Example 11 with Messages
use of org.graylog2.plugin.Messages in project graylog2-server by Graylog2.
the class Messages method bulkIndex.
public boolean bulkIndex(final List<Map.Entry<IndexSet, Message>> messageList) {
if (messageList.isEmpty()) {
return true;
}
final BulkRequestBuilder requestBuilder = c.prepareBulk().setConsistencyLevel(WriteConsistencyLevel.ONE);
for (Map.Entry<IndexSet, Message> entry : messageList) {
requestBuilder.add(buildIndexRequest(entry.getKey().getWriteIndexAlias(), entry.getValue().toElasticSearchObject(invalidTimestampMeter), entry.getValue().getId()));
}
final BulkResponse response = runBulkRequest(requestBuilder.request());
LOG.debug("Index: Bulk indexed {} messages, took {} ms, failures: {}", response.getItems().length, response.getTookInMillis(), response.hasFailures());
if (response.hasFailures()) {
propagateFailure(response.getItems(), messageList, response.buildFailureMessage());
}
return !response.hasFailures();
}
Also used :
ResultMessage(org.graylog2.indexer.results.ResultMessage)
Message(org.graylog2.plugin.Message)
BulkResponse(org.elasticsearch.action.bulk.BulkResponse)
BulkRequestBuilder(org.elasticsearch.action.bulk.BulkRequestBuilder)
Map(java.util.Map)
ImmutableMap(com.google.common.collect.ImmutableMap)
IndexSet(org.graylog2.indexer.IndexSet)
Example 12 with Messages
use of org.graylog2.plugin.Messages in project graylog2-server by Graylog2.
the class IndicesGetAllMessageFieldsTest method setUp.
@Before
public void setUp() throws Exception {
elasticsearchRule.getDatabaseOperation().deleteAll();
indices = new Indices(client, new IndexMapping(), new Messages(client, new MetricRegistry()), mock(NodeId.class), new NullAuditEventSender());
}
Also used :
NullAuditEventSender(org.graylog2.audit.NullAuditEventSender)
IndexMapping(org.graylog2.indexer.IndexMapping)
Messages(org.graylog2.indexer.messages.Messages)
MetricRegistry(com.codahale.metrics.MetricRegistry)
Before(org.junit.Before)
Example 13 with Messages
use of org.graylog2.plugin.Messages in project graylog2-server by Graylog2.
the class SyslogSeverityMapperDecoratorTest method testDecorator.
@Test
public void testDecorator() throws Exception {
final DecoratorImpl decorator = DecoratorImpl.create("id", SyslogSeverityMapperDecorator.class.getCanonicalName(), ImmutableMap.of("source_field", "level", "target_field", "severity"), Optional.empty(), 1);
final SyslogSeverityMapperDecorator mapperDecorator = new SyslogSeverityMapperDecorator(decorator);
final IndexRangeSummary indexRangeSummary = IndexRangeSummary.create("graylog_0", Tools.nowUTC().minusDays(1), Tools.nowUTC(), null, 100);
final List<ResultMessageSummary> messages = ImmutableList.of(ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "h", "level", "80"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "a", "level", "0"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "b", "level", "1"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "c", "level", "2"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "d", "level", "3"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "e", "level", "4"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "f", "level", "5"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "g", "level", "6"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "h", "level", "7"), "graylog_0"), ResultMessageSummary.create(ImmutableMultimap.of(), ImmutableMap.of("_id", "i", "foo", "1"), "graylog_0"));
final SearchResponse searchResponse = SearchResponse.builder().query("foo").builtQuery("foo").usedIndices(ImmutableSet.of(indexRangeSummary)).messages(messages).fields(ImmutableSet.of("level")).time(100L).totalResults(messages.size()).from(Tools.nowUTC().minusHours(1)).to(Tools.nowUTC()).build();
final SearchResponse response = mapperDecorator.apply(searchResponse);
// Returns the value if the value cannot be mapped to a Syslog severity
Assertions.assertThat(response.messages().get(0).message().get("level")).isEqualTo("80");
Assertions.assertThat(response.messages().get(0).message().get("severity")).isNull();
// Check that the mapping works correctly
Assertions.assertThat(response.messages().get(1).message().get("level")).isEqualTo("0");
Assertions.assertThat(response.messages().get(1).message().get("severity")).isEqualTo("Emergency (0)");
Assertions.assertThat(response.messages().get(2).message().get("level")).isEqualTo("1");
Assertions.assertThat(response.messages().get(2).message().get("severity")).isEqualTo("Alert (1)");
Assertions.assertThat(response.messages().get(3).message().get("level")).isEqualTo("2");
Assertions.assertThat(response.messages().get(3).message().get("severity")).isEqualTo("Critical (2)");
Assertions.assertThat(response.messages().get(4).message().get("level")).isEqualTo("3");
Assertions.assertThat(response.messages().get(4).message().get("severity")).isEqualTo("Error (3)");
Assertions.assertThat(response.messages().get(5).message().get("level")).isEqualTo("4");
Assertions.assertThat(response.messages().get(5).message().get("severity")).isEqualTo("Warning (4)");
Assertions.assertThat(response.messages().get(6).message().get("level")).isEqualTo("5");
Assertions.assertThat(response.messages().get(6).message().get("severity")).isEqualTo("Notice (5)");
Assertions.assertThat(response.messages().get(7).message().get("level")).isEqualTo("6");
Assertions.assertThat(response.messages().get(7).message().get("severity")).isEqualTo("Informational (6)");
Assertions.assertThat(response.messages().get(8).message().get("level")).isEqualTo("7");
Assertions.assertThat(response.messages().get(8).message().get("severity")).isEqualTo("Debug (7)");
// If the message does not have a source field, we do not touch it
Assertions.assertThat(response.messages().get(9).message().get("level")).isNull();
Assertions.assertThat(response.messages().get(9).message().get("severity")).isNull();
Assertions.assertThat(response.messages().get(9).message().get("foo")).isEqualTo("1");
}
Also used :
IndexRangeSummary(org.graylog2.rest.models.system.indexer.responses.IndexRangeSummary)
ResultMessageSummary(org.graylog2.rest.models.messages.responses.ResultMessageSummary)
SearchResponse(org.graylog2.rest.resources.search.responses.SearchResponse)
Test(org.junit.Test)
Example 14 with Messages
use of org.graylog2.plugin.Messages in project graylog2-server by Graylog2.
the class FormatStringDecoratorTest method getSearchResponse.
private SearchResponse getSearchResponse() {
final IndexRangeSummary indexRangeSummary = IndexRangeSummary.create("graylog_0", Tools.nowUTC().minusDays(1), Tools.nowUTC(), null, 100);
final ImmutableMultimap<String, Range<Integer>> hlRanges = ImmutableMultimap.of();
final List<ResultMessageSummary> messages = ImmutableList.of(create(hlRanges, ImmutableMap.of("_id", "h", "field_a", "1", "field_b", "b"), "graylog_0"), create(hlRanges, ImmutableMap.of("_id", "h", "field_a", "1"), "graylog_0"), create(hlRanges, ImmutableMap.of("_id", "h", "field_b", "b"), "graylog_0"), create(hlRanges, ImmutableMap.of("_id", "i", "foo", "1"), "graylog_0"));
return SearchResponse.builder().query("foo").builtQuery("foo").usedIndices(ImmutableSet.of(indexRangeSummary)).messages(messages).fields(ImmutableSet.of("field_a", "field_b", "foo")).time(100L).totalResults(messages.size()).from(Tools.nowUTC().minusHours(1)).to(Tools.nowUTC()).build();
}
Also used :
IndexRangeSummary(org.graylog2.rest.models.system.indexer.responses.IndexRangeSummary)
Range(com.google.common.collect.Range)
ResultMessageSummary(org.graylog2.rest.models.messages.responses.ResultMessageSummary)
Example 15 with Messages
use of org.graylog2.plugin.Messages in project graylog2-server by Graylog2.
the class IndexRangesResource method rebuildIndexSet.
@POST
@Timed
@Path("/index_set/{indexSetId}/rebuild")
@RequiresPermissions(RestPermissions.INDEXRANGES_REBUILD)
@ApiOperation(value = "Rebuild/sync index range information for the given index set.", notes = "This triggers a systemjob that scans every index in the given index set and stores meta information " + "about what indices contain messages in what timeranges. It atomically overwrites " + "already existing meta information.")
@ApiResponses(value = { @ApiResponse(code = 202, message = "Rebuild/sync systemjob triggered.") })
@Produces(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.ES_INDEX_RANGE_UPDATE_JOB)
public Response rebuildIndexSet(@ApiParam(name = "indexSetId") @PathParam("indexSetId") @NotBlank final String indexSetId) {
final IndexSet indexSet = indexSetRegistry.get(indexSetId).orElseThrow(() -> new javax.ws.rs.NotFoundException("Index set <" + indexSetId + "> not found!"));
submitIndexRangesJob(Collections.singleton(indexSet));
return Response.accepted().build();
}
Also used :
IndexSet(org.graylog2.indexer.IndexSet)
Path(javax.ws.rs.Path)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
POST(javax.ws.rs.POST)
Produces(javax.ws.rs.Produces)
Timed(com.codahale.metrics.annotation.Timed)
ApiOperation(io.swagger.annotations.ApiOperation)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
ApiResponses(io.swagger.annotations.ApiResponses)
Aggregations
Message (org.graylog2.plugin.Message)15
Timed (com.codahale.metrics.annotation.Timed)11
ApiOperation (io.swagger.annotations.ApiOperation)11
Produces (javax.ws.rs.Produces)10
ApiResponses (io.swagger.annotations.ApiResponses)9
Test (org.junit.Test)9
GET (javax.ws.rs.GET)8
Map (java.util.Map)6
SearchPhaseExecutionException (org.elasticsearch.action.search.SearchPhaseExecutionException)6
TimeRange (org.graylog2.plugin.indexer.searches.timeranges.TimeRange)6
MetricRegistry (com.codahale.metrics.MetricRegistry)5
IndexSet (org.graylog2.indexer.IndexSet)5
ResultMessage (org.graylog2.indexer.results.ResultMessage)5
Sorting (org.graylog2.indexer.searches.Sorting)5
Timer (com.codahale.metrics.Timer)4
ImmutableMap (com.google.common.collect.ImmutableMap)4
Stream (org.graylog2.plugin.streams.Stream)4
AccessDeniedException (java.nio.file.AccessDeniedException)3
ArrayList (java.util.ArrayList)3
List (java.util.List)3
