Search in sources :

Example 36 with BoolQueryBuilder

use of org.graylog.shaded.elasticsearch6.org.elasticsearch.index.query.BoolQueryBuilder in project uavstack by uavorg.

the class NewLogQueryHandler method queryByLogContent.

/**
 * 日志内容搜索
 *
 * @param data
 */
@SuppressWarnings("rawtypes")
private void queryByLogContent(UAVHttpMessage data) {
    BoolQueryBuilder queryBuilder = QueryBuilders.boolQuery();
    /**
     * 如果有开始和结束时间
     */
    long startTime = DataConvertHelper.toLong(data.getRequest("stime"), -1);
    long endTime = DataConvertHelper.toLong(data.getRequest("etime"), -1);
    if (startTime > -1 && endTime > -1 && endTime >= startTime) {
        queryBuilder.must(QueryBuilders.rangeQuery("l_timestamp").gte(startTime).lte(endTime));
    }
    /**
     * 如果有日志行号 有可能只有sline或eline也有可能都有
     */
    long startLine = DataConvertHelper.toLong(data.getRequest("sline"), -1);
    long endLine = DataConvertHelper.toLong(data.getRequest("eline"), -1);
    if (startLine > -1 && endLine > -1 && endLine > startLine) {
        queryBuilder.must(QueryBuilders.rangeQuery("l_num").gte(startLine).lt(endLine));
    } else if (startLine > -1) {
        queryBuilder.must(QueryBuilders.rangeQuery("l_num").gte(startLine));
    } else if (endLine > -1) {
        queryBuilder.must(QueryBuilders.rangeQuery("l_num").lt(endLine));
    }
    String appid = data.getRequest("appid");
    if (appid != null) {
        queryBuilder.must(QueryBuilders.termQuery("appid", appid));
    }
    String ipport = data.getRequest("ipport");
    if (ipport != null) {
        queryBuilder.must(QueryBuilders.termQuery("ipport", ipport));
    }
    /**
     * 内容搜索
     */
    // get logtype for search
    String logType = data.getRequest("logtype");
    /**
     * 默认Type的字段只有ctn
     */
    if (logType.endsWith("_def")) {
        parseSearchCondition(queryBuilder, data);
    } else /**
     * 自定义规则
     */
    {
    // TODO
    }
    SortBuilder[] sorts = buildSort(data);
    this.queryToList(data, queryBuilder, null, sorts);
}
Also used : FieldSortBuilder(org.elasticsearch.search.sort.FieldSortBuilder) SortBuilder(org.elasticsearch.search.sort.SortBuilder) BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder)

Example 37 with BoolQueryBuilder

use of org.graylog.shaded.elasticsearch6.org.elasticsearch.index.query.BoolQueryBuilder in project uavstack by uavorg.

the class ThreadAnalysisQueryHandler method queryMultiDumpInfo.

private void queryMultiDumpInfo(UAVHttpMessage data) {
    String ipport = data.getRequest("ipport");
    String timesStr = data.getRequest("times");
    List<String> times = JSONHelper.toObjectArray(timesStr, String.class);
    List<List<Map<String, Object>>> records = new ArrayList<>();
    for (String time : times) {
        long timestamp = DataConvertHelper.toLong(time, -1L);
        // build query builder
        BoolQueryBuilder queryBuilder = QueryBuilders.boolQuery();
        queryBuilder.must(QueryBuilders.rangeQuery("time").gte(timestamp).lte(timestamp));
        queryBuilder.must(QueryBuilders.termQuery("ipport", ipport));
        SearchResponse sr = query(data, queryBuilder, null, buildSorts(data));
        List<Map<String, Object>> record = getRecords(sr);
        records.add(record);
    }
    ThreadAnalyser ta = (ThreadAnalyser) getConfigManager().getComponent(feature, "ThreadAnalyser");
    List<Map<String, String>> rs = ta.queryMutilDumpInfo(times, records);
    data.putResponse("rs", JSONHelper.toString(rs));
}
Also used : ArrayList(java.util.ArrayList) SearchResponse(org.elasticsearch.action.search.SearchResponse) BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder) ThreadAnalyser(com.creditease.uav.threadanalysis.server.ThreadAnalyser) ArrayList(java.util.ArrayList) List(java.util.List) ThreadObject(com.creditease.uav.threadanalysis.server.da.ThreadObject) HashMap(java.util.HashMap) Map(java.util.Map)

Example 38 with BoolQueryBuilder

use of org.graylog.shaded.elasticsearch6.org.elasticsearch.index.query.BoolQueryBuilder in project uavstack by uavorg.

the class ThreadAnalysisQueryHandler method queryMultiDumpGraph.

private void queryMultiDumpGraph(UAVHttpMessage data) {
    String ipport = data.getRequest("ipport");
    String timesStr = data.getRequest("times");
    String threadIdsStr = data.getRequest("threadIds");
    List<String> times = JSONHelper.toObjectArray(timesStr, String.class);
    List<String> threadIds = JSONHelper.toObjectArray(threadIdsStr, String.class);
    List<List<Map<String, Object>>> records = new ArrayList<>();
    for (String time : times) {
        long timestamp = DataConvertHelper.toLong(time, -1L);
        // build query builder
        BoolQueryBuilder queryBuilder = QueryBuilders.boolQuery();
        queryBuilder.must(QueryBuilders.rangeQuery("time").gte(timestamp).lte(timestamp));
        queryBuilder.must(QueryBuilders.termQuery("ipport", ipport));
        SearchResponse sr = query(data, queryBuilder, null, buildSorts(data));
        List<Map<String, Object>> record = getRecords(sr);
        records.add(record);
    }
    ThreadAnalyser ta = (ThreadAnalyser) getConfigManager().getComponent(feature, "ThreadAnalyser");
    Map<String, Object> rs = ta.queryMutilDumpGraph(threadIds, records);
    data.putResponse("rs", JSONHelper.toString(rs));
}
Also used : ArrayList(java.util.ArrayList) SearchResponse(org.elasticsearch.action.search.SearchResponse) BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder) ThreadAnalyser(com.creditease.uav.threadanalysis.server.ThreadAnalyser) ArrayList(java.util.ArrayList) List(java.util.List) ThreadObject(com.creditease.uav.threadanalysis.server.da.ThreadObject) HashMap(java.util.HashMap) Map(java.util.Map)

Example 39 with BoolQueryBuilder

use of org.graylog.shaded.elasticsearch6.org.elasticsearch.index.query.BoolQueryBuilder in project uavstack by uavorg.

the class ThreadAnalysisQueryHandler method buildQuery.

private QueryBuilder buildQuery(UAVHttpMessage data) {
    long startTime = DataConvertHelper.toLong(data.getRequest("stime"), -1L);
    long endTime = DataConvertHelper.toLong(data.getRequest("etime"), -1L);
    if (startTime == -1L || endTime == -1L || endTime < startTime) {
        data.putResponse("rs", "ERR");
        data.putResponse("msg", "The Time Range Error: startTime=" + startTime + ",endTime=" + endTime);
        return null;
    }
    BoolQueryBuilder queryBuilder = QueryBuilders.boolQuery();
    // time
    queryBuilder.must(QueryBuilders.rangeQuery("time").gte(startTime).lte(endTime));
    // user
    String user = data.getRequest("user");
    if (user != null) {
        queryBuilder.must(QueryBuilders.termQuery("user", user));
    }
    // pname,已做分词
    String pname = data.getRequest("pname");
    if (pname != null) {
        queryBuilder.must(QueryBuilders.matchQuery("pname", pname));
    }
    // ipport
    String ipport = data.getRequest("ipport");
    if (ipport != null) {
        queryBuilder.must(QueryBuilders.termQuery("ipport", ipport));
    }
    // pid
    String pid = data.getRequest("pid");
    if (pid != null) {
        queryBuilder.must(QueryBuilders.termQuery("pid", pid));
    }
    // appgroup
    String appgroup = data.getRequest("appgroup");
    if (appgroup != null) {
        queryBuilder.must(QueryBuilders.termQuery("appgroup", appgroup));
    }
    // tid
    String tid = data.getRequest("tid");
    if (tid != null) {
        queryBuilder.must(QueryBuilders.termQuery("tid", tid));
    }
    // state
    String state = data.getRequest("state");
    if (state != null) {
        queryBuilder.must(QueryBuilders.termQuery("state", state));
    }
    // timeadd
    String timeadd = data.getRequest("timeadd");
    if (timeadd != null) {
        queryBuilder.must(QueryBuilders.termQuery("timeadd", timeadd));
    }
    final double PRECISION = 0.0000001F;
    // percpu
    double spercpu = DataConvertHelper.toDouble(data.getRequest("spercpu"), -1.0F);
    double epercpu = DataConvertHelper.toDouble(data.getRequest("epercpu"), -1.0F);
    RangeQueryBuilder percpu = QueryBuilders.rangeQuery("percpu");
    if (spercpu + 1.0F > PRECISION) {
        percpu.gte(spercpu);
    }
    if (epercpu + 1.0F > PRECISION) {
        percpu.lte(epercpu);
    }
    if (epercpu < spercpu) {
        data.putResponse("rs", "ERR");
        data.putResponse("msg", "The percpu Range Error: spercpu=" + spercpu + ",epercpu=" + epercpu);
        return null;
    }
    queryBuilder.must(percpu);
    // permem
    double spermem = DataConvertHelper.toDouble(data.getRequest("spermem"), -1.0F);
    double epermem = DataConvertHelper.toDouble(data.getRequest("epermem"), -1.0F);
    RangeQueryBuilder permem = QueryBuilders.rangeQuery("permem");
    if (spermem + 1.0F > PRECISION) {
        permem.gte(spermem);
    }
    if (epermem + 1.0F > PRECISION) {
        permem.lte(epermem);
    }
    if (epermem < spermem) {
        data.putResponse("rs", "ERR");
        data.putResponse("msg", "The permem Range Error: spercpu=" + spermem + ",epercpu=" + epermem);
        return null;
    }
    queryBuilder.must(permem);
    // info,已做分词
    String info = data.getRequest("info");
    if (info != null) {
        queryBuilder.must(QueryBuilders.matchQuery("info", info));
    }
    return queryBuilder;
}
Also used : BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder) RangeQueryBuilder(org.elasticsearch.index.query.RangeQueryBuilder)

Example 40 with BoolQueryBuilder

use of org.graylog.shaded.elasticsearch6.org.elasticsearch.index.query.BoolQueryBuilder in project herd by FINRAOS.

the class ElasticSearchHelperTest method testAddIndexSearchFilterBooleanClause.

@Test
public void testAddIndexSearchFilterBooleanClause() {
    TagKey tagKey = new TagKey();
    tagKey.setTagCode(TAG_CODE);
    tagKey.setTagTypeCode(TAG_TYPE_CODE);
    IndexSearchResultTypeKey indexSearchResultTypeKey = new IndexSearchResultTypeKey();
    indexSearchResultTypeKey.setIndexSearchResultType(INDEX_SEARCH_RESULT_TYPE);
    List<IndexSearchKey> indexSearchKeys = new ArrayList<>();
    IndexSearchKey indexSearchKey = new IndexSearchKey();
    indexSearchKey.setTagKey(tagKey);
    indexSearchKey.setIndexSearchResultTypeKey(indexSearchResultTypeKey);
    indexSearchKeys.add(indexSearchKey);
    List<IndexSearchFilter> indexSearchFilters = new ArrayList<>();
    IndexSearchFilter indexSearchFilter1 = new IndexSearchFilter();
    indexSearchFilter1.setIsExclusionSearchFilter(true);
    indexSearchFilter1.setIndexSearchKeys(indexSearchKeys);
    IndexSearchFilter indexSearchFilter2 = new IndexSearchFilter();
    indexSearchFilter2.setIsExclusionSearchFilter(false);
    indexSearchFilter2.setIndexSearchKeys(indexSearchKeys);
    indexSearchFilters.add(indexSearchFilter1);
    indexSearchFilters.add(indexSearchFilter2);
    BoolQueryBuilder result = elasticsearchHelper.addIndexSearchFilterBooleanClause(indexSearchFilters, "bdefIndex", "tagIndex");
    assertThat("Result is null.", result, is(notNullValue()));
}
Also used : IndexSearchKey(org.finra.herd.model.api.xml.IndexSearchKey) BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder) TagKey(org.finra.herd.model.api.xml.TagKey) ArrayList(java.util.ArrayList) IndexSearchResultTypeKey(org.finra.herd.model.api.xml.IndexSearchResultTypeKey) IndexSearchFilter(org.finra.herd.model.api.xml.IndexSearchFilter) Test(org.junit.Test) AbstractDaoTest(org.finra.herd.dao.AbstractDaoTest)

Aggregations

BoolQueryBuilder (org.elasticsearch.index.query.BoolQueryBuilder)201 SearchResponse (org.elasticsearch.action.search.SearchResponse)73 QueryBuilder (org.elasticsearch.index.query.QueryBuilder)58 SearchHit (org.elasticsearch.search.SearchHit)41 SearchRequestBuilder (org.elasticsearch.action.search.SearchRequestBuilder)38 SearchSourceBuilder (org.elasticsearch.search.builder.SearchSourceBuilder)30 Map (java.util.Map)29 ArrayList (java.util.ArrayList)27 HashMap (java.util.HashMap)25 List (java.util.List)23 SearchRequest (org.elasticsearch.action.search.SearchRequest)21 Test (org.junit.Test)18 RangeQueryBuilder (org.elasticsearch.index.query.RangeQueryBuilder)16 TermsAggregationBuilder (org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder)16 QueryBuilders (org.elasticsearch.index.query.QueryBuilders)14 FilterAggregationBuilder (org.elasticsearch.search.aggregations.bucket.filter.FilterAggregationBuilder)13 Logger (org.slf4j.Logger)12 LoggerFactory (org.slf4j.LoggerFactory)12 LinkedList (java.util.LinkedList)11 FieldSortBuilder (org.elasticsearch.search.sort.FieldSortBuilder)11