Example 91 with Result
use of org.graylog2.plugin.inputs.Extractor.Result in project graylog2-server by Graylog2.
the class MessageFilterChainProcessorTest method testMessagesCanBeDropped.
@Test
public void testMessagesCanBeDropped() {
final MessageFilter first = new DummyFilter(10);
final MessageFilter second = new RemovingMessageFilter();
final Set<MessageFilter> filters = ImmutableSet.of(first, second);
final MessageFilterChainProcessor processor = new MessageFilterChainProcessor(new MetricRegistry(), filters, journal, serverStatus);
final Message message = new Message("message", "source", new DateTime(2016, 1, 1, 0, 0, DateTimeZone.UTC));
final Messages result = processor.process(message);
assertThat(result).isEmpty();
}
Also used :
Messages(org.graylog2.plugin.Messages)
Message(org.graylog2.plugin.Message)
MetricRegistry(com.codahale.metrics.MetricRegistry)
MessageFilter(org.graylog2.plugin.filters.MessageFilter)
DateTime(org.joda.time.DateTime)
Test(org.junit.Test)
Example 92 with Result
use of org.graylog2.plugin.inputs.Extractor.Result in project graylog2-server by Graylog2.
the class ServerBootstrap method getSharedBindingsModules.
@Override
protected List<Module> getSharedBindingsModules() {
final List<Module> result = super.getSharedBindingsModules();
result.add(new GenericBindings());
result.add(new SecurityBindings());
result.add(new ServerStatusBindings(capabilities()));
result.add(new ValidatorModule());
result.add(new SharedPeriodicalBindings());
result.add(new SchedulerBindings());
result.add(new GenericInitializerBindings());
result.add(new MessageInputBindings());
result.add(new SystemStatsModule(configuration.isDisableSigar()));
return result;
}
Also used :
GenericInitializerBindings(org.graylog2.shared.bindings.GenericInitializerBindings)
MessageInputBindings(org.graylog2.shared.bindings.MessageInputBindings)
SecurityBindings(org.graylog2.shared.security.SecurityBindings)
ServerStatusBindings(org.graylog2.shared.bindings.ServerStatusBindings)
ValidatorModule(org.graylog2.shared.bindings.ValidatorModule)
SystemStatsModule(org.graylog2.shared.system.stats.SystemStatsModule)
SchedulerBindings(org.graylog2.shared.bindings.SchedulerBindings)
GenericBindings(org.graylog2.shared.bindings.GenericBindings)
Module(com.google.inject.Module)
ValidatorModule(org.graylog2.shared.bindings.ValidatorModule)
SystemStatsModule(org.graylog2.shared.system.stats.SystemStatsModule)
SharedPeriodicalBindings(org.graylog2.shared.bindings.SharedPeriodicalBindings)
Example 93 with Result
use of org.graylog2.plugin.inputs.Extractor.Result in project graylog2-server by Graylog2.
the class AlertNotificationsSender method send.
public void send(AlertCondition.CheckResult result, Stream stream, Alert alert, AlertCondition alertCondition) {
final List<AlarmCallbackConfiguration> callConfigurations = alarmCallbackConfigurationService.getForStream(stream);
// Checking if alarm callbacks have been defined
for (AlarmCallbackConfiguration configuration : callConfigurations) {
AlarmCallbackHistory alarmCallbackHistory;
AlarmCallback alarmCallback = null;
try {
alarmCallback = alarmCallbackFactory.create(configuration);
alarmCallback.call(stream, result);
alarmCallbackHistory = alarmCallbackHistoryService.success(configuration, alert, alertCondition);
} catch (Exception e) {
if (alarmCallback != null) {
LOG.warn("Alarm callback <" + alarmCallback.getName() + "> failed. Skipping.", e);
} else {
LOG.warn("Alarm callback with id " + configuration.getId() + " failed. Skipping.", e);
}
alarmCallbackHistory = alarmCallbackHistoryService.error(configuration, alert, alertCondition, e.getMessage());
}
try {
alarmCallbackHistoryService.save(alarmCallbackHistory);
} catch (Exception e) {
LOG.warn("Unable to save history of alarm callback run: ", e);
}
}
}
Also used :
AlarmCallbackHistory(org.graylog2.alarmcallbacks.AlarmCallbackHistory)
AlarmCallback(org.graylog2.plugin.alarms.callbacks.AlarmCallback)
AlarmCallbackConfiguration(org.graylog2.alarmcallbacks.AlarmCallbackConfiguration)
Example 94 with Result
use of org.graylog2.plugin.inputs.Extractor.Result in project graylog2-server by Graylog2.
the class EmailAlarmCallback method getAlarmBacklog.
protected List<Message> getAlarmBacklog(AlertCondition.CheckResult result) {
final AlertCondition alertCondition = result.getTriggeredCondition();
final List<MessageSummary> matchingMessages = result.getMatchingMessages();
final int effectiveBacklogSize = Math.min(alertCondition.getBacklog(), matchingMessages.size());
if (effectiveBacklogSize == 0) {
return Collections.emptyList();
}
final List<MessageSummary> backlogSummaries = matchingMessages.subList(0, effectiveBacklogSize);
final List<Message> backlog = Lists.newArrayListWithCapacity(effectiveBacklogSize);
for (MessageSummary messageSummary : backlogSummaries) {
backlog.add(messageSummary.getRawMessage());
}
return backlog;
}
Also used :
Message(org.graylog2.plugin.Message)
AlertCondition(org.graylog2.plugin.alarms.AlertCondition)
MessageSummary(org.graylog2.plugin.MessageSummary)
Example 95 with Result
use of org.graylog2.plugin.inputs.Extractor.Result in project graylog2-server by Graylog2.
the class EmailAlarmCallback method call.
@Override
public void call(Stream stream, AlertCondition.CheckResult result) throws AlarmCallbackException {
// Send alerts.
final EmailRecipients emailRecipients = this.getEmailRecipients();
if (emailRecipients.isEmpty()) {
if (!emailConfiguration.isEnabled()) {
throw new AlarmCallbackException("Email transport is not enabled in server configuration file!");
}
LOG.info("Alarm callback has no email recipients, not sending any emails.");
return;
}
AlertCondition alertCondition = result.getTriggeredCondition();
try {
if (alertCondition.getBacklog() > 0 && result.getMatchingMessages() != null) {
alertSender.sendEmails(stream, emailRecipients, result, getAlarmBacklog(result));
} else {
alertSender.sendEmails(stream, emailRecipients, result);
}
} catch (TransportConfigurationException e) {
LOG.warn("Alarm callback has email recipients and is triggered, but email transport is not configured.");
Notification notification = notificationService.buildNow().addNode(nodeId.toString()).addType(Notification.Type.EMAIL_TRANSPORT_CONFIGURATION_INVALID).addSeverity(Notification.Severity.NORMAL).addDetail("stream_id", stream.getId()).addDetail("exception", e.getMessage());
notificationService.publishIfFirst(notification);
throw new AlarmCallbackException(e.getMessage(), e);
} catch (Exception e) {
LOG.error("Alarm callback has email recipients and is triggered, but sending emails failed", e);
String exceptionDetail = e.toString();
if (e.getCause() != null) {
exceptionDetail += " (" + e.getCause() + ")";
}
Notification notification = notificationService.buildNow().addNode(nodeId.toString()).addType(Notification.Type.EMAIL_TRANSPORT_FAILED).addSeverity(Notification.Severity.NORMAL).addDetail("stream_id", stream.getId()).addDetail("exception", exceptionDetail);
notificationService.publishIfFirst(notification);
throw new AlarmCallbackException(e.getMessage(), e);
}
}
Also used :
TransportConfigurationException(org.graylog2.plugin.alarms.transports.TransportConfigurationException)
EmailRecipients(org.graylog2.alerts.EmailRecipients)
AlertCondition(org.graylog2.plugin.alarms.AlertCondition)
AlarmCallbackException(org.graylog2.plugin.alarms.callbacks.AlarmCallbackException)
Notification(org.graylog2.notifications.Notification)
TransportConfigurationException(org.graylog2.plugin.alarms.transports.TransportConfigurationException)
AlarmCallbackConfigurationException(org.graylog2.plugin.alarms.callbacks.AlarmCallbackConfigurationException)
ConfigurationException(org.graylog2.plugin.configuration.ConfigurationException)
AlarmCallbackException(org.graylog2.plugin.alarms.callbacks.AlarmCallbackException)
Aggregations
Test (org.junit.Test)73
Message (org.graylog2.plugin.Message)51
Result (org.graylog2.plugin.inputs.Extractor.Result)27
Callable (java.util.concurrent.Callable)26
Stream (org.graylog2.plugin.streams.Stream)20
StreamRule (org.graylog2.plugin.streams.StreamRule)19
DateTime (org.joda.time.DateTime)18
Timed (com.codahale.metrics.annotation.Timed)13
ApiOperation (io.swagger.annotations.ApiOperation)13
AlertCondition (org.graylog2.plugin.alarms.AlertCondition)12
ApiResponses (io.swagger.annotations.ApiResponses)11
Produces (javax.ws.rs.Produces)9
AuditEvent (org.graylog2.audit.jersey.AuditEvent)9
Function (com.google.common.base.Function)8
UsingDataSet (com.lordofthejars.nosqlunit.annotation.UsingDataSet)8
ZonedDateTime (java.time.ZonedDateTime)8
AbstractAlertCondition (org.graylog2.alerts.AbstractAlertCondition)8
Sorting (org.graylog2.indexer.searches.Sorting)8
URI (java.net.URI)7
MessageSummary (org.graylog2.plugin.MessageSummary)7
