Search in sources :

Example 1 with QueryStringFilter

use of org.graylog.plugins.views.search.filter.QueryStringFilter in project graylog2-server by Graylog2.

the class ElasticsearchBackend method generateFilterClause.

// TODO make pluggable
public Optional<QueryBuilder> generateFilterClause(Filter filter, SearchJob job, Query query) {
    if (filter == null) {
        return Optional.empty();
    }
    switch(filter.type()) {
        case AndFilter.NAME:
            final BoolQueryBuilder andBuilder = QueryBuilders.boolQuery();
            filter.filters().stream().map(filter1 -> generateFilterClause(filter1, job, query)).forEach(optQueryBuilder -> optQueryBuilder.ifPresent(andBuilder::must));
            return Optional.of(andBuilder);
        case OrFilter.NAME:
            final BoolQueryBuilder orBuilder = QueryBuilders.boolQuery();
            // TODO for the common case "any of these streams" we can optimize the filter into
            // a single "termsQuery" instead of "termQuery OR termQuery" if all direct children are "StreamFilter"
            filter.filters().stream().map(filter1 -> generateFilterClause(filter1, job, query)).forEach(optQueryBuilder -> optQueryBuilder.ifPresent(orBuilder::should));
            return Optional.of(orBuilder);
        case StreamFilter.NAME:
            // Skipping stream filter, will be extracted elsewhere
            return Optional.empty();
        case QueryStringFilter.NAME:
            return Optional.of(QueryBuilders.queryStringQuery(this.queryStringDecorators.decorate(((QueryStringFilter) filter).query(), job, query)));
    }
    return Optional.empty();
}
Also used : ESSearchTypeHandler(org.graylog.storage.elasticsearch7.views.searchtypes.ESSearchTypeHandler) AndFilter(org.graylog.plugins.views.search.filter.AndFilter) ElasticsearchClient(org.graylog.storage.elasticsearch7.ElasticsearchClient) Arrays(java.util.Arrays) BackendQuery(org.graylog.plugins.views.search.engine.BackendQuery) QueryBackend(org.graylog.plugins.views.search.engine.QueryBackend) Provider(javax.inject.Provider) LoggerFactory(org.slf4j.LoggerFactory) FieldTypeException(org.graylog2.indexer.FieldTypeException) MultiSearchResponse(org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.MultiSearchResponse) StreamFilter(org.graylog.plugins.views.search.filter.StreamFilter) Map(java.util.Map) IndicesOptions(org.graylog.shaded.elasticsearch7.org.elasticsearch.action.support.IndicesOptions) SearchConfig(org.graylog.plugins.views.search.engine.SearchConfig) Set(java.util.Set) Collectors(java.util.stream.Collectors) BoolQueryBuilder(org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder) Objects(java.util.Objects) List(java.util.List) Filter(org.graylog.plugins.views.search.Filter) Optional(java.util.Optional) SearchResponse(org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchResponse) Query(org.graylog.plugins.views.search.Query) SearchTypeErrorParser(org.graylog.plugins.views.search.errors.SearchTypeErrorParser) HashMap(java.util.HashMap) ElasticsearchException(org.graylog2.indexer.ElasticsearchException) ShardOperationFailedException(org.graylog.shaded.elasticsearch7.org.elasticsearch.action.ShardOperationFailedException) ArrayList(java.util.ArrayList) GlobalOverride(org.graylog.plugins.views.search.GlobalOverride) Inject(javax.inject.Inject) HashSet(java.util.HashSet) OrFilter(org.graylog.plugins.views.search.filter.OrFilter) SearchType(org.graylog.plugins.views.search.SearchType) QueryStringFilter(org.graylog.plugins.views.search.filter.QueryStringFilter) SearchTypeError(org.graylog.plugins.views.search.errors.SearchTypeError) QueryResult(org.graylog.plugins.views.search.QueryResult) TimeRangeQueryFactory(org.graylog.storage.elasticsearch7.TimeRangeQueryFactory) SearchJob(org.graylog.plugins.views.search.SearchJob) QueryBuilder(org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.QueryBuilder) SearchSourceBuilder(org.graylog.shaded.elasticsearch7.org.elasticsearch.search.builder.SearchSourceBuilder) Logger(org.slf4j.Logger) SearchRequest(org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchRequest) Maps(com.google.common.collect.Maps) QueryStringDecorators(org.graylog.plugins.views.search.elasticsearch.QueryStringDecorators) Named(com.google.inject.name.Named) IndexLookup(org.graylog.plugins.views.search.elasticsearch.IndexLookup) QueryBuilders(org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.QueryBuilders) Message(org.graylog2.plugin.Message) Collections(java.util.Collections) BoolQueryBuilder(org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder)

Example 2 with QueryStringFilter

use of org.graylog.plugins.views.search.filter.QueryStringFilter in project graylog2-server by Graylog2.

the class ElasticsearchBackend method generateFilterClause.

// TODO make pluggable
public Optional<QueryBuilder> generateFilterClause(Filter filter, SearchJob job, Query query) {
    if (filter == null) {
        return Optional.empty();
    }
    switch(filter.type()) {
        case AndFilter.NAME:
            final BoolQueryBuilder andBuilder = QueryBuilders.boolQuery();
            filter.filters().stream().map(filter1 -> generateFilterClause(filter1, job, query)).forEach(optQueryBuilder -> optQueryBuilder.ifPresent(andBuilder::must));
            return Optional.of(andBuilder);
        case OrFilter.NAME:
            final BoolQueryBuilder orBuilder = QueryBuilders.boolQuery();
            // TODO for the common case "any of these streams" we can optimize the filter into
            // a single "termsQuery" instead of "termQuery OR termQuery" if all direct children are "StreamFilter"
            filter.filters().stream().map(filter1 -> generateFilterClause(filter1, job, query)).forEach(optQueryBuilder -> optQueryBuilder.ifPresent(orBuilder::should));
            return Optional.of(orBuilder);
        case StreamFilter.NAME:
            // Skipping stream filter, will be extracted elsewhere
            return Optional.empty();
        case QueryStringFilter.NAME:
            return Optional.of(QueryBuilders.queryStringQuery(this.queryStringDecorators.decorate(((QueryStringFilter) filter).query(), job, query)));
    }
    return Optional.empty();
}
Also used : AndFilter(org.graylog.plugins.views.search.filter.AndFilter) BackendQuery(org.graylog.plugins.views.search.engine.BackendQuery) QueryBackend(org.graylog.plugins.views.search.engine.QueryBackend) Provider(javax.inject.Provider) LoggerFactory(org.slf4j.LoggerFactory) MultiSearchResult(io.searchbox.core.MultiSearchResult) JestUtils(org.graylog.storage.elasticsearch6.jest.JestUtils) StreamFilter(org.graylog.plugins.views.search.filter.StreamFilter) Map(java.util.Map) IndexMapping(org.graylog2.indexer.IndexMapping) QueryBuilders(org.graylog.shaded.elasticsearch6.org.elasticsearch.index.query.QueryBuilders) TimeRangeQueryFactory(org.graylog.storage.elasticsearch6.TimeRangeQueryFactory) SearchConfig(org.graylog.plugins.views.search.engine.SearchConfig) JestUtils.checkForFailedShards(org.graylog.storage.elasticsearch6.jest.JestUtils.checkForFailedShards) Set(java.util.Set) Collectors(java.util.stream.Collectors) Objects(java.util.Objects) List(java.util.List) Filter(org.graylog.plugins.views.search.Filter) Optional(java.util.Optional) SearchSourceBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.search.builder.SearchSourceBuilder) ESSearchTypeHandler(org.graylog.storage.elasticsearch6.views.searchtypes.ESSearchTypeHandler) Query(org.graylog.plugins.views.search.Query) SearchTypeErrorParser(org.graylog.plugins.views.search.errors.SearchTypeErrorParser) HashMap(java.util.HashMap) ElasticsearchException(org.graylog2.indexer.ElasticsearchException) ArrayList(java.util.ArrayList) JestClient(io.searchbox.client.JestClient) GlobalOverride(org.graylog.plugins.views.search.GlobalOverride) Inject(javax.inject.Inject) HashSet(java.util.HashSet) OrFilter(org.graylog.plugins.views.search.filter.OrFilter) SearchType(org.graylog.plugins.views.search.SearchType) QueryStringFilter(org.graylog.plugins.views.search.filter.QueryStringFilter) SearchTypeError(org.graylog.plugins.views.search.errors.SearchTypeError) QueryResult(org.graylog.plugins.views.search.QueryResult) QueryBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.index.query.QueryBuilder) MultiSearch(io.searchbox.core.MultiSearch) SearchJob(org.graylog.plugins.views.search.SearchJob) Logger(org.slf4j.Logger) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) Search(io.searchbox.core.Search) Maps(com.google.common.collect.Maps) QueryStringDecorators(org.graylog.plugins.views.search.elasticsearch.QueryStringDecorators) Named(com.google.inject.name.Named) BoolQueryBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.index.query.BoolQueryBuilder) IndexLookup(org.graylog.plugins.views.search.elasticsearch.IndexLookup) Message(org.graylog2.plugin.Message) Collections(java.util.Collections) BoolQueryBuilder(org.graylog.shaded.elasticsearch6.org.elasticsearch.index.query.BoolQueryBuilder)

Aggregations

Maps (com.google.common.collect.Maps)2 Named (com.google.inject.name.Named)2 ArrayList (java.util.ArrayList)2 Collections (java.util.Collections)2 HashMap (java.util.HashMap)2 HashSet (java.util.HashSet)2 List (java.util.List)2 Map (java.util.Map)2 Objects (java.util.Objects)2 Optional (java.util.Optional)2 Set (java.util.Set)2 Collectors (java.util.stream.Collectors)2 Inject (javax.inject.Inject)2 Provider (javax.inject.Provider)2 Filter (org.graylog.plugins.views.search.Filter)2 GlobalOverride (org.graylog.plugins.views.search.GlobalOverride)2 Query (org.graylog.plugins.views.search.Query)2 QueryResult (org.graylog.plugins.views.search.QueryResult)2 SearchJob (org.graylog.plugins.views.search.SearchJob)2 SearchType (org.graylog.plugins.views.search.SearchType)2