Example 1 with Session
use of org.apache.sdap.mudrod.weblog.structure.Session in project incubator-sdap-mudrod by apache.
the class SessionGenerator method combineShortSessions.
public void combineShortSessions(ESDriver es, String user, int timeThres) throws ElasticsearchException, IOException {
BoolQueryBuilder filterSearch = new BoolQueryBuilder();
filterSearch.must(QueryBuilders.termQuery("IP", user));
String[] indexArr = new String[] { logIndex };
String[] typeArr = new String[] { cleanupType };
int docCount = es.getDocCount(indexArr, typeArr, filterSearch);
if (docCount < 3) {
deleteInvalid(es, user);
return;
}
BoolQueryBuilder filterCheck = new BoolQueryBuilder();
filterCheck.must(QueryBuilders.termQuery("IP", user)).must(QueryBuilders.termQuery("Referer", "-"));
SearchResponse checkReferer = es.getClient().prepareSearch(logIndex).setTypes(this.cleanupType).setScroll(new TimeValue(60000)).setQuery(filterCheck).setSize(0).execute().actionGet();
long numInvalid = checkReferer.getHits().getTotalHits();
double invalidRate = numInvalid / docCount;
if (invalidRate >= 0.8) {
deleteInvalid(es, user);
return;
}
StatsAggregationBuilder statsAgg = AggregationBuilders.stats("Stats").field("Time");
SearchResponse srSession = es.getClient().prepareSearch(logIndex).setTypes(this.cleanupType).setScroll(new TimeValue(60000)).setQuery(filterSearch).addAggregation(AggregationBuilders.terms("Sessions").field("SessionID").size(docCount).subAggregation(statsAgg)).execute().actionGet();
Terms sessions = srSession.getAggregations().get("Sessions");
List<Session> sessionList = new ArrayList<>();
for (Terms.Bucket session : sessions.getBuckets()) {
Stats agg = session.getAggregations().get("Stats");
Session sess = new Session(props, es, agg.getMinAsString(), agg.getMaxAsString(), session.getKey().toString());
sessionList.add(sess);
}
Collections.sort(sessionList);
DateTimeFormatter fmt = ISODateTimeFormat.dateTime();
String last = null;
String lastnewID = null;
String lastoldID = null;
String current = null;
for (Session s : sessionList) {
current = s.getEndTime();
if (last != null) {
if (Seconds.secondsBetween(fmt.parseDateTime(last), fmt.parseDateTime(current)).getSeconds() < timeThres) {
if (lastnewID == null) {
s.setNewID(lastoldID);
} else {
s.setNewID(lastnewID);
}
QueryBuilder fs = QueryBuilders.boolQuery().filter(QueryBuilders.termQuery("SessionID", s.getID()));
SearchResponse scrollResp = es.getClient().prepareSearch(logIndex).setTypes(this.cleanupType).setScroll(new TimeValue(60000)).setQuery(fs).setSize(100).execute().actionGet();
while (true) {
for (SearchHit hit : scrollResp.getHits().getHits()) {
if (lastnewID == null) {
update(es, logIndex, this.cleanupType, hit.getId(), "SessionID", lastoldID);
} else {
update(es, logIndex, this.cleanupType, hit.getId(), "SessionID", lastnewID);
}
}
scrollResp = es.getClient().prepareSearchScroll(scrollResp.getScrollId()).setScroll(new TimeValue(600000)).execute().actionGet();
if (scrollResp.getHits().getHits().length == 0) {
break;
}
}
}
}
lastoldID = s.getID();
lastnewID = s.getNewID();
last = current;
}
}
Also used :
StatsAggregationBuilder(org.elasticsearch.search.aggregations.metrics.stats.StatsAggregationBuilder)
SearchHit(org.elasticsearch.search.SearchHit)
Terms(org.elasticsearch.search.aggregations.bucket.terms.Terms)
QueryBuilder(org.elasticsearch.index.query.QueryBuilder)
BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder)
SearchResponse(org.elasticsearch.action.search.SearchResponse)
BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder)
Stats(org.elasticsearch.search.aggregations.metrics.stats.Stats)
DateTimeFormatter(org.joda.time.format.DateTimeFormatter)
TimeValue(org.elasticsearch.common.unit.TimeValue)
Session(org.apache.sdap.mudrod.weblog.structure.Session)
Example 2 with Session
use of org.apache.sdap.mudrod.weblog.structure.Session in project incubator-sdap-mudrod by apache.
the class SessionDetailResource method searchSessionDetail.
@POST
@Path("{CleanupType}-{SessionID}")
@Produces(MediaType.APPLICATION_JSON)
@Consumes("text/plain")
protected Response searchSessionDetail(@PathParam("CleanupType") String cleanupType, @PathParam("SessionID") String sessionID) {
JsonObject json = new JsonObject();
if (sessionID != null) {
Session session = new Session(mEngine.getConfig(), mEngine.getESDriver());
json = session.getSessionDetail(mEngine.getConfig().getProperty(MudrodConstants.ES_INDEX_NAME, "mudrod"), cleanupType, sessionID);
}
LOG.info("Response received: {}", json);
return Response.ok(new Gson().toJson(json), MediaType.APPLICATION_JSON).build();
}
Also used :
JsonObject(com.google.gson.JsonObject)
Gson(com.google.gson.Gson)
Session(org.apache.sdap.mudrod.weblog.structure.Session)
Aggregations
Session (org.apache.sdap.mudrod.weblog.structure.Session)2
Gson (com.google.gson.Gson)1
JsonObject (com.google.gson.JsonObject)1
SearchResponse (org.elasticsearch.action.search.SearchResponse)1
TimeValue (org.elasticsearch.common.unit.TimeValue)1
BoolQueryBuilder (org.elasticsearch.index.query.BoolQueryBuilder)1
QueryBuilder (org.elasticsearch.index.query.QueryBuilder)1
SearchHit (org.elasticsearch.search.SearchHit)1
Terms (org.elasticsearch.search.aggregations.bucket.terms.Terms)1
Stats (org.elasticsearch.search.aggregations.metrics.stats.Stats)1
StatsAggregationBuilder (org.elasticsearch.search.aggregations.metrics.stats.StatsAggregationBuilder)1
DateTimeFormatter (org.joda.time.format.DateTimeFormatter)1
