertRequest.getGuid());
        try {
            SearchResponse searchResponse = search(searchRequest);
            List<SearchResult> searchResults = searchResponse.getResults();
            if (searchResults.size() > 1) {
                throw new InvalidCreateException("Found more than one result for: " + alertRequest.getGuid() + ". Values: " + searchResults);
            }
            if (searchResults.size() == 1) {
                SearchResult result = searchResults.get(0);
                alertArray.add(result.getSource());
                Double threatScore = Double.parseDouble(result.getSource().getOrDefault(THREAT_FIELD_DEFAULT, "0").toString());
                threatScores.add(threatScore);
            }
        } catch (InvalidSearchException e) {
            throw new InvalidCreateException("Unable to find guid: " + alertRequest.getGuid(), e);
        }
        alertGuids.add(alertRequest.getGuid());
    }
    metaAlert.put(MetaAlertDao.ALERT_FIELD, alertArray);
    metaAlert.putAll(new MetaScores(threatScores).getMetaScores());
    metaAlert.put(STATUS_FIELD, MetaAlertStatus.ACTIVE.getStatusString());
    // Add the alert to the store, but make sure not to overwrite existing results
    InMemoryDao.BACKING_STORE.get(MetaAlertDao.METAALERTS_INDEX).add(metaAlert.toJSONString());
    METAALERT_STORE.put(metaAlertGuid, new HashSet<>(alertGuids));
    MetaAlertCreateResponse createResponse = new MetaAlertCreateResponse();
    createResponse.setGuid(metaAlertGuid);
    createResponse.setCreated(true);
    return createResponse;
}