Examples with MessageList org.graylog.plugins.views.search.searchtypes.MessageList used on opensource projects

Example 21 with MessageList

use of org.graylog.plugins.views.search.searchtypes.MessageList in project graylog2-server by Graylog2.

the class CommandFactoryTest method takesTimeRangeFromMessageListIfSpecified.

@Test
void takesTimeRangeFromMessageListIfSpecified() {
    AbsoluteRange messageListTimeRange = defaultTimeRange();
    MessageList ml = MessageList.builder().id("ml-id").timerange(messageListTimeRange).build();
    Query q = validQueryBuilderWith(ml).timerange(timeRange(222)).build();
    Search s = searchWithQueries(q);
    ExportMessagesCommand command = buildFrom(s, ml.id());
    assertThat(command.timeRange()).isEqualTo(messageListTimeRange);
}

Example 22 with MessageList

use of org.graylog.plugins.views.search.searchtypes.MessageList in project graylog2-server by Graylog2.

the class ESMessageList method doExtractResult.

@Override
public SearchType.Result doExtractResult(SearchJob job, Query query, MessageList searchType, SearchResult result, MetricAggregation aggregations, ESGeneratedQueryContext queryContext) {
    // noinspection unchecked
    final List<ResultMessageSummary> messages = result.getHits(Map.class, false).stream().map(hit -> ResultMessage.parseFromSource(hit.id, hit.index, (Map<String, Object>) hit.source, hit.highlight)).map((resultMessage) -> ResultMessageSummary.create(resultMessage.highlightRanges, resultMessage.getMessage().getFields(), resultMessage.getIndex())).collect(Collectors.toList());
    final String undecoratedQueryString = query.query().queryString();
    final String queryString = this.esQueryDecorators.decorate(undecoratedQueryString, job, query);
    final DateTime from = query.effectiveTimeRange(searchType).getFrom();
    final DateTime to = query.effectiveTimeRange(searchType).getTo();
    final SearchResponse searchResponse = SearchResponse.create(undecoratedQueryString, queryString, Collections.emptySet(), messages, Collections.emptySet(), 0, result.getTotal(), from, to);
    final SearchResponse decoratedSearchResponse = decoratorProcessor.decorateSearchResponse(searchResponse, searchType.decorators());
    final MessageList.Result.Builder resultBuilder = MessageList.Result.result(searchType.id()).messages(decoratedSearchResponse.messages()).effectiveTimerange(AbsoluteRange.create(from, to)).totalResults(decoratedSearchResponse.totalResults());
    return searchType.name().map(resultBuilder::name).orElse(resultBuilder).build();
}

Example 23 with MessageList

use of org.graylog.plugins.views.search.searchtypes.MessageList in project graylog2-server by Graylog2.

the class ESMessageList method doExtractResult.

@Override
public SearchType.Result doExtractResult(SearchJob job, Query query, MessageList searchType, org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchResponse result, Aggregations aggregations, ESGeneratedQueryContext queryContext) {
    final List<ResultMessageSummary> messages = StreamSupport.stream(result.getHits().spliterator(), false).map(ESMessageList::resultMessageFromSearchHit).map((resultMessage) -> ResultMessageSummary.create(resultMessage.highlightRanges, resultMessage.getMessage().getFields(), resultMessage.getIndex())).collect(Collectors.toList());
    final String undecoratedQueryString = query.query().queryString();
    final String queryString = this.esQueryDecorators.decorate(undecoratedQueryString, job, query);
    final DateTime from = query.effectiveTimeRange(searchType).getFrom();
    final DateTime to = query.effectiveTimeRange(searchType).getTo();
    final SearchResponse searchResponse = SearchResponse.create(undecoratedQueryString, queryString, Collections.emptySet(), messages, Collections.emptySet(), 0, result.getHits().getTotalHits().value, from, to);
    final SearchResponse decoratedSearchResponse = decoratorProcessor.decorateSearchResponse(searchResponse, searchType.decorators());
    final MessageList.Result.Builder resultBuilder = MessageList.Result.result(searchType.id()).messages(decoratedSearchResponse.messages()).effectiveTimerange(AbsoluteRange.create(from, to)).totalResults(decoratedSearchResponse.totalResults());
    return searchType.name().map(resultBuilder::name).orElse(resultBuilder).build();
}

Example 24 with MessageList

use of org.graylog.plugins.views.search.searchtypes.MessageList in project graylog2-server by Graylog2.

the class ESMessageListTest method appliesDecoratorsToQueryStringIfHighlightingActivated.

@Test
public void appliesDecoratorsToQueryStringIfHighlightingActivated() {
    final QueryStringDecorator queryStringDecorator = (String queryString, ParameterProvider job, Query query) -> "Foobar!";
    final MessageList messageList = someMessageList();
    ESGeneratedQueryContext queryContext = generateQueryPartWithHighlighting(messageList, Collections.singleton(queryStringDecorator));
    final DocumentContext doc = JsonPath.parse(queryContext.searchSourceBuilder(messageList).toString());
    JsonPathAssert.assertThat(doc).jsonPathAsString("$.highlight.highlight_query.query_string.query").isEqualTo("Foobar!");
}

Example 25 with MessageList

use of org.graylog.plugins.views.search.searchtypes.MessageList in project graylog2-server by Graylog2.

the class ESMessageListTest method passesTypeOfSortingFieldAsUnmappedType.

@Test
public void passesTypeOfSortingFieldAsUnmappedType() {
    final MessageList messageList = someMessageListWithSorting("stream1", "somefield");
    final ESGeneratedQueryContext context = mockQueryContext(messageList);
    when(context.fieldType(Collections.singleton("stream1"), "somefield")).thenReturn(Optional.of("long"));
    final ESGeneratedQueryContext queryContext = generateQueryPartWithContextFor(messageList, true, Collections.emptySet(), context);
    final DocumentContext doc = JsonPath.parse(queryContext.searchSourceBuilder(messageList).toString());
    JsonPathAssert.assertThat(doc).jsonPathAsString("$.sort[0].somefield.unmapped_type").isEqualTo("long");
}