Search in sources :

Example 26 with SearchResult

use of org.graylog2.indexer.results.SearchResult in project graylog2-server by Graylog2.

the class SearchesAdapterES7 method fieldStats.

@Override
public FieldStatsResult fieldStats(String query, String filter, TimeRange range, Set<String> indices, String field, boolean includeCardinality, boolean includeStats, boolean includeCount) {
    final SearchesConfig config = SearchesConfig.builder().query(query).filter(filter).range(range).offset(0).limit(-1).build();
    final SearchSourceBuilder searchSourceBuilder = searchRequestFactory.create(config);
    if (includeCount) {
        searchSourceBuilder.aggregation(AggregationBuilders.count(AGG_VALUE_COUNT).field(field));
    }
    if (includeStats) {
        searchSourceBuilder.aggregation(AggregationBuilders.extendedStats(AGG_EXTENDED_STATS).field(field));
    }
    if (includeCardinality) {
        searchSourceBuilder.aggregation(AggregationBuilders.cardinality(AGG_CARDINALITY).field(field));
    }
    if (indices.isEmpty()) {
        return FieldStatsResult.empty(query, searchSourceBuilder.toString());
    }
    final SearchRequest searchRequest = new SearchRequest(indices.toArray(new String[0])).source(searchSourceBuilder);
    final SearchResponse searchResult = client.search(searchRequest, "Unable to retrieve fields stats");
    final List<ResultMessage> resultMessages = extractResultMessages(searchResult);
    final long tookMs = searchResult.getTook().getMillis();
    final ExtendedStats extendedStatsAggregation = searchResult.getAggregations().get(AGG_EXTENDED_STATS);
    final ValueCount valueCountAggregation = searchResult.getAggregations().get(AGG_VALUE_COUNT);
    final Cardinality cardinalityAggregation = searchResult.getAggregations().get(AGG_CARDINALITY);
    return createFieldStatsResult(extendedStatsAggregation, valueCountAggregation, cardinalityAggregation, resultMessages, query, searchSourceBuilder.toString(), tookMs);
}
Also used : SearchRequest(org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchRequest) ValueCount(org.graylog.shaded.elasticsearch7.org.elasticsearch.search.aggregations.metrics.ValueCount) SearchesConfig(org.graylog2.indexer.searches.SearchesConfig) Cardinality(org.graylog.shaded.elasticsearch7.org.elasticsearch.search.aggregations.metrics.Cardinality) ExtendedStats(org.graylog.shaded.elasticsearch7.org.elasticsearch.search.aggregations.metrics.ExtendedStats) ResultMessage(org.graylog2.indexer.results.ResultMessage) SearchSourceBuilder(org.graylog.shaded.elasticsearch7.org.elasticsearch.search.builder.SearchSourceBuilder) SearchResponse(org.graylog.shaded.elasticsearch7.org.elasticsearch.action.search.SearchResponse)

Aggregations

SearchResult (org.graylog2.indexer.results.SearchResult)11 DateTime (org.joda.time.DateTime)11 ResultMessage (org.graylog2.indexer.results.ResultMessage)10 Inject (javax.inject.Inject)8 AbsoluteRange (org.graylog2.plugin.indexer.searches.timeranges.AbsoluteRange)8 List (java.util.List)7 Optional (java.util.Optional)7 SearchSourceBuilder (org.graylog.shaded.elasticsearch6.org.elasticsearch.search.builder.SearchSourceBuilder)7 Sorting (org.graylog2.indexer.searches.Sorting)7 Message (org.graylog2.plugin.Message)7 Test (org.junit.Test)7 Search (io.searchbox.core.Search)6 SearchResult (io.searchbox.core.SearchResult)6 Map (java.util.Map)6 Set (java.util.Set)6 RelativeRange (org.graylog2.plugin.indexer.searches.timeranges.RelativeRange)6 Collectors (java.util.stream.Collectors)5 Logger (org.slf4j.Logger)5 LoggerFactory (org.slf4j.LoggerFactory)5 ImmutableList (com.google.common.collect.ImmutableList)4