plunk 0.1.3 → 0.1.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (13) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +32 -0
  3. data/lib/plunk/result_set.rb +25 -19
  4. data/lib/plunk/transformer.rb +1 -1
  5. data/plunk.gemspec +1 -1
  6. data/spec/basic_spec.rb +3 -5
  7. data/spec/boolean_spec.rb +6 -10
  8. data/spec/chained_search_spec.rb +24 -0
  9. data/spec/field_value_spec.rb +6 -10
  10. data/spec/last_spec.rb +40 -43
  11. data/spec/nested_search_spec.rb +3 -5
  12. data/spec/regexp_spec.rb +3 -5
  13. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: f4347fcd85f52a27bcf5f88860aafb1723ba4dbe
4
- data.tar.gz: 6e61f5fddc8d46739a2ab022811ee0ed0dae370e
3
+ metadata.gz: 1aaa198f780c8d3c6f9538cd86a7ee20fbf4d44c
4
+ data.tar.gz: 4cb13fb58000bf09dca9fa3001077a2b46474c41
5
5
  SHA512:
6
- metadata.gz: 7260262be415b410743081d51ac61c80383d8dcf26cff42adbfbbb8f85ac2f2268edf7c6e431abfe7ea91cdb08c609ed042bd6fc48f3602bb2c64d520239c920
7
- data.tar.gz: 04e0993e9818842f23efd04febb9eefd79c90afa2450d196882e31b9f7bb9ff4596e02b2643d019f59338a21a464518f43dea6488d0f112fce62f9ce0dd948e1
6
+ metadata.gz: a994a69ca9c8557f07869aaff1eb468773346caa06d5676e68cdea867d0e6642cb3bd573e419f557a224beb11c6a386a7189851b2f166a3ce74884f5a8e0e802
7
+ data.tar.gz: bfbd1504b80387dd2b3695a030cbb9be35110052f9b5ec8857b4415d048219e9519e71d4f6849575c67b8d878da94dff80bd3fb52b39407385d3185f4170168a
data/README.md CHANGED
@@ -2,3 +2,35 @@ plunk
2
2
  =====
3
3
 
4
4
  Human-friendly query language for Elasticsearch
5
+
6
+ Examples:
7
+
8
+ ```last 24h _type=syslog```
9
+
10
+ gets translated to:
11
+
12
+ ```json
13
+ {
14
+ "query": {
15
+ "filtered": {
16
+ "query": {
17
+ "query_string": {
18
+ "query": "_type:syslog"
19
+ }
20
+ },
21
+ "filter": {
22
+ "and": [
23
+ {
24
+ "range": {
25
+ "timestamp": {
26
+ "gte": "2013-08-23T05:43:13.770Z",
27
+ "lte": "2013-08-24T05:43:13.770Z"
28
+ }
29
+ }
30
+ }
31
+ ]
32
+ }
33
+ }
34
+ }
35
+ }
36
+ ```
data/lib/plunk/result_set.rb CHANGED
@@ -1,29 +1,35 @@
1
1
  class Plunk::ResultSet
2
- attr_accessor :query
2
+ attr_accessor :query, :query_string
3
3
 
4
- def initialize(opts=nil)
5
- if opts
6
- @query = { query: { }}
7
-
8
- if @query_string = opts[:query_string]
9
- @query[:query][:query_string] = { query: opts[:query_string] }
10
- end
4
+ def initialize(opts={})
5
+ @query = { query: { filtered: {}}}
11
6
 
12
- if opts[:start_time] and opts[:end_time]
13
- @query[:query][:range] = {
14
- '@timestamp' => {
15
- gte: opts[:start_time],
16
- lte: opts[:end_time]
17
- }
18
- }
7
+ if opts.size >= 3 # use "and" filter to AND filters
8
+ @query_string = opts[:query_string]
9
+ @query[:query][:filtered][:query] = {
10
+ query_string: {
11
+ query: opts[:query_string] }}
12
+ @query[:query][:filtered][:filter] = {
13
+ and: [
14
+ range: {
15
+ '@timestamp' => {
16
+ gte: opts[:start_time],
17
+ lte: opts[:end_time] }}]}
18
+ else
19
+ if @query_string = opts[:query_string]
20
+ @query[:query][:filtered][:query] = {
21
+ query_string: {
22
+ query: opts[:query_string] }}
23
+ elsif opts[:start_time] and opts[:end_time]
24
+ @query[:query][:filtered][:query] = {
25
+ range: {
26
+ '@timestamp' => {
27
+ gte: opts[:start_time],
28
+ lte: opts[:end_time] }}}
19
29
  end
20
30
  end
21
31
  end
22
32
 
23
- def raw_query
24
- @query_string
25
- end
26
-
27
33
  def eval
28
34
  @@elasticsearch.search(@query.to_json) if @query
29
35
  end
data/lib/plunk/transformer.rb CHANGED
@@ -137,7 +137,7 @@ class Plunk::Transformer < Parslet::Transform
137
137
  end_time = Time.now
138
138
 
139
139
  Plunk::ResultSet.new(
140
- query_string: result_set.raw_query,
140
+ query_string: result_set.query_string,
141
141
  start_time: start_time.utc.to_datetime.iso8601(3),
142
142
  end_time: end_time.utc.to_datetime.iso8601(3))
143
143
  end
data/plunk.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = "plunk"
3
- s.version = "0.1.3"
3
+ s.version = "0.1.4"
4
4
  s.date = "2013-12-03"
5
5
  s.add_runtime_dependency "json"
6
6
  s.add_runtime_dependency "parslet"
data/spec/basic_spec.rb CHANGED
@@ -3,10 +3,8 @@ require 'spec_helper'
3
3
  describe 'basic searches' do
4
4
  it 'should parse' do
5
5
  result = @transformer.apply @parser.parse('bar')
6
- result.query.should eq({
7
- query: {
8
- query_string: {
9
- query: 'bar'
10
- }}})
6
+ result.query.should eq({query:{filtered:{query:{query_string:{
7
+ query: 'bar'
8
+ }}}}})
11
9
  end
12
10
  end
data/spec/boolean_spec.rb CHANGED
@@ -3,19 +3,15 @@ require 'spec_helper'
3
3
  describe 'boolean searches' do
4
4
  it 'should parse (foo OR bar)' do
5
5
  result = @transformer.apply @parser.parse '(foo OR bar)'
6
- expect(result.query).to eq({
7
- query: {
8
- query_string: {
9
- query: '(foo OR bar)'
10
- }}})
6
+ expect(result.query).to eq({query:{filtered:{query:{query_string:{
7
+ query: '(foo OR bar)'
8
+ }}}}})
11
9
  end
12
10
 
13
11
  it 'should parse (foo OR (bar AND baz))' do
14
12
  result = @transformer.apply @parser.parse '(foo OR (bar AND baz))'
15
- expect(result.query).to eq({
16
- query: {
17
- query_string: {
18
- query: '(foo OR (bar AND baz))'
19
- }}})
13
+ expect(result.query).to eq({query:{filtered:{query:{query_string:{
14
+ query: '(foo OR (bar AND baz))'
15
+ }}}}})
20
16
  end
21
17
  end
data/spec/chained_search_spec.rb CHANGED
@@ -0,0 +1,24 @@
1
+ require 'spec_helper'
2
+
3
+ describe 'chained searches' do
4
+ it 'should parse last 24h foo=bar baz=fez' do
5
+ result = @transformer.apply @parser.parse 'last 24h foo=bar baz=fez'
6
+ puts result
7
+ expect(result.query).to eq({query:{filtered:{query:{
8
+ range: {
9
+ '@timestamp' => {
10
+ gte: 1.day.ago.utc.iso8601(3),
11
+ lte: Time.now.utc.iso8601(3)
12
+ }
13
+ },
14
+ filter: {
15
+ and: [
16
+ query_string: {
17
+ query: 'foo:bar'
18
+ },
19
+ query_string: {
20
+ query: 'baz:fez'
21
+ }
22
+ ]}}}}})
23
+ end
24
+ end
data/spec/field_value_spec.rb CHANGED
@@ -3,19 +3,15 @@ require 'spec_helper'
3
3
  describe 'field / value searches' do
4
4
  it 'should parse a single _foo.@bar=baz' do
5
5
  result = @transformer.apply @parser.parse('_foo.@bar=baz')
6
- expect(result.query).to eq({
7
- query: {
8
- query_string: {
9
- query: '_foo.@bar:baz'
10
- }}})
6
+ expect(result.query).to eq({query:{filtered:{query:{query_string:{
7
+ query: '_foo.@bar:baz'
8
+ }}}}})
11
9
  end
12
10
 
13
11
  it 'should parse a single _foo.@bar=(baz)' do
14
12
  result = @transformer.apply @parser.parse('_foo.@bar=(baz)')
15
- expect(result.query).to eq({
16
- query: {
17
- query_string: {
18
- query: '_foo.@bar:(baz)'
19
- }}})
13
+ expect(result.query).to eq({query:{filtered:{query:{query_string:{
14
+ query: '_foo.@bar:(baz)'
15
+ }}}}})
20
16
  end
21
17
  end
data/spec/last_spec.rb CHANGED
@@ -3,70 +3,67 @@ require 'spec_helper'
3
3
  describe 'the last command' do
4
4
  it 'should parse last 24h' do
5
5
  result = @transformer.apply @parser.parse('last 24h')
6
- expect(result.query.to_s).to eq({
7
- query: {
8
- range: {
9
- '@timestamp' => {
10
- gte: 24.hours.ago.utc.to_datetime.iso8601(3),
11
- lte: Time.now.utc.to_datetime.iso8601(3)
12
- }}}}.to_s)
6
+ expect(result.query.to_s).to eq({query:{filtered:{query:{
7
+ range: {
8
+ '@timestamp' => {
9
+ gte: 24.hours.ago.utc.to_datetime.iso8601(3),
10
+ lte: Time.now.utc.to_datetime.iso8601(3)
11
+ }}}}}}.to_s)
13
12
  end
14
13
 
15
14
  it 'should parse last 24d' do
16
15
  result = @transformer.apply @parser.parse('last 24d')
17
- expect(result.query.to_s).to eq({
18
- query: {
19
- range: {
20
- '@timestamp' => {
21
- gte: 24.days.ago.utc.to_datetime.iso8601(3),
22
- lte: Time.now.utc.to_datetime.iso8601(3)
23
- }}}}.to_s)
16
+ expect(result.query.to_s).to eq({query:{filtered:{query:{
17
+ range: {
18
+ '@timestamp' => {
19
+ gte: 24.days.ago.utc.to_datetime.iso8601(3),
20
+ lte: Time.now.utc.to_datetime.iso8601(3)
21
+ }}}}}}.to_s)
24
22
  end
25
23
 
26
24
  it 'should parse last 24w' do
27
25
  result = @transformer.apply @parser.parse('last 24w')
28
- expect(result.query.to_s).to eq({
29
- query: {
30
- range: {
31
- '@timestamp' => {
32
- gte: 24.weeks.ago.utc.to_datetime.iso8601(3),
33
- lte: Time.now.utc.to_datetime.iso8601(3)
34
- }}}}.to_s)
26
+ expect(result.query.to_s).to eq({query:{filtered:{query:{
27
+ range: {
28
+ '@timestamp' => {
29
+ gte: 24.weeks.ago.utc.to_datetime.iso8601(3),
30
+ lte: Time.now.utc.to_datetime.iso8601(3)
31
+ }}}}}}.to_s)
35
32
  end
36
33
 
37
34
  it 'should parse last 24s' do
38
35
  result = @transformer.apply @parser.parse('last 24s')
39
- expect(result.query.to_s).to eq({
40
- query: {
41
- range: {
42
- '@timestamp' => {
43
- gte: 24.seconds.ago.utc.to_datetime.iso8601(3),
44
- lte: Time.now.utc.to_datetime.iso8601(3)
45
- }}}}.to_s)
36
+ expect(result.query.to_s).to eq({query:{filtered:{query:{
37
+ range: {
38
+ '@timestamp' => {
39
+ gte: 24.seconds.ago.utc.to_datetime.iso8601(3),
40
+ lte: Time.now.utc.to_datetime.iso8601(3)
41
+ }}}}}}.to_s)
46
42
  end
47
43
 
48
44
  it 'should parse last 24m' do
49
45
  result = @transformer.apply @parser.parse('last 24m')
50
- expect(result.query.to_s).to eq({
51
- query: {
52
- range: {
53
- '@timestamp' => {
54
- gte: 24.minutes.ago.utc.to_datetime.iso8601(3),
55
- lte: Time.now.utc.to_datetime.iso8601(3)
56
- }}}}.to_s)
46
+ expect(result.query.to_s).to eq({query:{filtered:{query:{
47
+ range: {
48
+ '@timestamp' => {
49
+ gte: 24.minutes.ago.utc.to_datetime.iso8601(3),
50
+ lte: Time.now.utc.to_datetime.iso8601(3)
51
+ }}}}}}.to_s)
57
52
  end
58
53
 
59
54
  it 'should parse last 1h foo=bar' do
60
55
  result = @transformer.apply @parser.parse('last 1h foo=bar')
61
- expect(result.query.to_s).to eq({
62
- query: {
56
+ expect(result.query.to_s).to eq({query:{filtered:{
57
+ query:{
63
58
  query_string: {
64
59
  query: 'foo:bar'
65
- },
66
- range: {
67
- '@timestamp' => {
68
- gte: 1.hour.ago.utc.to_datetime.iso8601(3),
69
- lte: Time.now.utc.to_datetime.iso8601(3)
70
- }}}}.to_s)
60
+ }},
61
+ filter: {
62
+ and: [
63
+ range: {
64
+ '@timestamp' => {
65
+ gte: 1.hour.ago.utc.to_datetime.iso8601(3),
66
+ lte: Time.now.utc.to_datetime.iso8601(3)
67
+ }}]}}}}.to_s)
71
68
  end
72
69
  end
data/spec/nested_search_spec.rb CHANGED
@@ -13,11 +13,9 @@ describe 'nested searches' do
13
13
 
14
14
  it 'should transform' do
15
15
  results = @transformer.apply @parser.parse('foo=`bar=baz|baz`')
16
- expect(results.query).to eq({
17
- query: {
18
- query_string: {
19
- query: 'foo:(5)'
20
- }}})
16
+ expect(results.query).to eq({query:{filtered:{query:{query_string:{
17
+ query: 'foo:(5)'
18
+ }}}}})
21
19
  end
22
20
 
23
21
  it 'should parse a nested basic search' do
data/spec/regexp_spec.rb CHANGED
@@ -3,10 +3,8 @@ require 'spec_helper'
3
3
  describe 'regexp searches' do
4
4
  it 'should parse foo=/blah foo/' do
5
5
  result = @transformer.apply @parser.parse('foo=/blah foo/')
6
- expect(result.query).to eq({
7
- query: {
8
- query_string: {
9
- query: 'foo:/blah foo/'
10
- }}})
6
+ expect(result.query).to eq({query:{filtered:{query:{query_string:{
7
+ query: 'foo:/blah foo/'
8
+ }}}}})
11
9
  end
12
10
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: plunk
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ram Mehta