Search in sources :

Example 51 with StreamRule

use of org.graylog2.plugin.streams.StreamRule in project graylog2-server by Graylog2.

the class InputMatcherTest method testSuccessfulMatch.

@Test
public void testSuccessfulMatch() {
    StreamRule rule = getSampleRule();
    rule.setValue("input-id-beef");
    Message msg = getSampleMessage();
    msg.addField(Message.FIELD_GL2_SOURCE_INPUT, "input-id-beef");
    StreamRuleMatcher matcher = getMatcher(rule);
    assertTrue(matcher.match(msg, rule));
}
Also used : Message(org.graylog2.plugin.Message) StreamRule(org.graylog2.plugin.streams.StreamRule) Test(org.junit.Test)

Example 52 with StreamRule

use of org.graylog2.plugin.streams.StreamRule in project graylog2-server by Graylog2.

the class InputMatcherTest method testSuccessfulMatchInverted.

@Test
public void testSuccessfulMatchInverted() {
    StreamRule rule = getSampleRule();
    rule.setValue("input-id-beef");
    rule.setInverted(true);
    Message msg = getSampleMessage();
    msg.addField(Message.FIELD_GL2_SOURCE_INPUT, "input-id-beef");
    StreamRuleMatcher matcher = getMatcher(rule);
    assertFalse(matcher.match(msg, rule));
}
Also used : Message(org.graylog2.plugin.Message) StreamRule(org.graylog2.plugin.streams.StreamRule) Test(org.junit.Test)

Example 53 with StreamRule

use of org.graylog2.plugin.streams.StreamRule in project graylog2-server by Graylog2.

the class BundleImporter method createStream.

private org.graylog2.plugin.streams.Stream createStream(final String bundleId, final Stream streamDescription, final String userName) throws ValidationException {
    // We cannot create streams without having a default index set.
    final IndexSet indexSet = indexSetRegistry.getDefault();
    final Map<String, Object> streamData = ImmutableMap.<String, Object>builder().put(StreamImpl.FIELD_TITLE, streamDescription.getTitle()).put(StreamImpl.FIELD_DESCRIPTION, streamDescription.getDescription()).put(StreamImpl.FIELD_DISABLED, streamDescription.isDisabled()).put(StreamImpl.FIELD_MATCHING_TYPE, streamDescription.getMatchingType().name()).put(StreamImpl.FIELD_CREATOR_USER_ID, userName).put(StreamImpl.FIELD_CREATED_AT, Tools.nowUTC()).put(StreamImpl.FIELD_CONTENT_PACK, bundleId).put(StreamImpl.FIELD_DEFAULT_STREAM, streamDescription.isDefaultStream()).put(StreamImpl.FIELD_INDEX_SET_ID, indexSet.getConfig().id()).build();
    final String defaultStreamId = org.graylog2.plugin.streams.Stream.DEFAULT_STREAM_ID;
    final ObjectId id = streamDescription.isDefaultStream() ? new ObjectId(defaultStreamId) : new ObjectId(streamDescription.getId());
    final org.graylog2.plugin.streams.Stream stream = new StreamImpl(id, streamData, Collections.emptyList(), Collections.emptySet(), indexSet);
    final String streamId = streamService.save(stream);
    if (streamDescription.getStreamRules() != null) {
        for (StreamRule streamRule : streamDescription.getStreamRules()) {
            final Map<String, Object> streamRuleData = ImmutableMap.<String, Object>builder().put(StreamRuleImpl.FIELD_TYPE, streamRule.getType().toInteger()).put(StreamRuleImpl.FIELD_VALUE, streamRule.getValue()).put(StreamRuleImpl.FIELD_FIELD, streamRule.getField()).put(StreamRuleImpl.FIELD_INVERTED, streamRule.isInverted()).put(StreamRuleImpl.FIELD_STREAM_ID, new ObjectId(streamId)).put(StreamRuleImpl.FIELD_CONTENT_PACK, bundleId).put(StreamRuleImpl.FIELD_DESCRIPTION, streamRule.getDescription()).build();
            streamRuleService.save(new StreamRuleImpl(streamRuleData));
        }
    }
    for (final String outputId : streamDescription.getOutputs()) {
        if (isNullOrEmpty(outputId)) {
            LOG.warn("Couldn't find referenced output <{}> for stream <{}>", outputId, streamDescription.getTitle());
        } else {
            streamService.addOutput(stream, outputsByReferenceId.get(outputId));
        }
    }
    return stream;
}
Also used : ObjectId(org.bson.types.ObjectId) StreamImpl(org.graylog2.streams.StreamImpl) StreamRuleImpl(org.graylog2.streams.StreamRuleImpl) IndexSet(org.graylog2.indexer.IndexSet)

Example 54 with StreamRule

use of org.graylog2.plugin.streams.StreamRule in project graylog2-server by Graylog2.

the class RegexMatcherTest method testSuccessfulMatchInArray.

@Test
public void testSuccessfulMatchInArray() {
    StreamRule rule = getSampleRule();
    rule.setValue("foobar");
    Message msg = getSampleMessage();
    msg.addField("something", Collections.singleton("foobar"));
    StreamRuleMatcher matcher = getMatcher(rule);
    assertTrue(matcher.match(msg, rule));
}
Also used : Message(org.graylog2.plugin.Message) StreamRule(org.graylog2.plugin.streams.StreamRule) Test(org.junit.Test)

Example 55 with StreamRule

use of org.graylog2.plugin.streams.StreamRule in project graylog2-server by Graylog2.

the class RegexMatcherTest method testSuccessfulInvertedMatch.

@Test
public void testSuccessfulInvertedMatch() {
    StreamRule rule = getSampleRule();
    rule.setValue("^foo");
    rule.setInverted(true);
    Message msg = getSampleMessage();
    msg.addField("something", "zomg");
    StreamRuleMatcher matcher = getMatcher(rule);
    assertTrue(matcher.match(msg, rule));
}
Also used : Message(org.graylog2.plugin.Message) StreamRule(org.graylog2.plugin.streams.StreamRule) Test(org.junit.Test)

Aggregations

StreamRule (org.graylog2.plugin.streams.StreamRule)98 Message (org.graylog2.plugin.Message)73 Test (org.junit.Test)71 Stream (org.graylog2.plugin.streams.Stream)16 ObjectId (org.bson.types.ObjectId)11 Timed (com.codahale.metrics.annotation.Timed)10 ApiOperation (io.swagger.annotations.ApiOperation)10 Output (org.graylog2.plugin.streams.Output)9 Produces (javax.ws.rs.Produces)8 AuditEvent (org.graylog2.audit.jersey.AuditEvent)8 ApiResponses (io.swagger.annotations.ApiResponses)7 Consumes (javax.ws.rs.Consumes)7 POST (javax.ws.rs.POST)7 Path (javax.ws.rs.Path)7 NotFoundException (org.graylog2.database.NotFoundException)7 URI (java.net.URI)6 Map (java.util.Map)6 AlarmCallbackConfiguration (org.graylog2.alarmcallbacks.AlarmCallbackConfiguration)6 NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)6 AlertCondition (org.graylog2.plugin.alarms.AlertCondition)6