Example 1 with DefaultStream
use of org.graylog2.plugin.streams.DefaultStream in project graylog2-server by Graylog2.
the class FunctionsSnippetsTest method registerFunctions.
@BeforeClass
@SuppressForbidden("Allow using default thread factory")
public static void registerFunctions() {
final Map<String, Function<?>> functions = commonFunctions();
functions.put(BooleanConversion.NAME, new BooleanConversion());
functions.put(DoubleConversion.NAME, new DoubleConversion());
functions.put(LongConversion.NAME, new LongConversion());
functions.put(StringConversion.NAME, new StringConversion());
functions.put(MapConversion.NAME, new MapConversion());
// message related functions
functions.put(HasField.NAME, new HasField());
functions.put(SetField.NAME, new SetField());
functions.put(SetFields.NAME, new SetFields());
functions.put(RenameField.NAME, new RenameField());
functions.put(RemoveField.NAME, new RemoveField());
functions.put(DropMessage.NAME, new DropMessage());
functions.put(CreateMessage.NAME, new CreateMessage());
functions.put(CloneMessage.NAME, new CloneMessage());
functions.put(TrafficAccountingSize.NAME, new TrafficAccountingSize());
// route to stream mocks
final StreamService streamService = mock(StreamService.class);
otherStream = mock(Stream.class, "some stream id2");
when(otherStream.isPaused()).thenReturn(false);
when(otherStream.getTitle()).thenReturn("some name");
when(otherStream.getId()).thenReturn("id2");
when(streamService.loadAll()).thenReturn(Lists.newArrayList(defaultStream, otherStream));
when(streamService.loadAllEnabled()).thenReturn(Lists.newArrayList(defaultStream, otherStream));
streamCacheService = new StreamCacheService(eventBus, streamService, null);
streamCacheService.startAsync().awaitRunning();
final Provider<Stream> defaultStreamProvider = () -> defaultStream;
functions.put(RouteToStream.NAME, new RouteToStream(streamCacheService, defaultStreamProvider));
functions.put(RemoveFromStream.NAME, new RemoveFromStream(streamCacheService, defaultStreamProvider));
lookupTableService = mock(LookupTableService.class, RETURNS_DEEP_STUBS);
lookupTable = spy(LookupTable.class);
when(lookupTableService.getTable(anyString())).thenReturn(lookupTable);
lookupServiceFunction = new LookupTableService.Function(lookupTableService, "table");
when(lookupTableService.newBuilder().lookupTable(anyString()).build()).thenReturn(lookupServiceFunction);
// input related functions
// TODO needs mock
// functions.put(FromInput.NAME, new FromInput());
// generic functions
functions.put(RegexMatch.NAME, new RegexMatch());
functions.put(RegexReplace.NAME, new RegexReplace());
// string functions
functions.put(Abbreviate.NAME, new Abbreviate());
functions.put(Capitalize.NAME, new Capitalize());
functions.put(Concat.NAME, new Concat());
functions.put(Contains.NAME, new Contains());
functions.put(EndsWith.NAME, new EndsWith());
functions.put(Lowercase.NAME, new Lowercase());
functions.put(Substring.NAME, new Substring());
functions.put(Swapcase.NAME, new Swapcase());
functions.put(Uncapitalize.NAME, new Uncapitalize());
functions.put(Uppercase.NAME, new Uppercase());
functions.put(KeyValue.NAME, new KeyValue());
functions.put(Join.NAME, new Join());
functions.put(Split.NAME, new Split());
functions.put(StartsWith.NAME, new StartsWith());
functions.put(Replace.NAME, new Replace());
functions.put(Length.NAME, new Length());
functions.put(FirstNonNull.NAME, new FirstNonNull());
final ObjectMapper objectMapper = new ObjectMapperProvider().get();
functions.put(JsonParse.NAME, new JsonParse(objectMapper));
functions.put(SelectJsonPath.NAME, new SelectJsonPath(objectMapper));
functions.put(DateConversion.NAME, new DateConversion());
functions.put(Now.NAME, new Now());
functions.put(FlexParseDate.NAME, new FlexParseDate());
functions.put(ParseDate.NAME, new ParseDate());
functions.put(ParseUnixMilliseconds.NAME, new ParseUnixMilliseconds());
functions.put(FormatDate.NAME, new FormatDate());
functions.put(Years.NAME, new Years());
functions.put(Months.NAME, new Months());
functions.put(Weeks.NAME, new Weeks());
functions.put(Days.NAME, new Days());
functions.put(Hours.NAME, new Hours());
functions.put(Minutes.NAME, new Minutes());
functions.put(Seconds.NAME, new Seconds());
functions.put(Millis.NAME, new Millis());
functions.put(PeriodParseFunction.NAME, new PeriodParseFunction());
functions.put(CRC32.NAME, new CRC32());
functions.put(CRC32C.NAME, new CRC32C());
functions.put(MD5.NAME, new MD5());
functions.put(Murmur3_32.NAME, new Murmur3_32());
functions.put(Murmur3_128.NAME, new Murmur3_128());
functions.put(SHA1.NAME, new SHA1());
functions.put(SHA256.NAME, new SHA256());
functions.put(SHA512.NAME, new SHA512());
functions.put(Base16Encode.NAME, new Base16Encode());
functions.put(Base16Decode.NAME, new Base16Decode());
functions.put(Base32Encode.NAME, new Base32Encode());
functions.put(Base32Decode.NAME, new Base32Decode());
functions.put(Base32HumanEncode.NAME, new Base32HumanEncode());
functions.put(Base32HumanDecode.NAME, new Base32HumanDecode());
functions.put(Base64Encode.NAME, new Base64Encode());
functions.put(Base64Decode.NAME, new Base64Decode());
functions.put(Base64UrlEncode.NAME, new Base64UrlEncode());
functions.put(Base64UrlDecode.NAME, new Base64UrlDecode());
functions.put(IpAddressConversion.NAME, new IpAddressConversion());
functions.put(CidrMatch.NAME, new CidrMatch());
functions.put(IsNull.NAME, new IsNull());
functions.put(IsNotNull.NAME, new IsNotNull());
functions.put(SyslogPriorityConversion.NAME, new SyslogPriorityConversion());
functions.put(SyslogPriorityToStringConversion.NAME, new SyslogPriorityToStringConversion());
functions.put(SyslogFacilityConversion.NAME, new SyslogFacilityConversion());
functions.put(SyslogLevelConversion.NAME, new SyslogLevelConversion());
functions.put(UrlConversion.NAME, new UrlConversion());
functions.put(UrlDecode.NAME, new UrlDecode());
functions.put(UrlEncode.NAME, new UrlEncode());
functions.put(IsBoolean.NAME, new IsBoolean());
functions.put(IsNumber.NAME, new IsNumber());
functions.put(IsDouble.NAME, new IsDouble());
functions.put(IsLong.NAME, new IsLong());
functions.put(IsString.NAME, new IsString());
functions.put(IsCollection.NAME, new IsCollection());
functions.put(IsList.NAME, new IsList());
functions.put(IsMap.NAME, new IsMap());
functions.put(IsDate.NAME, new IsDate());
functions.put(IsPeriod.NAME, new IsPeriod());
functions.put(IsIp.NAME, new IsIp());
functions.put(IsJson.NAME, new IsJson());
functions.put(IsUrl.NAME, new IsUrl());
final GrokPatternService grokPatternService = mock(GrokPatternService.class);
final GrokPattern greedyPattern = GrokPattern.create("GREEDY", ".*");
Set<GrokPattern> patterns = Sets.newHashSet(greedyPattern, GrokPattern.create("GREEDY", ".*"), GrokPattern.create("BASE10NUM", "(?<![0-9.+-])(?>[+-]?(?:(?:[0-9]+(?:\\.[0-9]+)?)|(?:\\.[0-9]+)))"), GrokPattern.create("NUMBER", "(?:%{BASE10NUM:UNWANTED})"), GrokPattern.create("UNDERSCORE", "(?<test_field>test)"), GrokPattern.create("NUM", "%{BASE10NUM}"));
when(grokPatternService.loadAll()).thenReturn(patterns);
when(grokPatternService.loadByName("GREEDY")).thenReturn(Optional.of(greedyPattern));
final EventBus clusterBus = new EventBus();
final GrokPatternRegistry grokPatternRegistry = new GrokPatternRegistry(clusterBus, grokPatternService, Executors.newScheduledThreadPool(1));
functions.put(GrokMatch.NAME, new GrokMatch(grokPatternRegistry));
functions.put(GrokExists.NAME, new GrokExists(grokPatternRegistry));
functions.put(MetricCounterIncrement.NAME, new MetricCounterIncrement(metricRegistry));
functions.put(LookupSetValue.NAME, new LookupSetValue(lookupTableService));
functions.put(LookupClearKey.NAME, new LookupClearKey(lookupTableService));
functions.put(LookupSetStringList.NAME, new LookupSetStringList(lookupTableService));
functions.put(LookupAddStringList.NAME, new LookupAddStringList(lookupTableService));
functions.put(LookupRemoveStringList.NAME, new LookupRemoveStringList(lookupTableService));
functionRegistry = new FunctionRegistry(functions);
}
Also used :
IsList(org.graylog.plugins.pipelineprocessor.functions.conversion.IsList)
SHA1(org.graylog.plugins.pipelineprocessor.functions.hashing.SHA1)
PeriodParseFunction(org.graylog.plugins.pipelineprocessor.functions.dates.periods.PeriodParseFunction)
Base32Encode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base32Encode)
IsString(org.graylog.plugins.pipelineprocessor.functions.conversion.IsString)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
StringConversion(org.graylog.plugins.pipelineprocessor.functions.conversion.StringConversion)
SyslogPriorityToStringConversion(org.graylog.plugins.pipelineprocessor.functions.syslog.SyslogPriorityToStringConversion)
SetField(org.graylog.plugins.pipelineprocessor.functions.messages.SetField)
Minutes(org.graylog.plugins.pipelineprocessor.functions.dates.periods.Minutes)
Base32Decode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base32Decode)
Base64UrlDecode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base64UrlDecode)
MapConversion(org.graylog.plugins.pipelineprocessor.functions.conversion.MapConversion)
LookupTableService(org.graylog2.lookup.LookupTableService)
IsDate(org.graylog.plugins.pipelineprocessor.functions.dates.IsDate)
Substring(org.graylog.plugins.pipelineprocessor.functions.strings.Substring)
Weeks(org.graylog.plugins.pipelineprocessor.functions.dates.periods.Weeks)
IsString(org.graylog.plugins.pipelineprocessor.functions.conversion.IsString)
FunctionRegistry(org.graylog.plugins.pipelineprocessor.parser.FunctionRegistry)
RemoveField(org.graylog.plugins.pipelineprocessor.functions.messages.RemoveField)
IsIp(org.graylog.plugins.pipelineprocessor.functions.ips.IsIp)
LookupClearKey(org.graylog.plugins.pipelineprocessor.functions.lookup.LookupClearKey)
Contains(org.graylog.plugins.pipelineprocessor.functions.strings.Contains)
CloneMessage(org.graylog.plugins.pipelineprocessor.functions.messages.CloneMessage)
SelectJsonPath(org.graylog.plugins.pipelineprocessor.functions.json.SelectJsonPath)
Millis(org.graylog.plugins.pipelineprocessor.functions.dates.periods.Millis)
CreateMessage(org.graylog.plugins.pipelineprocessor.functions.messages.CreateMessage)
Murmur3_128(org.graylog.plugins.pipelineprocessor.functions.hashing.Murmur3_128)
Split(org.graylog.plugins.pipelineprocessor.functions.strings.Split)
RegexReplace(org.graylog.plugins.pipelineprocessor.functions.strings.RegexReplace)
EndsWith(org.graylog.plugins.pipelineprocessor.functions.strings.EndsWith)
DropMessage(org.graylog.plugins.pipelineprocessor.functions.messages.DropMessage)
Base64Decode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base64Decode)
IsPeriod(org.graylog.plugins.pipelineprocessor.functions.dates.periods.IsPeriod)
KeyValue(org.graylog.plugins.pipelineprocessor.functions.strings.KeyValue)
IsDouble(org.graylog.plugins.pipelineprocessor.functions.conversion.IsDouble)
LongConversion(org.graylog.plugins.pipelineprocessor.functions.conversion.LongConversion)
IsNumber(org.graylog.plugins.pipelineprocessor.functions.conversion.IsNumber)
Lowercase(org.graylog.plugins.pipelineprocessor.functions.strings.Lowercase)
Days(org.graylog.plugins.pipelineprocessor.functions.dates.periods.Days)
SetFields(org.graylog.plugins.pipelineprocessor.functions.messages.SetFields)
IsJson(org.graylog.plugins.pipelineprocessor.functions.json.IsJson)
RenameField(org.graylog.plugins.pipelineprocessor.functions.messages.RenameField)
Base32HumanEncode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base32HumanEncode)
UrlEncode(org.graylog.plugins.pipelineprocessor.functions.urls.UrlEncode)
Base64UrlEncode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base64UrlEncode)
Uncapitalize(org.graylog.plugins.pipelineprocessor.functions.strings.Uncapitalize)
Base64UrlEncode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base64UrlEncode)
DateConversion(org.graylog.plugins.pipelineprocessor.functions.dates.DateConversion)
CRC32C(org.graylog.plugins.pipelineprocessor.functions.hashing.CRC32C)
Join(org.graylog.plugins.pipelineprocessor.functions.strings.Join)
TrafficAccountingSize(org.graylog.plugins.pipelineprocessor.functions.messages.TrafficAccountingSize)
ObjectMapperProvider(org.graylog2.shared.bindings.providers.ObjectMapperProvider)
FormatDate(org.graylog.plugins.pipelineprocessor.functions.dates.FormatDate)
Length(org.graylog.plugins.pipelineprocessor.functions.strings.Length)
Uppercase(org.graylog.plugins.pipelineprocessor.functions.strings.Uppercase)
UrlConversion(org.graylog.plugins.pipelineprocessor.functions.urls.UrlConversion)
IpAddressConversion(org.graylog.plugins.pipelineprocessor.functions.ips.IpAddressConversion)
HasField(org.graylog.plugins.pipelineprocessor.functions.messages.HasField)
Murmur3_32(org.graylog.plugins.pipelineprocessor.functions.hashing.Murmur3_32)
FlexParseDate(org.graylog.plugins.pipelineprocessor.functions.dates.FlexParseDate)
MD5(org.graylog.plugins.pipelineprocessor.functions.hashing.MD5)
SyslogFacilityConversion(org.graylog.plugins.pipelineprocessor.functions.syslog.SyslogFacilityConversion)
Swapcase(org.graylog.plugins.pipelineprocessor.functions.strings.Swapcase)
JsonParse(org.graylog.plugins.pipelineprocessor.functions.json.JsonParse)
Base16Decode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base16Decode)
IsMap(org.graylog.plugins.pipelineprocessor.functions.conversion.IsMap)
MetricCounterIncrement(org.graylog.plugins.pipelineprocessor.functions.debug.MetricCounterIncrement)
Concat(org.graylog.plugins.pipelineprocessor.functions.strings.Concat)
LookupSetValue(org.graylog.plugins.pipelineprocessor.functions.lookup.LookupSetValue)
GrokPattern(org.graylog2.grok.GrokPattern)
RouteToStream(org.graylog.plugins.pipelineprocessor.functions.messages.RouteToStream)
Capitalize(org.graylog.plugins.pipelineprocessor.functions.strings.Capitalize)
LookupAddStringList(org.graylog.plugins.pipelineprocessor.functions.lookup.LookupAddStringList)
RemoveFromStream(org.graylog.plugins.pipelineprocessor.functions.messages.RemoveFromStream)
RouteToStream(org.graylog.plugins.pipelineprocessor.functions.messages.RouteToStream)
Stream(org.graylog2.plugin.streams.Stream)
RemoveFromStream(org.graylog.plugins.pipelineprocessor.functions.messages.RemoveFromStream)
GrokPatternRegistry(org.graylog2.grok.GrokPatternRegistry)
Base16Encode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base16Encode)
SyslogPriorityConversion(org.graylog.plugins.pipelineprocessor.functions.syslog.SyslogPriorityConversion)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
BooleanConversion(org.graylog.plugins.pipelineprocessor.functions.conversion.BooleanConversion)
Years(org.graylog.plugins.pipelineprocessor.functions.dates.periods.Years)
Months(org.graylog.plugins.pipelineprocessor.functions.dates.periods.Months)
SyslogPriorityToStringConversion(org.graylog.plugins.pipelineprocessor.functions.syslog.SyslogPriorityToStringConversion)
Base32HumanDecode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base32HumanDecode)
Now(org.graylog.plugins.pipelineprocessor.functions.dates.Now)
CidrMatch(org.graylog.plugins.pipelineprocessor.functions.ips.CidrMatch)
LookupRemoveStringList(org.graylog.plugins.pipelineprocessor.functions.lookup.LookupRemoveStringList)
SHA512(org.graylog.plugins.pipelineprocessor.functions.hashing.SHA512)
IsBoolean(org.graylog.plugins.pipelineprocessor.functions.conversion.IsBoolean)
Hours(org.graylog.plugins.pipelineprocessor.functions.dates.periods.Hours)
CRC32(org.graylog.plugins.pipelineprocessor.functions.hashing.CRC32)
DoubleConversion(org.graylog.plugins.pipelineprocessor.functions.conversion.DoubleConversion)
ParseDate(org.graylog.plugins.pipelineprocessor.functions.dates.ParseDate)
FlexParseDate(org.graylog.plugins.pipelineprocessor.functions.dates.FlexParseDate)
EventBus(com.google.common.eventbus.EventBus)
GrokMatch(org.graylog.plugins.pipelineprocessor.functions.strings.GrokMatch)
StartsWith(org.graylog.plugins.pipelineprocessor.functions.strings.StartsWith)
Abbreviate(org.graylog.plugins.pipelineprocessor.functions.strings.Abbreviate)
PeriodParseFunction(org.graylog.plugins.pipelineprocessor.functions.dates.periods.PeriodParseFunction)
Function(org.graylog.plugins.pipelineprocessor.ast.functions.Function)
Base64Encode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base64Encode)
LookupSetStringList(org.graylog.plugins.pipelineprocessor.functions.lookup.LookupSetStringList)
GrokPatternService(org.graylog2.grok.GrokPatternService)
StreamCacheService(org.graylog.plugins.pipelineprocessor.functions.messages.StreamCacheService)
FirstNonNull(org.graylog.plugins.pipelineprocessor.functions.strings.FirstNonNull)
StreamService(org.graylog2.streams.StreamService)
RegexReplace(org.graylog.plugins.pipelineprocessor.functions.strings.RegexReplace)
Replace(org.graylog.plugins.pipelineprocessor.functions.strings.Replace)
IsCollection(org.graylog.plugins.pipelineprocessor.functions.conversion.IsCollection)
ParseUnixMilliseconds(org.graylog.plugins.pipelineprocessor.functions.dates.ParseUnixMilliseconds)
IsLong(org.graylog.plugins.pipelineprocessor.functions.conversion.IsLong)
SHA256(org.graylog.plugins.pipelineprocessor.functions.hashing.SHA256)
LookupTable(org.graylog2.lookup.LookupTable)
RegexMatch(org.graylog.plugins.pipelineprocessor.functions.strings.RegexMatch)
Seconds(org.graylog.plugins.pipelineprocessor.functions.dates.periods.Seconds)
UrlDecode(org.graylog.plugins.pipelineprocessor.functions.urls.UrlDecode)
Base64UrlDecode(org.graylog.plugins.pipelineprocessor.functions.encoding.Base64UrlDecode)
SyslogLevelConversion(org.graylog.plugins.pipelineprocessor.functions.syslog.SyslogLevelConversion)
IsUrl(org.graylog.plugins.pipelineprocessor.functions.urls.IsUrl)
BeforeClass(org.junit.BeforeClass)
SuppressForbidden(org.graylog2.shared.SuppressForbidden)
Example 2 with DefaultStream
use of org.graylog2.plugin.streams.DefaultStream in project graylog2-server by Graylog2.
the class BaseParserTest method evaluateRule.
@Nullable
protected Message evaluateRule(Rule rule, Consumer<Message> messageModifier) {
final Message message = new Message("hello test", "source", DateTime.now(DateTimeZone.UTC));
message.addStream(defaultStream);
messageModifier.accept(message);
return evaluateRule(rule, message);
}Example 3 with DefaultStream
use of org.graylog2.plugin.streams.DefaultStream in project graylog2-server by Graylog2.
the class StreamRouterEngine method match.
/**
* Returns a list of matching streams for the given message.
*
* @param message the message
* @return the list of matching streams
*/
public List<Stream> match(Message message) {
final Set<Stream> result = Sets.newHashSet();
final Set<String> blackList = Sets.newHashSet();
for (final Rule rule : rulesList) {
if (blackList.contains(rule.getStreamId())) {
continue;
}
final StreamRule streamRule = rule.getStreamRule();
final StreamRuleType streamRuleType = streamRule.getType();
final Stream.MatchingType matchingType = rule.getMatchingType();
if (!ruleTypesNotNeedingFieldPresence.contains(streamRuleType) && !message.hasField(streamRule.getField())) {
if (matchingType == Stream.MatchingType.AND) {
result.remove(rule.getStream());
// blacklist stream because it can't match anymore
blackList.add(rule.getStreamId());
}
continue;
}
final Stream stream;
if (streamRuleType != StreamRuleType.REGEX) {
stream = rule.match(message);
} else {
stream = rule.matchWithTimeOut(message, streamProcessingTimeout, TimeUnit.MILLISECONDS);
}
if (stream == null) {
if (matchingType == Stream.MatchingType.AND) {
result.remove(rule.getStream());
// blacklist stream because it can't match anymore
blackList.add(rule.getStreamId());
}
} else {
result.add(stream);
if (matchingType == Stream.MatchingType.OR) {
// blacklist stream because it is already matched
blackList.add(rule.getStreamId());
}
}
}
final Stream defaultStream = defaultStreamProvider.get();
boolean alreadyRemovedDefaultStream = false;
for (Stream stream : result) {
streamMetrics.markIncomingMeter(stream.getId());
if (stream.getRemoveMatchesFromDefaultStream()) {
if (alreadyRemovedDefaultStream || message.removeStream(defaultStream)) {
alreadyRemovedDefaultStream = true;
if (LOG.isTraceEnabled()) {
LOG.trace("Successfully removed default stream <{}> from message <{}>", defaultStream.getId(), message.getId());
}
} else {
if (LOG.isWarnEnabled()) {
LOG.warn("Couldn't remove default stream <{}> from message <{}>", defaultStream.getId(), message.getId());
}
}
}
}
// or someone removed it, in which case we don't mark it.
if (!alreadyRemovedDefaultStream) {
streamMetrics.markIncomingMeter(defaultStream.getId());
}
return ImmutableList.copyOf(result);
}
Also used :
StreamRule(org.graylog2.plugin.streams.StreamRule)
StreamRuleType(org.graylog2.plugin.streams.StreamRuleType)
DefaultStream(org.graylog2.plugin.streams.DefaultStream)
Stream(org.graylog2.plugin.streams.Stream)
StreamRule(org.graylog2.plugin.streams.StreamRule)
Example 4 with DefaultStream
use of org.graylog2.plugin.streams.DefaultStream in project graylog2-server by Graylog2.
the class StreamRouterEngineTest method testRemoveFromAllMessages.
@Test
public void testRemoveFromAllMessages() throws Exception {
final StreamMock stream = getStreamMock("test");
final StreamRuleMock rule = new StreamRuleMock(ImmutableMap.of("_id", new ObjectId(), "field", "testfield", "type", StreamRuleType.PRESENCE.toInteger(), "stream_id", stream.getId()));
stream.setRemoveMatchesFromDefaultStream(true);
stream.setStreamRules(Collections.singletonList(rule));
final StreamRouterEngine engine = newEngine(Collections.singletonList(stream));
final Message message = getMessage();
message.addStream(defaultStream);
assertThat(message.getStreams()).containsExactly(defaultStream);
// Without testfield in the message.
assertThat(engine.match(message)).isEmpty();
// With field in the message.
message.addField("testfield", "testvalue");
assertThat(engine.match(message)).containsExactly(stream);
assertThat(message.getStreams()).doesNotContain(defaultStream);
}
Also used :
Message(org.graylog2.plugin.Message)
ObjectId(org.bson.types.ObjectId)
StreamRuleMock(org.graylog2.streams.matchers.StreamRuleMock)
Test(org.junit.Test)
Example 5 with DefaultStream
use of org.graylog2.plugin.streams.DefaultStream in project graylog2-server by Graylog2.
the class DefaultStreamProvider method get.
@Override
public Stream get() {
Stream defaultStream = sharedInstance.get();
if (defaultStream != null) {
return defaultStream;
}
synchronized (this) {
defaultStream = sharedInstance.get();
if (defaultStream != null) {
return defaultStream;
}
int i = 0;
do {
try {
LOG.debug("Loading shared default stream instance");
defaultStream = service.load(Stream.DEFAULT_STREAM_ID);
} catch (NotFoundException ignored) {
if (i % 10 == 0) {
LOG.warn("Unable to load default stream, tried {} times, retrying every 500ms. Processing is blocked until this succeeds.", i + 1);
}
i++;
Uninterruptibles.sleepUninterruptibly(500, TimeUnit.MILLISECONDS);
}
} while (defaultStream == null);
sharedInstance.set(defaultStream);
}
return defaultStream;
}
Also used :
NotFoundException(org.graylog2.database.NotFoundException)
Stream(org.graylog2.plugin.streams.Stream)
Aggregations
Message (org.graylog2.plugin.Message)4
Stream (org.graylog2.plugin.streams.Stream)4
Test (org.junit.Test)3
BaseParserTest (org.graylog.plugins.pipelineprocessor.BaseParserTest)2
Rule (org.graylog.plugins.pipelineprocessor.ast.Rule)2
CloneMessage (org.graylog.plugins.pipelineprocessor.functions.messages.CloneMessage)2
CreateMessage (org.graylog.plugins.pipelineprocessor.functions.messages.CreateMessage)2
DropMessage (org.graylog.plugins.pipelineprocessor.functions.messages.DropMessage)2
MockitoRule (org.mockito.junit.MockitoRule)2
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1
EventBus (com.google.common.eventbus.EventBus)1
Nullable (javax.annotation.Nullable)1
ObjectId (org.bson.types.ObjectId)1
Function (org.graylog.plugins.pipelineprocessor.ast.functions.Function)1
BooleanConversion (org.graylog.plugins.pipelineprocessor.functions.conversion.BooleanConversion)1
DoubleConversion (org.graylog.plugins.pipelineprocessor.functions.conversion.DoubleConversion)1
IsBoolean (org.graylog.plugins.pipelineprocessor.functions.conversion.IsBoolean)1
IsCollection (org.graylog.plugins.pipelineprocessor.functions.conversion.IsCollection)1
IsDouble (org.graylog.plugins.pipelineprocessor.functions.conversion.IsDouble)1
IsList (org.graylog.plugins.pipelineprocessor.functions.conversion.IsList)1
