Examples with SearchResult org.apache.metron.indexing.dao.search.SearchResult used on opensource projects

Search in sources :

Example 1 with SearchResult

use of org.apache.metron.indexing.dao.search.SearchResult in project metron by apache.

the class ElasticsearchDao method getSearchResult.

private SearchResult getSearchResult(SearchHit searchHit, List<String> fields) {
    SearchResult searchResult = new SearchResult();
    searchResult.setId(searchHit.getId());
    Map<String, Object> source;
    if (fields != null) {
        Map<String, Object> resultSourceAsMap = searchHit.getSourceAsMap();
        source = new HashMap<>();
        fields.forEach(field -> {
            source.put(field, resultSourceAsMap.get(field));
        });
    } else {
        source = searchHit.getSource();
    }
    searchResult.setSource(source);
    searchResult.setScore(searchHit.getScore());
    searchResult.setIndex(searchHit.getIndex());
    return searchResult;
}
Also used : SearchResult(org.apache.metron.indexing.dao.search.SearchResult)

Example 2 with SearchResult

use of org.apache.metron.indexing.dao.search.SearchResult in project metron by apache.

the class ElasticsearchDao method buildSearchResponse.

/**
 * Builds a search response.
 *
 * This effectively transforms an Elasticsearch search response into a Metron search response.
 *
 * @param searchRequest The Metron search request.
 * @param esResponse The Elasticsearch search response.
 * @return A Metron search response.
 * @throws InvalidSearchException
 */
private SearchResponse buildSearchResponse(SearchRequest searchRequest, org.elasticsearch.action.search.SearchResponse esResponse) throws InvalidSearchException {
    SearchResponse searchResponse = new SearchResponse();
    searchResponse.setTotal(esResponse.getHits().getTotalHits());
    // search hits --> search results
    List<SearchResult> results = new ArrayList<>();
    for (SearchHit hit : esResponse.getHits().getHits()) {
        results.add(getSearchResult(hit, searchRequest.getFields()));
    }
    searchResponse.setResults(results);
    // handle facet fields
    if (searchRequest.getFacetFields() != null) {
        List<String> facetFields = searchRequest.getFacetFields();
        Map<String, FieldType> commonColumnMetadata;
        try {
            commonColumnMetadata = getColumnMetadata(searchRequest.getIndices());
        } catch (IOException e) {
            throw new InvalidSearchException(String.format("Could not get common column metadata for indices %s", Arrays.toString(searchRequest.getIndices().toArray())));
        }
        searchResponse.setFacetCounts(getFacetCounts(facetFields, esResponse.getAggregations(), commonColumnMetadata));
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug("Built search response; response={}", ElasticsearchUtils.toJSON(searchResponse).orElse("???"));
    }
    return searchResponse;
}
Also used : InvalidSearchException(org.apache.metron.indexing.dao.search.InvalidSearchException) SearchHit(org.elasticsearch.search.SearchHit) ArrayList(java.util.ArrayList) SearchResult(org.apache.metron.indexing.dao.search.SearchResult) IOException(java.io.IOException) SearchResponse(org.apache.metron.indexing.dao.search.SearchResponse) FieldType(org.apache.metron.indexing.dao.search.FieldType)

Example 3 with SearchResult

use of org.apache.metron.indexing.dao.search.SearchResult in project metron by apache.

the class ElasticsearchMetaAlertDao method update.

@Override
public void update(Document update, Optional<String> index) throws IOException {
    if (METAALERT_TYPE.equals(update.getSensorType())) {
        // We've been passed an update to the meta alert.
        throw new UnsupportedOperationException("Meta alerts cannot be directly updated");
    } else {
        Map<Document, Optional<String>> updates = new HashMap<>();
        updates.put(update, index);
        // We need to update an alert itself.  Only that portion of the update can be delegated.
        // We still need to get meta alerts potentially associated with it and update.
        Collection<Document> metaAlerts = getMetaAlertsForAlert(update.getGuid()).getResults().stream().map(searchResult -> new Document(searchResult.getSource(), searchResult.getId(), METAALERT_TYPE, 0L)).collect(Collectors.toList());
        // Each meta alert needs to be updated with the new alert
        for (Document metaAlert : metaAlerts) {
            replaceAlertInMetaAlert(metaAlert, update);
            updates.put(metaAlert, Optional.of(METAALERTS_INDEX));
        }
        // Run the alert's update
        indexDao.batchUpdate(updates);
    }
}
Also used : InvalidSearchException(org.apache.metron.indexing.dao.search.InvalidSearchException) AccessConfig(org.apache.metron.indexing.dao.AccessConfig) GetResponse(org.elasticsearch.action.get.GetResponse) PatchRequest(org.apache.metron.indexing.dao.update.PatchRequest) XContentBuilder(org.elasticsearch.common.xcontent.XContentBuilder) QueryBuilders.nestedQuery(org.elasticsearch.index.query.QueryBuilders.nestedQuery) QueryBuilders(org.elasticsearch.index.query.QueryBuilders) GroupResponse(org.apache.metron.indexing.dao.search.GroupResponse) IndexRequest(org.elasticsearch.action.index.IndexRequest) ShardInfo(org.elasticsearch.action.support.replication.ReplicationResponse.ShardInfo) UpdateResponse(org.elasticsearch.action.update.UpdateResponse) SearchResult(org.apache.metron.indexing.dao.search.SearchResult) MetaAlertCreateRequest(org.apache.metron.indexing.dao.metaalert.MetaAlertCreateRequest) JsonNode(com.fasterxml.jackson.databind.JsonNode) SearchHit(org.elasticsearch.search.SearchHit) Document(org.apache.metron.indexing.dao.update.Document) QueryBuilders.boolQuery(org.elasticsearch.index.query.QueryBuilders.boolQuery) MetaAlertDao(org.apache.metron.indexing.dao.MetaAlertDao) MultiGetResponse(org.elasticsearch.action.get.MultiGetResponse) IndexDao(org.apache.metron.indexing.dao.IndexDao) MetaScores(org.apache.metron.indexing.dao.metaalert.MetaScores) GetRequest(org.apache.metron.indexing.dao.search.GetRequest) SearchRequest(org.apache.metron.indexing.dao.search.SearchRequest) MultiGetItemResponse(org.elasticsearch.action.get.MultiGetItemResponse) ScoreMode(org.apache.lucene.search.join.ScoreMode) Collectors(java.util.stream.Collectors) Item(org.elasticsearch.action.get.MultiGetRequest.Item) OriginalNotFoundException(org.apache.metron.indexing.dao.update.OriginalNotFoundException) InvalidCreateException(org.apache.metron.indexing.dao.search.InvalidCreateException) Entry(java.util.Map.Entry) QueryBuilders.constantScoreQuery(org.elasticsearch.index.query.QueryBuilders.constantScoreQuery) SearchResponse(org.apache.metron.indexing.dao.search.SearchResponse) java.util(java.util) FieldType(org.apache.metron.indexing.dao.search.FieldType) MetaAlertStatus(org.apache.metron.indexing.dao.metaalert.MetaAlertStatus) QueryStringQueryBuilder(org.elasticsearch.index.query.QueryStringQueryBuilder) GUID(org.apache.metron.common.Constants.GUID) MultiIndexDao(org.apache.metron.indexing.dao.MultiIndexDao) SetUtils(org.apache.commons.collections4.SetUtils) QueryBuilder(org.elasticsearch.index.query.QueryBuilder) GroupRequest(org.apache.metron.indexing.dao.search.GroupRequest) MultiGetRequestBuilder(org.elasticsearch.action.get.MultiGetRequestBuilder) IOException(java.io.IOException) UpdateRequest(org.elasticsearch.action.update.UpdateRequest) Constants(org.apache.metron.common.Constants) MetaAlertCreateResponse(org.apache.metron.indexing.dao.metaalert.MetaAlertCreateResponse) QueryBuilders.termQuery(org.elasticsearch.index.query.QueryBuilders.termQuery) SearchRequestBuilder(org.elasticsearch.action.search.SearchRequestBuilder) ConversionUtils(org.apache.metron.stellar.common.utils.ConversionUtils) InnerHitBuilder(org.elasticsearch.index.query.InnerHitBuilder) QueryBuilders.existsQuery(org.elasticsearch.index.query.QueryBuilders.existsQuery) Document(org.apache.metron.indexing.dao.update.Document)

Example 4 with SearchResult

use of org.apache.metron.indexing.dao.search.SearchResult in project metron by apache.

the class ElasticsearchMetaAlertIntegrationTest method shouldGetAllMetaAlertsForAlert.

@Test
public void shouldGetAllMetaAlertsForAlert() throws Exception {
    // Load alerts
    List<Map<String, Object>> alerts = buildAlerts(3);
    elasticsearchAdd(alerts, INDEX, SENSOR_NAME);
    // Load metaAlerts
    List<Map<String, Object>> metaAlerts = buildMetaAlerts(12, MetaAlertStatus.ACTIVE, Optional.of(Collections.singletonList(alerts.get(0))));
    metaAlerts.add(buildMetaAlert("meta_active_12", MetaAlertStatus.ACTIVE, Optional.of(Arrays.asList(alerts.get(0), alerts.get(2)))));
    metaAlerts.add(buildMetaAlert("meta_inactive", MetaAlertStatus.INACTIVE, Optional.of(Arrays.asList(alerts.get(0), alerts.get(2)))));
    // We pass MetaAlertDao.METAALERT_TYPE, because the "_doc" gets appended automatically.
    elasticsearchAdd(metaAlerts, METAALERTS_INDEX, MetaAlertDao.METAALERT_TYPE);
    // Verify load was successful
    List<GetRequest> createdDocs = metaAlerts.stream().map(metaAlert -> new GetRequest((String) metaAlert.get(Constants.GUID), METAALERT_TYPE)).collect(Collectors.toList());
    createdDocs.addAll(alerts.stream().map(alert -> new GetRequest((String) alert.get(Constants.GUID), SENSOR_NAME)).collect(Collectors.toList()));
    findCreatedDocs(createdDocs);
    int previousPageSize = ((ElasticsearchMetaAlertDao) metaDao).getPageSize();
    ((ElasticsearchMetaAlertDao) metaDao).setPageSize(5);
    {
        // Verify searches successfully return more than 10 results
        SearchResponse searchResponse0 = metaDao.getAllMetaAlertsForAlert("message_0");
        List<SearchResult> searchResults0 = searchResponse0.getResults();
        Assert.assertEquals(13, searchResults0.size());
        Set<Map<String, Object>> resultSet = new HashSet<>();
        Iterables.addAll(resultSet, Iterables.transform(searchResults0, r -> r.getSource()));
        StringBuffer reason = new StringBuffer("Unable to find " + metaAlerts.get(0) + "\n");
        reason.append(Joiner.on("\n").join(resultSet));
        Assert.assertTrue(reason.toString(), resultSet.contains(metaAlerts.get(0)));
        // Verify no meta alerts are returned because message_1 was not added to any
        SearchResponse searchResponse1 = metaDao.getAllMetaAlertsForAlert("message_1");
        List<SearchResult> searchResults1 = searchResponse1.getResults();
        Assert.assertEquals(0, searchResults1.size());
        // Verify only the meta alert message_2 was added to is returned
        SearchResponse searchResponse2 = metaDao.getAllMetaAlertsForAlert("message_2");
        List<SearchResult> searchResults2 = searchResponse2.getResults();
        Assert.assertEquals(1, searchResults2.size());
        Assert.assertEquals(metaAlerts.get(12), searchResults2.get(0).getSource());
    }
    ((ElasticsearchMetaAlertDao) metaDao).setPageSize(previousPageSize);
}
Also used : InvalidSearchException(org.apache.metron.indexing.dao.search.InvalidSearchException) Arrays(java.util.Arrays) AccessConfig(org.apache.metron.indexing.dao.AccessConfig) ALERT_FIELD(org.apache.metron.indexing.dao.MetaAlertDao.ALERT_FIELD) Date(java.util.Date) PatchRequest(org.apache.metron.indexing.dao.update.PatchRequest) GroupResult(org.apache.metron.indexing.dao.search.GroupResult) GroupResponse(org.apache.metron.indexing.dao.search.GroupResponse) METAALERTS_INDEX(org.apache.metron.indexing.dao.MetaAlertDao.METAALERTS_INDEX) Map(java.util.Map) SearchResult(org.apache.metron.indexing.dao.search.SearchResult) After(org.junit.After) MetaAlertCreateRequest(org.apache.metron.indexing.dao.metaalert.MetaAlertCreateRequest) Document(org.apache.metron.indexing.dao.update.Document) AfterClass(org.junit.AfterClass) MetaAlertDao(org.apache.metron.indexing.dao.MetaAlertDao) IndexDao(org.apache.metron.indexing.dao.IndexDao) Set(java.util.Set) GetRequest(org.apache.metron.indexing.dao.search.GetRequest) SearchRequest(org.apache.metron.indexing.dao.search.SearchRequest) Collectors(java.util.stream.Collectors) OriginalNotFoundException(org.apache.metron.indexing.dao.update.OriginalNotFoundException) ElasticSearchComponent(org.apache.metron.elasticsearch.integration.components.ElasticSearchComponent) List(java.util.List) METAALERT_TYPE(org.apache.metron.indexing.dao.MetaAlertDao.METAALERT_TYPE) Optional(java.util.Optional) Joiner(com.google.common.base.Joiner) SearchResponse(org.apache.metron.indexing.dao.search.SearchResponse) Iterables(com.google.common.collect.Iterables) MetaAlertStatus(org.apache.metron.indexing.dao.metaalert.MetaAlertStatus) BeforeClass(org.junit.BeforeClass) SimpleDateFormat(java.text.SimpleDateFormat) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) Group(org.apache.metron.indexing.dao.search.Group) JSONUtils(org.apache.metron.common.utils.JSONUtils) STATUS_FIELD(org.apache.metron.indexing.dao.MetaAlertDao.STATUS_FIELD) Before(org.junit.Before) GroupRequest(org.apache.metron.indexing.dao.search.GroupRequest) JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException) IOException(java.io.IOException) Test(org.junit.Test) Constants(org.apache.metron.common.Constants) SortField(org.apache.metron.indexing.dao.search.SortField) File(java.io.File) MetaAlertCreateResponse(org.apache.metron.indexing.dao.metaalert.MetaAlertCreateResponse) ElasticsearchMetaAlertDao(org.apache.metron.elasticsearch.dao.ElasticsearchMetaAlertDao) METAALERT_FIELD(org.apache.metron.indexing.dao.MetaAlertDao.METAALERT_FIELD) Multiline(org.adrianwalker.multilinestring.Multiline) Assert(org.junit.Assert) Collections(java.util.Collections) ElasticsearchDao(org.apache.metron.elasticsearch.dao.ElasticsearchDao) Set(java.util.Set) HashSet(java.util.HashSet) SearchResponse(org.apache.metron.indexing.dao.search.SearchResponse) GetRequest(org.apache.metron.indexing.dao.search.GetRequest) List(java.util.List) ArrayList(java.util.ArrayList) Map(java.util.Map) HashMap(java.util.HashMap) ElasticsearchMetaAlertDao(org.apache.metron.elasticsearch.dao.ElasticsearchMetaAlertDao) Test(org.junit.Test)

Example 5 with SearchResult

use of org.apache.metron.indexing.dao.search.SearchResult in project metron by apache.

the class InMemoryDao method search.

@Override
public SearchResponse search(SearchRequest searchRequest) throws InvalidSearchException {
    if (config.getMaxSearchResults() != null && searchRequest.getSize() > config.getMaxSearchResults()) {
        throw new InvalidSearchException("Search result size must be less than " + config.getMaxSearchResults());
    }
    List<SearchResult> response = new ArrayList<>();
    for (String index : searchRequest.getIndices()) {
        String i = null;
        for (String storedIdx : BACKING_STORE.keySet()) {
            if (storedIdx.equals(index) || storedIdx.startsWith(index + "_")) {
                i = storedIdx;
            }
        }
        if (i == null) {
            continue;
        }
        for (String doc : BACKING_STORE.get(i)) {
            Map<String, Object> docParsed = parse(doc);
            if (isMatch(searchRequest.getQuery(), docParsed)) {
                SearchResult result = new SearchResult();
                result.setSource(docParsed);
                result.setScore((float) Math.random());
                result.setId(docParsed.getOrDefault(Constants.GUID, UUID.randomUUID()).toString());
                response.add(result);
            }
        }
    }
    if (searchRequest.getSort().size() != 0) {
        Collections.sort(response, sorted(searchRequest.getSort()));
    }
    SearchResponse ret = new SearchResponse();
    List<SearchResult> finalResp = new ArrayList<>();
    int maxSize = config.getMaxSearchResults() == null ? searchRequest.getSize() : config.getMaxSearchResults();
    for (int i = searchRequest.getFrom(); i < response.size() && finalResp.size() <= maxSize; ++i) {
        finalResp.add(response.get(i));
    }
    ret.setTotal(response.size());
    ret.setResults(finalResp);
    Map<String, Map<String, Long>> facetCounts = new HashMap<>();
    List<String> facetFields = searchRequest.getFacetFields();
    if (facetFields != null) {
        for (String facet : facetFields) {
            facetCounts.put(facet, FACET_COUNTS.get(facet));
        }
        ret.setFacetCounts(facetCounts);
    }
    return ret;
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) SearchResult(org.apache.metron.indexing.dao.search.SearchResult) SearchResponse(org.apache.metron.indexing.dao.search.SearchResponse) InvalidSearchException(org.apache.metron.indexing.dao.search.InvalidSearchException) HashMap(java.util.HashMap) Map(java.util.Map)

Aggregations

SearchResult (org.apache.metron.indexing.dao.search.SearchResult)16 SearchResponse (org.apache.metron.indexing.dao.search.SearchResponse)15 SearchRequest (org.apache.metron.indexing.dao.search.SearchRequest)12 Test (org.junit.Test)10 InvalidSearchException (org.apache.metron.indexing.dao.search.InvalidSearchException)5 ArrayList (java.util.ArrayList)4 IOException (java.io.IOException)3 MetaAlertCreateResponse (org.apache.metron.indexing.dao.metaalert.MetaAlertCreateResponse)3 GetRequest (org.apache.metron.indexing.dao.search.GetRequest)3 HashMap (java.util.HashMap)2 Map (java.util.Map)2 Collectors (java.util.stream.Collectors)2 Constants (org.apache.metron.common.Constants)2 AccessConfig (org.apache.metron.indexing.dao.AccessConfig)2 IndexDao (org.apache.metron.indexing.dao.IndexDao)2 MetaAlertDao (org.apache.metron.indexing.dao.MetaAlertDao)2 MetaAlertCreateRequest (org.apache.metron.indexing.dao.metaalert.MetaAlertCreateRequest)2 MetaAlertStatus (org.apache.metron.indexing.dao.metaalert.MetaAlertStatus)2 FieldType (org.apache.metron.indexing.dao.search.FieldType)2 GroupRequest (org.apache.metron.indexing.dao.search.GroupRequest)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial