Examples with Message org.graylog2.plugin.Message used on opensource projects

Search in sources :

Example 46 with Message

use of org.graylog2.plugin.Message in project graylog2-server by Graylog2.

the class FunctionsSnippetsTest method accountingSize.

@Test
public void accountingSize() {
    final Rule rule = parser.parseRule(ruleForTest(), true);
    final Message message = evaluateRule(rule);
    // this can change if either the test message content changes or traffic accounting calculation is changed!
    assertThat(message.getField("accounting_size")).isEqualTo(54L);
}
Also used : CreateMessage(org.graylog.plugins.pipelineprocessor.functions.messages.CreateMessage) CloneMessage(org.graylog.plugins.pipelineprocessor.functions.messages.CloneMessage) DropMessage(org.graylog.plugins.pipelineprocessor.functions.messages.DropMessage) Message(org.graylog2.plugin.Message) MockitoRule(org.mockito.junit.MockitoRule) Rule(org.graylog.plugins.pipelineprocessor.ast.Rule) BaseParserTest(org.graylog.plugins.pipelineprocessor.BaseParserTest) Test(org.junit.Test)

Example 47 with Message

use of org.graylog2.plugin.Message in project graylog2-server by Graylog2.

the class BaseParserTest method evaluateRule.

@Nullable
protected Message evaluateRule(Rule rule, Consumer<Message> messageModifier) {
    final Message message = new Message("hello test", "source", DateTime.now(DateTimeZone.UTC));
    message.addStream(defaultStream);
    messageModifier.accept(message);
    return evaluateRule(rule, message);
}
Also used : Message(org.graylog2.plugin.Message) Nullable(javax.annotation.Nullable)

Example 48 with Message

use of org.graylog2.plugin.Message in project graylog2-server by Graylog2.

the class FunctionsSnippetsTest method grok.

@Test
public void grok() {
    final Rule rule = parser.parseRule(ruleForTest(), false);
    final Message message = evaluateRule(rule);
    assertThat(message).isNotNull();
    assertThat(message.getFieldCount()).isEqualTo(6);
    assertThat(message.getTimestamp()).isEqualTo(DateTime.parse("2015-07-31T10:05:36.773Z"));
    // named captures only
    assertThat(message.hasField("num")).isTrue();
    assertThat(message.hasField("BASE10NUM")).isFalse();
    // Test for issue 5563 and 5794
    // ensure named groups with underscore work
    assertThat(message.hasField("test_field")).isTrue();
}
Also used : CreateMessage(org.graylog.plugins.pipelineprocessor.functions.messages.CreateMessage) CloneMessage(org.graylog.plugins.pipelineprocessor.functions.messages.CloneMessage) DropMessage(org.graylog.plugins.pipelineprocessor.functions.messages.DropMessage) Message(org.graylog2.plugin.Message) MockitoRule(org.mockito.junit.MockitoRule) Rule(org.graylog.plugins.pipelineprocessor.ast.Rule) BaseParserTest(org.graylog.plugins.pipelineprocessor.BaseParserTest) Test(org.junit.Test)

Example 49 with Message

use of org.graylog2.plugin.Message in project graylog2-server by Graylog2.

the class FunctionsSnippetsTest method firstNonNull.

@Test
public void firstNonNull() {
    final Rule rule = parser.parseRule(ruleForTest(), true);
    final Message message = evaluateRule(rule);
    assertThat(message.getField("not_found")).isNull();
    assertThat(message.getField("first_found")).isEqualTo("first");
    assertThat(message.getField("middle_found")).isEqualTo("middle");
    assertThat(message.getField("last_found")).isEqualTo("last");
    assertThat(message.getField("list_found")).isInstanceOf(List.class);
    assertThat(message.getField("int_found")).isInstanceOf(Long.class);
}
Also used : CreateMessage(org.graylog.plugins.pipelineprocessor.functions.messages.CreateMessage) CloneMessage(org.graylog.plugins.pipelineprocessor.functions.messages.CloneMessage) DropMessage(org.graylog.plugins.pipelineprocessor.functions.messages.DropMessage) Message(org.graylog2.plugin.Message) MockitoRule(org.mockito.junit.MockitoRule) Rule(org.graylog.plugins.pipelineprocessor.ast.Rule) BaseParserTest(org.graylog.plugins.pipelineprocessor.BaseParserTest) Test(org.junit.Test)

Example 50 with Message

use of org.graylog2.plugin.Message in project graylog2-server by Graylog2.

the class FunctionsSnippetsTest method json.

@Test
public void json() {
    final String flatJson = "{\"str\":\"foobar\",\"int\":42,\"float\":2.5,\"bool\":true,\"array\":[1,2,3]}";
    final String nestedJson = "{\n" + "    \"store\": {\n" + "        \"book\": {\n" + "            \"category\": \"reference\",\n" + "            \"author\": \"Nigel Rees\",\n" + "            \"title\": \"Sayings of the Century\",\n" + "            \"price\": 8.95\n" + "        },\n" + "        \"bicycle\": {\n" + "            \"color\": \"red\",\n" + "            \"price\": 19.95\n" + "        }\n" + "    },\n" + "    \"expensive\": 10\n" + "}";
    final Rule rule = parser.parseRule(ruleForTest(), false);
    final Message message = new Message("JSON", "test", Tools.nowUTC());
    message.addField("flat_json", flatJson);
    message.addField("nested_json", nestedJson);
    final Message evaluatedMessage = evaluateRule(rule, message);
    assertThat(evaluatedMessage.getField("message")).isEqualTo("JSON");
    assertThat(evaluatedMessage.getField("flat_json")).isEqualTo(flatJson);
    assertThat(evaluatedMessage.getField("nested_json")).isEqualTo(nestedJson);
    assertThat(evaluatedMessage.getField("str")).isEqualTo("foobar");
    assertThat(evaluatedMessage.getField("int")).isEqualTo(42);
    assertThat(evaluatedMessage.getField("float")).isEqualTo(2.5);
    assertThat(evaluatedMessage.getField("bool")).isEqualTo(true);
    assertThat(evaluatedMessage.getField("array")).isEqualTo(Arrays.asList(1, 2, 3));
    assertThat(evaluatedMessage.getField("store")).isInstanceOf(Map.class);
    assertThat(evaluatedMessage.getField("expensive")).isEqualTo(10);
}
Also used : CreateMessage(org.graylog.plugins.pipelineprocessor.functions.messages.CreateMessage) CloneMessage(org.graylog.plugins.pipelineprocessor.functions.messages.CloneMessage) DropMessage(org.graylog.plugins.pipelineprocessor.functions.messages.DropMessage) Message(org.graylog2.plugin.Message) IsString(org.graylog.plugins.pipelineprocessor.functions.conversion.IsString) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) MockitoRule(org.mockito.junit.MockitoRule) Rule(org.graylog.plugins.pipelineprocessor.ast.Rule) BaseParserTest(org.graylog.plugins.pipelineprocessor.BaseParserTest) Test(org.junit.Test)

Aggregations

Message (org.graylog2.plugin.Message)420 Test (org.junit.Test)391 ApiOperation (io.swagger.annotations.ApiOperation)120 ApiResponses (io.swagger.annotations.ApiResponses)107 Timed (com.codahale.metrics.annotation.Timed)105 RawMessage (org.graylog2.plugin.journal.RawMessage)103 DateTime (org.joda.time.DateTime)102 Path (javax.ws.rs.Path)87 StreamRule (org.graylog2.plugin.streams.StreamRule)77 AuditEvent (org.graylog2.audit.jersey.AuditEvent)69 Produces (javax.ws.rs.Produces)57 Stream (org.graylog2.plugin.streams.Stream)55 CreateMessage (org.graylog.plugins.pipelineprocessor.functions.messages.CreateMessage)46 DropMessage (org.graylog.plugins.pipelineprocessor.functions.messages.DropMessage)46 BaseParserTest (org.graylog.plugins.pipelineprocessor.BaseParserTest)45 Rule (org.graylog.plugins.pipelineprocessor.ast.Rule)45 POST (javax.ws.rs.POST)41 GET (javax.ws.rs.GET)40 CloneMessage (org.graylog.plugins.pipelineprocessor.functions.messages.CloneMessage)36 MockitoRule (org.mockito.junit.MockitoRule)35
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial