elastic-esql 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/lib/elastic/esql.rb +161 -0
- metadata +110 -0
checksums.yaml
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
---
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: d509f46ee96d9ce934b04bdf01c14589e77a0e7130bbf86386e3050668865f10
|
|
4
|
+
data.tar.gz: 1631dc08bc5cb8a83175a1e3ab226d27093906751babf9fe220f0d61b54e669b
|
|
5
|
+
SHA512:
|
|
6
|
+
metadata.gz: fd106b0e92d4e951b3b6f685e926f538e79d727634e3f805554cbf021b8c4e92c8eb12ae2be25372e0fcfaf669ef11d372ba6c2bc53a253c2fe177e33adf14e9
|
|
7
|
+
data.tar.gz: 490df5f4fc2fae7d0505ce7a411db8a85fa32f93e6609844bbe6c0270638e7c17e58c0ba815549de28acb6fbc09cbe07fd5bc47c4604ca68408ff778a4b6594e
|
data/lib/elastic/esql.rb
ADDED
|
@@ -0,0 +1,161 @@
|
|
|
1
|
+
# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
2
|
+
# or more contributor license agreements. See the NOTICE file distributed with
|
|
3
|
+
# this work for additional information regarding copyright
|
|
4
|
+
# ownership. Elasticsearch B.V. licenses this file to you under
|
|
5
|
+
# the Apache License, Version 2.0 (the "License"); you may
|
|
6
|
+
# not use this file except in compliance with the License.
|
|
7
|
+
# You may obtain a copy of the License at
|
|
8
|
+
#
|
|
9
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
|
10
|
+
#
|
|
11
|
+
# Unless required by applicable law or agreed to in writing,
|
|
12
|
+
# software distributed under the License is distributed on an
|
|
13
|
+
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
14
|
+
# KIND, either express or implied. See the License for the
|
|
15
|
+
# specific language governing permissions and limitations
|
|
16
|
+
# under the License.
|
|
17
|
+
|
|
18
|
+
require_relative 'change_point'
|
|
19
|
+
require_relative 'custom'
|
|
20
|
+
require_relative 'dissect'
|
|
21
|
+
require_relative 'drop'
|
|
22
|
+
require_relative 'enrich'
|
|
23
|
+
require_relative 'eval'
|
|
24
|
+
require_relative 'grok'
|
|
25
|
+
require_relative 'limit'
|
|
26
|
+
require_relative 'keep'
|
|
27
|
+
require_relative 'rename'
|
|
28
|
+
require_relative 'row'
|
|
29
|
+
require_relative 'show'
|
|
30
|
+
require_relative 'sort'
|
|
31
|
+
require_relative 'where'
|
|
32
|
+
|
|
33
|
+
module Elastic
|
|
34
|
+
# @example
|
|
35
|
+
# Elastic::ESQL.from('sample_data').sort_descending('@timestamp').limit(3).to_s
|
|
36
|
+
# # => FROM 'sample_data' | SORT @timestamp desc | LIMIT 3
|
|
37
|
+
class ESQL
|
|
38
|
+
include ChangePoint
|
|
39
|
+
include Custom
|
|
40
|
+
include Dissect
|
|
41
|
+
include Drop
|
|
42
|
+
include Eval
|
|
43
|
+
include Grok
|
|
44
|
+
include Keep
|
|
45
|
+
include Limit
|
|
46
|
+
include Rename
|
|
47
|
+
include Row
|
|
48
|
+
include Show
|
|
49
|
+
include Sort
|
|
50
|
+
include Where
|
|
51
|
+
SOURCE_COMMANDS = [:from, :row, :show].freeze
|
|
52
|
+
|
|
53
|
+
def initialize
|
|
54
|
+
@query = {}
|
|
55
|
+
@custom = []
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
# Function to build the ES|QL formatted query and return it as a String.
|
|
59
|
+
# @raise [ArgumentError] if the query has no source command
|
|
60
|
+
# @return [String] The ES|QL query in ES|QL format.
|
|
61
|
+
def query
|
|
62
|
+
raise ArgumentError, 'No source command found' unless source_command_present?
|
|
63
|
+
|
|
64
|
+
@query[:enrich] = @enriches.join('| ') if @enriches
|
|
65
|
+
string_query = @query.map do |k, v|
|
|
66
|
+
"#{k.upcase} #{v}"
|
|
67
|
+
end.join(' | ')
|
|
68
|
+
|
|
69
|
+
string_query.concat(" #{@custom.join(' ')}") unless @custom.empty?
|
|
70
|
+
string_query
|
|
71
|
+
end
|
|
72
|
+
|
|
73
|
+
# Creates a new Enrich object to chain with +on+ and +with+. If other methods are chained to the
|
|
74
|
+
# Enrich object, it returns calls it upon the ESQL object that instantiated it, and returns it.
|
|
75
|
+
# @return [Elastic::Enrich]
|
|
76
|
+
def enrich(policy)
|
|
77
|
+
@enriches ||= []
|
|
78
|
+
enrich = Enrich.new(policy, self)
|
|
79
|
+
@enriches << enrich
|
|
80
|
+
enrich
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
# Class method to allow static instantiation.
|
|
84
|
+
# @param [String] index_pattern A list of indices, data streams or aliases. Supports wildcards and date math.
|
|
85
|
+
# @example
|
|
86
|
+
# Elastic::ESQL.from('sample_data')
|
|
87
|
+
# @see https://www.elastic.co/docs/reference/query-languages/esql/commands/source-commands#esql-from
|
|
88
|
+
def self.from(index_pattern)
|
|
89
|
+
new.from(index_pattern)
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
# The SHOW source command returns information about the deployment and its capabilities.
|
|
93
|
+
# @return [String] 'SHOW INFO'
|
|
94
|
+
# @see https://www.elastic.co/docs/reference/query-languages/esql/commands/source-commands#esql-show
|
|
95
|
+
def self.show
|
|
96
|
+
new.show
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
# Class method to allow static instantiation.
|
|
100
|
+
# @param [Hash] params Receives a Hash<column, value>
|
|
101
|
+
# @option params [String] column_name The column name. In case of duplicate column names, only the
|
|
102
|
+
# rightmost duplicate creates a column.
|
|
103
|
+
# @option params [String] value The value for the column. Can be a literal, an expression, or a function.
|
|
104
|
+
def self.row(*params)
|
|
105
|
+
new.row(*params)
|
|
106
|
+
end
|
|
107
|
+
|
|
108
|
+
# Instance method to allow to update +from+ with +esql.from('different_source')+.
|
|
109
|
+
# @param [String] index_pattern A list of indices, data streams or aliases. Supports wildcards and date math.
|
|
110
|
+
def from(index_pattern)
|
|
111
|
+
@query = { from: index_pattern }
|
|
112
|
+
self
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
# Defining to_s so the ES|QL formatted query is returned. This way the query will be serialized
|
|
116
|
+
# when passing an Elastic::ESQL object to the Elasticsearch client and other libraries.
|
|
117
|
+
def to_s
|
|
118
|
+
query
|
|
119
|
+
end
|
|
120
|
+
|
|
121
|
+
private
|
|
122
|
+
|
|
123
|
+
# Function for eval, row, and other functions that have one or more columns with values specified
|
|
124
|
+
# as parameters. The hash_or_string function is called with the caller name since it's the same
|
|
125
|
+
# logic to use these parameters.
|
|
126
|
+
# TODO: Refactor to accept other types when not a Hash
|
|
127
|
+
def hash_param(name, params)
|
|
128
|
+
raise_hash_error(name) unless params.is_a?(Hash)
|
|
129
|
+
|
|
130
|
+
@query[symbolize(name)] = params.map { |k, v| "#{k} = #{v}" }.join(', ')
|
|
131
|
+
self
|
|
132
|
+
end
|
|
133
|
+
|
|
134
|
+
# Error raised when a function expects a Hash and something else is passed in, with explanation
|
|
135
|
+
def raise_hash_error(name)
|
|
136
|
+
raise ArgumentError, "#{name.to_s.upcase} needs a Hash as a parameter where the keys are the " \
|
|
137
|
+
'column names and the value is the function or expression to calculate.'
|
|
138
|
+
end
|
|
139
|
+
|
|
140
|
+
# Used when building the query from hash params function
|
|
141
|
+
def symbolize(name)
|
|
142
|
+
name.is_a?(Symbol) ? name : name.to_sym
|
|
143
|
+
end
|
|
144
|
+
|
|
145
|
+
# Check if we have a source command
|
|
146
|
+
def source_command_present?
|
|
147
|
+
SOURCE_COMMANDS.map { |c| @query.each_key { |k| return true if k == c } }
|
|
148
|
+
|
|
149
|
+
false
|
|
150
|
+
end
|
|
151
|
+
|
|
152
|
+
# Helper method to return a copy of the object when functions are called without `!`, so the
|
|
153
|
+
# object is not mutated.
|
|
154
|
+
def method_copy(name, *params)
|
|
155
|
+
esql = clone
|
|
156
|
+
esql.instance_variable_set('@query', esql.instance_variable_get('@query').clone)
|
|
157
|
+
esql.send("#{name}!", *params)
|
|
158
|
+
esql
|
|
159
|
+
end
|
|
160
|
+
end
|
|
161
|
+
end
|
metadata
ADDED
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
|
2
|
+
name: elastic-esql
|
|
3
|
+
version: !ruby/object:Gem::Version
|
|
4
|
+
version: 0.1.0
|
|
5
|
+
platform: ruby
|
|
6
|
+
authors:
|
|
7
|
+
- Fernando Briano
|
|
8
|
+
bindir: bin
|
|
9
|
+
cert_chain: []
|
|
10
|
+
date: 1980-01-02 00:00:00.000000000 Z
|
|
11
|
+
dependencies:
|
|
12
|
+
- !ruby/object:Gem::Dependency
|
|
13
|
+
name: debug
|
|
14
|
+
requirement: !ruby/object:Gem::Requirement
|
|
15
|
+
requirements:
|
|
16
|
+
- - "~>"
|
|
17
|
+
- !ruby/object:Gem::Version
|
|
18
|
+
version: '1'
|
|
19
|
+
type: :development
|
|
20
|
+
prerelease: false
|
|
21
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
22
|
+
requirements:
|
|
23
|
+
- - "~>"
|
|
24
|
+
- !ruby/object:Gem::Version
|
|
25
|
+
version: '1'
|
|
26
|
+
- !ruby/object:Gem::Dependency
|
|
27
|
+
name: rake
|
|
28
|
+
requirement: !ruby/object:Gem::Requirement
|
|
29
|
+
requirements:
|
|
30
|
+
- - "~>"
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: '13'
|
|
33
|
+
type: :development
|
|
34
|
+
prerelease: false
|
|
35
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
36
|
+
requirements:
|
|
37
|
+
- - "~>"
|
|
38
|
+
- !ruby/object:Gem::Version
|
|
39
|
+
version: '13'
|
|
40
|
+
- !ruby/object:Gem::Dependency
|
|
41
|
+
name: rspec
|
|
42
|
+
requirement: !ruby/object:Gem::Requirement
|
|
43
|
+
requirements:
|
|
44
|
+
- - "~>"
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: '3'
|
|
47
|
+
type: :development
|
|
48
|
+
prerelease: false
|
|
49
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
50
|
+
requirements:
|
|
51
|
+
- - "~>"
|
|
52
|
+
- !ruby/object:Gem::Version
|
|
53
|
+
version: '3'
|
|
54
|
+
- !ruby/object:Gem::Dependency
|
|
55
|
+
name: rubocop
|
|
56
|
+
requirement: !ruby/object:Gem::Requirement
|
|
57
|
+
requirements:
|
|
58
|
+
- - "~>"
|
|
59
|
+
- !ruby/object:Gem::Version
|
|
60
|
+
version: '1.75'
|
|
61
|
+
type: :development
|
|
62
|
+
prerelease: false
|
|
63
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
64
|
+
requirements:
|
|
65
|
+
- - "~>"
|
|
66
|
+
- !ruby/object:Gem::Version
|
|
67
|
+
version: '1.75'
|
|
68
|
+
- !ruby/object:Gem::Dependency
|
|
69
|
+
name: yard
|
|
70
|
+
requirement: !ruby/object:Gem::Requirement
|
|
71
|
+
requirements:
|
|
72
|
+
- - "~>"
|
|
73
|
+
- !ruby/object:Gem::Version
|
|
74
|
+
version: '0.9'
|
|
75
|
+
type: :development
|
|
76
|
+
prerelease: false
|
|
77
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
78
|
+
requirements:
|
|
79
|
+
- - "~>"
|
|
80
|
+
- !ruby/object:Gem::Version
|
|
81
|
+
version: '0.9'
|
|
82
|
+
executables: []
|
|
83
|
+
extensions: []
|
|
84
|
+
extra_rdoc_files: []
|
|
85
|
+
files:
|
|
86
|
+
- lib/elastic/esql.rb
|
|
87
|
+
licenses:
|
|
88
|
+
- Apache-2.0
|
|
89
|
+
metadata:
|
|
90
|
+
changelog_uri: https://github.com/elastic/esql-ruby/blob/main/CHANGELOG.md
|
|
91
|
+
source_code_uri: https://github.com/elastic/esql-ruby/tree/main
|
|
92
|
+
bug_tracker_uri: https://github.com/elastic/esql-ruby/issues
|
|
93
|
+
rdoc_options: []
|
|
94
|
+
require_paths:
|
|
95
|
+
- lib
|
|
96
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
|
97
|
+
requirements:
|
|
98
|
+
- - ">="
|
|
99
|
+
- !ruby/object:Gem::Version
|
|
100
|
+
version: '3.0'
|
|
101
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
102
|
+
requirements:
|
|
103
|
+
- - ">="
|
|
104
|
+
- !ruby/object:Gem::Version
|
|
105
|
+
version: '0'
|
|
106
|
+
requirements: []
|
|
107
|
+
rubygems_version: 3.6.9
|
|
108
|
+
specification_version: 4
|
|
109
|
+
summary: Elastic ES|QL Query builder
|
|
110
|
+
test_files: []
|