Examples with Decorator - org.graylog2.decorators.Decorator

Example 1 with Decorator

use of org.graylog2.decorators.Decorator in project graylog2-server by Graylog2.

the class DecoratorResource method update.

@PUT
@Path("/{decoratorId}")
@Timed
@ApiOperation(value = "Update a decorator")
@AuditEvent(type = AuditEventTypes.MESSAGE_DECORATOR_UPDATE)
public Decorator update(@ApiParam(name = "decorator id", required = true) @PathParam("decoratorId") final String decoratorId, @ApiParam(name = "JSON body", required = true) DecoratorImpl decorator) throws NotFoundException {
    final Decorator originalDecorator = decoratorService.findById(decoratorId);
    checkPermission(RestPermissions.DECORATORS_CREATE);
    if (originalDecorator.stream().isPresent()) {
        checkPermission(RestPermissions.STREAMS_EDIT, originalDecorator.stream().get());
    }
    return this.decoratorService.save(decorator.toBuilder().id(originalDecorator.id()).build());
}

Also used : SearchResponseDecorator(org.graylog2.plugin.decorators.SearchResponseDecorator) Decorator(org.graylog2.decorators.Decorator) Path(javax.ws.rs.Path) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT)

Example 2 with Decorator

use of org.graylog2.decorators.Decorator in project graylog2-server by Graylog2.

the class SyslogSeverityMapperDecoratorTest method testDecorator.

@Test
public void testDecorator() throws Exception {
    final DecoratorImpl decorator = DecoratorImpl.create("id", SyslogSeverityMapperDecorator.class.getCanonicalName(), ImmutableMap.of("source_field", "level", "target_field", "severity"), Optional.empty(), 1);
    final SyslogSeverityMapperDecorator mapperDecorator = new SyslogSeverityMapperDecorator(decorator);
    final IndexRangeSummary indexRangeSummary = IndexRangeSummary.create("graylog_0", Tools.nowUTC().minusDays(1), Tools.nowUTC(), null, 100);
    final List<ResultMessageSummary> messages = ImmutableList.of(ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "h", "level", "80"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "a", "level", "0"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "b", "level", "1"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "c", "level", "2"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "d", "level", "3"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "e", "level", "4"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "f", "level", "5"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "g", "level", "6"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "h", "level", "7"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "i", "foo", "1"), "graylog_0"));
    final SearchResponse searchResponse = SearchResponse.builder().query("foo").builtQuery("foo").usedIndices(ImmutableSet.of(indexRangeSummary)).messages(messages).fields(ImmutableSet.of("level")).time(100L).totalResults(messages.size()).from(Tools.nowUTC().minusHours(1)).to(Tools.nowUTC()).build();
    final SearchResponse response = mapperDecorator.apply(searchResponse);
    // Returns the value if the value cannot be mapped to a Syslog severity
    Assertions.assertThat(response.messages().get(0).message().get("level")).isEqualTo("80");
    Assertions.assertThat(response.messages().get(0).message().get("severity")).isNull();
    // Check that the mapping works correctly
    Assertions.assertThat(response.messages().get(1).message().get("level")).isEqualTo("0");
    Assertions.assertThat(response.messages().get(1).message().get("severity")).isEqualTo("Emergency (0)");
    Assertions.assertThat(response.messages().get(2).message().get("level")).isEqualTo("1");
    Assertions.assertThat(response.messages().get(2).message().get("severity")).isEqualTo("Alert (1)");
    Assertions.assertThat(response.messages().get(3).message().get("level")).isEqualTo("2");
    Assertions.assertThat(response.messages().get(3).message().get("severity")).isEqualTo("Critical (2)");
    Assertions.assertThat(response.messages().get(4).message().get("level")).isEqualTo("3");
    Assertions.assertThat(response.messages().get(4).message().get("severity")).isEqualTo("Error (3)");
    Assertions.assertThat(response.messages().get(5).message().get("level")).isEqualTo("4");
    Assertions.assertThat(response.messages().get(5).message().get("severity")).isEqualTo("Warning (4)");
    Assertions.assertThat(response.messages().get(6).message().get("level")).isEqualTo("5");
    Assertions.assertThat(response.messages().get(6).message().get("severity")).isEqualTo("Notice (5)");
    Assertions.assertThat(response.messages().get(7).message().get("level")).isEqualTo("6");
    Assertions.assertThat(response.messages().get(7).message().get("severity")).isEqualTo("Informational (6)");
    Assertions.assertThat(response.messages().get(8).message().get("level")).isEqualTo("7");
    Assertions.assertThat(response.messages().get(8).message().get("severity")).isEqualTo("Debug (7)");
    // If the message does not have a source field, we do not touch it
    Assertions.assertThat(response.messages().get(9).message().get("level")).isNull();
    Assertions.assertThat(response.messages().get(9).message().get("severity")).isNull();
    Assertions.assertThat(response.messages().get(9).message().get("foo")).isEqualTo("1");
}

Also used : IndexRangeSummary(org.graylog2.rest.models.system.indexer.responses.IndexRangeSummary) ResultMessageSummary(org.graylog2.rest.models.messages.responses.ResultMessageSummary) SearchResponse(org.graylog2.rest.resources.search.responses.SearchResponse) Test(org.junit.Test)

Example 3 with Decorator

use of org.graylog2.decorators.Decorator in project graylog2-server by Graylog2.

the class FormatStringDecoratorTest method testFormat.

@Test
public void testFormat() {
    final DecoratorImpl decorator = getDecoratorConfig("${field_a}: ${field_b}", "message", true);
    final FormatStringDecorator formatStringDecorator = new FormatStringDecorator(decorator, templateEngine);
    final SearchResponse searchResponse = getSearchResponse();
    final SearchResponse response = formatStringDecorator.apply(searchResponse);
    assertThat(response.messages().size()).isEqualTo(4);
    assertThat(response.messages().get(0).message().get("message")).isEqualTo("1: b");
    assertThat(response.messages().get(1).message().containsKey("message")).isFalse();
    assertThat(response.messages().get(2).message().containsKey("message")).isFalse();
    assertThat(response.messages().get(3).message().containsKey("message")).isFalse();
}

Also used : SearchResponse(org.graylog2.rest.resources.search.responses.SearchResponse) Test(org.junit.Test)

Example 4 with Decorator

use of org.graylog2.decorators.Decorator in project graylog2-server by Graylog2.

the class FormatStringDecoratorTest method formatAllowEmptyValues.

@Test
public void formatAllowEmptyValues() {
    final DecoratorImpl decorator = getDecoratorConfig("${field_a}: ${field_b}", "message", false);
    final FormatStringDecorator formatStringDecorator = new FormatStringDecorator(decorator, templateEngine);
    final SearchResponse searchResponse = getSearchResponse();
    final SearchResponse response = formatStringDecorator.apply(searchResponse);
    assertThat(response.messages().size()).isEqualTo(4);
    assertThat(response.messages().get(0).message().get("message")).isEqualTo("1: b");
    assertThat(response.messages().get(1).message().get("message")).isEqualTo("1:");
    assertThat(response.messages().get(2).message().get("message")).isEqualTo(": b");
    assertThat(response.messages().get(3).message().get("message")).isEqualTo(":");
}

Also used : SearchResponse(org.graylog2.rest.resources.search.responses.SearchResponse) Test(org.junit.Test)

Example 5 with Decorator

use of org.graylog2.decorators.Decorator in project graylog2-server by Graylog2.

the class DecoratorResource method delete.

@DELETE
@Path("/{decoratorId}")
@Timed
@ApiOperation(value = "Create a decorator")
@AuditEvent(type = AuditEventTypes.MESSAGE_DECORATOR_DELETE)
public void delete(@ApiParam(name = "decorator id", required = true) @PathParam("decoratorId") final String decoratorId) throws NotFoundException {
    checkPermission(RestPermissions.DECORATORS_EDIT);
    final Decorator decorator = this.decoratorService.findById(decoratorId);
    if (decorator.stream().isPresent()) {
        checkPermission(RestPermissions.STREAMS_EDIT, decorator.stream().get());
    }
    this.decoratorService.delete(decoratorId);
}

Also used : SearchResponseDecorator(org.graylog2.plugin.decorators.SearchResponseDecorator) Decorator(org.graylog2.decorators.Decorator) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent)

Aggregations

SearchResponse (org.graylog2.rest.resources.search.responses.SearchResponse)3 Test (org.junit.Test)3 Timed (com.codahale.metrics.annotation.Timed)2 ApiOperation (io.swagger.annotations.ApiOperation)2 Path (javax.ws.rs.Path)2 AuditEvent (org.graylog2.audit.jersey.AuditEvent)2 Decorator (org.graylog2.decorators.Decorator)2 SearchResponseDecorator (org.graylog2.plugin.decorators.SearchResponseDecorator)2 DELETE (javax.ws.rs.DELETE)1 PUT (javax.ws.rs.PUT)1 ResultMessageSummary (org.graylog2.rest.models.messages.responses.ResultMessageSummary)1 IndexRangeSummary (org.graylog2.rest.models.system.indexer.responses.IndexRangeSummary)1