/** * Build a group response. * @param groupRequest The original group request. * @param response The search response. * @return A group response. */ protected GroupResponse buildGroupResponse( GroupRequest groupRequest, QueryResponse response) { String groupNames = groupRequest.getGroups().stream().map(Group::getField).collect( Collectors.joining(",")); List<PivotField> pivotFields = response.getFacetPivot().get(groupNames); GroupResponse groupResponse = new GroupResponse(); groupResponse.setGroupedBy(groupRequest.getGroups().get(0).getField()); groupResponse.setGroupResults(getGroupResults(groupRequest, 0, pivotFields)); return groupResponse; }
@Test public void group_by_ip_query() throws Exception { GroupRequest request = JSONUtils.INSTANCE.load(groupByIpQuery, GroupRequest.class); GroupResponse response = getIndexDao().group(request); // expect only 1 group for 'ip_src_addr' Assert.assertEquals("ip_src_addr", response.getGroupedBy()); // there are 8 different 'ip_src_addr' values List<GroupResult> groups = response.getGroupResults(); Assert.assertEquals(8, groups.size()); // expect dotted-decimal notation in descending order Assert.assertEquals("192.168.1.8", groups.get(0).getKey()); Assert.assertEquals("192.168.1.7", groups.get(1).getKey()); Assert.assertEquals("192.168.1.6", groups.get(2).getKey()); Assert.assertEquals("192.168.1.5", groups.get(3).getKey()); Assert.assertEquals("192.168.1.4", groups.get(4).getKey()); Assert.assertEquals("192.168.1.3", groups.get(5).getKey()); Assert.assertEquals("192.168.1.2", groups.get(6).getKey()); Assert.assertEquals("192.168.1.1", groups.get(7).getKey()); }
GroupResult result = groupResponse.getGroupResults().get(0); Assert.assertEquals(1, result.getTotal()); Assert.assertEquals("192.168.1.1", result.getKey());
Assert.assertEquals("is_alert", response.getGroupedBy()); List<GroupResult> isAlertGroups = response.getGroupResults(); Assert.assertEquals(2, isAlertGroups.size());
/** * Build a group response. * @param groupRequest The original group request. * @param response The search response. * @return A group response. * @throws InvalidSearchException */ private GroupResponse buildGroupResponse( GroupRequest groupRequest, org.elasticsearch.action.search.SearchResponse response) throws InvalidSearchException { // build the search response Map<String, FieldType> commonColumnMetadata; try { commonColumnMetadata = columnMetadataDao.getColumnMetadata(groupRequest.getIndices()); } catch (IOException e) { throw new InvalidSearchException(String.format("Could not get common column metadata for indices %s", Arrays.toString(groupRequest.getIndices().toArray()))); } GroupResponse groupResponse = new GroupResponse(); groupResponse.setGroupedBy(groupRequest.getGroups().get(0).getField()); groupResponse.setGroupResults(getGroupResults(groupRequest, 0, response.getAggregations(), commonColumnMetadata)); return groupResponse; }
Assert.assertEquals("is_alert", response.getGroupedBy()); List<GroupResult> isAlertGroups = response.getGroupResults(); Assert.assertEquals(2, isAlertGroups.size());
@Override public GroupResponse group(GroupRequest groupRequest) throws InvalidSearchException { GroupResponse groupResponse = new GroupResponse(); groupResponse.setGroupedBy(groupRequest.getGroups().get(0).getField()); groupResponse.setGroupResults(getGroupResults(groupRequest.getGroups(), 0)); return groupResponse; }