Examples with Result org.graylog2.plugin.inputs.Extractor.Result used on opensource projects

Search in sources :

Example 46 with Result

use of org.graylog2.plugin.inputs.Extractor.Result in project graylog2-server by Graylog2.

the class MessageCountAlertCondition method runCheck.

@Override
public CheckResult runCheck() {
    try {
        // Create an absolute range from the relative range to make sure it doesn't change during the two
        // search requests. (count and find messages)
        // This is needed because the RelativeRange computes the range from NOW on every invocation of getFrom() and
        // getTo().
        // See: https://github.com/Graylog2/graylog2-server/issues/2382
        final RelativeRange relativeRange = RelativeRange.create(time * 60);
        final AbsoluteRange range = AbsoluteRange.create(relativeRange.getFrom(), relativeRange.getTo());
        final String filter = "streams:" + stream.getId();
        final CountResult result = searches.count("*", range, filter);
        final long count = result.count();
        LOG.debug("Alert check <{}> result: [{}]", id, count);
        final boolean triggered;
        switch(thresholdType) {
            case MORE:
                triggered = count > threshold;
                break;
            case LESS:
                triggered = count < threshold;
                break;
            default:
                triggered = false;
        }
        if (triggered) {
            final List<MessageSummary> summaries = Lists.newArrayList();
            if (getBacklog() > 0) {
                final SearchResult backlogResult = searches.search("*", filter, range, getBacklog(), 0, new Sorting("timestamp", Sorting.Direction.DESC));
                for (ResultMessage resultMessage : backlogResult.getResults()) {
                    final Message msg = resultMessage.getMessage();
                    summaries.add(new MessageSummary(resultMessage.getIndex(), msg));
                }
            }
            final String resultDescription = "Stream had " + count + " messages in the last " + time + " minutes with trigger condition " + thresholdType.toString().toLowerCase(Locale.ENGLISH) + " than " + threshold + " messages. " + "(Current grace time: " + grace + " minutes)";
            return new CheckResult(true, this, resultDescription, Tools.nowUTC(), summaries);
        } else {
            return new NegativeCheckResult();
        }
    } catch (InvalidRangeParametersException e) {
        // cannot happen lol
        LOG.error("Invalid timerange.", e);
        return null;
    } catch (InvalidRangeFormatException e) {
        // lol same here
        LOG.error("Invalid timerange format.", e);
        return null;
    }
}
Also used : InvalidRangeFormatException(org.graylog2.indexer.InvalidRangeFormatException) InvalidRangeParametersException(org.graylog2.plugin.indexer.searches.timeranges.InvalidRangeParametersException) ResultMessage(org.graylog2.indexer.results.ResultMessage) Message(org.graylog2.plugin.Message) AbsoluteRange(org.graylog2.plugin.indexer.searches.timeranges.AbsoluteRange) SearchResult(org.graylog2.indexer.results.SearchResult) CountResult(org.graylog2.indexer.results.CountResult) ResultMessage(org.graylog2.indexer.results.ResultMessage) Sorting(org.graylog2.indexer.searches.Sorting) RelativeRange(org.graylog2.plugin.indexer.searches.timeranges.RelativeRange) MessageSummary(org.graylog2.plugin.MessageSummary)

Example 47 with Result

use of org.graylog2.plugin.inputs.Extractor.Result in project graylog2-server by Graylog2.

the class UserServiceImpl method loadAll.

@Override
public List<User> loadAll() {
    final DBObject query = new BasicDBObject();
    final List<DBObject> result = query(UserImpl.class, query);
    final List<User> users = Lists.newArrayList();
    for (DBObject dbObject : result) {
        users.add(userFactory.create((ObjectId) dbObject.get("_id"), dbObject.toMap()));
    }
    return users;
}
Also used : BasicDBObject(com.mongodb.BasicDBObject) User(org.graylog2.plugin.database.users.User) ObjectId(org.bson.types.ObjectId) DBObject(com.mongodb.DBObject) BasicDBObject(com.mongodb.BasicDBObject)

Example 48 with Result

use of org.graylog2.plugin.inputs.Extractor.Result in project graylog2-server by Graylog2.

the class FieldContentValueAlertConditionTest method testCorrectUsageOfRelativeRange.

@Test
public void testCorrectUsageOfRelativeRange() throws Exception {
    final Stream stream = mock(Stream.class);
    final Searches searches = mock(Searches.class);
    final Configuration configuration = mock(Configuration.class);
    final SearchResult searchResult = mock(SearchResult.class);
    final int alertCheckInterval = 42;
    final RelativeRange relativeRange = RelativeRange.create(alertCheckInterval);
    when(configuration.getAlertCheckInterval()).thenReturn(alertCheckInterval);
    when(searches.search(anyString(), anyString(), eq(relativeRange), anyInt(), anyInt(), any(Sorting.class))).thenReturn(searchResult);
    final FieldContentValueAlertCondition alertCondition = new FieldContentValueAlertCondition(searches, configuration, stream, null, DateTime.now(DateTimeZone.UTC), "mockuser", ImmutableMap.<String, Object>of("field", "test", "value", "test"), "Field Content Value Test COndition");
    final AbstractAlertCondition.CheckResult result = alertCondition.runCheck();
}
Also used : Searches(org.graylog2.indexer.searches.Searches) Configuration(org.graylog2.Configuration) RelativeRange(org.graylog2.plugin.indexer.searches.timeranges.RelativeRange) Stream(org.graylog2.plugin.streams.Stream) SearchResult(org.graylog2.indexer.results.SearchResult) AbstractAlertCondition(org.graylog2.alerts.AbstractAlertCondition) Sorting(org.graylog2.indexer.searches.Sorting) Test(org.junit.Test) AlertConditionTest(org.graylog2.alerts.AlertConditionTest)

Example 49 with Result

use of org.graylog2.plugin.inputs.Extractor.Result in project graylog2-server by Graylog2.

the class HTTPAlarmCallbackTest method callThrowsAlarmCallbackExceptionIfRequestBodyCanNotBeBuilt.

@Test
public void callThrowsAlarmCallbackExceptionIfRequestBodyCanNotBeBuilt() throws Exception {
    final Configuration configuration = new Configuration(ImmutableMap.of("url", "http://example.org"));
    alarmCallback.initialize(configuration);
    final Stream stream = mock(Stream.class);
    final AlertCondition alertCondition = mock(AlertCondition.class);
    final List<MessageSummary> messageSummaries = ImmutableList.of();
    final AlertCondition.CheckResult checkResult = new AbstractAlertCondition.CheckResult(true, alertCondition, "Result Description", new DateTime(2016, 9, 6, 17, 0, DateTimeZone.UTC), messageSummaries) {

        @Override
        public String getResultDescription() {
            throw new RuntimeException("Boom");
        }
    };
    expectedException.expect(AlarmCallbackException.class);
    expectedException.expectMessage("Unable to serialize alarm");
    alarmCallback.call(stream, checkResult);
}
Also used : Configuration(org.graylog2.plugin.configuration.Configuration) DummyAlertCondition(org.graylog2.alerts.types.DummyAlertCondition) AbstractAlertCondition(org.graylog2.alerts.AbstractAlertCondition) AlertCondition(org.graylog2.plugin.alarms.AlertCondition) Stream(org.graylog2.plugin.streams.Stream) MessageSummary(org.graylog2.plugin.MessageSummary) DateTime(org.joda.time.DateTime) Test(org.junit.Test)

Example 50 with Result

use of org.graylog2.plugin.inputs.Extractor.Result in project graylog2-server by Graylog2.

the class HTTPAlarmCallbackTest method callSucceedsIfRemoteRequestSucceeds.

@Test
public void callSucceedsIfRemoteRequestSucceeds() throws Exception {
    server.enqueue(new MockResponse().setResponseCode(200));
    server.start();
    final Configuration configuration = new Configuration(ImmutableMap.of("url", server.url("/").toString()));
    alarmCallback.initialize(configuration);
    alarmCallback.checkConfiguration();
    final Stream stream = new StreamMock(ImmutableMap.of("_id", "stream-id", "title", "Stream Title", "description", "Stream Description"), ImmutableList.of());
    final AlertCondition alertCondition = new DummyAlertCondition(stream, "condition-id", new DateTime(2016, 9, 6, 17, 0, DateTimeZone.UTC), "user", ImmutableMap.of(), "Alert Condition Title");
    final List<MessageSummary> messageSummaries = ImmutableList.of(new MessageSummary("graylog_1", new Message("Test message 1", "source1", new DateTime(2016, 9, 6, 17, 0, DateTimeZone.UTC))), new MessageSummary("graylog_2", new Message("Test message 2", "source2", new DateTime(2016, 9, 6, 17, 0, DateTimeZone.UTC))));
    final AlertCondition.CheckResult checkResult = new AbstractAlertCondition.CheckResult(true, alertCondition, "Result Description", new DateTime(2016, 9, 6, 17, 0, DateTimeZone.UTC), messageSummaries);
    alarmCallback.call(stream, checkResult);
    final RecordedRequest request = server.takeRequest();
    assertThat(request.getPath()).isEqualTo("/");
    assertThat(request.getHeader("Content-Type")).isEqualTo("application/json");
    assertThat(request.getBodySize()).isPositive();
    final String requestBody = request.getBody().readUtf8();
    final JsonNode jsonNode = objectMapper.readTree(requestBody);
    assertThat(jsonNode.get("check_result").get("matching_messages").size()).isEqualTo(2);
    assertThat(jsonNode.get("check_result").get("triggered").asBoolean()).isTrue();
    assertThat(jsonNode.get("check_result").get("triggered_at").asText()).isEqualTo("2016-09-06T17:00:00.000Z");
    assertThat(jsonNode.get("stream").get("id").asText()).isEqualTo("stream-id");
}
Also used : RecordedRequest(okhttp3.mockwebserver.RecordedRequest) MockResponse(okhttp3.mockwebserver.MockResponse) Configuration(org.graylog2.plugin.configuration.Configuration) Message(org.graylog2.plugin.Message) JsonNode(com.fasterxml.jackson.databind.JsonNode) DateTime(org.joda.time.DateTime) StreamMock(org.graylog2.streams.StreamMock) DummyAlertCondition(org.graylog2.alerts.types.DummyAlertCondition) AbstractAlertCondition(org.graylog2.alerts.AbstractAlertCondition) AlertCondition(org.graylog2.plugin.alarms.AlertCondition) Stream(org.graylog2.plugin.streams.Stream) MessageSummary(org.graylog2.plugin.MessageSummary) DummyAlertCondition(org.graylog2.alerts.types.DummyAlertCondition) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)73 Message (org.graylog2.plugin.Message)51 Result (org.graylog2.plugin.inputs.Extractor.Result)27 Callable (java.util.concurrent.Callable)26 Stream (org.graylog2.plugin.streams.Stream)20 StreamRule (org.graylog2.plugin.streams.StreamRule)19 DateTime (org.joda.time.DateTime)18 Timed (com.codahale.metrics.annotation.Timed)13 ApiOperation (io.swagger.annotations.ApiOperation)13 AlertCondition (org.graylog2.plugin.alarms.AlertCondition)12 ApiResponses (io.swagger.annotations.ApiResponses)11 Produces (javax.ws.rs.Produces)9 AuditEvent (org.graylog2.audit.jersey.AuditEvent)9 Function (com.google.common.base.Function)8 UsingDataSet (com.lordofthejars.nosqlunit.annotation.UsingDataSet)8 ZonedDateTime (java.time.ZonedDateTime)8 AbstractAlertCondition (org.graylog2.alerts.AbstractAlertCondition)8 Sorting (org.graylog2.indexer.searches.Sorting)8 URI (java.net.URI)7 MessageSummary (org.graylog2.plugin.MessageSummary)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial