RubyGems - plunk - Versions diffs - 0.0.10 → 0.1.0 - Mend

plunk 0.0.10 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a659a0a283f124f49496afa4cca6987f8c922d5d
-  data.tar.gz: 545c1203a5f86c97ac4eb32e8a515c84c36f342a
+  metadata.gz: 1f4ae213e6780d0beabd3c1d1595424aa75b041a
+  data.tar.gz: 00bd1c4fab440ccc2bc140f0243f6f9769e0f6f8
 SHA512:
-  metadata.gz: c92655505f884b6b95231fd923620948ca9d67fa32610d0c416e408a39696d44baa752b14ac0482d1a77f9a061c41544f5d662cd84f7e6178c1670d5abed7b42
-  data.tar.gz: cb2b3e91a07b221b954aabe2f9ae0711e267ef7a68f4dc4fdfb16482534135d59761e7773897716021b6cd3d755f89bd3aebd2061998acd9ca7845ac32abf6b1
+  metadata.gz: 05df593ab809765d85a480c9a6056599be8b8843023a473c5621cd4d49e878e26e40f168edc5375666de0596600790dfe168c462bac54191efab9b0c2423e1b7
+  data.tar.gz: b5dd04ae58e43e338259f171a421ab9cbc19096675ef78379d62adbf62a86a78c1f1703c270986b0d9669c342985fe1feca2157bf9c922c0ff5ea7118c5676c9

data/lib/plunk/elasticsearch.rb CHANGED Viewed

@@ -57,7 +57,7 @@ class Plunk::Elasticsearch
   end
   # nested field matcher
-  def extract_values(hash, keys)
+  def self.extract_values(hash, keys)
     @vals ||= []
     hash.each_pair do |k, v|

data/lib/plunk/transformer.rb CHANGED Viewed

@@ -10,20 +10,21 @@ class Plunk::Transformer < Parslet::Transform
   rule(
     field: simple(:field),
     value: {
-      term: simple(:term),
+      initial_query: subtree(:initial_query),
       extractors: simple(:extractors)
     },
     op: '=') do
-    rs = Plunk::ResultSet.new(query_string: "#{field}:#{term}")
+    # recursively apply nested query
+    result_set = Plunk::Transformer.new.apply(initial_query)
-    json = JSON.parse rs.eval
+    json = JSON.parse result_set.eval
     values = Plunk::Elasticsearch.extract_values json, extractors.to_s.split(',')
     if values.empty?
       Plunk::ResultSet.new
     else
-      Plunk::ResultSet.new(query_string: "(#{values.uniq.join(' OR ')})")
+      Plunk::ResultSet.new(query_string: "#{field}:(#{values.uniq.join(' OR ')})")
     end
   end

data/plunk.gemspec CHANGED Viewed

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name                    = "plunk"
-  s.version                 = "0.0.10"
+  s.version                 = "0.1.0"
   s.date                    = "2013-12-03"
   s.add_runtime_dependency  "json"
   s.add_runtime_dependency  "parslet"

data/spec/last_spec.rb CHANGED Viewed

@@ -55,4 +55,18 @@ describe 'the last command' do
             lte: Time.now
     }}}}.to_s)
   end
+  it 'should parse foo=bar last 1h' do
+    result = @transformer.apply @parser.parse('last 1h foo=bar')
+    expect(result.query.to_s).to eq({
+      query: {
+        query_string: {
+          query: 'foo:bar'
+        },
+        range: {
+          '@timestamp' => {
+            gte: 1.hour.ago,
+            lte: Time.now
+    }}}}.to_s)
+  end
 end

data/spec/nested_search_spec.rb CHANGED Viewed

@@ -1,6 +1,25 @@
 require 'spec_helper'
 describe 'nested searches' do
+  before :all do
+    fake_results = {
+      foo: 'bar',
+      baz: 5,
+      arr: [ 0, 1, 2, 3 ],
+      '@timestamp' => Time.now
+    }.to_json
+    Plunk::ResultSet.any_instance.stub(:eval).and_return(fake_results)
+  end
+  it 'should transform' do
+    results = @transformer.apply @parser.parse('foo=`bar=baz|baz`')
+    expect(results.query).to eq({
+      query: {
+        query_string: {
+          query: 'foo:(5)'
+    }}})
+  end
   it 'should parse a nested basic search' do
     @parsed = @parser.parse 'tshark.len = ` 226 | tshark.frame.time_epoch,tshark.ip.src`'
     expect(@parsed[:field].to_s).to eq 'tshark.len'

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: plunk
 version: !ruby/object:Gem::Version
-  version: 0.0.10
+  version: 0.1.0
 platform: ruby
 authors:
 - Ram Mehta