plunk 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +32 -0
  3. data/lib/plunk/result_set.rb +25 -19
  4. data/lib/plunk/transformer.rb +1 -1
  5. data/plunk.gemspec +1 -1
  6. data/spec/basic_spec.rb +3 -5
  7. data/spec/boolean_spec.rb +6 -10
  8. data/spec/chained_search_spec.rb +24 -0
  9. data/spec/field_value_spec.rb +6 -10
  10. data/spec/last_spec.rb +40 -43
  11. data/spec/nested_search_spec.rb +3 -5
  12. data/spec/regexp_spec.rb +3 -5
  13. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: f4347fcd85f52a27bcf5f88860aafb1723ba4dbe
4
- data.tar.gz: 6e61f5fddc8d46739a2ab022811ee0ed0dae370e
3
+ metadata.gz: 1aaa198f780c8d3c6f9538cd86a7ee20fbf4d44c
4
+ data.tar.gz: 4cb13fb58000bf09dca9fa3001077a2b46474c41
5
5
  SHA512:
6
- metadata.gz: 7260262be415b410743081d51ac61c80383d8dcf26cff42adbfbbb8f85ac2f2268edf7c6e431abfe7ea91cdb08c609ed042bd6fc48f3602bb2c64d520239c920
7
- data.tar.gz: 04e0993e9818842f23efd04febb9eefd79c90afa2450d196882e31b9f7bb9ff4596e02b2643d019f59338a21a464518f43dea6488d0f112fce62f9ce0dd948e1
6
+ metadata.gz: a994a69ca9c8557f07869aaff1eb468773346caa06d5676e68cdea867d0e6642cb3bd573e419f557a224beb11c6a386a7189851b2f166a3ce74884f5a8e0e802
7
+ data.tar.gz: bfbd1504b80387dd2b3695a030cbb9be35110052f9b5ec8857b4415d048219e9519e71d4f6849575c67b8d878da94dff80bd3fb52b39407385d3185f4170168a
data/README.md CHANGED
@@ -2,3 +2,35 @@ plunk
2
2
  =====
3
3
 
4
4
  Human-friendly query language for Elasticsearch
5
+
6
+ Examples:
7
+
8
+ ```last 24h _type=syslog```
9
+
10
+ gets translated to:
11
+
12
+ ```json
13
+ {
14
+ "query": {
15
+ "filtered": {
16
+ "query": {
17
+ "query_string": {
18
+ "query": "_type:syslog"
19
+ }
20
+ },
21
+ "filter": {
22
+ "and": [
23
+ {
24
+ "range": {
25
+ "timestamp": {
26
+ "gte": "2013-08-23T05:43:13.770Z",
27
+ "lte": "2013-08-24T05:43:13.770Z"
28
+ }
29
+ }
30
+ }
31
+ ]
32
+ }
33
+ }
34
+ }
35
+ }
36
+ ```
data/lib/plunk/result_set.rb CHANGED
@@ -1,29 +1,35 @@
1
1
  class Plunk::ResultSet
2
- attr_accessor :query
2
+ attr_accessor :query, :query_string
3
3
 
4
- def initialize(opts=nil)
5
- if opts
6
- @query = { query: { }}
7
-
8
- if @query_string = opts[:query_string]
9
- @query[:query][:query_string] = { query: opts[:query_string] }
10
- end
4
+ def initialize(opts={})
5
+ @query = { query: { filtered: {}}}
11
6
 
12
- if opts[:start_time] and opts[:end_time]
13
- @query[:query][:range] = {
14
- '@timestamp' => {
15
- gte: opts[:start_time],
16
- lte: opts[:end_time]
17
- }
18
- }
7
+ if opts.size >= 3 # use "and" filter to AND filters
8
+ @query_string = opts[:query_string]
9
+ @query[:query][:filtered][:query] = {
10
+ query_string: {
11
+ query: opts[:query_string] }}
12
+ @query[:query][:filtered][:filter] = {
13
+ and: [
14
+ range: {
15
+ '@timestamp' => {
16
+ gte: opts[:start_time],
17
+ lte: opts[:end_time] }}]}
18
+ else
19
+ if @query_string = opts[:query_string]
20
+ @query[:query][:filtered][:query] = {
21
+ query_string: {
22
+ query: opts[:query_string] }}
23
+ elsif opts[:start_time] and opts[:end_time]
24
+ @query[:query][:filtered][:query] = {
25
+ range: {
26
+ '@timestamp' => {
27
+ gte: opts[:start_time],
28
+ lte: opts[:end_time] }}}
19
29
  end
20
30
  end
21
31
  end
22
32
 
23
- def raw_query
24
- @query_string
25
- end
26
-
27
33
  def eval
28
34
  @@elasticsearch.search(@query.to_json) if @query
29
35
  end
data/lib/plunk/transformer.rb CHANGED
@@ -137,7 +137,7 @@ class Plunk::Transformer < Parslet::Transform
137
137
  end_time = Time.now
138
138
 
139
139
  Plunk::ResultSet.new(
140
- query_string: result_set.raw_query,
140
+ query_string: result_set.query_string,
141
141
  start_time: start_time.utc.to_datetime.iso8601(3),
142
142
  end_time: end_time.utc.to_datetime.iso8601(3))
143
143
  end
data/plunk.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = "plunk"
3
- s.version = "0.1.3"
3
+ s.version = "0.1.4"
4
4
  s.date = "2013-12-03"
5
5
  s.add_runtime_dependency "json"
6
6
  s.add_runtime_dependency "parslet"
data/spec/basic_spec.rb CHANGED
@@ -3,10 +3,8 @@ require 'spec_helper'
3
3
  describe 'basic searches' do
4
4
  it 'should parse' do
5
5
  result = @transformer.apply @parser.parse('bar')
6
- result.query.should eq({
7
- query: {
8
- query_string: {
9
- query: 'bar'
10
- }}})
6
+ result.query.should eq({query:{filtered:{query:{query_string:{
7
+ query: 'bar'
8
+ }}}}})
11
9
  end
12
10
  end
data/spec/boolean_spec.rb CHANGED
@@ -3,19 +3,15 @@ require 'spec_helper'
3
3
  describe 'boolean searches' do
4
4
  it 'should parse (foo OR bar)' do
5
5
  result = @transformer.apply @parser.parse '(foo OR bar)'
6
- expect(result.query).to eq({
7
- query: {
8
- query_string: {
9
- query: '(foo OR bar)'
10
- }}})
6
+ expect(result.query).to eq({query:{filtered:{query:{query_string:{
7
+ query: '(foo OR bar)'
8
+ }}}}})
11
9
  end
12
10
 
13
11
  it 'should parse (foo OR (bar AND baz))' do
14
12
  result = @transformer.apply @parser.parse '(foo OR (bar AND baz))'
15
- expect(result.query).to eq({
16
- query: {
17
- query_string: {
18
- query: '(foo OR (bar AND baz))'
19
- }}})
13
+ expect(result.query).to eq({query:{filtered:{query:{query_string:{
14
+ query: '(foo OR (bar AND baz))'
15
+ }}}}})
20
16
  end
21
17
  end
data/spec/chained_search_spec.rb CHANGED
@@ -0,0 +1,24 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'chained searches' do
4
+ it 'should parse last 24h foo=bar baz=fez' do
5
+ result = @transformer.apply @parser.parse 'last 24h foo=bar baz=fez'
6
+ puts result
7
+ expect(result.query).to eq({query:{filtered:{query:{
8
+ range: {
9
+ '@timestamp' => {
10
+ gte: 1.day.ago.utc.iso8601(3),
11
+ lte: Time.now.utc.iso8601(3)
12
+ }
13
+ },
14
+ filter: {
15
+ and: [
16
+ query_string: {
17
+ query: 'foo:bar'
18
+ },
19
+ query_string: {
20
+ query: 'baz:fez'
21
+ }
22
+ ]}}}}})
23
+ end
24
+ end
data/spec/field_value_spec.rb CHANGED
@@ -3,19 +3,15 @@ require 'spec_helper'
3
3
  describe 'field / value searches' do
4
4
  it 'should parse a single _foo.@bar=baz' do
5
5
  result = @transformer.apply @parser.parse('_foo.@bar=baz')
6
- expect(result.query).to eq({
7
- query: {
8
- query_string: {
9
- query: '_foo.@bar:baz'
10
- }}})
6
+ expect(result.query).to eq({query:{filtered:{query:{query_string:{
7
+ query: '_foo.@bar:baz'
8
+ }}}}})
11
9
  end
12
10
 
13
11
  it 'should parse a single _foo.@bar=(baz)' do
14
12
  result = @transformer.apply @parser.parse('_foo.@bar=(baz)')
15
- expect(result.query).to eq({
16
- query: {
17
- query_string: {
18
- query: '_foo.@bar:(baz)'
19
- }}})
13
+ expect(result.query).to eq({query:{filtered:{query:{query_string:{
14
+ query: '_foo.@bar:(baz)'
15
+ }}}}})
20
16
  end
21
17
  end
data/spec/last_spec.rb CHANGED
@@ -3,70 +3,67 @@ require 'spec_helper'
3
3
  describe 'the last command' do
4
4
  it 'should parse last 24h' do
5
5
  result = @transformer.apply @parser.parse('last 24h')
6
- expect(result.query.to_s).to eq({
7
- query: {
8
- range: {
9
- '@timestamp' => {
10
- gte: 24.hours.ago.utc.to_datetime.iso8601(3),
11
- lte: Time.now.utc.to_datetime.iso8601(3)
12
- }}}}.to_s)
6
+ expect(result.query.to_s).to eq({query:{filtered:{query:{
7
+ range: {
8
+ '@timestamp' => {
9
+ gte: 24.hours.ago.utc.to_datetime.iso8601(3),
10
+ lte: Time.now.utc.to_datetime.iso8601(3)
11
+ }}}}}}.to_s)
13
12
  end
14
13
 
15
14
  it 'should parse last 24d' do
16
15
  result = @transformer.apply @parser.parse('last 24d')
17
- expect(result.query.to_s).to eq({
18
- query: {
19
- range: {
20
- '@timestamp' => {
21
- gte: 24.days.ago.utc.to_datetime.iso8601(3),
22
- lte: Time.now.utc.to_datetime.iso8601(3)
23
- }}}}.to_s)
16
+ expect(result.query.to_s).to eq({query:{filtered:{query:{
17
+ range: {
18
+ '@timestamp' => {
19
+ gte: 24.days.ago.utc.to_datetime.iso8601(3),
20
+ lte: Time.now.utc.to_datetime.iso8601(3)
21
+ }}}}}}.to_s)
24
22
  end
25
23
 
26
24
  it 'should parse last 24w' do
27
25
  result = @transformer.apply @parser.parse('last 24w')
28
- expect(result.query.to_s).to eq({
29
- query: {
30
- range: {
31
- '@timestamp' => {
32
- gte: 24.weeks.ago.utc.to_datetime.iso8601(3),
33
- lte: Time.now.utc.to_datetime.iso8601(3)
34
- }}}}.to_s)
26
+ expect(result.query.to_s).to eq({query:{filtered:{query:{
27
+ range: {
28
+ '@timestamp' => {
29
+ gte: 24.weeks.ago.utc.to_datetime.iso8601(3),
30
+ lte: Time.now.utc.to_datetime.iso8601(3)
31
+ }}}}}}.to_s)
35
32
  end
36
33
 
37
34
  it 'should parse last 24s' do
38
35
  result = @transformer.apply @parser.parse('last 24s')
39
- expect(result.query.to_s).to eq({
40
- query: {
41
- range: {
42
- '@timestamp' => {
43
- gte: 24.seconds.ago.utc.to_datetime.iso8601(3),
44
- lte: Time.now.utc.to_datetime.iso8601(3)
45
- }}}}.to_s)
36
+ expect(result.query.to_s).to eq({query:{filtered:{query:{
37
+ range: {
38
+ '@timestamp' => {
39
+ gte: 24.seconds.ago.utc.to_datetime.iso8601(3),
40
+ lte: Time.now.utc.to_datetime.iso8601(3)
41
+ }}}}}}.to_s)
46
42
  end
47
43
 
48
44
  it 'should parse last 24m' do
49
45
  result = @transformer.apply @parser.parse('last 24m')
50
- expect(result.query.to_s).to eq({
51
- query: {
52
- range: {
53
- '@timestamp' => {
54
- gte: 24.minutes.ago.utc.to_datetime.iso8601(3),
55
- lte: Time.now.utc.to_datetime.iso8601(3)
56
- }}}}.to_s)
46
+ expect(result.query.to_s).to eq({query:{filtered:{query:{
47
+ range: {
48
+ '@timestamp' => {
49
+ gte: 24.minutes.ago.utc.to_datetime.iso8601(3),
50
+ lte: Time.now.utc.to_datetime.iso8601(3)
51
+ }}}}}}.to_s)
57
52
  end
58
53
 
59
54
  it 'should parse last 1h foo=bar' do
60
55
  result = @transformer.apply @parser.parse('last 1h foo=bar')
61
- expect(result.query.to_s).to eq({
62
- query: {
56
+ expect(result.query.to_s).to eq({query:{filtered:{
57
+ query:{
63
58
  query_string: {
64
59
  query: 'foo:bar'
65
- },
66
- range: {
67
- '@timestamp' => {
68
- gte: 1.hour.ago.utc.to_datetime.iso8601(3),
69
- lte: Time.now.utc.to_datetime.iso8601(3)
70
- }}}}.to_s)
60
+ }},
61
+ filter: {
62
+ and: [
63
+ range: {
64
+ '@timestamp' => {
65
+ gte: 1.hour.ago.utc.to_datetime.iso8601(3),
66
+ lte: Time.now.utc.to_datetime.iso8601(3)
67
+ }}]}}}}.to_s)
71
68
  end
72
69
  end
data/spec/nested_search_spec.rb CHANGED
@@ -13,11 +13,9 @@ describe 'nested searches' do
13
13
 
14
14
  it 'should transform' do
15
15
  results = @transformer.apply @parser.parse('foo=`bar=baz|baz`')
16
- expect(results.query).to eq({
17
- query: {
18
- query_string: {
19
- query: 'foo:(5)'
20
- }}})
16
+ expect(results.query).to eq({query:{filtered:{query:{query_string:{
17
+ query: 'foo:(5)'
18
+ }}}}})
21
19
  end
22
20
 
23
21
  it 'should parse a nested basic search' do
data/spec/regexp_spec.rb CHANGED
@@ -3,10 +3,8 @@ require 'spec_helper'
3
3
  describe 'regexp searches' do
4
4
  it 'should parse foo=/blah foo/' do
5
5
  result = @transformer.apply @parser.parse('foo=/blah foo/')
6
- expect(result.query).to eq({
7
- query: {
8
- query_string: {
9
- query: 'foo:/blah foo/'
10
- }}})
6
+ expect(result.query).to eq({query:{filtered:{query:{query_string:{
7
+ query: 'foo:/blah foo/'
8
+ }}}}})
11
9
  end
12
10
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: plunk
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ram Mehta