Examples with EventDefinitionDto org.graylog.events.processor.EventDefinitionDto used on opensource projects

Example 1 with EventDefinitionDto

use of org.graylog.events.processor.EventDefinitionDto in project graylog2-server by Graylog2.

the class EventDefinitionFacade method exportEntity.

@Override
public Optional<Entity> exportEntity(EntityDescriptor entityDescriptor, EntityDescriptorIds entityDescriptorIds) {
    final ModelId modelId = entityDescriptor.id();
    final Optional<EventDefinitionDto> eventDefinition = eventDefinitionService.get(modelId.id());
    if (!eventDefinition.isPresent()) {
        LOG.debug("Couldn't find event definition {}", entityDescriptor);
        return Optional.empty();
    }
    return Optional.of(exportNativeEntity(eventDefinition.get(), entityDescriptorIds));
}

Example 2 with EventDefinitionDto

use of org.graylog.events.processor.EventDefinitionDto in project graylog2-server by Graylog2.

the class EventDefinitionContextService method schedulerContext.

private ImmutableMap<String, SchedulerCtx> schedulerContext(List<EventDefinitionDto> eventDefinitions) {
    // We try to minimize database queries by fetching all required job definitions and triggers in two requests
    // TODO: Use MongoDB's $lookup aggregation operator once we switch to MongoDB 4.0 to do this with a single database query
    final Map<String, List<JobDefinitionDto>> jobDefinitions = getJobDefinitions(eventDefinitions);
    final Map<String, List<JobTriggerDto>> jobTriggers = getJobTriggers(jobDefinitions);
    final ImmutableMap.Builder<String, SchedulerCtx> ctx = ImmutableMap.builder();
    for (final EventDefinitionDto eventDefinition : eventDefinitions) {
        if (eventDefinition.id() == null) {
            // Should not happen!
            throw new IllegalStateException("Event definition doesn't have an ID: " + eventDefinition);
        }
        if (!jobDefinitions.containsKey(eventDefinition.id())) {
            ctx.put(eventDefinition.id(), SchedulerCtx.unscheduled());
            continue;
        }
        if (jobDefinitions.get(eventDefinition.id()).size() > 1) {
            throw new IllegalStateException("Cannot handle multiple job definitions for a single event definition");
        }
        final JobDefinitionDto jobDefinition = jobDefinitions.get(eventDefinition.id()).get(0);
        // DBJobTriggerService#getForJobs currently returns only one trigger. (raises an exception otherwise)
        // Once we allow multiple triggers per job definition, this code will fail.
        // TODO: Fix this code for multiple triggers per job definition
        final JobTriggerDto trigger = jobTriggers.get(jobDefinition.id()).get(0);
        if (trigger != null) {
            ctx.put(eventDefinition.id(), SchedulerCtx.scheduled(trigger, getQueuedNotifications(eventDefinition)));
        }
    }
    return ctx.build();
}

Example 3 with EventDefinitionDto

use of org.graylog.events.processor.EventDefinitionDto in project graylog2-server by Graylog2.

the class EventDefinitionsResource method list.

@GET
@ApiOperation("List event definitions")
public PaginatedResponse<EventDefinitionDto> list(@ApiParam(name = "page") @QueryParam("page") @DefaultValue("1") int page, @ApiParam(name = "per_page") @QueryParam("per_page") @DefaultValue("50") int perPage, @ApiParam(name = "query") @QueryParam("query") @DefaultValue("") String query) {
    final SearchQuery searchQuery = searchQueryParser.parse(query);
    final PaginatedList<EventDefinitionDto> result = dbService.searchPaginated(searchQuery, event -> {
        return isPermitted(RestPermissions.EVENT_DEFINITIONS_READ, event.id());
    }, "title", page, perPage);
    final ImmutableMap<String, Object> context = contextService.contextFor(result.delegate());
    return PaginatedResponse.create("event_definitions", result, query, context);
}

Example 4 with EventDefinitionDto

use of org.graylog.events.processor.EventDefinitionDto in project graylog2-server by Graylog2.

the class AggregationEventProcessorTest method sourceMessagesWithAggregation.

// Helper to call sourceMessagesForEvent when testing query string values - we don't care about anything else
private void sourceMessagesWithAggregation(Map<String, String> groupByFields, int batchLimit) throws EventProcessorException {
    final DateTime now = DateTime.now(DateTimeZone.UTC);
    final AbsoluteRange timeRange = AbsoluteRange.create(now.minusHours(1), now.plusHours(1));
    final TestEvent event = new TestEvent(timeRange.to());
    event.setTimerangeStart(timeRange.from());
    event.setTimerangeEnd(timeRange.to());
    event.setGroupByFields(groupByFields);
    final AggregationSeries series = AggregationSeries.builder().id("abc123").function(AggregationFunction.COUNT).field("source").build();
    final EventDefinitionDto eventDefinitionDto = buildEventDefinitionDto(ImmutableSet.of(), ImmutableList.of(series), null);
    final AggregationEventProcessor eventProcessor = new AggregationEventProcessor(eventDefinitionDto, searchFactory, eventProcessorDependencyCheck, stateService, moreSearch, streamService, messages);
    eventProcessor.sourceMessagesForEvent(event, messageConsumer, batchLimit);
}

Example 5 with EventDefinitionDto

use of org.graylog.events.processor.EventDefinitionDto in project graylog2-server by Graylog2.

the class AggregationEventProcessorTest method createEventsWithoutRequiredMessagesBeingIndexed.

@Test
public void createEventsWithoutRequiredMessagesBeingIndexed() throws Exception {
    final DateTime now = DateTime.now(DateTimeZone.UTC);
    final AbsoluteRange timerange = AbsoluteRange.create(now.minusHours(1), now.plusHours(1));
    final AggregationEventProcessorConfig config = AggregationEventProcessorConfig.builder().query("aQueryString").streams(ImmutableSet.of()).groupBy(ImmutableList.of()).series(ImmutableList.of()).conditions(null).searchWithinMs(30000).executeEveryMs(30000).build();
    final EventDefinitionDto eventDefinitionDto = buildEventDefinitionDto(ImmutableSet.of(), ImmutableList.of(), null);
    final AggregationEventProcessorParameters parameters = AggregationEventProcessorParameters.builder().timerange(timerange).build();
    final AggregationEventProcessor eventProcessor = new AggregationEventProcessor(eventDefinitionDto, searchFactory, eventProcessorDependencyCheck, stateService, moreSearch, streamService, messages);
    // If the dependency check returns true, there should be no exception raised and the state service should be called
    when(eventProcessorDependencyCheck.hasMessagesIndexedUpTo(timerange.to())).thenReturn(true);
    assertThatCode(() -> eventProcessor.createEvents(eventFactory, parameters, (events) -> {
    })).doesNotThrowAnyException();
    verify(stateService, times(1)).setState("dto-id-1", timerange.from(), timerange.to());
    verify(moreSearch, times(1)).scrollQuery(eq(config.query()), eq(config.streams()), eq(config.queryParameters()), eq(parameters.timerange()), eq(parameters.batchSize()), any(MoreSearch.ScrollCallback.class));
    // Rest mocks so we can verify it again
    reset(stateService, moreSearch, searchFactory);
    // If the dependency check returns false, a precondition exception should be raised and the state service not be called
    when(eventProcessorDependencyCheck.hasMessagesIndexedUpTo(timerange.to())).thenReturn(false);
    assertThatCode(() -> eventProcessor.createEvents(eventFactory, parameters, (events) -> {
    })).hasMessageContaining(eventDefinitionDto.title()).hasMessageContaining(eventDefinitionDto.id()).hasMessageContaining(timerange.from().toString()).hasMessageContaining(timerange.to().toString()).isInstanceOf(EventProcessorPreconditionException.class);
    verify(stateService, never()).setState(any(String.class), any(DateTime.class), any(DateTime.class));
    verify(searchFactory, never()).create(any(), any(), any(), any());
    verify(moreSearch, never()).scrollQuery(eq(config.query()), eq(config.streams()), eq(config.queryParameters()), eq(parameters.timerange()), eq(parameters.batchSize()), any(MoreSearch.ScrollCallback.class));
}