Examples with BoolQueryBuilder org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder used on opensource projects

Example 86 with BoolQueryBuilder

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder in project graylog2-server by Graylog2.

the class ElasticsearchBackend method generateFilterClause.

// TODO make pluggable
public Optional<QueryBuilder> generateFilterClause(Filter filter, SearchJob job, Query query) {
    if (filter == null) {
        return Optional.empty();
    }
    switch(filter.type()) {
        case AndFilter.NAME:
            final BoolQueryBuilder andBuilder = QueryBuilders.boolQuery();
            filter.filters().stream().map(filter1 -> generateFilterClause(filter1, job, query)).forEach(optQueryBuilder -> optQueryBuilder.ifPresent(andBuilder::must));
            return Optional.of(andBuilder);
        case OrFilter.NAME:
            final BoolQueryBuilder orBuilder = QueryBuilders.boolQuery();
            // TODO for the common case "any of these streams" we can optimize the filter into
            // a single "termsQuery" instead of "termQuery OR termQuery" if all direct children are "StreamFilter"
            filter.filters().stream().map(filter1 -> generateFilterClause(filter1, job, query)).forEach(optQueryBuilder -> optQueryBuilder.ifPresent(orBuilder::should));
            return Optional.of(orBuilder);
        case StreamFilter.NAME:
            // Skipping stream filter, will be extracted elsewhere
            return Optional.empty();
        case QueryStringFilter.NAME:
            return Optional.of(QueryBuilders.queryStringQuery(this.queryStringDecorators.decorate(((QueryStringFilter) filter).query(), job, query)));
    }
    return Optional.empty();
}

Example 87 with BoolQueryBuilder

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder in project graylog2-server by Graylog2.

the class SearchRequestFactory method buildStreamIdFilter.

private BoolQueryBuilder buildStreamIdFilter(Set<String> streams) {
    final BoolQueryBuilder filterBuilder = boolQuery();
    // exist in Graylog <2.2.0.
    if (streams.contains(Stream.DEFAULT_STREAM_ID)) {
        filterBuilder.should(boolQuery().mustNot(existsQuery(Message.FIELD_STREAMS)));
    }
    // Only select messages which are assigned to the given streams
    filterBuilder.should(termsQuery(Message.FIELD_STREAMS, streams));
    return filterBuilder;
}

Example 88 with BoolQueryBuilder

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder in project graylog2-server by Graylog2.

the class IndexToolsAdapterES6 method fieldHistogram.

@Override
public Map<DateTime, Map<String, Long>> fieldHistogram(String fieldName, Set<String> indices, Optional<Set<String>> includedStreams, long interval) {
    final BoolQueryBuilder queryBuilder = buildStreamIdFilter(includedStreams);
    final FilterAggregationBuilder the_filter = AggregationBuilders.filter(AGG_FILTER, queryBuilder).subAggregation(AggregationBuilders.dateHistogram(AGG_DATE_HISTOGRAM).field("timestamp").subAggregation(AggregationBuilders.terms(AGG_MESSAGE_FIELD).field(fieldName)).interval(interval).minDocCount(1L));
    final SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder().query(QueryBuilders.matchAllQuery()).aggregation(the_filter);
    final Search.Builder searchBuilder = new Search.Builder(searchSourceBuilder.toString()).addIndex(indices).addType(IndexMapping.TYPE_MESSAGE);
    final SearchResult searchResult = JestUtils.execute(this.jestClient, searchBuilder.build(), () -> "Unable to retrieve field histogram.");
    final FilterAggregation filterAggregation = searchResult.getAggregations().getFilterAggregation(AGG_FILTER);
    final DateHistogramAggregation dateHistogram = filterAggregation.getDateHistogramAggregation(AGG_DATE_HISTOGRAM);
    final List<DateHistogramAggregation.DateHistogram> histogramBuckets = dateHistogram.getBuckets();
    final Map<DateTime, Map<String, Long>> result = Maps.newHashMapWithExpectedSize(histogramBuckets.size());
    for (HistogramAggregation.Histogram bucket : histogramBuckets) {
        final DateTime date = new DateTime(bucket.getKey()).toDateTime(DateTimeZone.UTC);
        final TermsAggregation sourceFieldAgg = bucket.getTermsAggregation(AGG_MESSAGE_FIELD);
        final List<TermsAggregation.Entry> termBuckets = sourceFieldAgg.getBuckets();
        final HashMap<String, Long> termCounts = Maps.newHashMapWithExpectedSize(termBuckets.size());
        for (TermsAggregation.Entry termBucket : termBuckets) {
            termCounts.put(termBucket.getKeyAsString(), termBucket.getCount());
        }
        result.put(date, termCounts);
    }
    return ImmutableMap.copyOf(result);
}

Example 89 with BoolQueryBuilder

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder in project graylog2-server by Graylog2.

the class SearchesAdapterES6 method buildSearchRequest.

private SearchSourceBuilder buildSearchRequest(ScrollCommand scrollCommand) {
    final String query = normalizeQuery(scrollCommand.query());
    final QueryBuilder queryBuilder = isWildcardQuery(query) ? matchAllQuery() : queryStringQuery(query).allowLeadingWildcard(configuration.isAllowLeadingWildcardSearches());
    final Optional<BoolQueryBuilder> rangeQueryBuilder = scrollCommand.range().map(range -> QueryBuilders.boolQuery().must(TimeRangeQueryFactory.create(range)));
    final Optional<BoolQueryBuilder> filterQueryBuilder = scrollCommand.filter().filter(filter -> !isWildcardQuery(filter)).map(QueryBuilders::queryStringQuery).map(filter -> rangeQueryBuilder.orElse(QueryBuilders.boolQuery()).must(filter));
    final BoolQueryBuilder filteredQueryBuilder = QueryBuilders.boolQuery().must(queryBuilder);
    filterQueryBuilder.ifPresent(filteredQueryBuilder::filter);
    applyStreamsFilter(filteredQueryBuilder, scrollCommand);
    final SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder().query(filteredQueryBuilder);
    applyPaginationIfPresent(searchSourceBuilder, scrollCommand);
    applySortingIfPresent(searchSourceBuilder, scrollCommand);
    applyHighlighting(searchSourceBuilder, scrollCommand);
    return searchSourceBuilder;
}

Example 90 with BoolQueryBuilder

use of org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder in project yacy_grid_mcp by yacy.

the class YaCyQuery method preparse.

private QueryBuilder preparse(String q, int timezoneOffset) {
    // detect usage of OR connector usage.
    q = fixQueryMistakes(q);
    // OR binds stronger than AND
    List<String> terms = splitIntoORGroups(q);
    // special handling: we don't need a boolean query builder on top; just return one parse object
    if (terms.size() == 1)
        return parse(terms.get(0), timezoneOffset);
    // generic handling: all of those OR groups MUST match. That is done with the filter query
    BoolQueryBuilder aquery = QueryBuilders.boolQuery();
    for (String t : terms) {
        QueryBuilder partial = parse(t, timezoneOffset);
        aquery.filter(partial);
    }
    return aquery;
}