Examples with SearchResponse org.apache.metron.indexing.dao.search.SearchResponse used on opensource projects

Search in sources :

Example 16 with SearchResponse

use of org.apache.metron.indexing.dao.search.SearchResponse in project metron by apache.

the class SearchIntegrationTest method facet_query_yields_field_types.

@Test
public void facet_query_yields_field_types() throws Exception {
    SearchRequest request = JSONUtils.INSTANCE.load(facetQuery, SearchRequest.class);
    SearchResponse response = dao.search(request);
    Assert.assertEquals(10, response.getTotal());
    Map<String, Map<String, Long>> facetCounts = response.getFacetCounts();
    Assert.assertEquals(8, facetCounts.size());
    Map<String, Long> sourceTypeCounts = facetCounts.get("source:type");
    Assert.assertEquals(2, sourceTypeCounts.size());
    Assert.assertEquals(new Long(5), sourceTypeCounts.get("bro"));
    Assert.assertEquals(new Long(5), sourceTypeCounts.get("snort"));
    Map<String, Long> ipSrcAddrCounts = facetCounts.get("ip_src_addr");
    Assert.assertEquals(8, ipSrcAddrCounts.size());
    Assert.assertEquals(new Long(3), ipSrcAddrCounts.get("192.168.1.1"));
    Assert.assertEquals(new Long(1), ipSrcAddrCounts.get("192.168.1.2"));
    Assert.assertEquals(new Long(1), ipSrcAddrCounts.get("192.168.1.3"));
    Assert.assertEquals(new Long(1), ipSrcAddrCounts.get("192.168.1.4"));
    Assert.assertEquals(new Long(1), ipSrcAddrCounts.get("192.168.1.5"));
    Assert.assertEquals(new Long(1), ipSrcAddrCounts.get("192.168.1.6"));
    Assert.assertEquals(new Long(1), ipSrcAddrCounts.get("192.168.1.7"));
    Assert.assertEquals(new Long(1), ipSrcAddrCounts.get("192.168.1.8"));
    Map<String, Long> ipSrcPortCounts = facetCounts.get("ip_src_port");
    Assert.assertEquals(10, ipSrcPortCounts.size());
    Assert.assertEquals(new Long(1), ipSrcPortCounts.get("8001"));
    Assert.assertEquals(new Long(1), ipSrcPortCounts.get("8002"));
    Assert.assertEquals(new Long(1), ipSrcPortCounts.get("8003"));
    Assert.assertEquals(new Long(1), ipSrcPortCounts.get("8004"));
    Assert.assertEquals(new Long(1), ipSrcPortCounts.get("8005"));
    Assert.assertEquals(new Long(1), ipSrcPortCounts.get("8006"));
    Assert.assertEquals(new Long(1), ipSrcPortCounts.get("8007"));
    Assert.assertEquals(new Long(1), ipSrcPortCounts.get("8008"));
    Assert.assertEquals(new Long(1), ipSrcPortCounts.get("8009"));
    Assert.assertEquals(new Long(1), ipSrcPortCounts.get("8010"));
    Map<String, Long> longFieldCounts = facetCounts.get("long_field");
    Assert.assertEquals(2, longFieldCounts.size());
    Assert.assertEquals(new Long(8), longFieldCounts.get("10000"));
    Assert.assertEquals(new Long(2), longFieldCounts.get("20000"));
    Map<String, Long> timestampCounts = facetCounts.get("timestamp");
    Assert.assertEquals(10, timestampCounts.size());
    Assert.assertEquals(new Long(1), timestampCounts.get("1"));
    Assert.assertEquals(new Long(1), timestampCounts.get("2"));
    Assert.assertEquals(new Long(1), timestampCounts.get("3"));
    Assert.assertEquals(new Long(1), timestampCounts.get("4"));
    Assert.assertEquals(new Long(1), timestampCounts.get("5"));
    Assert.assertEquals(new Long(1), timestampCounts.get("6"));
    Assert.assertEquals(new Long(1), timestampCounts.get("7"));
    Assert.assertEquals(new Long(1), timestampCounts.get("8"));
    Assert.assertEquals(new Long(1), timestampCounts.get("9"));
    Assert.assertEquals(new Long(1), timestampCounts.get("10"));
    Map<String, Long> latitudeCounts = facetCounts.get("latitude");
    Assert.assertEquals(2, latitudeCounts.size());
    List<String> latitudeKeys = new ArrayList<>(latitudeCounts.keySet());
    Collections.sort(latitudeKeys);
    Assert.assertEquals(48.0001, Double.parseDouble(latitudeKeys.get(0)), 0.00001);
    Assert.assertEquals(48.5839, Double.parseDouble(latitudeKeys.get(1)), 0.00001);
    Assert.assertEquals(new Long(2), latitudeCounts.get(latitudeKeys.get(0)));
    Assert.assertEquals(new Long(8), latitudeCounts.get(latitudeKeys.get(1)));
    Map<String, Long> scoreFieldCounts = facetCounts.get("score");
    Assert.assertEquals(4, scoreFieldCounts.size());
    List<String> scoreFieldKeys = new ArrayList<>(scoreFieldCounts.keySet());
    Collections.sort(scoreFieldKeys);
    Assert.assertEquals(10.0, Double.parseDouble(scoreFieldKeys.get(0)), 0.00001);
    Assert.assertEquals(20.0, Double.parseDouble(scoreFieldKeys.get(1)), 0.00001);
    Assert.assertEquals(50.0, Double.parseDouble(scoreFieldKeys.get(2)), 0.00001);
    Assert.assertEquals(98.0, Double.parseDouble(scoreFieldKeys.get(3)), 0.00001);
    Assert.assertEquals(new Long(4), scoreFieldCounts.get(scoreFieldKeys.get(0)));
    Assert.assertEquals(new Long(2), scoreFieldCounts.get(scoreFieldKeys.get(1)));
    Assert.assertEquals(new Long(3), scoreFieldCounts.get(scoreFieldKeys.get(2)));
    Assert.assertEquals(new Long(1), scoreFieldCounts.get(scoreFieldKeys.get(3)));
    Map<String, Long> isAlertCounts = facetCounts.get("is_alert");
    Assert.assertEquals(2, isAlertCounts.size());
    Assert.assertEquals(new Long(6), isAlertCounts.get("true"));
    Assert.assertEquals(new Long(4), isAlertCounts.get("false"));
}
Also used : SearchRequest(org.apache.metron.indexing.dao.search.SearchRequest) ArrayList(java.util.ArrayList) HashMap(java.util.HashMap) Map(java.util.Map) SearchResponse(org.apache.metron.indexing.dao.search.SearchResponse) Test(org.junit.Test)

Example 17 with SearchResponse

use of org.apache.metron.indexing.dao.search.SearchResponse in project metron by apache.

the class SearchIntegrationTest method disabled_facet_query_returns_null_count.

@Test
public void disabled_facet_query_returns_null_count() throws Exception {
    SearchRequest request = JSONUtils.INSTANCE.load(disabledFacetQuery, SearchRequest.class);
    SearchResponse response = dao.search(request);
    Assert.assertNull(response.getFacetCounts());
}
Also used : SearchRequest(org.apache.metron.indexing.dao.search.SearchRequest) SearchResponse(org.apache.metron.indexing.dao.search.SearchResponse) Test(org.junit.Test)

Example 18 with SearchResponse

use of org.apache.metron.indexing.dao.search.SearchResponse in project metron by apache.

the class SearchIntegrationTest method sort_ascending_with_missing_fields.

@Test
public void sort_ascending_with_missing_fields() throws Exception {
    SearchRequest request = JSONUtils.INSTANCE.load(sortAscendingWithMissingFields, SearchRequest.class);
    SearchResponse response = dao.search(request);
    Assert.assertEquals(10, response.getTotal());
    List<SearchResult> results = response.getResults();
    Assert.assertEquals(10, results.size());
    // the remaining are missing the 'threat:triage:score' and should be sorted last
    for (int i = 0; i < 8; i++) {
        Assert.assertFalse(results.get(i).getSource().containsKey("threat:triage:score"));
    }
    // validate sorted order - there are only 2 with a 'threat:triage:score'
    Assert.assertEquals("10", results.get(8).getSource().get("threat:triage:score"));
    Assert.assertEquals("20", results.get(9).getSource().get("threat:triage:score"));
}
Also used : SearchRequest(org.apache.metron.indexing.dao.search.SearchRequest) SearchResult(org.apache.metron.indexing.dao.search.SearchResult) SearchResponse(org.apache.metron.indexing.dao.search.SearchResponse) Test(org.junit.Test)

Example 19 with SearchResponse

use of org.apache.metron.indexing.dao.search.SearchResponse in project metron by apache.

the class SearchIntegrationTest method filter_query_filters_results.

@Test
public void filter_query_filters_results() throws Exception {
    SearchRequest request = JSONUtils.INSTANCE.load(filterQuery, SearchRequest.class);
    SearchResponse response = dao.search(request);
    Assert.assertEquals(3, response.getTotal());
    List<SearchResult> results = response.getResults();
    Assert.assertEquals("snort", results.get(0).getSource().get("source:type"));
    Assert.assertEquals(9, results.get(0).getSource().get("timestamp"));
    Assert.assertEquals("snort", results.get(1).getSource().get("source:type"));
    Assert.assertEquals(7, results.get(1).getSource().get("timestamp"));
    Assert.assertEquals("bro", results.get(2).getSource().get("source:type"));
    Assert.assertEquals(1, results.get(2).getSource().get("timestamp"));
}
Also used : SearchRequest(org.apache.metron.indexing.dao.search.SearchRequest) SearchResult(org.apache.metron.indexing.dao.search.SearchResult) SearchResponse(org.apache.metron.indexing.dao.search.SearchResponse) Test(org.junit.Test)

Example 20 with SearchResponse

use of org.apache.metron.indexing.dao.search.SearchResponse in project metron by apache.

the class SearchIntegrationTest method all_query_returns_all_results.

@Test
public void all_query_returns_all_results() throws Exception {
    SearchRequest request = JSONUtils.INSTANCE.load(allQuery, SearchRequest.class);
    SearchResponse response = dao.search(request);
    Assert.assertEquals(10, response.getTotal());
    List<SearchResult> results = response.getResults();
    Assert.assertEquals(10, results.size());
    for (int i = 0; i < 5; ++i) {
        Assert.assertEquals("snort", results.get(i).getSource().get("source:type"));
        Assert.assertEquals(10 - i, results.get(i).getSource().get("timestamp"));
    }
    for (int i = 5; i < 10; ++i) {
        Assert.assertEquals("bro", results.get(i).getSource().get("source:type"));
        Assert.assertEquals(10 - i, results.get(i).getSource().get("timestamp"));
    }
}
Also used : SearchRequest(org.apache.metron.indexing.dao.search.SearchRequest) SearchResult(org.apache.metron.indexing.dao.search.SearchResult) SearchResponse(org.apache.metron.indexing.dao.search.SearchResponse) Test(org.junit.Test)

Aggregations

SearchResponse (org.apache.metron.indexing.dao.search.SearchResponse)21 SearchRequest (org.apache.metron.indexing.dao.search.SearchRequest)18 Test (org.junit.Test)17 SearchResult (org.apache.metron.indexing.dao.search.SearchResult)14 ArrayList (java.util.ArrayList)5 HashMap (java.util.HashMap)5 SortField (org.apache.metron.indexing.dao.search.SortField)5 Map (java.util.Map)4 GetRequest (org.apache.metron.indexing.dao.search.GetRequest)4 InvalidSearchException (org.apache.metron.indexing.dao.search.InvalidSearchException)4 IOException (java.io.IOException)2 ElasticsearchDao (org.apache.metron.elasticsearch.dao.ElasticsearchDao)2 MetaAlertCreateResponse (org.apache.metron.indexing.dao.metaalert.MetaAlertCreateResponse)2 JSONArray (org.json.simple.JSONArray)2 JSONObject (org.json.simple.JSONObject)2 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)1 Joiner (com.google.common.base.Joiner)1 Iterables (com.google.common.collect.Iterables)1 File (java.io.File)1 SimpleDateFormat (java.text.SimpleDateFormat)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial