private FilterAggregationBuilder buildTopFacetAggregation(String fieldName, String facetName, BoolQueryBuilder facetFilter, int size, Function<TermsAggregationBuilder, AggregationBuilder> additionalAggregationFilter) { TermsAggregationBuilder termsAggregation = buildTermsFacetAggregation(fieldName, facetName, size); AggregationBuilder improvedAggregation = additionalAggregationFilter.apply(termsAggregation); return AggregationBuilders .filter(facetName + "_filter", facetFilter) .subAggregation(improvedAggregation); }
private static AbstractAggregationBuilder createRatingFacet(String metricKey) { return AggregationBuilders.nested("nested_" + metricKey, FIELD_MEASURES) .subAggregation( AggregationBuilders.filter("filter_" + metricKey, termsQuery(FIELD_MEASURES_KEY, metricKey)) .subAggregation(filters(metricKey, new KeyedFilter("1", termQuery(FIELD_MEASURES_VALUE, 1d)), new KeyedFilter("2", termQuery(FIELD_MEASURES_VALUE, 2d)), new KeyedFilter("3", termQuery(FIELD_MEASURES_VALUE, 3d)), new KeyedFilter("4", termQuery(FIELD_MEASURES_VALUE, 4d)), new KeyedFilter("5", termQuery(FIELD_MEASURES_VALUE, 5d))))); }
public List<SecurityStandardCategoryStatistics> getOwaspTop10Report(String projectUuid, boolean isViewOrApp, boolean includeCwe) { SearchRequestBuilder request = prepareNonClosedVulnerabilitiesAndHotspotSearch(projectUuid, isViewOrApp); Stream.concat(IntStream.rangeClosed(1, 10).mapToObj(i -> "a" + i), Stream.of(UNKNOWN_STANDARD)).forEach(owaspCategory -> { AggregationBuilder owaspCategoryAggs = AggregationBuilders .filter(owaspCategory, boolQuery() .filter(termQuery(FIELD_ISSUE_OWASP_TOP_10, owaspCategory))); request.addAggregation(addSecurityReportSubAggregations(owaspCategoryAggs, includeCwe)); }); return processSecurityReportSearchResults(request, includeCwe); }
return AggregationBuilders.filter(AGG_FILTER, QueryBuilders.matchAllQuery()) .subAggregation(AggregationBuilders.terms(AGG_TERMS) .field(field) }); return AggregationBuilders.filter(AGG_FILTER, filterQuery) .subAggregation(AggregationBuilders.terms(AGG_TERMS) .script(new Script(ScriptType.INLINE, "painless", scriptStringBuilder.toString(), Collections.emptyMap()))
public List<SecurityStandardCategoryStatistics> getSansTop25Report(String projectUuid, boolean isViewOrApp, boolean includeCwe) { SearchRequestBuilder request = prepareNonClosedVulnerabilitiesAndHotspotSearch(projectUuid, isViewOrApp); Stream.of(SANS_TOP_25_INSECURE_INTERACTION, SANS_TOP_25_RISKY_RESOURCE, SANS_TOP_25_POROUS_DEFENSES).forEach(sansCategory -> { AggregationBuilder sansCategoryAggs = AggregationBuilders .filter(sansCategory, boolQuery() .filter(termQuery(FIELD_ISSUE_SANS_TOP_25, sansCategory))); request.addAggregation(addSecurityReportSubAggregations(sansCategoryAggs, includeCwe)); }); return processSecurityReportSearchResults(request, includeCwe); }
private static AbstractAggregationBuilder createStickyFacet(String facetKey, StickyFacetBuilder facetBuilder, AbstractAggregationBuilder aggregationBuilder) { BoolQueryBuilder facetFilter = facetBuilder.getStickyFacetFilter(facetKey); return AggregationBuilders .global(facetKey) .subAggregation( AggregationBuilders .filter("facet_filter_" + facetKey, facetFilter) .subAggregation(aggregationBuilder)); }
private static AbstractAggregationBuilder createNoDataFacet(String metricKey) { return AggregationBuilders.filter( "no_data_" + metricKey, boolQuery().mustNot(nestedQuery(FIELD_MEASURES, termQuery(FIELD_MEASURES_KEY, metricKey), ScoreMode.Avg))); }
private static void addStatusFacetIfNeeded(SearchOptions options, Map<String, AggregationBuilder> aggregations, StickyFacetBuilder stickyFacetBuilder) { if (options.getFacets().contains(FACET_STATUSES)) { BoolQueryBuilder facetFilter = stickyFacetBuilder.getStickyFacetFilter(FIELD_RULE_STATUS); AggregationBuilder statuses = AggregationBuilders.filter(FACET_STATUSES + "_filter", facetFilter) .subAggregation( AggregationBuilders .terms(FACET_STATUSES) .field(FIELD_RULE_STATUS) .includeExclude(new IncludeExclude(Joiner.on('|').join(ALL_STATUSES_EXCEPT_REMOVED), RuleStatus.REMOVED.toString())) .size(ALL_STATUSES_EXCEPT_REMOVED.size())); aggregations.put(FACET_STATUSES, AggregationBuilders.global(FACET_STATUSES).subAggregation(statuses)); } }
FilterAggregationBuilder scopeAggregation = AggregationBuilders.filter( "scope_filter_for_" + FACET_TAGS, termsQuery(FIELD_RULE_EXTENSION_SCOPE,
private static void addRangeFacetIncludingNoData(SearchRequestBuilder esSearch, String metricKey, StickyFacetBuilder facetBuilder, Double... thresholds) { esSearch.addAggregation(createStickyFacet(metricKey, facetBuilder, AggregationBuilders.filter("combined_" + metricKey, matchAllQuery()) .subAggregation(createRangeFacet(metricKey, thresholds)) .subAggregation(createNoDataFacet(metricKey)))); }
private static AbstractAggregationBuilder createRangeFacet(String metricKey, Double... thresholds) { RangeAggregationBuilder rangeAgg = AggregationBuilders.range(metricKey) .field(FIELD_MEASURES_VALUE); final int lastIndex = thresholds.length - 1; IntStream.range(0, thresholds.length) .forEach(i -> { if (i == 0) { rangeAgg.addUnboundedTo(thresholds[0]); rangeAgg.addRange(thresholds[0], thresholds[1]); } else if (i == lastIndex) { rangeAgg.addUnboundedFrom(thresholds[lastIndex]); } else { rangeAgg.addRange(thresholds[i], thresholds[i + 1]); } }); return AggregationBuilders.nested("nested_" + metricKey, FIELD_MEASURES) .subAggregation( AggregationBuilders.filter("filter_" + metricKey, termsQuery(FIELD_MEASURES_KEY, metricKey)) .subAggregation(rangeAgg)); }
Map<String, Object> paramsAsMap = methodField.getParamsAsMap(); Where where = (Where) paramsAsMap.get("where"); return AggregationBuilders.filter(paramsAsMap.get("alias").toString(), QueryMaker.explan(where));
request .addAggregation(AggregationBuilders .filter(projectUuid, boolQuery() .filter(termQuery(FIELD_ISSUE_PROJECT_UUID, projectUuid)) .filter(rangeQuery(FIELD_ISSUE_FUNC_CREATED_AT).gte(epochMillisToEpochSeconds(from))))
final FilterAggregationBuilder builder = AggregationBuilders.filter("agg", QueryBuilders.existsQuery(Message.FIELD_TIMESTAMP)) .subAggregation(AggregationBuilders.min("ts_min").field(Message.FIELD_TIMESTAMP)) .subAggregation(AggregationBuilders.max("ts_max").field(Message.FIELD_TIMESTAMP))
private static void addActiveSeverityFacetIfNeeded(RuleQuery query, SearchOptions options, Map<String, AggregationBuilder> aggregations, StickyFacetBuilder stickyFacetBuilder) { QProfileDto profile = query.getQProfile(); if (options.getFacets().contains(FACET_ACTIVE_SEVERITIES) && profile != null) { // We are building a children aggregation on active rules // so the rule filter has to be used as parent filter for active rules // from which we remove filters that concern active rules ("activation") HasParentQueryBuilder ruleFilter = JoinQueryBuilders.hasParentQuery( INDEX_TYPE_RULE.getType(), stickyFacetBuilder.getStickyFacetFilter("activation"), false); // Rebuilding the active rule filter without severities BoolQueryBuilder childrenFilter = boolQuery(); addTermFilter(childrenFilter, FIELD_ACTIVE_RULE_PROFILE_UUID, profile.getRulesProfileUuid()); RuleIndex.addTermFilter(childrenFilter, FIELD_ACTIVE_RULE_INHERITANCE, query.getInheritance()); QueryBuilder activeRuleFilter = childrenFilter.must(ruleFilter); AggregationBuilder activeSeverities = JoinAggregationBuilders.children(FACET_ACTIVE_SEVERITIES + "_children", INDEX_TYPE_ACTIVE_RULE.getType()) .subAggregation( AggregationBuilders.filter(FACET_ACTIVE_SEVERITIES + "_filter", activeRuleFilter) .subAggregation( AggregationBuilders .terms(FACET_ACTIVE_SEVERITIES) .field(FIELD_ACTIVE_RULE_SEVERITY) .includeExclude(new IncludeExclude(Joiner.on('|').join(Severity.ALL), null)) .size(Severity.ALL.size()))); aggregations.put(FACET_ACTIVE_SEVERITIES, AggregationBuilders.global(FACET_ACTIVE_SEVERITIES).subAggregation(activeSeverities)); } }
private void addAssignedToMeFacetIfNeeded(SearchRequestBuilder builder, SearchOptions options, IssueQuery query, Map<String, QueryBuilder> filters, QueryBuilder queryBuilder) { String uuid = userSession.getUuid(); if (!options.getFacets().contains(ASSIGNED_TO_ME.getName()) || StringUtils.isEmpty(uuid)) { return; } String fieldName = ASSIGNED_TO_ME.getFieldName(); String facetName = ASSIGNED_TO_ME.getName(); // Same as in super.stickyFacetBuilder StickyFacetBuilder assignedToMeFacetBuilder = newStickyFacetBuilder(query, filters, queryBuilder); BoolQueryBuilder facetFilter = assignedToMeFacetBuilder.getStickyFacetFilter(IS_ASSIGNED_FILTER, fieldName); FilterAggregationBuilder facetTopAggregation = AggregationBuilders .filter(facetName + "__filter", facetFilter) .subAggregation(addEffortAggregationIfNeeded(query, AggregationBuilders.terms(facetName + "__terms") .field(fieldName) .includeExclude(new IncludeExclude(escapeSpecialRegexChars(uuid), null)))); builder.addAggregation( AggregationBuilders.global(facetName) .subAggregation(facetTopAggregation)); }
.subAggregation(AggregationBuilders.filter(NCLOC_KEY + "_filter", termQuery(FIELD_MEASURES_KEY, NCLOC_KEY)) .subAggregation(sum(NCLOC_KEY + "_filter_sum").field(FIELD_MEASURES_VALUE))));
private static AggregationBuilder addSecurityReportIssueCountAggregations(AggregationBuilder categoryAggs) { return categoryAggs .subAggregation( AggregationBuilders.filter("vulnerabilities", boolQuery() .filter(termQuery(FIELD_ISSUE_TYPE, RuleType.VULNERABILITY.name())) .mustNot(existsQuery(FIELD_ISSUE_RESOLUTION))) .subAggregation( AggregationBuilders.terms("severity").field(FIELD_ISSUE_SEVERITY) .subAggregation( AggregationBuilders.count(COUNT).field(FIELD_ISSUE_KEY)))) .subAggregation(AggregationBuilders.filter("openSecurityHotspots", boolQuery() .filter(termQuery(FIELD_ISSUE_TYPE, RuleType.SECURITY_HOTSPOT.name())) .mustNot(existsQuery(FIELD_ISSUE_RESOLUTION))) .subAggregation( AggregationBuilders.count(COUNT).field(FIELD_ISSUE_KEY))) .subAggregation(AggregationBuilders.filter("toReviewSecurityHotspots", boolQuery() .filter(termQuery(FIELD_ISSUE_TYPE, RuleType.SECURITY_HOTSPOT.name())) .filter(termQuery(FIELD_ISSUE_STATUS, Issue.STATUS_RESOLVED)) .filter(termQuery(FIELD_ISSUE_RESOLUTION, Issue.RESOLUTION_FIXED))) .subAggregation( AggregationBuilders.count(COUNT).field(FIELD_ISSUE_KEY))) .subAggregation(AggregationBuilders.filter("wontFixSecurityHotspots", boolQuery() .filter(termQuery(FIELD_ISSUE_TYPE, RuleType.SECURITY_HOTSPOT.name())) .filter(termQuery(FIELD_ISSUE_STATUS, Issue.STATUS_RESOLVED)) .filter(termQuery(FIELD_ISSUE_RESOLUTION, Issue.RESOLUTION_WONT_FIX))) .subAggregation( AggregationBuilders.count(COUNT).field(FIELD_ISSUE_KEY))); }
final FilterAggregationBuilder filterBuilder = AggregationBuilders.filter(AGG_FILTER, standardAggregationFilters(range, filter)); if (includeCount) { searchSourceBuilder.aggregation(AggregationBuilders.count(AGG_VALUE_COUNT).field(field));
.subAggregation(AggregationBuilders.filter("productAttrs") .filter(QueryBuilders.termQuery("attrValueList.type",1)) .subAggregation(AggregationBuilders.terms("attrIds")