@Override public int hashCode() { int result = getId() != null ? getId().hashCode() : 0; result = 31 * result + (getSource() != null ? getSource().hashCode() : 0); result = 31 * result + (getScore() != +0.0f ? Float.floatToIntBits(getScore()) : 0); result = 31 * result + (getIndex() != null ? getIndex().hashCode() : 0); return result; } }
@Override public boolean equals(Object o) { if (this == o) { return true; } if (o == null || getClass() != o.getClass()) { return false; } SearchResult that = (SearchResult) o; if (Float.compare(that.getScore(), getScore()) != 0) { return false; } if (getId() != null ? !getId().equals(that.getId()) : that.getId() != null) { return false; } if (getSource() != null ? !getSource().equals(that.getSource()) : that.getSource() != null) { return false; } return getIndex() != null ? getIndex().equals(that.getIndex()) : that.getIndex() == null; }
private static Comparator<SearchResult> sorted(final List<SortField> fields) { return (o1, o2) -> { ComparisonChain chain = ComparisonChain.start(); for(SortField field : fields) { Comparable f1 = (Comparable) o1.getSource().get(field.getField()); Comparable f2 = (Comparable) o2.getSource().get(field.getField()); chain = chain.compare(f1, f2, new ComparableComparator(field.getSortOrder())); } return chain.result(); }; }
private Document toDocument(SearchResult result, Long timestamp) { Document document = Document.fromJSON(result.getSource()); document.setTimestamp(timestamp); document.setDocumentID(result.getId()); return document; }
Document doc = new Document(searchResult.getSource(), searchResult.getId(), MetaAlertConstants.METAALERT_TYPE, 0L); metaAlerts.add(doc);
@Test public void filter_query_filters_results() throws Exception { SearchRequest request = JSONUtils.INSTANCE.load(filterQuery, SearchRequest.class); SearchResponse response = getIndexDao().search(request); Assert.assertEquals(3, response.getTotal()); List<SearchResult> results = response.getResults(); Assert.assertEquals("snort", results.get(0).getSource().get(getSourceTypeField())); Assert.assertEquals("9", results.get(0).getSource().get("timestamp").toString()); Assert.assertEquals("snort", results.get(1).getSource().get(getSourceTypeField())); Assert.assertEquals("7", results.get(1).getSource().get("timestamp").toString()); Assert.assertEquals("bro", results.get(2).getSource().get(getSourceTypeField())); Assert.assertEquals("1", results.get(2).getSource().get("timestamp").toString()); }
@Test public void results_are_paginated() throws Exception { SearchRequest request = JSONUtils.INSTANCE.load(paginationQuery, SearchRequest.class); SearchResponse response = getIndexDao().search(request); Assert.assertEquals(10, response.getTotal()); List<SearchResult> results = response.getResults(); Assert.assertEquals(3, results.size()); Assert.assertEquals("snort", results.get(0).getSource().get(getSourceTypeField())); Assert.assertEquals("6", results.get(0).getSource().get("timestamp").toString()); Assert.assertEquals("bro", results.get(1).getSource().get(getSourceTypeField())); Assert.assertEquals("5", results.get(1).getSource().get("timestamp").toString()); Assert.assertEquals("bro", results.get(2).getSource().get(getSourceTypeField())); Assert.assertEquals("4", results.get(2).getSource().get("timestamp").toString()); }
@Test public void different_type_filter_query() throws Exception { SearchRequest request = JSONUtils.INSTANCE.load(differentTypeFilterQuery, SearchRequest.class); SearchResponse response = dao.search(request); Assert.assertEquals(1, response.getTotal()); List<SearchResult> results = response.getResults(); Assert.assertEquals("bro", results.get(0).getSource().get("source:type")); Assert.assertEquals("data 1", results.get(0).getSource().get("ttl")); }
@Test public void sort_ascending_with_missing_fields() throws Exception { SearchRequest request = JSONUtils.INSTANCE.load(sortAscendingWithMissingFields, SearchRequest.class); SearchResponse response = getIndexDao().search(request); Assert.assertEquals(10, response.getTotal()); List<SearchResult> results = response.getResults(); Assert.assertEquals(10, results.size()); // the remaining are missing the 'threat:triage:score' and should be sorted last for (int i = 0; i < 8; i++) { Assert.assertFalse(results.get(i).getSource().containsKey("threat:triage:score")); } // validate sorted order - there are only 2 with a 'threat:triage:score' Assert.assertEquals("10.0", results.get(8).getSource().get("threat:triage:score").toString()); Assert.assertEquals("20.0", results.get(9).getSource().get("threat:triage:score").toString()); }
@Test public void sort_descending_with_missing_fields() throws Exception { SearchRequest request = JSONUtils.INSTANCE.load(sortDescendingWithMissingFields, SearchRequest.class); SearchResponse response = getIndexDao().search(request); Assert.assertEquals(10, response.getTotal()); List<SearchResult> results = response.getResults(); Assert.assertEquals(10, results.size()); // validate sorted order - there are only 2 with a 'threat:triage:score' Assert.assertEquals("20.0", results.get(0).getSource().get("threat:triage:score").toString()); Assert.assertEquals("10.0", results.get(1).getSource().get("threat:triage:score").toString()); // the remaining are missing the 'threat:triage:score' and should be sorted last for (int i = 2; i < 10; i++) { Assert.assertFalse(results.get(i).getSource().containsKey("threat:triage:score")); } }
List<String> metaalertGuids = new ArrayList<>(); for (SearchResult result : results.getResults()) { if (result.getSource().get(config.getSourceTypeField()) .equals(MetaAlertConstants.METAALERT_TYPE)) {
@Test public void returns_results_only_for_specified_indices() throws Exception { SearchRequest request = JSONUtils.INSTANCE.load(indexQuery, SearchRequest.class); SearchResponse response = getIndexDao().search(request); Assert.assertEquals(5, response.getTotal()); List<SearchResult> results = response.getResults(); for (int i = 5, j = 0; i > 0; i--, j++) { Assert.assertEquals("bro", results.get(j).getSource().get(getSourceTypeField())); Assert.assertEquals(i + "", results.get(j).getSource().get("timestamp").toString()); } }
@Test public void all_query_returns_all_results() throws Exception { SearchRequest request = JSONUtils.INSTANCE.load(allQuery, SearchRequest.class); SearchResponse response = getIndexDao().search(request); Assert.assertEquals(10, response.getTotal()); List<SearchResult> results = response.getResults(); Assert.assertEquals(10, results.size()); for(int i = 0;i < 5;++i) { Assert.assertEquals("snort", results.get(i).getSource().get(getSourceTypeField())); Assert.assertEquals(getIndexName("snort"), results.get(i).getIndex()); Assert.assertEquals(10 - i + "", results.get(i).getSource().get("timestamp").toString()); } for (int i = 5; i < 10; ++i) { Assert.assertEquals("bro", results.get(i).getSource().get(getSourceTypeField())); Assert.assertEquals(getIndexName("bro"), results.get(i).getIndex()); Assert.assertEquals(10 - i + "", results.get(i).getSource().get("timestamp").toString()); } }
@Test public void queries_fields() throws Exception { SearchRequest request = JSONUtils.INSTANCE.load(fieldsQuery, SearchRequest.class); SearchResponse response = getIndexDao().search(request); Assert.assertEquals(10, response.getTotal()); List<SearchResult> results = response.getResults(); for (int i = 0; i < 5; ++i) { Map<String, Object> source = results.get(i).getSource(); Assert.assertEquals(1, source.size()); Assert.assertNotNull(source.get("ip_src_addr")); } for (int i = 5; i < 10; ++i) { Map<String, Object> source = results.get(i).getSource(); Assert.assertEquals(1, source.size()); Assert.assertNotNull(source.get("ip_src_addr")); } }
Assert.assertEquals(13, searchResults0.size()); Set<Map<String, Object>> resultSet = new HashSet<>(); Iterables.addAll(resultSet, Iterables.transform(searchResults0, r -> r.getSource())); StringBuffer reason = new StringBuffer("Unable to find " + metaAlerts.get(0) + "\n"); reason.append(Joiner.on("\n").join(resultSet)); List<SearchResult> searchResults2 = searchResponse2.getResults(); Assert.assertEquals(1, searchResults2.size()); Assert.assertEquals(metaAlerts.get(12), searchResults2.get(0).getSource());
@Test public void sort_by_guid() throws Exception { SearchRequest request = JSONUtils.INSTANCE.load(sortByGuidQuery, SearchRequest.class); SearchResponse response = getIndexDao().search(request); Assert.assertEquals(5, response.getTotal()); List<SearchResult> results = response.getResults(); for (int i = 0; i < 5; ++i) { Map<String, Object> source = results.get(i).getSource(); Assert.assertEquals(1, source.size()); Assert.assertEquals(source.get("guid"), "bro_" + (i + 1)); } }
@Test public void sort_query_sorts_results_ascending() throws Exception { SearchRequest request = JSONUtils.INSTANCE.load(sortQuery, SearchRequest.class); SearchResponse response = getIndexDao().search(request); Assert.assertEquals(10, response.getTotal()); List<SearchResult> results = response.getResults(); for (int i = 8001; i < 8011; ++i) { Assert.assertEquals(i, results.get(i - 8001).getSource().get("ip_src_port")); } }
searchResponse.getResults().get(0).getSource().get(STATUS_FIELD));
List<SearchResult> results = result.getResults(); Assert.assertEquals(2, results.size()); Assert.assertEquals("meta_active_0", results.get((0)).getSource().get(Constants.GUID)); Assert.assertEquals("message_1", results.get((1)).getSource().get(Constants.GUID)); result = metaDao.search(srAsc); results = result.getResults(); Assert.assertEquals("message_1", results.get((0)).getSource().get(Constants.GUID)); Assert.assertEquals("meta_active_0", results.get((1)).getSource().get(Constants.GUID)); Assert.assertEquals(2, results.size());