use of org.graylog2.indexer.results.SearchResult in project graylog2-server by Graylog2.
the class QuerySuggestionsES6 method suggest.
@Override
public SuggestionResponse suggest(SuggestionRequest req) {
final Set<String> affectedIndices = indexLookup.indexNamesForStreamsInTimeRange(req.streams(), req.timerange());
final SearchSourceBuilder search = new SearchSourceBuilder().query(QueryBuilders.prefixQuery(req.field(), req.input())).size(0).aggregation(AggregationBuilders.terms("fieldvalues").field(req.field()).size(req.size())).suggest(new SuggestBuilder().addSuggestion("corrections", SuggestBuilders.termSuggestion(req.field()).text(req.input()).size(req.size())));
final Search.Builder searchBuilder = new Search.Builder(search.toString()).addType(IndexMapping.TYPE_MESSAGE).addIndex(affectedIndices.isEmpty() ? Collections.singleton("") : affectedIndices).allowNoIndices(false).ignoreUnavailable(false);
try {
final SearchResult result = JestUtils.execute(jestClient, searchBuilder.build(), () -> "Unable to perform aggregation: ");
final TermsAggregation aggregation = result.getAggregations().getTermsAggregation("fieldvalues");
final List<SuggestionEntry> entries = aggregation.getBuckets().stream().map(b -> new SuggestionEntry(b.getKeyAsString(), b.getCount())).collect(Collectors.toList());
if (!entries.isEmpty()) {
return SuggestionResponse.forSuggestions(req.field(), req.input(), entries, aggregation.getSumOtherDocCount());
} else {
final List<SuggestionEntry> corrections = Optional.of(result.getJsonObject()).map(o -> o.get("suggest")).map(o -> o.get("corrections")).map(o -> o.get(0)).map(o -> o.get("options")).map(options -> StreamSupport.stream(Spliterators.spliteratorUnknownSize(options.elements(), Spliterator.ORDERED), false).map(option -> new SuggestionEntry(option.get("text").textValue(), option.get("freq").longValue())).collect(Collectors.toList())).orElseGet(Collections::emptyList);
return SuggestionResponse.forSuggestions(req.field(), req.input(), corrections, null);
}
} catch (Exception e) {
final SuggestionError err = SuggestionError.create(e.getClass().getSimpleName(), e.getMessage());
return SuggestionResponse.forError(req.field(), req.input(), err);
}
}
use of org.graylog2.indexer.results.SearchResult in project graylog2-server by Graylog2.
the class IndicesAdapterES6 method move.
@Override
public void move(String source, String target, Consumer<IndexMoveResult> resultCallback) {
// TODO: This method should use the Re-index API: https://www.elastic.co/guide/en/elasticsearch/reference/5.3/docs-reindex.html
final String query = SearchSourceBuilder.searchSource().query(QueryBuilders.matchAllQuery()).size(350).sort(SortBuilders.fieldSort(FieldSortBuilder.DOC_FIELD_NAME)).toString();
final Search request = new Search.Builder(query).setParameter(Parameters.SCROLL, "10s").addIndex(source).build();
final SearchResult searchResult = JestUtils.execute(jestClient, request, () -> "Couldn't process search query response");
final String scrollId = searchResult.getJsonObject().path("_scroll_id").asText(null);
if (scrollId == null) {
throw new ElasticsearchException("Couldn't find scroll ID in search query response");
}
while (true) {
final SearchScroll scrollRequest = new SearchScroll.Builder(scrollId, "1m").build();
final JestResult scrollResult = JestUtils.execute(jestClient, scrollRequest, () -> "Couldn't process result of scroll query");
final JsonNode scrollHits = scrollResult.getJsonObject().path("hits").path("hits");
// No more hits.
if (scrollHits.size() == 0) {
break;
}
final Bulk.Builder bulkRequestBuilder = new Bulk.Builder();
for (JsonNode jsonElement : scrollHits) {
Optional.ofNullable(jsonElement.path("_source")).map(sourceJson -> objectMapper.<Map<String, Object>>convertValue(sourceJson, TypeReferences.MAP_STRING_OBJECT)).ifPresent(doc -> {
final String id = (String) doc.remove("_id");
if (!Strings.isNullOrEmpty(id)) {
bulkRequestBuilder.addAction(indexingHelper.prepareIndexRequest(target, doc, id));
}
});
}
final BulkResult bulkResult = JestUtils.execute(jestClient, bulkRequestBuilder.build(), () -> "Couldn't bulk index messages into index " + target);
final boolean hasFailedItems = !bulkResult.getFailedItems().isEmpty();
final IndexMoveResult result = IndexMoveResult.create(bulkResult.getItems().size(), bulkResult.getJsonObject().path("took").asLong(), hasFailedItems);
resultCallback.accept(result);
}
}
use of org.graylog2.indexer.results.SearchResult in project graylog2-server by Graylog2.
the class ESPivot method processSeries.
private void processSeries(PivotResult.Row.Builder rowBuilder, SearchResult searchResult, ESGeneratedQueryContext queryContext, Pivot pivot, ArrayDeque<String> columnKeys, MetricAggregation aggregation, boolean rollup, String source) {
pivot.series().forEach(seriesSpec -> {
final ESPivotSeriesSpecHandler<? extends SeriesSpec, ? extends Aggregation> seriesHandler = seriesHandlers.get(seriesSpec.type());
final Aggregation series = seriesHandler.extractAggregationFromResult(pivot, seriesSpec, aggregation, queryContext);
seriesHandler.handleResult(pivot, seriesSpec, searchResult, series, this, queryContext).map(value -> {
columnKeys.addLast(value.id());
final PivotResult.Value v = PivotResult.Value.create(columnKeys, value.value(), rollup, source);
columnKeys.removeLast();
return v;
}).forEach(rowBuilder::addValue);
});
}
use of org.graylog2.indexer.results.SearchResult in project graylog2-server by Graylog2.
the class FieldContentValueAlertConditionTest method testCorrectUsageOfRelativeRange.
@Test
public void testCorrectUsageOfRelativeRange() throws Exception {
final Stream stream = mock(Stream.class);
final Searches searches = mock(Searches.class);
final Configuration configuration = mock(Configuration.class);
final SearchResult searchResult = mock(SearchResult.class);
final int alertCheckInterval = 42;
final RelativeRange relativeRange = RelativeRange.create(alertCheckInterval);
when(stream.getId()).thenReturn("stream-id");
when(configuration.getAlertCheckInterval()).thenReturn(alertCheckInterval);
when(searches.search(anyString(), anyString(), eq(relativeRange), anyInt(), anyInt(), any(Sorting.class))).thenReturn(searchResult);
final FieldContentValueAlertCondition alertCondition = new FieldContentValueAlertCondition(searches, configuration, stream, null, DateTime.now(DateTimeZone.UTC), "mockuser", ImmutableMap.<String, Object>of("field", "test", "value", "test"), "Field Content Value Test COndition");
final AbstractAlertCondition.CheckResult result = alertCondition.runCheck();
}
use of org.graylog2.indexer.results.SearchResult in project graylog2-server by Graylog2.
the class SearchesIT method searchReturnsCorrectTotalHits.
@Test
public void searchReturnsCorrectTotalHits() throws Exception {
importFixture("org/graylog2/indexer/searches/SearchesIT.json");
final AbsoluteRange range = AbsoluteRange.create(new DateTime(2015, 1, 1, 0, 0, DateTimeZone.UTC).withZone(UTC), new DateTime(2015, 1, 2, 0, 0, DateTimeZone.UTC).withZone(UTC));
final SearchResult searchResult = searches.search("*", range, 5, 0, Sorting.DEFAULT);
assertThat(searchResult).isNotNull();
assertThat(searchResult.getResults()).hasSize(5);
assertThat(searchResult.getTotalResults()).isEqualTo(10L);
assertThat(searchResult.getFields()).doesNotContain("es_metadata_id", "es_metadata_version");
}
Aggregations