Search in sources :

Example 36 with SearchRequest

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchRequest in project graylog2-server by Graylog2.

the class Searches method termsStats.

public TermsStatsResult termsStats(String keyField, String valueField, TermsStatsOrder order, int size, String query, String filter, TimeRange range) {
    if (size == 0) {
        size = 50;
    }
    SearchRequestBuilder srb;
    if (filter == null) {
        srb = standardSearchRequest(query, determineAffectedIndices(range, filter), range);
    } else {
        srb = filteredSearchRequest(query, filter, determineAffectedIndices(range, filter), range);
    }
    Terms.Order termsOrder;
    switch(order) {
        case COUNT:
            termsOrder = Terms.Order.count(true);
            break;
        case REVERSE_COUNT:
            termsOrder = Terms.Order.count(false);
            break;
        case TERM:
            termsOrder = Terms.Order.term(true);
            break;
        case REVERSE_TERM:
            termsOrder = Terms.Order.term(false);
            break;
        case MIN:
            termsOrder = Terms.Order.aggregation(AGG_STATS, "min", true);
            break;
        case REVERSE_MIN:
            termsOrder = Terms.Order.aggregation(AGG_STATS, "min", false);
            break;
        case MAX:
            termsOrder = Terms.Order.aggregation(AGG_STATS, "max", true);
            break;
        case REVERSE_MAX:
            termsOrder = Terms.Order.aggregation(AGG_STATS, "max", false);
            break;
        case MEAN:
            termsOrder = Terms.Order.aggregation(AGG_STATS, "avg", true);
            break;
        case REVERSE_MEAN:
            termsOrder = Terms.Order.aggregation(AGG_STATS, "avg", false);
            break;
        case TOTAL:
            termsOrder = Terms.Order.aggregation(AGG_STATS, "sum", true);
            break;
        case REVERSE_TOTAL:
            termsOrder = Terms.Order.aggregation(AGG_STATS, "sum", false);
            break;
        default:
            termsOrder = Terms.Order.count(true);
    }
    FilterAggregationBuilder builder = AggregationBuilders.filter(AGG_FILTER).subAggregation(AggregationBuilders.terms(AGG_TERMS_STATS).field(keyField).subAggregation(AggregationBuilders.stats(AGG_STATS).field(valueField)).order(termsOrder).size(size)).filter(standardAggregationFilters(range, filter));
    srb.addAggregation(builder);
    final SearchRequest request = srb.request();
    SearchResponse r = c.search(request).actionGet();
    recordEsMetrics(r, range);
    final Filter f = r.getAggregations().get(AGG_FILTER);
    return new TermsStatsResult(f.getAggregations().get(AGG_TERMS_STATS), query, request.source(), r.getTook());
}
Also used : SearchRequest(org.elasticsearch.action.search.SearchRequest) FilterAggregationBuilder(org.elasticsearch.search.aggregations.bucket.filter.FilterAggregationBuilder) SearchRequestBuilder(org.elasticsearch.action.search.SearchRequestBuilder) Filter(org.elasticsearch.search.aggregations.bucket.filter.Filter) Terms(org.elasticsearch.search.aggregations.bucket.terms.Terms) TermsStatsResult(org.graylog2.indexer.results.TermsStatsResult) SearchResponse(org.elasticsearch.action.search.SearchResponse)

Example 37 with SearchRequest

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchRequest in project camel by apache.

the class ElasticsearchActionRequestConverter method toSearchRequest.

@Converter
public static SearchRequest toSearchRequest(Object queryObject, Exchange exchange) {
    SearchRequest searchRequest = new SearchRequest(exchange.getIn().getHeader(ElasticsearchConstants.PARAM_INDEX_NAME, String.class)).types(exchange.getIn().getHeader(ElasticsearchConstants.PARAM_INDEX_TYPE, String.class));
    SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder();
    String queryText = null;
    if (queryObject instanceof Map<?, ?>) {
        Map<String, Object> mapQuery = (Map<String, Object>) queryObject;
        // Remove 'query' prefix from the query object for backward compatibility
        if (mapQuery.containsKey(ElasticsearchConstants.ES_QUERY_DSL_PREFIX)) {
            mapQuery = (Map<String, Object>) mapQuery.get(ElasticsearchConstants.ES_QUERY_DSL_PREFIX);
        }
        try {
            XContentBuilder contentBuilder = XContentFactory.contentBuilder(XContentType.JSON);
            queryText = contentBuilder.map(mapQuery).string();
        } catch (IOException e) {
            LOG.error(e.getMessage());
        }
    } else if (queryObject instanceof String) {
        queryText = (String) queryObject;
        ObjectMapper mapper = new ObjectMapper();
        try {
            JsonNode jsonTextObject = mapper.readValue(queryText, JsonNode.class);
            JsonNode parentJsonNode = jsonTextObject.get(ElasticsearchConstants.ES_QUERY_DSL_PREFIX);
            if (parentJsonNode != null) {
                queryText = parentJsonNode.toString();
            }
        } catch (IOException e) {
            LOG.error(e.getMessage());
        }
    } else {
        // Cannot convert the queryObject into SearchRequest
        return null;
    }
    searchSourceBuilder.query(QueryBuilders.wrapperQuery(queryText));
    searchRequest.source(searchSourceBuilder);
    return searchRequest;
}
Also used : SearchRequest(org.elasticsearch.action.search.SearchRequest) MultiSearchRequest(org.elasticsearch.action.search.MultiSearchRequest) JsonNode(com.fasterxml.jackson.databind.JsonNode) IOException(java.io.IOException) Map(java.util.Map) XContentBuilder(org.elasticsearch.common.xcontent.XContentBuilder) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) SearchSourceBuilder(org.elasticsearch.search.builder.SearchSourceBuilder) Converter(org.apache.camel.Converter)

Example 38 with SearchRequest

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchRequest in project camel by apache.

the class ElasticsearchActionRequestConverter method toMultiSearchRequest.

@SuppressWarnings("unchecked")
@Converter
public static MultiSearchRequest toMultiSearchRequest(Object document, Exchange exchange) {
    List<SearchRequest> items = (List<SearchRequest>) document;
    MultiSearchRequest multiSearchRequest = new MultiSearchRequest();
    Iterator<SearchRequest> it = items.iterator();
    while (it.hasNext()) {
        SearchRequest item = it.next();
        multiSearchRequest.add(item);
    }
    return multiSearchRequest;
}
Also used : SearchRequest(org.elasticsearch.action.search.SearchRequest) MultiSearchRequest(org.elasticsearch.action.search.MultiSearchRequest) MultiSearchRequest(org.elasticsearch.action.search.MultiSearchRequest) List(java.util.List) Converter(org.apache.camel.Converter)

Example 39 with SearchRequest

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchRequest in project camel by apache.

the class ElasticsearchActionRequestConverter method toMultiSearchRequest.

@Converter
public static MultiSearchRequest toMultiSearchRequest(Object document, Exchange exchange) {
    List<SearchRequest> items = (List<SearchRequest>) document;
    MultiSearchRequest multiSearchRequest = new MultiSearchRequest();
    Iterator<SearchRequest> it = items.iterator();
    while (it.hasNext()) {
        SearchRequest item = it.next();
        multiSearchRequest.add(item);
    }
    return multiSearchRequest;
}
Also used : SearchRequest(org.elasticsearch.action.search.SearchRequest) MultiSearchRequest(org.elasticsearch.action.search.MultiSearchRequest) MultiSearchRequest(org.elasticsearch.action.search.MultiSearchRequest) List(java.util.List) Converter(org.apache.camel.Converter)

Example 40 with SearchRequest

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchRequest in project pancm_project by xuwujing.

the class EsAggregationSearchTest method havingSearch.

/**
 * @Author pancm
 * @Description having
 * @Date  2020/8/21
 * @Param []
 * @return void
 */
private static void havingSearch() throws IOException {
    String index = "";
    SearchRequest searchRequest = new SearchRequest(index);
    searchRequest.indices(index);
    SearchSourceBuilder sourceBuilder = new SearchSourceBuilder();
    BoolQueryBuilder boolQueryBuilder = new BoolQueryBuilder();
    searchRequest.indicesOptions(IndicesOptions.lenientExpandOpen());
    String alias_name = "nas_ip_address_group";
    String group_name = "nas_ip_address";
    String query_name = "acct_start_time";
    String query_type = "gte,lte";
    String query_name_value = "2020-08-05 13:25:55,2020-08-20 13:26:55";
    String[] query_types = query_type.split(",");
    String[] query_name_values = query_name_value.split(",");
    for (int i = 0; i < query_types.length; i++) {
        if ("gte".equals(query_types[i])) {
            boolQueryBuilder.must(QueryBuilders.rangeQuery(query_name).gte(query_name_values[i]));
        }
        if ("lte".equals(query_types[i])) {
            boolQueryBuilder.must(QueryBuilders.rangeQuery(query_name).lte(query_name_values[i]));
        }
    }
    AggregationBuilder aggregationBuilder = AggregationBuilders.terms(alias_name).field(group_name).size(Integer.MAX_VALUE);
    // 声明BucketPath,用于后面的bucket筛选
    Map<String, String> bucketsPathsMap = new HashMap<>(8);
    bucketsPathsMap.put("groupCount", "_count");
    // 设置脚本
    Script script = new Script("params.groupCount >= 1000");
    // 构建bucket选择器
    BucketSelectorPipelineAggregationBuilder bs = PipelineAggregatorBuilders.bucketSelector("having", bucketsPathsMap, script);
    aggregationBuilder.subAggregation(bs);
    sourceBuilder.aggregation(aggregationBuilder);
    // 不需要解释
    sourceBuilder.explain(false);
    // 不需要原始数据
    sourceBuilder.fetchSource(false);
    // 不需要版本号
    sourceBuilder.version(false);
    sourceBuilder.query(boolQueryBuilder);
    searchRequest.source(sourceBuilder);
    System.out.println(sourceBuilder);
    // 同步查询
    SearchResponse searchResponse = client.search(searchRequest, RequestOptions.DEFAULT);
    // 查询条数
    long count = searchResponse.getHits().getHits().length;
    Aggregations aggregations = searchResponse.getAggregations();
    // agg(aggregations);
    Map<String, Object> map = new HashMap<>();
    List<Map<String, Object>> list = new ArrayList<>();
    agg(list, aggregations);
    // System.out.println(map);
    System.out.println(list);
}
Also used : SearchRequest(org.elasticsearch.action.search.SearchRequest) Script(org.elasticsearch.script.Script) AggregationBuilder(org.elasticsearch.search.aggregations.AggregationBuilder) CardinalityAggregationBuilder(org.elasticsearch.search.aggregations.metrics.cardinality.CardinalityAggregationBuilder) TermsAggregationBuilder(org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder) BucketSelectorPipelineAggregationBuilder(org.elasticsearch.search.aggregations.pipeline.bucketselector.BucketSelectorPipelineAggregationBuilder) HashMap(java.util.HashMap) Aggregations(org.elasticsearch.search.aggregations.Aggregations) ArrayList(java.util.ArrayList) SearchSourceBuilder(org.elasticsearch.search.builder.SearchSourceBuilder) SearchResponse(org.elasticsearch.action.search.SearchResponse) BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder) BucketSelectorPipelineAggregationBuilder(org.elasticsearch.search.aggregations.pipeline.bucketselector.BucketSelectorPipelineAggregationBuilder) HashMap(java.util.HashMap) Map(java.util.Map)

Aggregations

SearchRequest (org.elasticsearch.action.search.SearchRequest)156 SearchSourceBuilder (org.elasticsearch.search.builder.SearchSourceBuilder)81 SearchResponse (org.elasticsearch.action.search.SearchResponse)69 Test (org.junit.Test)37 IOException (java.io.IOException)31 SearchHit (org.elasticsearch.search.SearchHit)25 BoolQueryBuilder (org.elasticsearch.index.query.BoolQueryBuilder)22 ArrayList (java.util.ArrayList)21 SearchRequest (org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchRequest)21 HashMap (java.util.HashMap)18 QueryBuilder (org.elasticsearch.index.query.QueryBuilder)17 List (java.util.List)16 SearchHits (org.elasticsearch.search.SearchHits)15 Pipeline (com.hazelcast.jet.pipeline.Pipeline)14 Map (java.util.Map)13 Matchers.containsString (org.hamcrest.Matchers.containsString)12 SearchResponse (org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchResponse)11 SearchSourceBuilder (org.graylog.shaded.elasticsearch7.org.elasticsearch.search.builder.SearchSourceBuilder)11 QueryBuilders (org.elasticsearch.index.query.QueryBuilders)10 Terms (org.elasticsearch.search.aggregations.bucket.terms.Terms)10