Search in sources :

Example 26 with Messages

use of org.graylog2.plugin.Messages in project graylog2-server by Graylog2.

the class RelativeSearchResource method searchRelative.

@GET
@Timed
@ApiOperation(value = "Message search with relative timerange.", notes = "Search for messages in a relative timerange, specified as seconds from now. " + "Example: 300 means search from 5 minutes ago to now.")
@ApiResponses(value = { @ApiResponse(code = 400, message = "Invalid timerange parameters provided.") })
@Produces(MediaType.APPLICATION_JSON)
public SearchResponse searchRelative(@ApiParam(name = "query", value = "Query (Lucene syntax)", required = true) @QueryParam("query") @NotEmpty String query, @ApiParam(name = "range", value = "Relative timeframe to search in. See method description.", required = true) @QueryParam("range") int range, @ApiParam(name = "limit", value = "Maximum number of messages to return.", required = false) @QueryParam("limit") int limit, @ApiParam(name = "offset", value = "Offset", required = false) @QueryParam("offset") int offset, @ApiParam(name = "filter", value = "Filter", required = false) @QueryParam("filter") String filter, @ApiParam(name = "fields", value = "Comma separated list of fields to return", required = false) @QueryParam("fields") String fields, @ApiParam(name = "sort", value = "Sorting (field:asc / field:desc)", required = false) @QueryParam("sort") String sort, @ApiParam(name = "decorate", value = "Run decorators on search result", required = false) @QueryParam("decorate") @DefaultValue("true") boolean decorate) {
    checkSearchPermission(filter, RestPermissions.SEARCHES_RELATIVE);
    final List<String> fieldList = parseOptionalFields(fields);
    final Sorting sorting = buildSorting(sort);
    final TimeRange timeRange = buildRelativeTimeRange(range);
    final SearchesConfig searchesConfig = SearchesConfig.builder().query(query).filter(filter).fields(fieldList).range(timeRange).limit(limit).offset(offset).sorting(sorting).build();
    final Optional<String> streamId = Searches.extractStreamId(filter);
    try {
        return buildSearchResponse(searches.search(searchesConfig), timeRange, decorate, streamId);
    } catch (SearchPhaseExecutionException e) {
        throw createRequestExceptionForParseFailure(query, e);
    }
}
Also used : TimeRange(org.graylog2.plugin.indexer.searches.timeranges.TimeRange) SearchesConfig(org.graylog2.indexer.searches.SearchesConfig) SearchPhaseExecutionException(org.elasticsearch.action.search.SearchPhaseExecutionException) Sorting(org.graylog2.indexer.searches.Sorting) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 27 with Messages

use of org.graylog2.plugin.Messages in project graylog2-server by Graylog2.

the class RelativeSearchResource method searchRelativeChunked.

@GET
@Timed
@ApiOperation(value = "Message search with relative timerange.", notes = "Search for messages in a relative timerange, specified as seconds from now. " + "Example: 300 means search from 5 minutes ago to now.")
@Produces(MoreMediaTypes.TEXT_CSV)
@ApiResponses(value = { @ApiResponse(code = 400, message = "Invalid timerange parameters provided.") })
public ChunkedOutput<ScrollResult.ScrollChunk> searchRelativeChunked(@ApiParam(name = "query", value = "Query (Lucene syntax)", required = true) @QueryParam("query") @NotEmpty String query, @ApiParam(name = "range", value = "Relative timeframe to search in. See method description.", required = true) @QueryParam("range") int range, @ApiParam(name = "limit", value = "Maximum number of messages to return.", required = false) @QueryParam("limit") int limit, @ApiParam(name = "offset", value = "Offset", required = false) @QueryParam("offset") int offset, @ApiParam(name = "filter", value = "Filter", required = false) @QueryParam("filter") String filter, @ApiParam(name = "fields", value = "Comma separated list of fields to return", required = true) @QueryParam("fields") String fields) {
    checkSearchPermission(filter, RestPermissions.SEARCHES_RELATIVE);
    final List<String> fieldList = parseFields(fields);
    final TimeRange timeRange = buildRelativeTimeRange(range);
    try {
        final ScrollResult scroll = searches.scroll(query, timeRange, limit, offset, fieldList, filter);
        return buildChunkedOutput(scroll, limit);
    } catch (SearchPhaseExecutionException e) {
        throw createRequestExceptionForParseFailure(query, e);
    }
}
Also used : TimeRange(org.graylog2.plugin.indexer.searches.timeranges.TimeRange) ScrollResult(org.graylog2.indexer.results.ScrollResult) SearchPhaseExecutionException(org.elasticsearch.action.search.SearchPhaseExecutionException) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 28 with Messages

use of org.graylog2.plugin.Messages in project graylog2-server by Graylog2.

the class AbsoluteSearchResource method searchAbsolute.

@GET
@Timed
@ApiOperation(value = "Message search with absolute timerange.", notes = "Search for messages using an absolute timerange, specified as from/to " + "with format yyyy-MM-ddTHH:mm:ss.SSSZ (e.g. 2014-01-23T15:34:49.000Z) or yyyy-MM-dd HH:mm:ss.")
@Produces(MediaType.APPLICATION_JSON)
@ApiResponses(value = { @ApiResponse(code = 400, message = "Invalid timerange parameters provided.") })
public SearchResponse searchAbsolute(@ApiParam(name = "query", value = "Query (Lucene syntax)", required = true) @QueryParam("query") @NotEmpty String query, @ApiParam(name = "from", value = "Timerange start. See description for date format", required = true) @QueryParam("from") String from, @ApiParam(name = "to", value = "Timerange end. See description for date format", required = true) @QueryParam("to") String to, @ApiParam(name = "limit", value = "Maximum number of messages to return.", required = false) @QueryParam("limit") int limit, @ApiParam(name = "offset", value = "Offset", required = false) @QueryParam("offset") int offset, @ApiParam(name = "filter", value = "Filter", required = false) @QueryParam("filter") String filter, @ApiParam(name = "fields", value = "Comma separated list of fields to return", required = false) @QueryParam("fields") String fields, @ApiParam(name = "sort", value = "Sorting (field:asc / field:desc)", required = false) @QueryParam("sort") String sort, @ApiParam(name = "decorate", value = "Run decorators on search result", required = false) @QueryParam("decorate") @DefaultValue("true") boolean decorate) {
    checkSearchPermission(filter, RestPermissions.SEARCHES_ABSOLUTE);
    final Sorting sorting = buildSorting(sort);
    final List<String> fieldList = parseOptionalFields(fields);
    TimeRange timeRange = buildAbsoluteTimeRange(from, to);
    final SearchesConfig searchesConfig = SearchesConfig.builder().query(query).filter(filter).fields(fieldList).range(timeRange).limit(limit).offset(offset).sorting(sorting).build();
    final Optional<String> streamId = Searches.extractStreamId(filter);
    try {
        return buildSearchResponse(searches.search(searchesConfig), timeRange, decorate, streamId);
    } catch (SearchPhaseExecutionException e) {
        throw createRequestExceptionForParseFailure(query, e);
    }
}
Also used : TimeRange(org.graylog2.plugin.indexer.searches.timeranges.TimeRange) SearchesConfig(org.graylog2.indexer.searches.SearchesConfig) SearchPhaseExecutionException(org.elasticsearch.action.search.SearchPhaseExecutionException) Sorting(org.graylog2.indexer.searches.Sorting) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 29 with Messages

use of org.graylog2.plugin.Messages in project graylog2-server by Graylog2.

the class MemoryAppenderTest method appenderCanConsumeMoreMessagesThanBufferSize.

@Test
public void appenderCanConsumeMoreMessagesThanBufferSize() {
    final int bufferSize = 10;
    final MemoryAppender appender = MemoryAppender.createAppender(null, null, "memory", String.valueOf(bufferSize), "false");
    assertThat(appender).isNotNull();
    for (int i = 1; i <= bufferSize + 1; i++) {
        final LogEvent logEvent = Log4jLogEvent.newBuilder().setLevel(Level.INFO).setLoggerName("test").setLoggerFqcn("com.example.test").setMessage(new SimpleMessage("Message " + i)).build();
        appender.append(logEvent);
    }
    final List<LogEvent> messages = appender.getLogMessages(bufferSize);
    for (int i = 0; i < messages.size(); i++) {
        assertThat(messages.get(i).getMessage().getFormattedMessage()).isEqualTo("Message " + (bufferSize - i + 1));
    }
}
Also used : MemoryAppender(org.graylog2.log4j.MemoryAppender) Log4jLogEvent(org.apache.logging.log4j.core.impl.Log4jLogEvent) LogEvent(org.apache.logging.log4j.core.LogEvent) SimpleMessage(org.apache.logging.log4j.message.SimpleMessage) Test(org.junit.Test)

Example 30 with Messages

use of org.graylog2.plugin.Messages in project graylog2-server by Graylog2.

the class MemoryAppenderTest method testGetLogMessages.

@Test
public void testGetLogMessages() {
    final int bufferSize = 10;
    final MemoryAppender appender = MemoryAppender.createAppender(null, null, "memory", String.valueOf(bufferSize), "false");
    assertThat(appender).isNotNull();
    for (int i = 1; i <= bufferSize; i++) {
        final LogEvent logEvent = Log4jLogEvent.newBuilder().setLevel(Level.INFO).setLoggerName("test").setLoggerFqcn("com.example.test").setMessage(new SimpleMessage("Message " + i)).build();
        appender.append(logEvent);
    }
    assertThat(appender.getLogMessages(bufferSize * 2)).hasSize(bufferSize);
    assertThat(appender.getLogMessages(bufferSize)).hasSize(bufferSize);
    assertThat(appender.getLogMessages(bufferSize / 2)).hasSize(bufferSize / 2);
    assertThat(appender.getLogMessages(0)).isEmpty();
    final List<LogEvent> messages = appender.getLogMessages(5);
    for (int i = 0; i < messages.size(); i++) {
        assertThat(messages.get(i).getMessage().getFormattedMessage()).isEqualTo("Message " + (bufferSize - i));
    }
}
Also used : MemoryAppender(org.graylog2.log4j.MemoryAppender) Log4jLogEvent(org.apache.logging.log4j.core.impl.Log4jLogEvent) LogEvent(org.apache.logging.log4j.core.LogEvent) SimpleMessage(org.apache.logging.log4j.message.SimpleMessage) Test(org.junit.Test)

Aggregations

Message (org.graylog2.plugin.Message)15 Timed (com.codahale.metrics.annotation.Timed)11 ApiOperation (io.swagger.annotations.ApiOperation)11 Produces (javax.ws.rs.Produces)10 ApiResponses (io.swagger.annotations.ApiResponses)9 Test (org.junit.Test)9 GET (javax.ws.rs.GET)8 Map (java.util.Map)6 SearchPhaseExecutionException (org.elasticsearch.action.search.SearchPhaseExecutionException)6 TimeRange (org.graylog2.plugin.indexer.searches.timeranges.TimeRange)6 MetricRegistry (com.codahale.metrics.MetricRegistry)5 IndexSet (org.graylog2.indexer.IndexSet)5 ResultMessage (org.graylog2.indexer.results.ResultMessage)5 Sorting (org.graylog2.indexer.searches.Sorting)5 Timer (com.codahale.metrics.Timer)4 ImmutableMap (com.google.common.collect.ImmutableMap)4 Stream (org.graylog2.plugin.streams.Stream)4 AccessDeniedException (java.nio.file.AccessDeniedException)3 ArrayList (java.util.ArrayList)3 List (java.util.List)3