Example 86 with JSONParser
use of org.json.simple.parser.JSONParser in project metron by apache.
the class BasicLogstashParser method parse.
@Override
public List<JSONObject> parse(byte[] raw_message) {
List<JSONObject> messages = new ArrayList<>();
try {
/*
* We need to create a new JSONParser each time because its
* not serializable and the parser is created on the storm nimbus
* node, then transfered to the workers.
*/
JSONParser jsonParser = new JSONParser();
String rawString = new String(raw_message, "UTF-8");
JSONObject rawJson = (JSONObject) jsonParser.parse(rawString);
// remove logstash meta fields
rawJson.remove("@version");
rawJson.remove("type");
rawJson.remove("host");
rawJson.remove("tags");
// rename other keys
rawJson = mutate(rawJson, "message", "original_string");
rawJson = mutate(rawJson, "src_ip", "ip_src_addr");
rawJson = mutate(rawJson, "dst_ip", "ip_dst_addr");
rawJson = mutate(rawJson, "src_port", "ip_src_port");
rawJson = mutate(rawJson, "dst_port", "ip_dst_port");
rawJson = mutate(rawJson, "src_ip", "ip_src_addr");
// convert timestamp to milli since epoch
long timestamp = LogstashToEpoch((String) rawJson.remove("@timestamp"));
rawJson.put("timestamp", timestamp);
messages.add(rawJson);
return messages;
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
Also used :
JSONObject(org.json.simple.JSONObject)
ArrayList(java.util.ArrayList)
JSONParser(org.json.simple.parser.JSONParser)
Example 87 with JSONParser
use of org.json.simple.parser.JSONParser in project metron by apache.
the class SettingsLoader method loadKnownHosts.
public static Map<String, JSONObject> loadKnownHosts(String config_path) throws ConfigurationException, ParseException {
Configuration hosts = new PropertiesConfiguration(config_path);
Iterator<String> keys = hosts.getKeys();
Map<String, JSONObject> known_hosts = new HashMap<String, JSONObject>();
JSONParser parser = new JSONParser();
while (keys.hasNext()) {
String key = keys.next().trim();
JSONArray value = (JSONArray) parser.parse(hosts.getProperty(key).toString());
known_hosts.put(key, (JSONObject) value.get(0));
}
return known_hosts;
}
Also used :
Configuration(org.apache.commons.configuration.Configuration)
XMLConfiguration(org.apache.commons.configuration.XMLConfiguration)
PropertiesConfiguration(org.apache.commons.configuration.PropertiesConfiguration)
JSONObject(org.json.simple.JSONObject)
HashMap(java.util.HashMap)
JSONArray(org.json.simple.JSONArray)
JSONParser(org.json.simple.parser.JSONParser)
PropertiesConfiguration(org.apache.commons.configuration.PropertiesConfiguration)
Example 88 with JSONParser
use of org.json.simple.parser.JSONParser in project metron by apache.
the class SettingsLoader method loadRegexAlerts.
public static Map<String, JSONObject> loadRegexAlerts(String config_path) throws ConfigurationException, ParseException {
XMLConfiguration alert_rules = new XMLConfiguration();
alert_rules.setDelimiterParsingDisabled(true);
alert_rules.load(config_path);
// int number_of_rules = alert_rules.getList("rule.pattern").size();
String[] patterns = alert_rules.getStringArray("rule.pattern");
String[] alerts = alert_rules.getStringArray("rule.alert");
JSONParser pr = new JSONParser();
Map<String, JSONObject> rules = new HashMap<String, JSONObject>();
for (int i = 0; i < patterns.length; i++) rules.put(patterns[i], (JSONObject) pr.parse(alerts[i]));
return rules;
}
Also used :
XMLConfiguration(org.apache.commons.configuration.XMLConfiguration)
JSONObject(org.json.simple.JSONObject)
HashMap(java.util.HashMap)
JSONParser(org.json.simple.parser.JSONParser)
Example 89 with JSONParser
use of org.json.simple.parser.JSONParser in project metron by apache.
the class GeoLiteDatabaseTest method setupOnce.
@BeforeClass
public static void setupOnce() throws ParseException, IOException {
JSONParser jsonParser = new JSONParser();
expectedNoDmaMessage = (JSONObject) jsonParser.parse(expectedNoDmaMessageString);
expectedDmaMessage = (JSONObject) jsonParser.parse(expectedDmaMessageString);
String baseDir = UnitTestHelper.findDir("GeoLite");
geoHdfsFile = new File(new File(baseDir), "GeoIP2-City-Test.mmdb.gz");
geoHdfsFile_update = new File(new File(baseDir), "GeoIP2-City-Test-2.mmdb.gz");
Configuration config = new Configuration();
fs = FileSystem.get(config);
}
Also used :
Configuration(org.apache.hadoop.conf.Configuration)
JSONParser(org.json.simple.parser.JSONParser)
File(java.io.File)
Example 90 with JSONParser
use of org.json.simple.parser.JSONParser in project metron by apache.
the class HostFromJSONListAdapterTest method parseJSON.
@Before
public void parseJSON() throws ParseException {
JSONParser jsonParser = new JSONParser();
expectedMessage = (JSONObject) jsonParser.parse(expectedMessageString);
}
Also used :
JSONParser(org.json.simple.parser.JSONParser)
Before(org.junit.Before)
Aggregations
JSONParser (org.json.simple.parser.JSONParser)200
JSONObject (org.json.simple.JSONObject)168
JSONArray (org.json.simple.JSONArray)73
ParseException (org.json.simple.parser.ParseException)49
HttpClient (org.apache.commons.httpclient.HttpClient)44
GetMethod (org.apache.commons.httpclient.methods.GetMethod)34
Test (org.junit.Test)28
HashMap (java.util.HashMap)23
Map (java.util.Map)19
IOException (java.io.IOException)18
File (java.io.File)16
Before (org.junit.Before)15
URL (java.net.URL)14
ArrayList (java.util.ArrayList)13
InputStreamReader (java.io.InputStreamReader)12
PostMethod (org.apache.commons.httpclient.methods.PostMethod)11
MapLayer (au.org.emii.portal.menu.MapLayer)9
Point (com.vividsolutions.jts.geom.Point)9
FileReader (java.io.FileReader)9
InputStream (java.io.InputStream)7
