use of org.graylog2.lookup.LookupTable in project graylog2-server by Graylog2.
the class InputFacade method resolveNativeEntityLookupTable.
private void resolveNativeEntityLookupTable(EntityDescriptor entityDescriptor, InputWithExtractors inputWithExtractors, MutableGraph<EntityDescriptor> mutableGraph) {
final Stream<String> extractorLookupNames = inputWithExtractors.extractors().stream().filter(e -> e.getType().equals(Extractor.Type.LOOKUP_TABLE)).map(e -> (String) e.getExtractorConfig().get(LookupTableExtractor.CONFIG_LUT_NAME));
final Stream<String> converterLookupNames = inputWithExtractors.extractors().stream().flatMap(e -> e.getConverters().stream()).filter(c -> c.getType().equals(Converter.Type.LOOKUP_TABLE)).map(c -> (String) c.getConfig().get("lookup_table_name"));
Stream.concat(extractorLookupNames, converterLookupNames).map(lookupTableService::get).filter(Optional::isPresent).map(Optional::get).forEach(lookupTableDto -> {
EntityDescriptor lookupTable = EntityDescriptor.create(ModelId.of(lookupTableDto.id()), ModelTypes.LOOKUP_TABLE_V1);
mutableGraph.putEdge(entityDescriptor, lookupTable);
});
}
use of org.graylog2.lookup.LookupTable in project graylog2-server by Graylog2.
the class LookupTableFacade method findExisting.
private Optional<NativeEntity<LookupTableDto>> findExisting(EntityV1 entity, Map<String, ValueReference> parameters) {
final LookupTableEntity lookupTableEntity = objectMapper.convertValue(entity.data(), LookupTableEntity.class);
final String name = lookupTableEntity.name().asString(parameters);
final String title = lookupTableEntity.title().asString(parameters);
final Optional<LookupTableDto> lookupTable = lookupTableService.get(name);
lookupTable.ifPresent(existingLookupTable -> compareLookupTable(name, title, existingLookupTable));
return lookupTable.map(lt -> NativeEntity.create(entity.id(), lt.id(), TYPE_V1, lt.title(), lt));
}
use of org.graylog2.lookup.LookupTable in project graylog2-server by Graylog2.
the class FunctionsSnippetsTest method registerFunctions.
@BeforeClass
@SuppressForbidden("Allow using default thread factory")
public static void registerFunctions() {
final Map<String, Function<?>> functions = commonFunctions();
functions.put(BooleanConversion.NAME, new BooleanConversion());
functions.put(DoubleConversion.NAME, new DoubleConversion());
functions.put(LongConversion.NAME, new LongConversion());
functions.put(StringConversion.NAME, new StringConversion());
functions.put(MapConversion.NAME, new MapConversion());
// message related functions
functions.put(HasField.NAME, new HasField());
functions.put(SetField.NAME, new SetField());
functions.put(SetFields.NAME, new SetFields());
functions.put(RenameField.NAME, new RenameField());
functions.put(RemoveField.NAME, new RemoveField());
functions.put(DropMessage.NAME, new DropMessage());
functions.put(CreateMessage.NAME, new CreateMessage());
functions.put(CloneMessage.NAME, new CloneMessage());
functions.put(TrafficAccountingSize.NAME, new TrafficAccountingSize());
// route to stream mocks
final StreamService streamService = mock(StreamService.class);
otherStream = mock(Stream.class, "some stream id2");
when(otherStream.isPaused()).thenReturn(false);
when(otherStream.getTitle()).thenReturn("some name");
when(otherStream.getId()).thenReturn("id2");
when(streamService.loadAll()).thenReturn(Lists.newArrayList(defaultStream, otherStream));
when(streamService.loadAllEnabled()).thenReturn(Lists.newArrayList(defaultStream, otherStream));
streamCacheService = new StreamCacheService(eventBus, streamService, null);
streamCacheService.startAsync().awaitRunning();
final Provider<Stream> defaultStreamProvider = () -> defaultStream;
functions.put(RouteToStream.NAME, new RouteToStream(streamCacheService, defaultStreamProvider));
functions.put(RemoveFromStream.NAME, new RemoveFromStream(streamCacheService, defaultStreamProvider));
lookupTableService = mock(LookupTableService.class, RETURNS_DEEP_STUBS);
lookupTable = spy(LookupTable.class);
when(lookupTableService.getTable(anyString())).thenReturn(lookupTable);
lookupServiceFunction = new LookupTableService.Function(lookupTableService, "table");
when(lookupTableService.newBuilder().lookupTable(anyString()).build()).thenReturn(lookupServiceFunction);
// input related functions
// TODO needs mock
// functions.put(FromInput.NAME, new FromInput());
// generic functions
functions.put(RegexMatch.NAME, new RegexMatch());
functions.put(RegexReplace.NAME, new RegexReplace());
// string functions
functions.put(Abbreviate.NAME, new Abbreviate());
functions.put(Capitalize.NAME, new Capitalize());
functions.put(Concat.NAME, new Concat());
functions.put(Contains.NAME, new Contains());
functions.put(EndsWith.NAME, new EndsWith());
functions.put(Lowercase.NAME, new Lowercase());
functions.put(Substring.NAME, new Substring());
functions.put(Swapcase.NAME, new Swapcase());
functions.put(Uncapitalize.NAME, new Uncapitalize());
functions.put(Uppercase.NAME, new Uppercase());
functions.put(KeyValue.NAME, new KeyValue());
functions.put(Join.NAME, new Join());
functions.put(Split.NAME, new Split());
functions.put(StartsWith.NAME, new StartsWith());
functions.put(Replace.NAME, new Replace());
functions.put(Length.NAME, new Length());
functions.put(FirstNonNull.NAME, new FirstNonNull());
final ObjectMapper objectMapper = new ObjectMapperProvider().get();
functions.put(JsonParse.NAME, new JsonParse(objectMapper));
functions.put(SelectJsonPath.NAME, new SelectJsonPath(objectMapper));
functions.put(DateConversion.NAME, new DateConversion());
functions.put(Now.NAME, new Now());
functions.put(FlexParseDate.NAME, new FlexParseDate());
functions.put(ParseDate.NAME, new ParseDate());
functions.put(ParseUnixMilliseconds.NAME, new ParseUnixMilliseconds());
functions.put(FormatDate.NAME, new FormatDate());
functions.put(Years.NAME, new Years());
functions.put(Months.NAME, new Months());
functions.put(Weeks.NAME, new Weeks());
functions.put(Days.NAME, new Days());
functions.put(Hours.NAME, new Hours());
functions.put(Minutes.NAME, new Minutes());
functions.put(Seconds.NAME, new Seconds());
functions.put(Millis.NAME, new Millis());
functions.put(PeriodParseFunction.NAME, new PeriodParseFunction());
functions.put(CRC32.NAME, new CRC32());
functions.put(CRC32C.NAME, new CRC32C());
functions.put(MD5.NAME, new MD5());
functions.put(Murmur3_32.NAME, new Murmur3_32());
functions.put(Murmur3_128.NAME, new Murmur3_128());
functions.put(SHA1.NAME, new SHA1());
functions.put(SHA256.NAME, new SHA256());
functions.put(SHA512.NAME, new SHA512());
functions.put(Base16Encode.NAME, new Base16Encode());
functions.put(Base16Decode.NAME, new Base16Decode());
functions.put(Base32Encode.NAME, new Base32Encode());
functions.put(Base32Decode.NAME, new Base32Decode());
functions.put(Base32HumanEncode.NAME, new Base32HumanEncode());
functions.put(Base32HumanDecode.NAME, new Base32HumanDecode());
functions.put(Base64Encode.NAME, new Base64Encode());
functions.put(Base64Decode.NAME, new Base64Decode());
functions.put(Base64UrlEncode.NAME, new Base64UrlEncode());
functions.put(Base64UrlDecode.NAME, new Base64UrlDecode());
functions.put(IpAddressConversion.NAME, new IpAddressConversion());
functions.put(CidrMatch.NAME, new CidrMatch());
functions.put(IsNull.NAME, new IsNull());
functions.put(IsNotNull.NAME, new IsNotNull());
functions.put(SyslogPriorityConversion.NAME, new SyslogPriorityConversion());
functions.put(SyslogPriorityToStringConversion.NAME, new SyslogPriorityToStringConversion());
functions.put(SyslogFacilityConversion.NAME, new SyslogFacilityConversion());
functions.put(SyslogLevelConversion.NAME, new SyslogLevelConversion());
functions.put(UrlConversion.NAME, new UrlConversion());
functions.put(UrlDecode.NAME, new UrlDecode());
functions.put(UrlEncode.NAME, new UrlEncode());
functions.put(IsBoolean.NAME, new IsBoolean());
functions.put(IsNumber.NAME, new IsNumber());
functions.put(IsDouble.NAME, new IsDouble());
functions.put(IsLong.NAME, new IsLong());
functions.put(IsString.NAME, new IsString());
functions.put(IsCollection.NAME, new IsCollection());
functions.put(IsList.NAME, new IsList());
functions.put(IsMap.NAME, new IsMap());
functions.put(IsDate.NAME, new IsDate());
functions.put(IsPeriod.NAME, new IsPeriod());
functions.put(IsIp.NAME, new IsIp());
functions.put(IsJson.NAME, new IsJson());
functions.put(IsUrl.NAME, new IsUrl());
final GrokPatternService grokPatternService = mock(GrokPatternService.class);
final GrokPattern greedyPattern = GrokPattern.create("GREEDY", ".*");
Set<GrokPattern> patterns = Sets.newHashSet(greedyPattern, GrokPattern.create("GREEDY", ".*"), GrokPattern.create("BASE10NUM", "(?<![0-9.+-])(?>[+-]?(?:(?:[0-9]+(?:\\.[0-9]+)?)|(?:\\.[0-9]+)))"), GrokPattern.create("NUMBER", "(?:%{BASE10NUM:UNWANTED})"), GrokPattern.create("UNDERSCORE", "(?<test_field>test)"), GrokPattern.create("NUM", "%{BASE10NUM}"));
when(grokPatternService.loadAll()).thenReturn(patterns);
when(grokPatternService.loadByName("GREEDY")).thenReturn(Optional.of(greedyPattern));
final EventBus clusterBus = new EventBus();
final GrokPatternRegistry grokPatternRegistry = new GrokPatternRegistry(clusterBus, grokPatternService, Executors.newScheduledThreadPool(1));
functions.put(GrokMatch.NAME, new GrokMatch(grokPatternRegistry));
functions.put(GrokExists.NAME, new GrokExists(grokPatternRegistry));
functions.put(MetricCounterIncrement.NAME, new MetricCounterIncrement(metricRegistry));
functions.put(LookupSetValue.NAME, new LookupSetValue(lookupTableService));
functions.put(LookupClearKey.NAME, new LookupClearKey(lookupTableService));
functions.put(LookupSetStringList.NAME, new LookupSetStringList(lookupTableService));
functions.put(LookupAddStringList.NAME, new LookupAddStringList(lookupTableService));
functions.put(LookupRemoveStringList.NAME, new LookupRemoveStringList(lookupTableService));
functionRegistry = new FunctionRegistry(functions);
}
use of org.graylog2.lookup.LookupTable in project graylog2-server by Graylog2.
the class FunctionsSnippetsTest method lookupSetStringList.
@Test
public void lookupSetStringList() {
final ImmutableList<String> testList = ImmutableList.of("foo", "bar");
doReturn(LookupResult.withoutTTL().stringListValue(testList).build()).when(lookupTable).setStringList(any(), any());
final Rule rule = parser.parseRule(ruleForTest(), true);
final Message message = evaluateRule(rule);
verify(lookupTable).setStringList("key", testList);
verifyNoMoreInteractions(lookupTable);
assertThat(message.getField("new_value")).isEqualTo(testList);
}
use of org.graylog2.lookup.LookupTable in project graylog2-server by Graylog2.
the class FunctionsSnippetsTest method lookupAddStringList.
@Test
public void lookupAddStringList() {
final ImmutableList<String> testList = ImmutableList.of("foo", "bar");
doReturn(LookupResult.withoutTTL().stringListValue(testList).build()).when(lookupTable).addStringList(any(), any(), anyBoolean());
final Rule rule = parser.parseRule(ruleForTest(), true);
final Message message = evaluateRule(rule);
verify(lookupTable).addStringList("key", testList, false);
verifyNoMoreInteractions(lookupTable);
assertThat(message.getField("new_value")).isEqualTo(testList);
}
Aggregations