Example 36 with BoolQueryBuilder
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder in project uavstack by uavorg.
the class NewLogQueryHandler method queryByLogContent.
/**
* 日志内容搜索
*
* @param data
*/
@SuppressWarnings("rawtypes")
private void queryByLogContent(UAVHttpMessage data) {
BoolQueryBuilder queryBuilder = QueryBuilders.boolQuery();
/**
* 如果有开始和结束时间
*/
long startTime = DataConvertHelper.toLong(data.getRequest("stime"), -1);
long endTime = DataConvertHelper.toLong(data.getRequest("etime"), -1);
if (startTime > -1 && endTime > -1 && endTime >= startTime) {
queryBuilder.must(QueryBuilders.rangeQuery("l_timestamp").gte(startTime).lte(endTime));
}
/**
* 如果有日志行号 有可能只有sline或eline也有可能都有
*/
long startLine = DataConvertHelper.toLong(data.getRequest("sline"), -1);
long endLine = DataConvertHelper.toLong(data.getRequest("eline"), -1);
if (startLine > -1 && endLine > -1 && endLine > startLine) {
queryBuilder.must(QueryBuilders.rangeQuery("l_num").gte(startLine).lt(endLine));
} else if (startLine > -1) {
queryBuilder.must(QueryBuilders.rangeQuery("l_num").gte(startLine));
} else if (endLine > -1) {
queryBuilder.must(QueryBuilders.rangeQuery("l_num").lt(endLine));
}
String appid = data.getRequest("appid");
if (appid != null) {
queryBuilder.must(QueryBuilders.termQuery("appid", appid));
}
String ipport = data.getRequest("ipport");
if (ipport != null) {
queryBuilder.must(QueryBuilders.termQuery("ipport", ipport));
}
/**
* 内容搜索
*/
// get logtype for search
String logType = data.getRequest("logtype");
/**
* 默认Type的字段只有ctn
*/
if (logType.endsWith("_def")) {
parseSearchCondition(queryBuilder, data);
} else /**
* 自定义规则
*/
{
// TODO
}
SortBuilder[] sorts = buildSort(data);
this.queryToList(data, queryBuilder, null, sorts);
}
Also used :
FieldSortBuilder(org.elasticsearch.search.sort.FieldSortBuilder)
SortBuilder(org.elasticsearch.search.sort.SortBuilder)
BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder)
Example 37 with BoolQueryBuilder
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder in project uavstack by uavorg.
the class ThreadAnalysisQueryHandler method queryMultiDumpInfo.
private void queryMultiDumpInfo(UAVHttpMessage data) {
String ipport = data.getRequest("ipport");
String timesStr = data.getRequest("times");
List<String> times = JSONHelper.toObjectArray(timesStr, String.class);
List<List<Map<String, Object>>> records = new ArrayList<>();
for (String time : times) {
long timestamp = DataConvertHelper.toLong(time, -1L);
// build query builder
BoolQueryBuilder queryBuilder = QueryBuilders.boolQuery();
queryBuilder.must(QueryBuilders.rangeQuery("time").gte(timestamp).lte(timestamp));
queryBuilder.must(QueryBuilders.termQuery("ipport", ipport));
SearchResponse sr = query(data, queryBuilder, null, buildSorts(data));
List<Map<String, Object>> record = getRecords(sr);
records.add(record);
}
ThreadAnalyser ta = (ThreadAnalyser) getConfigManager().getComponent(feature, "ThreadAnalyser");
List<Map<String, String>> rs = ta.queryMutilDumpInfo(times, records);
data.putResponse("rs", JSONHelper.toString(rs));
}
Also used :
ArrayList(java.util.ArrayList)
SearchResponse(org.elasticsearch.action.search.SearchResponse)
BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder)
ThreadAnalyser(com.creditease.uav.threadanalysis.server.ThreadAnalyser)
ArrayList(java.util.ArrayList)
List(java.util.List)
ThreadObject(com.creditease.uav.threadanalysis.server.da.ThreadObject)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 38 with BoolQueryBuilder
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder in project uavstack by uavorg.
the class ThreadAnalysisQueryHandler method queryMultiDumpGraph.
private void queryMultiDumpGraph(UAVHttpMessage data) {
String ipport = data.getRequest("ipport");
String timesStr = data.getRequest("times");
String threadIdsStr = data.getRequest("threadIds");
List<String> times = JSONHelper.toObjectArray(timesStr, String.class);
List<String> threadIds = JSONHelper.toObjectArray(threadIdsStr, String.class);
List<List<Map<String, Object>>> records = new ArrayList<>();
for (String time : times) {
long timestamp = DataConvertHelper.toLong(time, -1L);
// build query builder
BoolQueryBuilder queryBuilder = QueryBuilders.boolQuery();
queryBuilder.must(QueryBuilders.rangeQuery("time").gte(timestamp).lte(timestamp));
queryBuilder.must(QueryBuilders.termQuery("ipport", ipport));
SearchResponse sr = query(data, queryBuilder, null, buildSorts(data));
List<Map<String, Object>> record = getRecords(sr);
records.add(record);
}
ThreadAnalyser ta = (ThreadAnalyser) getConfigManager().getComponent(feature, "ThreadAnalyser");
Map<String, Object> rs = ta.queryMutilDumpGraph(threadIds, records);
data.putResponse("rs", JSONHelper.toString(rs));
}
Also used :
ArrayList(java.util.ArrayList)
SearchResponse(org.elasticsearch.action.search.SearchResponse)
BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder)
ThreadAnalyser(com.creditease.uav.threadanalysis.server.ThreadAnalyser)
ArrayList(java.util.ArrayList)
List(java.util.List)
ThreadObject(com.creditease.uav.threadanalysis.server.da.ThreadObject)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 39 with BoolQueryBuilder
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder in project uavstack by uavorg.
the class ThreadAnalysisQueryHandler method buildQuery.
private QueryBuilder buildQuery(UAVHttpMessage data) {
long startTime = DataConvertHelper.toLong(data.getRequest("stime"), -1L);
long endTime = DataConvertHelper.toLong(data.getRequest("etime"), -1L);
if (startTime == -1L || endTime == -1L || endTime < startTime) {
data.putResponse("rs", "ERR");
data.putResponse("msg", "The Time Range Error: startTime=" + startTime + ",endTime=" + endTime);
return null;
}
BoolQueryBuilder queryBuilder = QueryBuilders.boolQuery();
// time
queryBuilder.must(QueryBuilders.rangeQuery("time").gte(startTime).lte(endTime));
// user
String user = data.getRequest("user");
if (user != null) {
queryBuilder.must(QueryBuilders.termQuery("user", user));
}
// pname,已做分词
String pname = data.getRequest("pname");
if (pname != null) {
queryBuilder.must(QueryBuilders.matchQuery("pname", pname));
}
// ipport
String ipport = data.getRequest("ipport");
if (ipport != null) {
queryBuilder.must(QueryBuilders.termQuery("ipport", ipport));
}
// pid
String pid = data.getRequest("pid");
if (pid != null) {
queryBuilder.must(QueryBuilders.termQuery("pid", pid));
}
// appgroup
String appgroup = data.getRequest("appgroup");
if (appgroup != null) {
queryBuilder.must(QueryBuilders.termQuery("appgroup", appgroup));
}
// tid
String tid = data.getRequest("tid");
if (tid != null) {
queryBuilder.must(QueryBuilders.termQuery("tid", tid));
}
// state
String state = data.getRequest("state");
if (state != null) {
queryBuilder.must(QueryBuilders.termQuery("state", state));
}
// timeadd
String timeadd = data.getRequest("timeadd");
if (timeadd != null) {
queryBuilder.must(QueryBuilders.termQuery("timeadd", timeadd));
}
final double PRECISION = 0.0000001F;
// percpu
double spercpu = DataConvertHelper.toDouble(data.getRequest("spercpu"), -1.0F);
double epercpu = DataConvertHelper.toDouble(data.getRequest("epercpu"), -1.0F);
RangeQueryBuilder percpu = QueryBuilders.rangeQuery("percpu");
if (spercpu + 1.0F > PRECISION) {
percpu.gte(spercpu);
}
if (epercpu + 1.0F > PRECISION) {
percpu.lte(epercpu);
}
if (epercpu < spercpu) {
data.putResponse("rs", "ERR");
data.putResponse("msg", "The percpu Range Error: spercpu=" + spercpu + ",epercpu=" + epercpu);
return null;
}
queryBuilder.must(percpu);
// permem
double spermem = DataConvertHelper.toDouble(data.getRequest("spermem"), -1.0F);
double epermem = DataConvertHelper.toDouble(data.getRequest("epermem"), -1.0F);
RangeQueryBuilder permem = QueryBuilders.rangeQuery("permem");
if (spermem + 1.0F > PRECISION) {
permem.gte(spermem);
}
if (epermem + 1.0F > PRECISION) {
permem.lte(epermem);
}
if (epermem < spermem) {
data.putResponse("rs", "ERR");
data.putResponse("msg", "The permem Range Error: spercpu=" + spermem + ",epercpu=" + epermem);
return null;
}
queryBuilder.must(permem);
// info,已做分词
String info = data.getRequest("info");
if (info != null) {
queryBuilder.must(QueryBuilders.matchQuery("info", info));
}
return queryBuilder;
}
Also used :
BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder)
RangeQueryBuilder(org.elasticsearch.index.query.RangeQueryBuilder)
Example 40 with BoolQueryBuilder
use of org.graylog.shaded.elasticsearch7.org.elasticsearch.index.query.BoolQueryBuilder in project herd by FINRAOS.
the class ElasticSearchHelperTest method testAddIndexSearchFilterBooleanClause.
@Test
public void testAddIndexSearchFilterBooleanClause() {
TagKey tagKey = new TagKey();
tagKey.setTagCode(TAG_CODE);
tagKey.setTagTypeCode(TAG_TYPE_CODE);
IndexSearchResultTypeKey indexSearchResultTypeKey = new IndexSearchResultTypeKey();
indexSearchResultTypeKey.setIndexSearchResultType(INDEX_SEARCH_RESULT_TYPE);
List<IndexSearchKey> indexSearchKeys = new ArrayList<>();
IndexSearchKey indexSearchKey = new IndexSearchKey();
indexSearchKey.setTagKey(tagKey);
indexSearchKey.setIndexSearchResultTypeKey(indexSearchResultTypeKey);
indexSearchKeys.add(indexSearchKey);
List<IndexSearchFilter> indexSearchFilters = new ArrayList<>();
IndexSearchFilter indexSearchFilter1 = new IndexSearchFilter();
indexSearchFilter1.setIsExclusionSearchFilter(true);
indexSearchFilter1.setIndexSearchKeys(indexSearchKeys);
IndexSearchFilter indexSearchFilter2 = new IndexSearchFilter();
indexSearchFilter2.setIsExclusionSearchFilter(false);
indexSearchFilter2.setIndexSearchKeys(indexSearchKeys);
indexSearchFilters.add(indexSearchFilter1);
indexSearchFilters.add(indexSearchFilter2);
BoolQueryBuilder result = elasticsearchHelper.addIndexSearchFilterBooleanClause(indexSearchFilters, "bdefIndex", "tagIndex");
assertThat("Result is null.", result, is(notNullValue()));
}
Also used :
IndexSearchKey(org.finra.herd.model.api.xml.IndexSearchKey)
BoolQueryBuilder(org.elasticsearch.index.query.BoolQueryBuilder)
TagKey(org.finra.herd.model.api.xml.TagKey)
ArrayList(java.util.ArrayList)
IndexSearchResultTypeKey(org.finra.herd.model.api.xml.IndexSearchResultTypeKey)
IndexSearchFilter(org.finra.herd.model.api.xml.IndexSearchFilter)
Test(org.junit.Test)
AbstractDaoTest(org.finra.herd.dao.AbstractDaoTest)
Aggregations
BoolQueryBuilder (org.elasticsearch.index.query.BoolQueryBuilder)201
SearchResponse (org.elasticsearch.action.search.SearchResponse)73
QueryBuilder (org.elasticsearch.index.query.QueryBuilder)58
SearchHit (org.elasticsearch.search.SearchHit)41
SearchRequestBuilder (org.elasticsearch.action.search.SearchRequestBuilder)38
SearchSourceBuilder (org.elasticsearch.search.builder.SearchSourceBuilder)30
Map (java.util.Map)29
ArrayList (java.util.ArrayList)27
HashMap (java.util.HashMap)25
List (java.util.List)23
SearchRequest (org.elasticsearch.action.search.SearchRequest)21
Test (org.junit.Test)18
RangeQueryBuilder (org.elasticsearch.index.query.RangeQueryBuilder)16
TermsAggregationBuilder (org.elasticsearch.search.aggregations.bucket.terms.TermsAggregationBuilder)16
QueryBuilders (org.elasticsearch.index.query.QueryBuilders)14
FilterAggregationBuilder (org.elasticsearch.search.aggregations.bucket.filter.FilterAggregationBuilder)13
Logger (org.slf4j.Logger)12
LoggerFactory (org.slf4j.LoggerFactory)12
LinkedList (java.util.LinkedList)11
FieldSortBuilder (org.elasticsearch.search.sort.FieldSortBuilder)11
