Examples with SearchType org.graylog.plugins.views.search.SearchType used on opensource projects

Search in sources :

Example 6 with SearchType

use of org.graylog.plugins.views.search.SearchType in project graylog2-server by Graylog2.

the class ElasticsearchBackendErrorHandlingTest method setUp.

@Before
public void setUp() throws Exception {
    final FieldTypesLookup fieldTypesLookup = mock(FieldTypesLookup.class);
    this.backend = new ElasticsearchBackend(ImmutableMap.of("dummy", () -> mock(DummyHandler.class)), jestClient, indexLookup, new QueryStringDecorators(Collections.emptySet()), (elasticsearchBackend, ssb, job, query) -> new ESGeneratedQueryContext(elasticsearchBackend, ssb, job, query, fieldTypesLookup), false, objectMapper);
    when(indexLookup.indexNamesForStreamsInTimeRange(any(), any())).thenReturn(Collections.emptySet());
    final SearchType searchType1 = mock(SearchType.class);
    when(searchType1.id()).thenReturn("deadbeef");
    when(searchType1.type()).thenReturn("dummy");
    final SearchType searchType2 = mock(SearchType.class);
    when(searchType2.id()).thenReturn("cafeaffe");
    when(searchType2.type()).thenReturn("dummy");
    final Set<SearchType> searchTypes = ImmutableSet.of(searchType1, searchType2);
    this.query = Query.builder().id("query1").timerange(RelativeRange.create(300)).query(ElasticsearchQueryString.of("*")).searchTypes(searchTypes).build();
    final Search search = Search.builder().id("search1").queries(ImmutableSet.of(query)).build();
    this.searchJob = new SearchJob("job1", search, "admin");
    this.queryContext = new ESGeneratedQueryContext(this.backend, new SearchSourceBuilder(), searchJob, query, mock(FieldTypesLookup.class));
    searchTypes.forEach(queryContext::searchSourceBuilder);
    when(jestClient.execute(any())).thenReturn(result);
}
Also used : ESSearchTypeHandler(org.graylog.storage.elasticsearch6.views.searchtypes.ESSearchTypeHandler) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) Query(org.graylog.plugins.views.search.Query) Mock(org.mockito.Mock) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) MultiSearchResult(io.searchbox.core.MultiSearchResult) ElasticsearchException(org.graylog2.indexer.ElasticsearchException) RelativeRange(org.graylog2.plugin.indexer.searches.timeranges.RelativeRange) JestClient(io.searchbox.client.JestClient) ElasticsearchQueryString(org.graylog.plugins.views.search.elasticsearch.ElasticsearchQueryString) SearchType(org.graylog.plugins.views.search.SearchType) Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType) FieldTypesLookup(org.graylog.plugins.views.search.elasticsearch.FieldTypesLookup) MockitoJUnit(org.mockito.junit.MockitoJUnit) JsonNode(com.fasterxml.jackson.databind.JsonNode) Search(org.graylog.plugins.views.search.Search) QueryResult(org.graylog.plugins.views.search.QueryResult) Before(org.junit.Before) SearchJob(org.graylog.plugins.views.search.SearchJob) ImmutableSet(com.google.common.collect.ImmutableSet) ImmutableMap(com.google.common.collect.ImmutableMap) Set(java.util.Set) Test(org.junit.Test) IOException(java.io.IOException) Mockito.when(org.mockito.Mockito.when) Collectors(java.util.stream.Collectors) QueryStringDecorators(org.graylog.plugins.views.search.elasticsearch.QueryStringDecorators) Rule(org.junit.Rule) SearchError(org.graylog.plugins.views.search.errors.SearchError) MockitoRule(org.mockito.junit.MockitoRule) IndexLookup(org.graylog.plugins.views.search.elasticsearch.IndexLookup) Collections(java.util.Collections) SearchSourceBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.builder.SearchSourceBuilder) Mockito.mock(org.mockito.Mockito.mock) QueryStringDecorators(org.graylog.plugins.views.search.elasticsearch.QueryStringDecorators) Search(org.graylog.plugins.views.search.Search) SearchJob(org.graylog.plugins.views.search.SearchJob) FieldTypesLookup(org.graylog.plugins.views.search.elasticsearch.FieldTypesLookup) SearchType(org.graylog.plugins.views.search.SearchType) SearchSourceBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.builder.SearchSourceBuilder) Before(org.junit.Before)

Example 7 with SearchType

use of org.graylog.plugins.views.search.SearchType in project graylog2-server by Graylog2.

the class ElasticsearchBackendQueryStringDecoratorsTest method searchJobWithSearchTypeQueryString.

private SearchJob searchJobWithSearchTypeQueryString(Query query) throws InvalidRangeParametersException {
    final SearchType searchType = basicSearchType();
    final SearchJob searchJob = basicSearchJob(query, searchType);
    when(query.query()).thenReturn(ElasticsearchQueryString.of("*"));
    when(searchType.query()).thenReturn(Optional.of(ElasticsearchQueryString.of("Should never show up")));
    return searchJob;
}
Also used : SearchJob(org.graylog.plugins.views.search.SearchJob) SearchType(org.graylog.plugins.views.search.SearchType)

Example 8 with SearchType

use of org.graylog.plugins.views.search.SearchType in project graylog2-server by Graylog2.

the class ElasticsearchBackendQueryStringDecoratorsTest method basicSearchType.

@Nonnull
private SearchType basicSearchType() {
    final SearchType searchType = mock(SearchType.class);
    when(searchType.id()).thenReturn("testSearchtype");
    return searchType;
}
Also used : SearchType(org.graylog.plugins.views.search.SearchType) Nonnull(javax.annotation.Nonnull)

Example 9 with SearchType

use of org.graylog.plugins.views.search.SearchType in project graylog2-server by Graylog2.

the class OffsetRangeTest method throwsExceptionIfInvalidSearchTypeIsReferenced.

@Test
public void throwsExceptionIfInvalidSearchTypeIsReferenced() throws Exception {
    final OffsetRange offsetRange = constructRange("300", "search_type", "invalidSearchType");
    final TimeRange sourceRange = mock(TimeRange.class);
    when(sourceRange.getFrom()).thenReturn(DateTime.parse("2019-11-18T10:00:00.000Z"));
    when(sourceRange.getTo()).thenReturn(DateTime.parse("2019-11-21T12:00:00.000Z"));
    final Query query = mock(Query.class);
    final SearchType searchType = mock(SearchType.class);
    when(searchType.id()).thenReturn("searchTypeId");
    when(searchType.timerange()).thenReturn(Optional.of(DerivedTimeRange.of(sourceRange)));
    when(query.searchTypes()).thenReturn(ImmutableSet.of(searchType));
    when(query.effectiveTimeRange(searchType)).thenReturn(sourceRange);
    assertThatExceptionOfType(RuntimeException.class).isThrownBy(() -> offsetRange.deriveTimeRange(query, searchType)).withMessage("Search type searchTypeId has offset timerange referencing invalid search type: invalidSearchType");
}
Also used : OffsetRange(org.graylog.plugins.views.search.timeranges.OffsetRange) DerivedTimeRange(org.graylog.plugins.views.search.timeranges.DerivedTimeRange) TimeRange(org.graylog2.plugin.indexer.searches.timeranges.TimeRange) Query(org.graylog.plugins.views.search.Query) SearchType(org.graylog.plugins.views.search.SearchType) Test(org.junit.Test)

Example 10 with SearchType

use of org.graylog.plugins.views.search.SearchType in project graylog2-server by Graylog2.

the class PivotAggregationSearch method getAggregationQuery.

/**
 * Returns the query to compute the aggregation.
 *
 * @param parameters processor parameters
 * @param searchWithinMs processor search within period. Used to build the date range buckets
 * @param executeEveryMs
 * @return aggregation query
 */
private Query getAggregationQuery(AggregationEventProcessorParameters parameters, long searchWithinMs, long executeEveryMs) {
    final Pivot.Builder pivotBuilder = Pivot.builder().id(PIVOT_ID).rollup(true);
    final ImmutableList<SeriesSpec> series = config.series().stream().map(entry -> entry.function().toSeriesSpec(metricName(entry), entry.field().orElse(null))).collect(ImmutableList.toImmutableList());
    if (!series.isEmpty()) {
        pivotBuilder.series(series);
    }
    // Wrap every aggregation with date range buckets of the searchWithin time range.
    // If the aggregation is configured to be using a sliding window (searchWithin > executeEveryMs)
    // the time ranges will overlap.
    // This allows us to run aggregations over larger time ranges than the searchWithin time.
    // The results will be received in time buckets of the searchWithin time size.
    final DateRangeBucket dateRangeBucket = buildDateRangeBuckets(parameters.timerange(), searchWithinMs, executeEveryMs);
    final List<BucketSpec> groupBy = new ArrayList<>();
    // The first bucket must be the date range!
    groupBy.add(dateRangeBucket);
    if (!config.groupBy().isEmpty()) {
        // Then we add the configured groups
        groupBy.addAll(config.groupBy().stream().map(field -> Values.builder().limit(Integer.MAX_VALUE).field(field).build()).collect(Collectors.toList()));
    }
    // We always have row groups because of the date range buckets
    pivotBuilder.rowGroups(groupBy);
    final Set<SearchType> searchTypes = Collections.singleton(pivotBuilder.build());
    final Query.Builder queryBuilder = Query.builder().id(QUERY_ID).searchTypes(searchTypes).query(ElasticsearchQueryString.of(config.query())).timerange(parameters.timerange());
    final Set<String> streams = getStreams(parameters);
    if (!streams.isEmpty()) {
        queryBuilder.filter(filteringForStreamIds(streams));
    }
    return queryBuilder.build();
}
Also used : DateTimeZone(org.joda.time.DateTimeZone) LoggerFactory(org.slf4j.LoggerFactory) TimeoutException(java.util.concurrent.TimeoutException) Assisted(com.google.inject.assistedinject.Assisted) StreamFilter(org.graylog.plugins.views.search.filter.StreamFilter) BucketSpec(org.graylog.plugins.views.search.searchtypes.pivot.BucketSpec) SeriesSpec(org.graylog.plugins.views.search.searchtypes.pivot.SeriesSpec) Locale(java.util.Locale) EventDefinition(org.graylog.events.processor.EventDefinition) EventProcessorException(org.graylog.events.processor.EventProcessorException) Pivot(org.graylog.plugins.views.search.searchtypes.pivot.Pivot) Values(org.graylog.plugins.views.search.searchtypes.pivot.buckets.Values) TimeRange(org.graylog2.plugin.indexer.searches.timeranges.TimeRange) Collectors.toSet(java.util.stream.Collectors.toSet) PermittedStreams(org.graylog.plugins.views.search.rest.PermittedStreams) ImmutableSet(com.google.common.collect.ImmutableSet) Set(java.util.Set) Collectors(java.util.stream.Collectors) MoreSearch(org.graylog.events.search.MoreSearch) List(java.util.List) Stream(org.graylog2.plugin.streams.Stream) Filter(org.graylog.plugins.views.search.Filter) Count(org.graylog.plugins.views.search.searchtypes.pivot.series.Count) MoreObjects.firstNonNull(com.google.common.base.MoreObjects.firstNonNull) QueryError(org.graylog.plugins.views.search.errors.QueryError) QueryEngine(org.graylog.plugins.views.search.engine.QueryEngine) Query(org.graylog.plugins.views.search.Query) PivotResult(org.graylog.plugins.views.search.searchtypes.pivot.PivotResult) SearchJobService(org.graylog.plugins.views.search.db.SearchJobService) Strings.isNullOrEmpty(com.google.common.base.Strings.isNullOrEmpty) DateRangeBucket(org.graylog.plugins.views.search.searchtypes.pivot.buckets.DateRangeBucket) ArrayList(java.util.ArrayList) ElasticsearchQueryString(org.graylog.plugins.views.search.elasticsearch.ElasticsearchQueryString) Inject(javax.inject.Inject) EventsConfigurationProvider(org.graylog.events.configuration.EventsConfigurationProvider) OrFilter(org.graylog.plugins.views.search.filter.OrFilter) ImmutableList(com.google.common.collect.ImmutableList) SearchType(org.graylog.plugins.views.search.SearchType) EmptyParameterError(org.graylog.plugins.views.search.errors.EmptyParameterError) Search(org.graylog.plugins.views.search.Search) QueryResult(org.graylog.plugins.views.search.QueryResult) SearchJob(org.graylog.plugins.views.search.SearchJob) Uninterruptibles(com.google.common.util.concurrent.Uninterruptibles) Logger(org.slf4j.Logger) DateTime(org.joda.time.DateTime) ExecutionException(java.util.concurrent.ExecutionException) TimeUnit(java.util.concurrent.TimeUnit) DateRange(org.graylog.plugins.views.search.searchtypes.pivot.buckets.DateRange) SearchError(org.graylog.plugins.views.search.errors.SearchError) VisibleForTesting(com.google.common.annotations.VisibleForTesting) Collections(java.util.Collections) Query(org.graylog.plugins.views.search.Query) DateRangeBucket(org.graylog.plugins.views.search.searchtypes.pivot.buckets.DateRangeBucket) ArrayList(java.util.ArrayList) SeriesSpec(org.graylog.plugins.views.search.searchtypes.pivot.SeriesSpec) ElasticsearchQueryString(org.graylog.plugins.views.search.elasticsearch.ElasticsearchQueryString) BucketSpec(org.graylog.plugins.views.search.searchtypes.pivot.BucketSpec) Pivot(org.graylog.plugins.views.search.searchtypes.pivot.Pivot) SearchType(org.graylog.plugins.views.search.SearchType)

Aggregations

SearchType (org.graylog.plugins.views.search.SearchType)25 Query (org.graylog.plugins.views.search.Query)16 SearchJob (org.graylog.plugins.views.search.SearchJob)13 Set (java.util.Set)8 Collectors (java.util.stream.Collectors)8 QueryStringDecorators (org.graylog.plugins.views.search.elasticsearch.QueryStringDecorators)8 Collections (java.util.Collections)7 Map (java.util.Map)7 QueryResult (org.graylog.plugins.views.search.QueryResult)7 Test (org.junit.Test)7 Inject (javax.inject.Inject)6 IndexLookup (org.graylog.plugins.views.search.elasticsearch.IndexLookup)6 List (java.util.List)5 Search (org.graylog.plugins.views.search.Search)5 ElasticsearchQueryString (org.graylog.plugins.views.search.elasticsearch.ElasticsearchQueryString)5 MessageList (org.graylog.plugins.views.search.searchtypes.MessageList)5 ImmutableSet (com.google.common.collect.ImmutableSet)4 Maps (com.google.common.collect.Maps)4 Named (com.google.inject.name.Named)4 Optional (java.util.Optional)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial