plunk 0.2.6 → 0.2.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/lib/plunk/parser.rb +1 -1
  4. data/plunk.gemspec +1 -1
  5. data/spec/chained_search_spec.rb +39 -7
  6. data/spec/last_spec.rb +17 -12
  7. data/spec/nested_search_spec.rb +7 -2
  8. data/spec/shared/plunk_stubs.rb +5 -0
  9. data/spec/shared/time_stubs.rb +6 -0
  10. metadata +4 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 1bc1207f69f06280c177f65cdce11a259502ac58
4
- data.tar.gz: 909ee371c459abed454a019ac37f46fd48c3bfd5
3
+ metadata.gz: 3408599e2af768132c73ca5baaee9e664a3a4e7d
4
+ data.tar.gz: ae781102e75198bbcc8645fd1ae16e6bcd5e00b2
5
5
  SHA512:
6
- metadata.gz: b45c80c41996d29e5391ab23368e27e50de2c00780d1d652d95adbf60c20ef471830821f3bfd4e8e0a1f8d12ff5041edb7b8d90782f80380e4a7633aa0fede4a
7
- data.tar.gz: 8a6d79f487a627265335408439504726f5293e7e1ec8f81e275da83110e8cf55ad0b80f35e0af25baba46c3cf6c63b2c09fcf8864a538e7e91f9a2b83eac5757
6
+ metadata.gz: 8c82d20b434eb7a3e37272ea66ed0f70476469e8ee1b6871676f0aca673a6e21152fc2d59e75b8856ca160ce15778f05458616e7299de5c50bc9f97594de011a
7
+ data.tar.gz: b457cc61a5efa0b7aa7b926a5f8fefe3accc6bc7036955ed604494c71d1709caa66fd1b131c6f58e0d0dde741a4f8b229ad28bf695a9a95b9022484e9016950e
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- plunk (0.2.5)
4
+ plunk (0.2.6)
5
5
  activesupport
6
6
  elasticsearch
7
7
  json
data/lib/plunk/parser.rb CHANGED
@@ -48,7 +48,7 @@ module Plunk
48
48
  # possible right-hand side values
49
49
  rule(:wildcard) { match('[^=\s)(|]').repeat(1) }
50
50
  rule(:searchop) { match('[=]').as(:op) }
51
- rule(:query_value) { number | string | datetime | wildcard }
51
+ rule(:query_value) { string | wildcard | datetime | number }
52
52
 
53
53
  # boolean operators search
54
54
  rule(:concatop) { (str('OR') | str('AND')) >> space? }
data/plunk.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = "plunk"
3
- s.version = "0.2.6"
3
+ s.version = "0.2.7"
4
4
  s.add_runtime_dependency "json"
5
5
  s.add_runtime_dependency "parslet"
6
6
  s.add_runtime_dependency "elasticsearch"
data/spec/chained_search_spec.rb CHANGED
@@ -1,28 +1,60 @@
1
1
  require 'spec_helper'
2
+ require 'shared/time_stubs'
3
+ require 'shared/plunk_stubs'
2
4
 
3
5
  describe 'chained searches' do
4
- it 'should parse last 24h foo=bar baz=fez' do
5
- parsed = @parser.parse 'last 24h foo=bar baz=fez ham=delicious'
6
+ include_context "time stubs"
7
+ include_context "plunk stubs"
8
+
9
+ before :each do
10
+ @time = Time.parse("01/01/2010 10:00")
11
+ Time.any_instance.stub(:now).and_return(@time)
12
+ end
13
+
14
+ it 'should parse last 24h foo_type=bar baz="fez" host=27.224.123.110' do
15
+ parsed = @parser.parse 'last 24h foo_type=bar baz="fez" host=27.224.123.110'
16
+ result = @transformer.apply parsed
17
+ expect(result.query).to eq({query:{filtered:{query:{
18
+ query_string: {
19
+ query: 'foo_type:bar'
20
+ }},
21
+ filter: {
22
+ and: [{
23
+ range: {
24
+ :timestamp => {
25
+ gte: @time - 24.hours,
26
+ lte: @time
27
+ }
28
+ }},
29
+ {query_string: {
30
+ query: 'baz:fez'
31
+ }},
32
+ {query_string: {
33
+ query: 'host:27.224.123.110'
34
+ }}
35
+ ]}}}})
36
+ end
37
+
38
+ pending 'should parse last 24h (foo_type=bar AND baz="fez" AND host=27.224.123.110)' do
39
+ parsed = @parser.parse 'last 24h (foo_type=bar AND baz="fez" AND host=27.224.123.110)'
6
40
  result = @transformer.apply parsed
7
- puts "PARSED: #{parsed}"
8
- puts "RESULT_SET: #{result.inspect}"
9
41
  expect(result.query).to eq({query:{filtered:{query:{
10
42
  query_string: {
11
- query: 'foo:bar'
43
+ query: 'foo_type:bar'
12
44
  }},
13
45
  filter: {
14
46
  and: [{
15
47
  range: {
16
48
  :timestamp => {
17
49
  gte: 1.day.ago.utc.iso8601(3),
18
- lte: Time.now.utc.iso8601(3)
50
+ lte: @time
19
51
  }
20
52
  }},
21
53
  {query_string: {
22
54
  query: 'baz:fez'
23
55
  }},
24
56
  {query_string: {
25
- query: 'ham:delicious'
57
+ query: 'host:27.224.123.110'
26
58
  }}
27
59
  ]}}}})
28
60
  end
data/spec/last_spec.rb CHANGED
@@ -1,13 +1,18 @@
1
1
  require 'spec_helper'
2
+ require 'shared/time_stubs'
3
+ require 'shared/plunk_stubs'
2
4
 
3
5
  describe 'the last command' do
6
+ include_context "time stubs"
7
+ include_context "plunk stubs"
8
+
4
9
  it 'should parse last 24h' do
5
10
  result = @transformer.apply @parser.parse('last 24h')
6
11
  expect(result.query.to_s).to eq({query:{filtered:{query:{
7
12
  range: {
8
13
  Plunk.timestamp_field => {
9
- gte: 24.hours.ago.utc.to_datetime.iso8601(3),
10
- lte: Time.now.utc.to_datetime.iso8601(3)
14
+ gte: @time - 24.hours,
15
+ lte: @time
11
16
  }}}}}}.to_s)
12
17
  end
13
18
 
@@ -16,8 +21,8 @@ describe 'the last command' do
16
21
  expect(result.query.to_s).to eq({query:{filtered:{query:{
17
22
  range: {
18
23
  Plunk.timestamp_field => {
19
- gte: 24.days.ago.utc.to_datetime.iso8601(3),
20
- lte: Time.now.utc.to_datetime.iso8601(3)
24
+ gte: @time - 24.days,
25
+ lte: @time
21
26
  }}}}}}.to_s)
22
27
  end
23
28
 
@@ -26,8 +31,8 @@ describe 'the last command' do
26
31
  expect(result.query.to_s).to eq({query:{filtered:{query:{
27
32
  range: {
28
33
  Plunk.timestamp_field => {
29
- gte: 24.weeks.ago.utc.to_datetime.iso8601(3),
30
- lte: Time.now.utc.to_datetime.iso8601(3)
34
+ gte: @time - 24.weeks,
35
+ lte: @time
31
36
  }}}}}}.to_s)
32
37
  end
33
38
 
@@ -36,8 +41,8 @@ describe 'the last command' do
36
41
  expect(result.query.to_s).to eq({query:{filtered:{query:{
37
42
  range: {
38
43
  Plunk.timestamp_field => {
39
- gte: 24.seconds.ago.utc.to_datetime.iso8601(3),
40
- lte: Time.now.utc.to_datetime.iso8601(3)
44
+ gte: @time - 24.seconds,
45
+ lte: @time
41
46
  }}}}}}.to_s)
42
47
  end
43
48
 
@@ -46,8 +51,8 @@ describe 'the last command' do
46
51
  expect(result.query.to_s).to eq({query:{filtered:{query:{
47
52
  range: {
48
53
  Plunk.timestamp_field => {
49
- gte: 24.minutes.ago.utc.to_datetime.iso8601(3),
50
- lte: Time.now.utc.to_datetime.iso8601(3)
54
+ gte: @time - 24.minutes,
55
+ lte: @time
51
56
  }}}}}}.to_s)
52
57
  end
53
58
 
@@ -62,8 +67,8 @@ describe 'the last command' do
62
67
  and: [
63
68
  range: {
64
69
  Plunk.timestamp_field => {
65
- gte: 1.hour.ago.utc.to_datetime.iso8601(3),
66
- lte: Time.now.utc.to_datetime.iso8601(3)
70
+ gte: @time - 1.hour,
71
+ lte: @time
67
72
  }}]}}}}.to_s)
68
73
  end
69
74
  end
data/spec/nested_search_spec.rb CHANGED
@@ -1,12 +1,17 @@
1
1
  require 'spec_helper'
2
+ require 'shared/time_stubs'
3
+ require 'shared/plunk_stubs'
2
4
 
3
5
  describe 'nested searches' do
6
+ include_context "time stubs"
7
+ include_context "plunk stubs"
8
+
4
9
  before :each do
5
10
  fake_results = {
6
11
  foo: 'bar',
7
12
  baz: 5,
8
13
  arr: [ 0, 1, 2, 3 ],
9
- :timestamp => Time.now.utc.iso8601(3)
14
+ :timestamp => @time
10
15
  }.to_json
11
16
  Plunk::ResultSet.any_instance.stub(:eval).and_return(fake_results)
12
17
  end
@@ -22,7 +27,7 @@ describe 'nested searches' do
22
27
  @parsed = @parser.parse 'tshark.len = ` 226 | tshark.frame.time_epoch,tshark.ip.src`'
23
28
  expect(@parsed[:field].to_s).to eq 'tshark.len'
24
29
  expect(@parsed[:op].to_s).to eq '='
25
- expect(@parsed[:value][:initial_query][:match].to_s).to eq '226 '
30
+ expect(@parsed[:value][:initial_query][:match].to_s).to eq '226'
26
31
  expect(@parsed[:value][:extractors].to_s).to eq 'tshark.frame.time_epoch,tshark.ip.src'
27
32
  end
28
33
 
data/spec/shared/plunk_stubs.rb ADDED
@@ -0,0 +1,5 @@
1
+ shared_context "plunk stubs" do
2
+ before :each do
3
+ Plunk.any_instance.stub(:timestamp_field).and_return(:@timestamp)
4
+ end
5
+ end
data/spec/shared/time_stubs.rb ADDED
@@ -0,0 +1,6 @@
1
+ shared_context "time stubs" do
2
+ before :each do
3
+ @time = Time.parse("01/01/2010 10:00")
4
+ Time.any_instance.stub(:now).and_return(@time)
5
+ end
6
+ end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: plunk
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.6
4
+ version: 0.2.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ram Mehta
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-01-28 00:00:00.000000000 Z
12
+ date: 2014-01-29 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: json
@@ -113,6 +113,8 @@ files:
113
113
  - spec/shared/basic.rb
114
114
  - spec/shared/field_value.rb
115
115
  - spec/shared/last.rb
116
+ - spec/shared/plunk_stubs.rb
117
+ - spec/shared/time_stubs.rb
116
118
  - spec/spec_helper.rb
117
119
  homepage: https://github.com/elbii/plunk
118
120
  licenses: