use of org.graylog2.plugin.inputs.annotations.Codec in project graylog2-server by Graylog2.
the class JournalDecode method runCommand.
@Override
protected void runCommand() {
Range<Long> range;
try {
final List<String> offsets = Splitter.on("..").limit(2).splitToList(rangeArg);
if (offsets.size() == 1) {
range = Range.singleton(Long.valueOf(offsets.get(0)));
} else if (offsets.size() == 2) {
final String first = offsets.get(0);
final String second = offsets.get(1);
if (first.isEmpty()) {
range = Range.atMost(Long.valueOf(second));
} else if (second.isEmpty()) {
range = Range.atLeast(Long.valueOf(first));
} else {
range = Range.closed(Long.valueOf(first), Long.valueOf(second));
}
} else {
throw new RuntimeException();
}
} catch (Exception e) {
System.err.println("Malformed offset range: " + rangeArg);
return;
}
final Map<String, Codec.Factory<? extends Codec>> codecFactory = injector.getInstance(Key.get(new TypeLiteral<Map<String, Codec.Factory<? extends Codec>>>() {
}));
final Long readOffset = range.lowerEndpoint();
final long count = range.upperEndpoint() - range.lowerEndpoint() + 1;
final List<Journal.JournalReadEntry> entries = journal.read(readOffset, count);
for (final Journal.JournalReadEntry entry : entries) {
final RawMessage raw = RawMessage.decode(entry.getPayload(), entry.getOffset());
if (raw == null) {
System.err.println(MessageFormatter.format("Journal entry at offset {} failed to decode", entry.getOffset()));
continue;
}
final Codec codec = codecFactory.get(raw.getCodecName()).create(raw.getCodecConfig());
final Message message = codec.decode(raw);
if (message == null) {
System.err.println(MessageFormatter.format("Could not use codec {} to decode raw message id {} at offset {}", new Object[] { raw.getCodecName(), raw.getId(), entry.getOffset() }));
} else {
message.setMessageQueueId(raw.getMessageQueueId());
}
final ResolvableInetSocketAddress remoteAddress = raw.getRemoteAddress();
final String remote = remoteAddress == null ? "unknown address" : remoteAddress.getInetSocketAddress().toString();
final StringBuffer sb = new StringBuffer();
sb.append("Message ").append(raw.getId()).append('\n').append(" at ").append(raw.getTimestamp()).append('\n').append(" in format ").append(raw.getCodecName()).append('\n').append(" at offset ").append(raw.getMessageQueueId()).append('\n').append(" received from remote address ").append(remote).append('\n').append(" (source field: ").append(message == null ? "unparsed" : message.getSource()).append(')').append('\n');
if (message != null) {
sb.append(" contains ").append(message.getFieldNames().size()).append(" fields.");
} else {
sb.append("The message could not be parse by the given codec.");
}
System.out.println(sb);
}
}
use of org.graylog2.plugin.inputs.annotations.Codec in project graylog2-server by Graylog2.
the class UdpTransport method getChildChannelHandlers.
@Override
protected LinkedHashMap<String, Callable<? extends ChannelHandler>> getChildChannelHandlers(final MessageInput input) {
final LinkedHashMap<String, Callable<? extends ChannelHandler>> handlerList = new LinkedHashMap<>(getCustomChildChannelHandlers(input));
final CodecAggregator aggregator = getAggregator();
if (aggregator != null) {
LOG.debug("Adding codec aggregator {} to channel pipeline", aggregator);
handlerList.put("codec-aggregator", () -> new EnvelopeMessageAggregationHandler(aggregator, localRegistry));
}
handlerList.put("envelope-message-handler", () -> new EnvelopeMessageHandler(input));
return handlerList;
}
use of org.graylog2.plugin.inputs.annotations.Codec in project graylog2-server by Graylog2.
the class MessageResource method decodeMessage.
private Message decodeMessage(Codec codec, ResolvableInetSocketAddress remoteAddress, RawMessage rawMessage) {
Message message;
try {
message = codec.decode(rawMessage);
} catch (Exception e) {
throw new BadRequestException("Could not decode message");
}
if (message == null) {
throw new BadRequestException("Could not decode message");
}
// Ensure the decoded Message has a source, otherwise creating a ResultMessage will fail
if (isNullOrEmpty(message.getSource())) {
final String address = InetAddresses.toAddrString(remoteAddress.getAddress());
message.setSource(address);
}
// Override source
final Configuration configuration = codec.getConfiguration();
if (configuration.stringIsSet(Codec.Config.CK_OVERRIDE_SOURCE)) {
message.setSource(configuration.getString(Codec.Config.CK_OVERRIDE_SOURCE));
}
return message;
}
use of org.graylog2.plugin.inputs.annotations.Codec in project graylog2-server by Graylog2.
the class MessageResource method parse.
@POST
@Path("/parse")
@Timed
@Consumes(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Parse a raw message")
@ApiResponses(value = { @ApiResponse(code = 404, message = "Specified codec does not exist."), @ApiResponse(code = 400, message = "Could not decode message.") })
@NoAuditEvent("only used to parse a test message")
public ResultMessage parse(@ApiParam(name = "JSON body", required = true) MessageParseRequest request) {
Codec codec;
try {
final Configuration configuration = new Configuration(request.configuration());
codec = codecFactory.create(request.codec(), configuration);
} catch (IllegalArgumentException e) {
throw new NotFoundException(e);
}
final ResolvableInetSocketAddress remoteAddress = ResolvableInetSocketAddress.wrap(new InetSocketAddress(request.remoteAddress(), 1234));
final RawMessage rawMessage = new RawMessage(0, new UUID(), Tools.nowUTC(), remoteAddress, request.message().getBytes(StandardCharsets.UTF_8));
final Message message = decodeMessage(codec, remoteAddress, rawMessage);
return ResultMessage.createFromMessage(message);
}
use of org.graylog2.plugin.inputs.annotations.Codec in project graylog2-server by Graylog2.
the class Beats2CodecTest method decodeMessagesHandlesFilebeatMessagesWithoutPrefix.
@Test
public void decodeMessagesHandlesFilebeatMessagesWithoutPrefix() throws Exception {
configuration = new Configuration(Collections.singletonMap("no_beats_prefix", true));
codec = new Beats2Codec(configuration, objectMapper);
final Message message = codec.decode(messageFromJson("filebeat.json"));
assertThat(message).isNotNull();
assertThat(message.getMessage()).isEqualTo("TEST");
assertThat(message.getTimestamp()).isEqualTo(new DateTime(2016, 4, 1, 0, 0, DateTimeZone.UTC));
assertThat(message.getField("beats_type")).isEqualTo("filebeat");
assertThat(message.getField("source")).isEqualTo("/tmp/test.log");
assertThat(message.getField("input_type")).isEqualTo("log");
assertThat(message.getField("count")).isEqualTo(1);
assertThat(message.getField("offset")).isEqualTo(0);
assertThat(message.getField(Message.FIELD_GL2_SOURCE_COLLECTOR)).isEqualTo("1234-5678-1234-5678");
assertThat(message.getField("filebeat_" + Message.FIELD_GL2_SOURCE_COLLECTOR)).isNull();
@SuppressWarnings("unchecked") final List<String> tags = (List<String>) message.getField("tags");
assertThat(tags).containsOnly("foobar", "test");
}
Aggregations