Example 11 with SearchType
use of org.graylog.plugins.views.search.SearchType in project graylog2-server by Graylog2.
the class PivotAggregationSearch method getSourceStreamsQuery.
/**
* Returns the query to compute the sources streams for the aggregation.
*
* @param parameters processor parameters
* @return source streams query
*/
private Query getSourceStreamsQuery(AggregationEventProcessorParameters parameters) {
final Pivot pivot = Pivot.builder().id(STREAMS_PIVOT_ID).rollup(true).rowGroups(ImmutableList.of(Values.builder().limit(Integer.MAX_VALUE).field("streams").build())).series(ImmutableList.of(Count.builder().id(STREAMS_PIVOT_COUNT_ID).build())).build();
final Set<SearchType> searchTypes = Collections.singleton(pivot);
final Query.Builder queryBuilder = Query.builder().id(STREAMS_QUERY_ID).searchTypes(searchTypes).query(ElasticsearchQueryString.of(config.query())).timerange(parameters.timerange());
final Set<String> streams = getStreams(parameters);
if (!streams.isEmpty()) {
queryBuilder.filter(filteringForStreamIds(streams));
}
return queryBuilder.build();
}
Also used :
Query(org.graylog.plugins.views.search.Query)
Pivot(org.graylog.plugins.views.search.searchtypes.pivot.Pivot)
SearchType(org.graylog.plugins.views.search.SearchType)
ElasticsearchQueryString(org.graylog.plugins.views.search.elasticsearch.ElasticsearchQueryString)
Example 12 with SearchType
use of org.graylog.plugins.views.search.SearchType in project graylog2-server by Graylog2.
the class ViewsResource method validateIntegrity.
private void validateIntegrity(ViewDTO dto, SearchUser searchUser) {
final Search search = searchDomain.getForUser(dto.searchId(), searchUser).orElseThrow(() -> new BadRequestException("Search " + dto.searchId() + " not available"));
final Set<String> searchQueries = search.queries().stream().map(Query::id).collect(Collectors.toSet());
final Set<String> stateQueries = dto.state().keySet();
if (!searchQueries.containsAll(stateQueries)) {
final Sets.SetView<String> diff = Sets.difference(searchQueries, stateQueries);
throw new BadRequestException("Search queries do not correspond to view/state queries, missing query IDs: " + diff);
}
final Set<String> searchTypes = search.queries().stream().flatMap(q -> q.searchTypes().stream()).map(SearchType::id).collect(Collectors.toSet());
final Set<String> stateTypes = dto.state().values().stream().flatMap(v -> v.widgetMapping().values().stream()).flatMap(Collection::stream).collect(Collectors.toSet());
if (!searchTypes.containsAll(stateTypes)) {
final Sets.SetView<String> diff = Sets.difference(searchTypes, stateTypes);
throw new BadRequestException("Search types do not correspond to view/search types, missing searches: " + diff);
}
final Set<String> widgetIds = dto.state().values().stream().flatMap(v -> v.widgets().stream()).map(WidgetDTO::id).collect(Collectors.toSet());
final Set<String> widgetPositions = dto.state().values().stream().flatMap(v -> v.widgetPositions().keySet().stream()).collect(Collectors.toSet());
if (!widgetPositions.containsAll(widgetIds)) {
final Sets.SetView<String> diff = Sets.difference(widgetPositions, widgetIds);
throw new BadRequestException("Widget positions don't correspond to widgets, missing widget possitions: " + diff);
}
}
Also used :
Produces(javax.ws.rs.Produces)
ViewsAuditEventTypes(org.graylog.plugins.views.audit.ViewsAuditEventTypes)
UserContext(org.graylog.security.UserContext)
LoggerFactory(org.slf4j.LoggerFactory)
Path(javax.ws.rs.Path)
ApiParam(io.swagger.annotations.ApiParam)
WidgetDTO(org.graylog.plugins.views.search.views.WidgetDTO)
ViewDTO(org.graylog.plugins.views.search.views.ViewDTO)
NotEmpty(javax.validation.constraints.NotEmpty)
Valid(javax.validation.Valid)
ApiOperation(io.swagger.annotations.ApiOperation)
PaginatedList(org.graylog2.database.PaginatedList)
MediaType(javax.ws.rs.core.MediaType)
QueryParam(javax.ws.rs.QueryParam)
SearchQueryField(org.graylog2.search.SearchQueryField)
Locale(java.util.Locale)
Map(java.util.Map)
PluginRestResource(org.graylog2.plugin.rest.PluginRestResource)
DefaultValue(javax.ws.rs.DefaultValue)
BadRequestException(javax.ws.rs.BadRequestException)
ENGLISH(java.util.Locale.ENGLISH)
DELETE(javax.ws.rs.DELETE)
Context(javax.ws.rs.core.Context)
ImmutableMap(com.google.common.collect.ImmutableMap)
Collection(java.util.Collection)
Set(java.util.Set)
NotNull(javax.validation.constraints.NotNull)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
NotFoundException(javax.ws.rs.NotFoundException)
ClusterEventBus(org.graylog2.events.ClusterEventBus)
SearchUser(org.graylog.plugins.views.search.permissions.SearchUser)
RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication)
PathParam(javax.ws.rs.PathParam)
Query(org.graylog.plugins.views.search.Query)
SearchQueryParser(org.graylog2.search.SearchQueryParser)
GET(javax.ws.rs.GET)
ViewResolver(org.graylog.plugins.views.search.views.ViewResolver)
SearchDomain(org.graylog.plugins.views.search.SearchDomain)
Inject(javax.inject.Inject)
ViewResolverDecoder(org.graylog.plugins.views.search.views.ViewResolverDecoder)
SearchType(org.graylog.plugins.views.search.SearchType)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
Api(io.swagger.annotations.Api)
Search(org.graylog.plugins.views.search.Search)
SearchQuery(org.graylog2.search.SearchQuery)
DashboardDeletedEvent(org.graylog2.dashboards.events.DashboardDeletedEvent)
Logger(org.slf4j.Logger)
POST(javax.ws.rs.POST)
ForbiddenException(javax.ws.rs.ForbiddenException)
RestResource(org.graylog2.shared.rest.resources.RestResource)
ValidationException(org.graylog2.plugin.database.ValidationException)
ViewService(org.graylog.plugins.views.search.views.ViewService)
PUT(javax.ws.rs.PUT)
PaginatedResponse(org.graylog2.rest.models.PaginatedResponse)
User(org.graylog2.plugin.database.users.User)
Sets(com.google.common.collect.Sets)
Search(org.graylog.plugins.views.search.Search)
BadRequestException(javax.ws.rs.BadRequestException)
Example 13 with SearchType
use of org.graylog.plugins.views.search.SearchType in project graylog2-server by Graylog2.
the class CommandFactory method buildWithMessageList.
public ExportMessagesCommand buildWithMessageList(Search search, String messageListId, ResultFormat resultFormat) {
Query query = search.queryForSearchType(messageListId);
SearchType searchType = searchTypeFrom(query, messageListId);
final List<Decorator> decorators = searchType instanceof MessageList ? ((MessageList) searchType).decorators() : Collections.emptyList();
ExportMessagesCommand.Builder commandBuilder = builderFrom(resultFormat).timeRange(resultFormat.timerange().orElse(toAbsolute(timeRangeFrom(query, searchType)))).queryString(queryStringFrom(search, query, searchType)).streams(streamsFrom(query, searchType)).decorators(decorators);
return commandBuilder.build();
}
Also used :
Decorator(org.graylog2.decorators.Decorator)
Query(org.graylog.plugins.views.search.Query)
SearchType(org.graylog.plugins.views.search.SearchType)
MessageList(org.graylog.plugins.views.search.searchtypes.MessageList)
Example 14 with SearchType
use of org.graylog.plugins.views.search.SearchType in project graylog2-server by Graylog2.
the class SearchResource method createSearch.
protected Search createSearch(String queryString, int limit, String filter, List<String> fieldList, Sort sorting, TimeRange timeRange) {
final SearchType searchType = createMessageList(sorting, limit, fieldList);
final Query query = Query.builder().query(ElasticsearchQueryString.of(queryString)).filter(QueryStringFilter.builder().query(Strings.isNullOrEmpty(filter) ? "*" : filter).build()).timerange(timeRange).searchTypes(Collections.singleton(searchType)).build();
return Search.Builder.create().queries(ImmutableSet.of(query)).build();
}
Also used :
Query(org.graylog.plugins.views.search.Query)
SearchType(org.graylog.plugins.views.search.SearchType)
Example 15 with SearchType
use of org.graylog.plugins.views.search.SearchType in project graylog2-server by Graylog2.
the class QueryParserTest method parseAlsoConsidersWidgetFilters.
@Test
public void parseAlsoConsidersWidgetFilters() throws Exception {
final SearchType searchType1 = Pivot.builder().id("searchType1").filter(QueryStringFilter.builder().query("source:$bar$").build()).series(new ArrayList<>()).rollup(false).build();
final SearchType searchType2 = Pivot.builder().id("searchType2").filter(AndFilter.builder().filters(ImmutableSet.of(QueryStringFilter.builder().query("http_action:$baz$").build(), QueryStringFilter.builder().query("source:localhost").build())).build()).series(new ArrayList<>()).rollup(false).build();
final QueryMetadata queryMetadata = queryParser.parse(Query.builder().id("abc123").query(ElasticsearchQueryString.of("user_name:$username$ http_method:$foo$")).timerange(RelativeRange.create(600)).searchTypes(ImmutableSet.of(searchType1, searchType2)).build());
assertThat(queryMetadata.usedParameterNames()).containsExactlyInAnyOrder("username", "foo", "bar", "baz");
}
Also used :
QueryMetadata(org.graylog.plugins.views.search.QueryMetadata)
SearchType(org.graylog.plugins.views.search.SearchType)
Test(org.junit.Test)
Aggregations
SearchType (org.graylog.plugins.views.search.SearchType)25
Query (org.graylog.plugins.views.search.Query)16
SearchJob (org.graylog.plugins.views.search.SearchJob)13
Set (java.util.Set)8
Collectors (java.util.stream.Collectors)8
QueryStringDecorators (org.graylog.plugins.views.search.elasticsearch.QueryStringDecorators)8
Collections (java.util.Collections)7
Map (java.util.Map)7
QueryResult (org.graylog.plugins.views.search.QueryResult)7
Test (org.junit.Test)7
Inject (javax.inject.Inject)6
IndexLookup (org.graylog.plugins.views.search.elasticsearch.IndexLookup)6
List (java.util.List)5
Search (org.graylog.plugins.views.search.Search)5
ElasticsearchQueryString (org.graylog.plugins.views.search.elasticsearch.ElasticsearchQueryString)5
MessageList (org.graylog.plugins.views.search.searchtypes.MessageList)5
ImmutableSet (com.google.common.collect.ImmutableSet)4
Maps (com.google.common.collect.Maps)4
Named (com.google.inject.name.Named)4
Optional (java.util.Optional)4
