sb.append(")"); if (!qDef.getNamesFilter().isEmpty()) { sb.append(" AND (" + COL_EVENT_NAME + " IN "); sb.append(buildClauseIn(qDef.getNamesFilter())); sb.append(")");
if (qDef.getNamesFilter() != null && !qDef.getNamesFilter().isEmpty()) { sb.append(" AND (" + COL_EVENT_NAME + " IN "); sb.append(buildClauseIn(qDef.getNamesFilter())); sb.append(")");
String currentFeatureName = entry.getKey(); Set < String > filteredFeatures = query.getNamesFilter(); if (filteredFeatures == null || filteredFeatures.isEmpty() || filteredFeatures.contains(currentFeatureName)) {
if (!qDef.getNamesFilter().isEmpty()) { filterList.addFilter( createFilterListOR(B_EVENT_NAME, qDef.getNamesFilter()));
public Search queryGetEventQueryDefinition(EventQueryDefinition query, String action) { BoolQueryBuilder booleanQuery = new BoolQueryBuilder(); // Optional constant for action filter if (action != null) { query.getActionFilters().add(action); } QueryBuilder typeQuery = QueryBuilders.termQuery("type", EventConstants.TARGET_FEATURE); // Timestamp filter RangeQueryBuilder timestampFilter = QueryBuilders.rangeQuery("timestamp") // .gt(query.getFrom().longValue()) // .lt(query.getTo().longValue()) // .includeLower(false) // .includeUpper(false); booleanQuery.must(typeQuery); booleanQuery.must(timestampFilter); // Optional filters addOptionalFilters(booleanQuery, query.getActionFilters(), "action"); addOptionalFilters(booleanQuery, query.getHostFilters(), "hostName"); addOptionalFilters(booleanQuery, query.getNamesFilter(), "name"); addOptionalFilters(booleanQuery, query.getSourceFilters(), "source"); // Warning : default size is set to 10 results, that's why it's // overridden SearchSourceBuilder searchSourceBuilder = new SearchSourceBuilder().size(100); Search searchQuery = new Search.Builder(searchSourceBuilder.query(booleanQuery.toString()).toString()) // .addIndex(connection.getIndexName()) // .addType(ElasticConstants.TYPE_EVENT) // .build(); return searchQuery; }