use of org.graylog.plugins.views.search.searchtypes.Sort in project graylog2-server by Graylog2.
the class ESMessageList method doGenerateQueryPart.
@Override
public void doGenerateQueryPart(SearchJob job, Query query, MessageList messageList, ESGeneratedQueryContext queryContext) {
final SearchSourceBuilder searchSourceBuilder = queryContext.searchSourceBuilder(messageList).size(messageList.limit()).from(messageList.offset());
applyHighlightingIfActivated(searchSourceBuilder, job, query);
final Set<String> effectiveStreamIds = messageList.effectiveStreams().isEmpty() ? query.usedStreamIds() : messageList.effectiveStreams();
if (!messageList.fields().isEmpty()) {
searchSourceBuilder.fetchSource(messageList.fields().toArray(new String[0]), new String[0]);
}
final List<Sort> sorts = firstNonNull(messageList.sort(), Collections.singletonList(Sort.create(Message.FIELD_TIMESTAMP, Sort.Order.DESC)));
sorts.forEach(sort -> {
final FieldSortBuilder fieldSort = SortBuilders.fieldSort(sort.field()).order(toSortOrder(sort.order()));
final Optional<String> fieldType = queryContext.fieldType(effectiveStreamIds, sort.field());
searchSourceBuilder.sort(fieldType.map(fieldSort::unmappedType).orElse(fieldSort));
});
}
use of org.graylog.plugins.views.search.searchtypes.Sort in project graylog2-server by Graylog2.
the class AbsoluteSearchResource method searchAbsolute.
@GET
@Timed
@ApiOperation(value = "Message search with absolute timerange.", notes = "Search for messages using an absolute timerange, specified as from/to " + "with format yyyy-MM-ddTHH:mm:ss.SSSZ (e.g. 2014-01-23T15:34:49.000Z) or yyyy-MM-dd HH:mm:ss.")
@Produces(MediaType.APPLICATION_JSON)
@ApiResponses(value = { @ApiResponse(code = 400, message = "Invalid timerange parameters provided.") })
public SearchResponse searchAbsolute(@ApiParam(name = "query", value = "Query (Lucene syntax)", required = true) @QueryParam("query") @NotEmpty String query, @ApiParam(name = "from", value = "Timerange start. See description for date format", required = true) @QueryParam("from") @NotEmpty String from, @ApiParam(name = "to", value = "Timerange end. See description for date format", required = true) @QueryParam("to") @NotEmpty String to, @ApiParam(name = "limit", value = "Maximum number of messages to return.") @QueryParam("limit") int limit, @ApiParam(name = "offset", value = "Offset") @QueryParam("offset") int offset, @ApiParam(name = "filter", value = "Filter") @QueryParam("filter") String filter, @ApiParam(name = "fields", value = "Comma separated list of fields to return") @QueryParam("fields") String fields, @ApiParam(name = "sort", value = "Sorting (field:asc / field:desc)") @QueryParam("sort") String sort, @ApiParam(name = "decorate", value = "Run decorators on search result") @QueryParam("decorate") @DefaultValue("true") boolean decorate, @Context SearchUser searchUser) {
checkSearchPermission(filter, RestPermissions.SEARCHES_ABSOLUTE);
final Sort sorting = buildSortOrder(sort);
final List<String> fieldList = parseOptionalFields(fields);
final TimeRange timeRange = buildAbsoluteTimeRange(from, to);
return search(query, limit, filter, decorate, searchUser, fieldList, sorting, timeRange);
}
use of org.graylog.plugins.views.search.searchtypes.Sort in project graylog2-server by Graylog2.
the class KeywordSearchResource method searchKeyword.
@GET
@Timed
@ApiOperation(value = "Message search with keyword as timerange.", notes = "Search for messages in a timerange defined by a keyword like \"yesterday\" or \"2 weeks ago to wednesday\".")
@Produces(MediaType.APPLICATION_JSON)
@ApiResponses(value = { @ApiResponse(code = 400, message = "Invalid keyword provided.") })
public SearchResponse searchKeyword(@ApiParam(name = "query", value = "Query (Lucene syntax)", required = true) @QueryParam("query") @NotEmpty String query, @ApiParam(name = "keyword", value = "Range keyword", required = true) @QueryParam("keyword") @NotEmpty String keyword, @QueryParam("timezone") @NotEmpty String timezone, @ApiParam(name = "limit", value = "Maximum number of messages to return.") @QueryParam("limit") int limit, @ApiParam(name = "offset", value = "Offset") @QueryParam("offset") int offset, @ApiParam(name = "filter", value = "Filter") @QueryParam("filter") String filter, @ApiParam(name = "fields", value = "Comma separated list of fields to return") @QueryParam("fields") String fields, @ApiParam(name = "sort", value = "Sorting (field:asc / field:desc)") @QueryParam("sort") String sort, @ApiParam(name = "decorate", value = "Run decorators on search result") @QueryParam("decorate") @DefaultValue("true") boolean decorate, @Context SearchUser searchUser) {
checkSearchPermission(filter, RestPermissions.SEARCHES_KEYWORD);
final Sort sorting = buildSortOrder(sort);
final List<String> fieldList = parseOptionalFields(fields);
final TimeRange timeRange = buildKeywordTimeRange(keyword, timezone);
return search(query, limit, filter, decorate, searchUser, fieldList, sorting, timeRange);
}
use of org.graylog.plugins.views.search.searchtypes.Sort in project graylog2-server by Graylog2.
the class RelativeSearchResource method searchRelative.
@GET
@Timed
@ApiOperation(value = "Message search with relative timerange.", notes = "Search for messages in a relative timerange, specified as seconds from now. " + "Example: 300 means search from 5 minutes ago to now.")
@ApiResponses(value = { @ApiResponse(code = 400, message = "Invalid timerange parameters provided.") })
@Produces(MediaType.APPLICATION_JSON)
public SearchResponse searchRelative(@ApiParam(name = "query", value = "Query (Lucene syntax)", required = true) @QueryParam("query") @NotEmpty String query, @ApiParam(name = "range", value = "Relative timeframe to search in. See method description.", required = true) @QueryParam("range") @PositiveOrZero int range, @ApiParam(name = "limit", value = "Maximum number of messages to return.") @QueryParam("limit") int limit, @ApiParam(name = "offset", value = "Offset") @QueryParam("offset") int offset, @ApiParam(name = "filter", value = "Filter") @QueryParam("filter") String filter, @ApiParam(name = "fields", value = "Comma separated list of fields to return") @QueryParam("fields") String fields, @ApiParam(name = "sort", value = "Sorting (field:asc / field:desc)") @QueryParam("sort") String sort, @ApiParam(name = "decorate", value = "Run decorators on search result") @QueryParam("decorate") @DefaultValue("true") boolean decorate, @Context SearchUser searchUser) {
checkSearchPermission(filter, RestPermissions.SEARCHES_RELATIVE);
final List<String> fieldList = parseOptionalFields(fields);
final Sort sorting = buildSortOrder(sort);
final TimeRange timeRange = buildRelativeTimeRange(range);
return search(query, limit, filter, decorate, searchUser, fieldList, sorting, timeRange);
}
use of org.graylog.plugins.views.search.searchtypes.Sort in project graylog2-server by Graylog2.
the class ESMessageList method doGenerateQueryPart.
@Override
public void doGenerateQueryPart(SearchJob job, Query query, MessageList messageList, ESGeneratedQueryContext queryContext) {
final SearchSourceBuilder searchSourceBuilder = queryContext.searchSourceBuilder(messageList).size(messageList.limit()).from(messageList.offset());
applyHighlightingIfActivated(searchSourceBuilder, job, query);
final Set<String> effectiveStreamIds = messageList.effectiveStreams().isEmpty() ? query.usedStreamIds() : messageList.effectiveStreams();
if (!messageList.fields().isEmpty()) {
searchSourceBuilder.fetchSource(messageList.fields().toArray(new String[0]), new String[0]);
}
final List<Sort> sorts = firstNonNull(messageList.sort(), Collections.singletonList(Sort.create(Message.FIELD_TIMESTAMP, Sort.Order.DESC)));
sorts.forEach(sort -> {
final FieldSortBuilder fieldSort = SortBuilders.fieldSort(sort.field()).order(toSortOrder(sort.order()));
final Optional<String> fieldType = queryContext.fieldType(effectiveStreamIds, sort.field());
searchSourceBuilder.sort(fieldType.map(fieldSort::unmappedType).orElse(fieldSort));
});
}
Aggregations