Examples with Message org.graylog2.plugin.Message used on opensource projects

Search in sources :

Example 41 with Message

use of org.graylog2.plugin.Message in project graylog2-server by Graylog2.

the class KeywordSearchResource method searchKeywordChunked.

@GET
@Timed
@ApiOperation(value = "Message search with keyword as timerange.", notes = "Search for messages in a timerange defined by a keyword like \"yesterday\" or \"2 weeks ago to wednesday\".")
@Produces(MoreMediaTypes.TEXT_CSV)
@ApiResponses(value = { @ApiResponse(code = 400, message = "Invalid keyword provided.") })
public ChunkedOutput<ScrollResult.ScrollChunk> searchKeywordChunked(@ApiParam(name = "query", value = "Query (Lucene syntax)", required = true) @QueryParam("query") @NotEmpty String query, @ApiParam(name = "keyword", value = "Range keyword", required = true) @QueryParam("keyword") String keyword, @ApiParam(name = "limit", value = "Maximum number of messages to return.", required = false) @QueryParam("limit") int limit, @ApiParam(name = "offset", value = "Offset", required = false) @QueryParam("offset") int offset, @ApiParam(name = "filter", value = "Filter", required = false) @QueryParam("filter") String filter, @ApiParam(name = "fields", value = "Comma separated list of fields to return", required = true) @QueryParam("fields") String fields) {
    checkSearchPermission(filter, RestPermissions.SEARCHES_KEYWORD);
    final List<String> fieldList = parseFields(fields);
    final TimeRange timeRange = buildKeywordTimeRange(keyword);
    try {
        final ScrollResult scroll = searches.scroll(query, timeRange, limit, offset, fieldList, filter);
        return buildChunkedOutput(scroll, limit);
    } catch (SearchPhaseExecutionException e) {
        throw createRequestExceptionForParseFailure(query, e);
    }
}
Also used : TimeRange(org.graylog2.plugin.indexer.searches.timeranges.TimeRange) ScrollResult(org.graylog2.indexer.results.ScrollResult) SearchPhaseExecutionException(org.elasticsearch.action.search.SearchPhaseExecutionException) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 42 with Message

use of org.graylog2.plugin.Message in project graylog2-server by Graylog2.

the class KeywordSearchResource method searchKeyword.

@GET
@Timed
@ApiOperation(value = "Message search with keyword as timerange.", notes = "Search for messages in a timerange defined by a keyword like \"yesterday\" or \"2 weeks ago to wednesday\".")
@Produces(MediaType.APPLICATION_JSON)
@ApiResponses(value = { @ApiResponse(code = 400, message = "Invalid keyword provided.") })
public SearchResponse searchKeyword(@ApiParam(name = "query", value = "Query (Lucene syntax)", required = true) @QueryParam("query") @NotEmpty String query, @ApiParam(name = "keyword", value = "Range keyword", required = true) @QueryParam("keyword") @NotEmpty String keyword, @ApiParam(name = "limit", value = "Maximum number of messages to return.", required = false) @QueryParam("limit") int limit, @ApiParam(name = "offset", value = "Offset", required = false) @QueryParam("offset") int offset, @ApiParam(name = "filter", value = "Filter", required = false) @QueryParam("filter") String filter, @ApiParam(name = "fields", value = "Comma separated list of fields to return", required = false) @QueryParam("fields") String fields, @ApiParam(name = "sort", value = "Sorting (field:asc / field:desc)", required = false) @QueryParam("sort") String sort, @ApiParam(name = "decorate", value = "Run decorators on search result", required = false) @QueryParam("decorate") @DefaultValue("true") boolean decorate) {
    checkSearchPermission(filter, RestPermissions.SEARCHES_KEYWORD);
    final List<String> fieldList = parseOptionalFields(fields);
    final Sorting sorting = buildSorting(sort);
    final TimeRange timeRange = buildKeywordTimeRange(keyword);
    final SearchesConfig searchesConfig = SearchesConfig.builder().query(query).filter(filter).fields(fieldList).range(timeRange).limit(limit).offset(offset).sorting(sorting).build();
    final Optional<String> streamId = Searches.extractStreamId(filter);
    try {
        return buildSearchResponse(searches.search(searchesConfig), timeRange, decorate, streamId);
    } catch (SearchPhaseExecutionException e) {
        throw createRequestExceptionForParseFailure(query, e);
    }
}
Also used : TimeRange(org.graylog2.plugin.indexer.searches.timeranges.TimeRange) SearchesConfig(org.graylog2.indexer.searches.SearchesConfig) SearchPhaseExecutionException(org.elasticsearch.action.search.SearchPhaseExecutionException) Sorting(org.graylog2.indexer.searches.Sorting) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 43 with Message

use of org.graylog2.plugin.Message in project graylog2-server by Graylog2.

the class StreamResource method resume.

@POST
@Path("/{streamId}/resume")
@Timed
@ApiOperation(value = "Resume a stream")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid or missing Stream id.") })
@AuditEvent(type = AuditEventTypes.STREAM_START)
public void resume(@ApiParam(name = "streamId", required = true) @PathParam("streamId") @NotEmpty String streamId) throws NotFoundException, ValidationException {
    checkAnyPermission(new String[] { RestPermissions.STREAMS_CHANGESTATE, RestPermissions.STREAMS_EDIT }, streamId);
    checkNotDefaultStream(streamId, "The default stream cannot be resumed.");
    final Stream stream = streamService.load(streamId);
    streamService.resume(stream);
    clusterEventBus.post(StreamsChangedEvent.create(stream.getId()));
}
Also used : Stream(org.graylog2.plugin.streams.Stream) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 44 with Message

use of org.graylog2.plugin.Message in project graylog2-server by Graylog2.

the class StreamResource method testMatch.

@POST
@Path("/{streamId}/testMatch")
@Timed
@ApiOperation(value = "Test matching of a stream against a supplied message")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid or missing Stream id.") })
@NoAuditEvent("only used for testing stream matches")
public TestMatchResponse testMatch(@ApiParam(name = "streamId", required = true) @PathParam("streamId") String streamId, @ApiParam(name = "JSON body", required = true) @NotNull Map<String, Map<String, Object>> serialisedMessage) throws NotFoundException {
    checkPermission(RestPermissions.STREAMS_READ, streamId);
    final Stream stream = streamService.load(streamId);
    // This is such a hack...
    final Map<String, Object> m = new HashMap<>(serialisedMessage.get("message"));
    final String timeStamp = firstNonNull((String) m.get(Message.FIELD_TIMESTAMP), DateTime.now(DateTimeZone.UTC).toString(ISODateTimeFormat.dateTime()));
    m.put(Message.FIELD_TIMESTAMP, Tools.dateTimeFromString(timeStamp));
    final Message message = new Message(m);
    final ExecutorService executor = Executors.newSingleThreadExecutor(new ThreadFactoryBuilder().setNameFormat("stream-" + streamId + "-test-match-%d").build());
    final StreamRouterEngine streamRouterEngine = streamRouterEngineFactory.create(Lists.newArrayList(stream), executor);
    final List<StreamRouterEngine.StreamTestMatch> streamTestMatches = streamRouterEngine.testMatch(message);
    final StreamRouterEngine.StreamTestMatch streamTestMatch = streamTestMatches.get(0);
    final Map<String, Boolean> rules = Maps.newHashMap();
    for (Map.Entry<StreamRule, Boolean> match : streamTestMatch.getMatches().entrySet()) {
        rules.put(match.getKey().getId(), match.getValue());
    }
    return TestMatchResponse.create(streamTestMatch.isMatched(), rules);
}
Also used : Message(org.graylog2.plugin.Message) HashMap(java.util.HashMap) StreamRule(org.graylog2.plugin.streams.StreamRule) StreamRouterEngine(org.graylog2.streams.StreamRouterEngine) ExecutorService(java.util.concurrent.ExecutorService) ThreadFactoryBuilder(com.google.common.util.concurrent.ThreadFactoryBuilder) Stream(org.graylog2.plugin.streams.Stream) Map(java.util.Map) ImmutableMap(com.google.common.collect.ImmutableMap) HashMap(java.util.HashMap) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)

Example 45 with Message

use of org.graylog2.plugin.Message in project graylog2-server by Graylog2.

the class StreamResource method cloneStream.

@POST
@Path("/{streamId}/clone")
@Timed
@ApiOperation(value = "Clone a stream")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Stream not found."), @ApiResponse(code = 400, message = "Invalid or missing Stream id.") })
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.STREAM_CREATE)
public Response cloneStream(@ApiParam(name = "streamId", required = true) @PathParam("streamId") String streamId, @ApiParam(name = "JSON body", required = true) @Valid @NotNull CloneStreamRequest cr) throws ValidationException, NotFoundException {
    checkPermission(RestPermissions.STREAMS_CREATE);
    checkPermission(RestPermissions.STREAMS_READ, streamId);
    checkNotDefaultStream(streamId, "The default stream cannot be cloned.");
    final Stream sourceStream = streamService.load(streamId);
    final String creatorUser = getCurrentUser().getName();
    // Create stream.
    final Map<String, Object> streamData = Maps.newHashMap();
    streamData.put(StreamImpl.FIELD_TITLE, cr.title());
    streamData.put(StreamImpl.FIELD_DESCRIPTION, cr.description());
    streamData.put(StreamImpl.FIELD_CREATOR_USER_ID, creatorUser);
    streamData.put(StreamImpl.FIELD_CREATED_AT, Tools.nowUTC());
    streamData.put(StreamImpl.FIELD_MATCHING_TYPE, sourceStream.getMatchingType().toString());
    streamData.put(StreamImpl.FIELD_REMOVE_MATCHES_FROM_DEFAULT_STREAM, cr.removeMatchesFromDefaultStream());
    streamData.put(StreamImpl.FIELD_INDEX_SET_ID, cr.indexSetId());
    final Stream stream = streamService.create(streamData);
    streamService.pause(stream);
    final String id = streamService.save(stream);
    final List<StreamRule> sourceStreamRules = streamRuleService.loadForStream(sourceStream);
    for (StreamRule streamRule : sourceStreamRules) {
        final Map<String, Object> streamRuleData = Maps.newHashMapWithExpectedSize(6);
        streamRuleData.put(StreamRuleImpl.FIELD_TYPE, streamRule.getType().toInteger());
        streamRuleData.put(StreamRuleImpl.FIELD_FIELD, streamRule.getField());
        streamRuleData.put(StreamRuleImpl.FIELD_VALUE, streamRule.getValue());
        streamRuleData.put(StreamRuleImpl.FIELD_INVERTED, streamRule.getInverted());
        streamRuleData.put(StreamRuleImpl.FIELD_STREAM_ID, new ObjectId(id));
        streamRuleData.put(StreamRuleImpl.FIELD_DESCRIPTION, streamRule.getDescription());
        final StreamRule newStreamRule = streamRuleService.create(streamRuleData);
        streamRuleService.save(newStreamRule);
    }
    for (AlertCondition alertCondition : streamService.getAlertConditions(sourceStream)) {
        try {
            final AlertCondition clonedAlertCondition = alertService.fromRequest(CreateConditionRequest.create(alertCondition.getType(), alertCondition.getTitle(), alertCondition.getParameters()), stream, creatorUser);
            streamService.addAlertCondition(stream, clonedAlertCondition);
        } catch (ConfigurationException e) {
            LOG.warn("Unable to clone alert condition <" + alertCondition + "> - skipping: ", e);
        }
    }
    for (AlarmCallbackConfiguration alarmCallbackConfiguration : alarmCallbackConfigurationService.getForStream(sourceStream)) {
        final CreateAlarmCallbackRequest request = CreateAlarmCallbackRequest.create(alarmCallbackConfiguration);
        final AlarmCallbackConfiguration alarmCallback = alarmCallbackConfigurationService.create(stream.getId(), request, getCurrentUser().getName());
        alarmCallbackConfigurationService.save(alarmCallback);
    }
    for (Output output : sourceStream.getOutputs()) {
        streamService.addOutput(stream, output);
    }
    clusterEventBus.post(StreamsChangedEvent.create(stream.getId()));
    final Map<String, String> result = ImmutableMap.of("stream_id", id);
    final URI streamUri = getUriBuilderToSelf().path(StreamResource.class).path("{streamId}").build(id);
    return Response.created(streamUri).entity(result).build();
}
Also used : ObjectId(org.bson.types.ObjectId) StreamRule(org.graylog2.plugin.streams.StreamRule) URI(java.net.URI) CreateAlarmCallbackRequest(org.graylog2.rest.models.alarmcallbacks.requests.CreateAlarmCallbackRequest) ConfigurationException(org.graylog2.plugin.configuration.ConfigurationException) Output(org.graylog2.plugin.streams.Output) AlertCondition(org.graylog2.plugin.alarms.AlertCondition) Stream(org.graylog2.plugin.streams.Stream) AlarmCallbackConfiguration(org.graylog2.alarmcallbacks.AlarmCallbackConfiguration) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

Test (org.junit.Test)227 Message (org.graylog2.plugin.Message)226 ApiOperation (io.swagger.annotations.ApiOperation)97 ApiResponses (io.swagger.annotations.ApiResponses)91 Timed (com.codahale.metrics.annotation.Timed)90 Path (javax.ws.rs.Path)72 StreamRule (org.graylog2.plugin.streams.StreamRule)70 AuditEvent (org.graylog2.audit.jersey.AuditEvent)62 Produces (javax.ws.rs.Produces)49 DateTime (org.joda.time.DateTime)46 Stream (org.graylog2.plugin.streams.Stream)45 GET (javax.ws.rs.GET)33 RawMessage (org.graylog2.plugin.journal.RawMessage)31 BadRequestException (javax.ws.rs.BadRequestException)30 POST (javax.ws.rs.POST)28 Result (org.graylog2.plugin.inputs.Extractor.Result)27 Callable (java.util.concurrent.Callable)26 PUT (javax.ws.rs.PUT)26 Consumes (javax.ws.rs.Consumes)21 AlertCondition (org.graylog2.plugin.alarms.AlertCondition)21
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial