Examples with PivotResult org.graylog.plugins.views.search.searchtypes.pivot.PivotResult used on opensource projects

Search in sources :

Example 11 with PivotResult

use of org.graylog.plugins.views.search.searchtypes.pivot.PivotResult in project graylog2-server by Graylog2.

the class PivotAggregationSearchTest method testExtractValuesWithoutGroupBy.

@Test
public void testExtractValuesWithoutGroupBy() throws Exception {
    final AbsoluteRange timerange = AbsoluteRange.create(DateTime.now(DateTimeZone.UTC).minusSeconds(3600), DateTime.now(DateTimeZone.UTC));
    final AggregationSeries seriesCount = AggregationSeries.create("abc123", AggregationFunction.COUNT, "source");
    final AggregationSeries seriesCountNoField = AggregationSeries.create("abc123", AggregationFunction.COUNT, "");
    final AggregationSeries seriesCard = AggregationSeries.create("abc123", AggregationFunction.CARD, "source");
    final AggregationEventProcessorConfig config = AggregationEventProcessorConfig.builder().query("").streams(Collections.emptySet()).groupBy(Collections.emptyList()).series(ImmutableList.of(seriesCount, seriesCountNoField, seriesCard)).conditions(null).searchWithinMs(30000).executeEveryMs(30000).build();
    final AggregationEventProcessorParameters parameters = AggregationEventProcessorParameters.builder().streams(Collections.emptySet()).timerange(timerange).batchSize(500).build();
    final PivotAggregationSearch pivotAggregationSearch = new PivotAggregationSearch(config, parameters, "test", eventDefinition, searchJobService, queryEngine, EventsConfigurationTestProvider.create(), moreSearch, permittedStreams);
    final PivotResult pivotResult = PivotResult.builder().id("test").effectiveTimerange(timerange).total(1).addRow(PivotResult.Row.builder().key(ImmutableList.of(timerange.getTo().toString())).addValue(PivotResult.Value.create(ImmutableList.of("metric/count/source/abc123"), 42, true, "row-leaf")).addValue(PivotResult.Value.create(ImmutableList.of("metric/count/<no-field>/abc123"), 23, true, "row-leaf")).addValue(PivotResult.Value.create(ImmutableList.of("metric/card/source/abc123"), 1, true, "row-leaf")).source("leaf").build()).build();
    final ImmutableList<AggregationKeyResult> results = pivotAggregationSearch.extractValues(pivotResult);
    assertThat(results.size()).isEqualTo(1);
    assertThat(results.get(0)).isEqualTo(AggregationKeyResult.builder().key(ImmutableList.of()).timestamp(timerange.getTo()).seriesValues(ImmutableList.of(AggregationSeriesValue.builder().key(ImmutableList.of()).value(42.0).series(seriesCount).build(), AggregationSeriesValue.builder().key(ImmutableList.of()).value(23.0).series(seriesCountNoField).build(), AggregationSeriesValue.builder().key(ImmutableList.of()).value(1.0).series(seriesCard).build())).build());
}
Also used : PivotResult(org.graylog.plugins.views.search.searchtypes.pivot.PivotResult) AbsoluteRange(org.graylog2.plugin.indexer.searches.timeranges.AbsoluteRange) Test(org.junit.Test)

Example 12 with PivotResult

use of org.graylog.plugins.views.search.searchtypes.pivot.PivotResult in project graylog2-server by Graylog2.

the class PivotAggregationSearchTest method testExtractValuesWithNullValues.

@Test
public void testExtractValuesWithNullValues() throws Exception {
    final AbsoluteRange timerange = AbsoluteRange.create(DateTime.now(DateTimeZone.UTC).minusSeconds(3600), DateTime.now(DateTimeZone.UTC));
    final AggregationSeries seriesCount = AggregationSeries.create("abc123", AggregationFunction.COUNT, "source");
    final AggregationSeries seriesAvg = AggregationSeries.create("abc123", AggregationFunction.AVG, "some_field");
    final AggregationEventProcessorConfig config = AggregationEventProcessorConfig.builder().query("").streams(Collections.emptySet()).groupBy(Collections.emptyList()).series(ImmutableList.of(seriesCount, seriesAvg)).conditions(null).searchWithinMs(30000).executeEveryMs(30000).build();
    final AggregationEventProcessorParameters parameters = AggregationEventProcessorParameters.builder().streams(Collections.emptySet()).timerange(timerange).batchSize(500).build();
    final PivotAggregationSearch pivotAggregationSearch = new PivotAggregationSearch(config, parameters, "test", eventDefinition, searchJobService, queryEngine, EventsConfigurationTestProvider.create(), moreSearch, permittedStreams);
    final PivotResult pivotResult = PivotResult.builder().id("test").effectiveTimerange(timerange).total(1).addRow(PivotResult.Row.builder().key(ImmutableList.of(timerange.getTo().toString())).addValue(PivotResult.Value.create(ImmutableList.of("metric/count/source/abc123"), 42, true, "row-leaf")).addValue(PivotResult.Value.create(ImmutableList.of("metric/avg/some_field/abc123"), null, true, "row-leaf")).source("leaf").build()).build();
    final ImmutableList<AggregationKeyResult> results = pivotAggregationSearch.extractValues(pivotResult);
    assertThat(results.size()).isEqualTo(1);
    assertThat(results.get(0)).isEqualTo(AggregationKeyResult.builder().key(ImmutableList.of()).timestamp(timerange.getTo()).seriesValues(ImmutableList.of(AggregationSeriesValue.builder().key(ImmutableList.of()).value(42.0).series(seriesCount).build(), AggregationSeriesValue.builder().key(ImmutableList.of()).value(// For "null" we expect NaN
    Double.NaN).series(seriesAvg).build())).build());
}
Also used : PivotResult(org.graylog.plugins.views.search.searchtypes.pivot.PivotResult) AbsoluteRange(org.graylog2.plugin.indexer.searches.timeranges.AbsoluteRange) Test(org.junit.Test)

Example 13 with PivotResult

use of org.graylog.plugins.views.search.searchtypes.pivot.PivotResult in project graylog2-server by Graylog2.

the class ElasticsearchBackendMultiSearchTest method oneFailingSearchTypeReturnsPartialResults.

@Test
public void oneFailingSearchTypeReturnsPartialResults() throws Exception {
    final ESGeneratedQueryContext queryContext = this.elasticsearchBackend.generate(searchJob, query, new SearchConfig(Period.ZERO));
    when(jestClient.execute(any(), any())).thenReturn(resultFor(resourceFile("partiallySuccessfulMultiSearchResponse.json")));
    final QueryResult queryResult = this.elasticsearchBackend.doRun(searchJob, query, queryContext);
    assertThat(queryResult.errors()).hasSize(1);
    final SearchTypeError searchTypeError = (SearchTypeError) new ArrayList<>(queryResult.errors()).get(0);
    assertThat(searchTypeError.description()).isEqualTo("Unable to perform search query: \n" + "\n" + "Expected numeric type on field [field1], but got [keyword].");
    assertThat(searchTypeError.searchTypeId()).isEqualTo("pivot1");
    assertThat(queryResult.searchTypes()).containsOnlyKeys("pivot2");
    final PivotResult pivot2Result = (PivotResult) queryResult.searchTypes().get("pivot2");
    assertThat(pivot2Result.rows().get(0)).isEqualTo(PivotResult.Row.builder().key(ImmutableList.of()).source("leaf").addValue(PivotResult.Value.create(Collections.singletonList("max(field2)"), 42.0, true, "row-leaf")).build());
}
Also used : QueryResult(org.graylog.plugins.views.search.QueryResult) SearchTypeError(org.graylog.plugins.views.search.errors.SearchTypeError) PivotResult(org.graylog.plugins.views.search.searchtypes.pivot.PivotResult) ArrayList(java.util.ArrayList) SearchConfig(org.graylog.plugins.views.search.engine.SearchConfig) Test(org.junit.Test)

Example 14 with PivotResult

use of org.graylog.plugins.views.search.searchtypes.pivot.PivotResult in project graylog2-server by Graylog2.

the class ESPivotTest method searchResultIncludesDocumentCount.

@Test
public void searchResultIncludesDocumentCount() throws InvalidRangeParametersException {
    final long documentCount = 424242;
    returnDocumentCount(queryResult, documentCount);
    final Aggregations mockMetricAggregation = createTimestampRangeAggregations((double) new Date().getTime(), (double) new Date().getTime());
    when(queryResult.getAggregations()).thenReturn(mockMetricAggregation);
    when(query.effectiveTimeRange(pivot)).thenReturn(RelativeRange.create(300));
    final SearchType.Result result = this.esPivot.doExtractResult(job, query, pivot, queryResult, aggregations, queryContext);
    final PivotResult pivotResult = (PivotResult) result;
    assertThat(pivotResult.total()).isEqualTo(documentCount);
}
Also used : PivotResult(org.graylog.plugins.views.search.searchtypes.pivot.PivotResult) Aggregations(org.graylog.shaded.elasticsearch7.org.elasticsearch.search.aggregations.Aggregations) SearchType(org.graylog.plugins.views.search.SearchType) Date(java.util.Date) Test(org.junit.Test)

Example 15 with PivotResult

use of org.graylog.plugins.views.search.searchtypes.pivot.PivotResult in project graylog2-server by Graylog2.

the class ESPivotTest method searchResultIncludesTimerangeOfPivot.

@Test
public void searchResultIncludesTimerangeOfPivot() throws InvalidRangeParametersException {
    DateTimeUtils.setCurrentMillisFixed(1578584665408L);
    final long documentCount = 424242;
    returnDocumentCount(queryResult, documentCount);
    final Aggregations mockMetricAggregation = createTimestampRangeAggregations((double) new Date().getTime(), (double) new Date().getTime());
    when(queryResult.getAggregations()).thenReturn(mockMetricAggregation);
    when(query.effectiveTimeRange(pivot)).thenReturn(RelativeRange.create(300));
    final SearchType.Result result = this.esPivot.doExtractResult(job, query, pivot, queryResult, aggregations, queryContext);
    final PivotResult pivotResult = (PivotResult) result;
    assertThat(pivotResult.effectiveTimerange()).isEqualTo(AbsoluteRange.create(DateTime.parse("2020-01-09T15:39:25.408Z"), DateTime.parse("2020-01-09T15:44:25.408Z")));
}
Also used : PivotResult(org.graylog.plugins.views.search.searchtypes.pivot.PivotResult) Aggregations(org.graylog.shaded.elasticsearch7.org.elasticsearch.search.aggregations.Aggregations) SearchType(org.graylog.plugins.views.search.SearchType) Date(java.util.Date) Test(org.junit.Test)

Aggregations

PivotResult (org.graylog.plugins.views.search.searchtypes.pivot.PivotResult)18 Test (org.junit.Test)15 SearchType (org.graylog.plugins.views.search.SearchType)9 Date (java.util.Date)6 QueryResult (org.graylog.plugins.views.search.QueryResult)6 MetricAggregation (io.searchbox.core.search.aggregation.MetricAggregation)4 SearchConfig (org.graylog.plugins.views.search.engine.SearchConfig)4 Aggregations (org.graylog.shaded.elasticsearch7.org.elasticsearch.search.aggregations.Aggregations)4 AbsoluteRange (org.graylog2.plugin.indexer.searches.timeranges.AbsoluteRange)4 SearchTypeError (org.graylog.plugins.views.search.errors.SearchTypeError)3 ArrayList (java.util.ArrayList)2 EventProcessorException (org.graylog.events.processor.EventProcessorException)2 SearchJob (org.graylog.plugins.views.search.SearchJob)2 ElasticsearchQueryString (org.graylog.plugins.views.search.elasticsearch.ElasticsearchQueryString)2 QueryError (org.graylog.plugins.views.search.errors.QueryError)2 MultiSearchResponse (org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.MultiSearchResponse)2 VisibleForTesting (com.google.common.annotations.VisibleForTesting)1 Stopwatch (com.google.common.base.Stopwatch)1 ImmutableList (com.google.common.collect.ImmutableList)1 Objects (java.util.Objects)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial