plunk 0.2.3 → 0.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c1ab0f072faeb1a05b3413f458b10d5dd500cf30
-  data.tar.gz: aafaf284288faef6b480d6cb6c299f334f65fc49
+  metadata.gz: 8b2d250f3854539450efd4b1278acba089614c70
+  data.tar.gz: 7de49ac8c0c7b76f5ee71da7a67f7b23280ab5d4
 SHA512:
-  metadata.gz: 20c23c67015a32cbddb76eddf8f1b6b61b4602cb6d937d780d60e92f2ceada0b72c547aec6acbab1f8debf5771b5e7b9e454dd299ff5a66dd3f356b1f76a08cf
-  data.tar.gz: 8559ec2057e21f7a5215658827aa31a951ac44e784f5629c5ad70dfd0826dc5107216dd9b3404e9e94a380c86335a0cbbae2d9e6490a72ce4a4fdc15330a0f83
+  metadata.gz: 96e541a23fa1196774c0713333a321f5b0b15bf631bfc1383ef3687eec83fe60965217c20d80ab90df7e4f5b0bcb8c8323b86b6e5109192715db16dbc9315b9a
+  data.tar.gz: e384cc76ecdf086e7009e3efe2ebf191e042225f4905a50ee8935796e8aeba3efb7aa2257452dcac32cb10078256ee4ac752b2eee5df631df4e16af4375d446a

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    plunk (0.2.2)
+    plunk (0.2.3)
       activesupport
       elasticsearch
       json

data/README.md

@@ -3,8 +3,6 @@ Plunk
 
 Human-friendly query language for Elasticsearch
 
-Currently assumes you're using Logstash to 
-
 ## Installation
 ```
 gem install plunk

data/lib/plunk/parser.rb

@@ -22,7 +22,7 @@ module Plunk
     }
     rule(:number)     { integer | float }
     rule(:datetime) {
-        # 1979-05-27T07:32:00Z
+      # 1979-05-27T07:32:00Z
       digit.repeat(4) >> str("-") >> 
       digit.repeat(2) >> str("-") >> 
       digit.repeat(2) >> str("T") >> 
@@ -60,7 +60,6 @@ module Plunk
     # Grammar parts
     rule(:rhs) {
       regexp | subsearch | booleanop
-      # regexp | subsearch | integer | wildcard | booleanop
     }
 
     rule(:boolean_value) {
@@ -110,7 +109,6 @@ module Plunk
       last | search | binaryop | paren
     }
 
-    # root :job
     rule(:plunk_query) {
       job >> (space >> job).repeat
     }

data/lib/plunk/result_set.rb

@@ -37,5 +37,27 @@ module Plunk
         size: Plunk.max_number_of_hits || 10
       ).to_json if @query
     end
+
+    # merges multiple queries with implicit AND
+    def self.merge(result_sets)
+      base = result_sets.first
+
+      base.query[:query][:filtered][:filter] ||= {}
+      base.query[:query][:filtered][:filter][:and] ||= []
+
+      (1..result_sets.size-1).each do |i|
+        result_set = result_sets[i]
+
+        base.query[:query][:filtered][:filter][:and] <<
+          result_set.query[:query][:filtered][:query]
+
+        if result_set.query[:query][:filtered][:filter]
+          base.query[:query][:filtered][:filter][:and] +=
+            result_set.query[:query][:filtered][:filter][:and]
+        end
+      end
+
+      base
+    end
   end
 end

data/lib/plunk/transformer.rb

@@ -2,8 +2,38 @@ require 'parslet'
 require 'active_support/core_ext'
 
 module Plunk
+
+  class Helper
+    def self.time_query_to_timestamp(int_quantity, quantifier)
+      case quantifier
+      when 's'
+        int_quantity.seconds.ago
+      when 'm'
+        int_quantity.minutes.ago
+      when 'h'
+        int_quantity.hours.ago
+      when 'd'
+        int_quantity.days.ago
+      when 'w'
+        int_quantity.weeks.ago
+      end
+    end
+
+    def self.timestamp_format(time)
+      time.utc.to_datetime.iso8601(3)
+    end
+
+    def self.time_range_hash(start_time, end_time)
+      {
+        start_time: Plunk::Helper.timestamp_format(start_time),
+        end_time: Plunk::Helper.timestamp_format(end_time)
+      }
+    end
+  end
+
   class Transformer < Parslet::Transform
 
+    # last 24h foo=bar
     rule(
       field: simple(:field),
       value: {
@@ -17,46 +47,27 @@ module Plunk
       }) do
 
       int_quantity = quantity.to_s.to_i
-
-      start_time =
-        case quantifier
-        when 's'
-          int_quantity.seconds.ago
-        when 'm'
-          int_quantity.minutes.ago
-        when 'h'
-          int_quantity.hours.ago
-        when 'd'
-          int_quantity.days.ago
-        when 'w'
-          int_quantity.weeks.ago
-        end
-
-      end_time = Time.now
+      start_time   = Plunk::Helper.time_query_to_timestamp(int_quantity, quantifier)
+      end_time     = Time.now
 
       # recursively apply nested query
       result_set = Plunk::Transformer.new.apply(initial_query)
 
       json = JSON.parse result_set.eval
-      values = Plunk::Utils.extract_values json, extractors.to_s.split(',') 
+      values = Plunk::Utils.extract_values json, extractors.to_s.split(',')
 
+      result_set_params = Plunk::Helper.time_range_hash(start_time, end_time)
       if values.empty?
-        ResultSet.new(
-          start_time: start_time.utc.to_datetime.iso8601(3),
-          end_time: end_time.utc.to_datetime.iso8601(3))
-          
-      else
-        ResultSet.new(
-          query_string: "#{field}:(#{values.uniq.join(' OR ')})",
-          start_time: start_time.utc.to_datetime.iso8601(3),
-          end_time: end_time.utc.to_datetime.iso8601(3))
+        result_set_params.merge!(query_string: "#{field}:(#{values.uniq.join(' OR ')})",)
       end
+      Plunk::ResultSet.new(result_set_params)
     end
 
     rule(match: simple(:value)) do
       ResultSet.new(query_string: "#{value}")
     end
 
+    # foo=`bar=baz|field1,field2,field3`
     rule(
       field: simple(:field),
       value: {
@@ -69,7 +80,7 @@ module Plunk
       result_set = Transformer.new.apply(initial_query)
 
       json = JSON.parse result_set.eval
-      values = Utils.extract_values json, extractors.to_s.split(',') 
+      values = Utils.extract_values json, extractors.to_s.split(',')
 
       if values.empty?
         ResultSet.new
@@ -78,6 +89,7 @@ module Plunk
       end
     end
 
+    # foo=bar
     rule(field: simple(:field), value: simple(:value), op: '=') do
       ResultSet.new(query_string: "#{field}:#{value}")
     end
@@ -89,28 +101,14 @@ module Plunk
       }) do
 
       int_quantity = quantity.to_s.to_i
+      start_time   = Plunk::Helper.time_query_to_timestamp(int_quantity, quantifier)
+      end_time     = Time.now
 
-      start_time =
-        case quantifier
-        when 's'
-          int_quantity.seconds.ago
-        when 'm'
-          int_quantity.minutes.ago
-        when 'h'
-          int_quantity.hours.ago
-        when 'd'
-          int_quantity.days.ago
-        when 'w'
-          int_quantity.weeks.ago
-        end
-
-      end_time = Time.now
-
-      ResultSet.new(
-        start_time: start_time.utc.to_datetime.iso8601(3),
-        end_time: end_time.utc.to_datetime.iso8601(3))
+      result_set_params = Plunk::Helper.time_range_hash(start_time, end_time)
+      Plunk::ResultSet.new(result_set_params)
     end
 
+    # last 24h
     rule(
       search: simple(:result_set),
       timerange: {
@@ -119,27 +117,19 @@ module Plunk
       }) do
 
       int_quantity = quantity.to_s.to_i
+      start_time   = Plunk::Helper.time_query_to_timestamp(int_quantity, quantifier)
+      end_time     = Time.now
 
-      start_time =
-        case quantifier
-        when 's'
-          int_quantity.seconds.ago
-        when 'm'
-          int_quantity.minutes.ago
-        when 'h'
-          int_quantity.hours.ago
-        when 'd'
-          int_quantity.days.ago
-        when 'w'
-          int_quantity.weeks.ago
-        end
-
-      end_time = Time.now
-
-      ResultSet.new(
-        query_string: result_set.query_string,
-        start_time: start_time.utc.to_datetime.iso8601(3),
-        end_time: end_time.utc.to_datetime.iso8601(3))
+      result_set_params = Plunk::Helper.time_range_hash(start_time, end_time)
+      result_set_params.merge!(query_string: result_set.query_string)
+      Plunk::ResultSet.new(result_set_params)
+    end
+
+    # last 24h foo=bar baz=fez
+    rule(
+      sequence(:set)
+    ) do
+      Plunk::ResultSet.merge(set)
     end
   end
 end

data/plunk.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name                    = "plunk"
-  s.version                 = "0.2.3"
+  s.version                 = "0.2.4"
   s.add_runtime_dependency  "json"
   s.add_runtime_dependency  "parslet"
   s.add_runtime_dependency  "elasticsearch"

data/spec/chained_search_spec.rb

@@ -1,24 +1,29 @@
 require 'spec_helper'
 
 describe 'chained searches' do
-  pending 'should parse last 24h foo=bar baz=fez' do
-    result = @transformer.apply @parser.parse 'last 24h foo=bar baz=fez'
-    puts result
+  it 'should parse last 24h foo=bar baz=fez' do
+    parsed = @parser.parse 'last 24h foo=bar baz=fez ham=delicious'
+    result = @transformer.apply parsed
+    puts "PARSED: #{parsed}"
+    puts "RESULT_SET: #{result.inspect}"
     expect(result.query).to eq({query:{filtered:{query:{
-      range: {
-        '@timestamp' => {
-          gte: 1.day.ago.utc.iso8601(3),
-          lte: Time.now.utc.iso8601(3)
-        }
-      },
+      query_string: {
+        query: 'foo:bar'
+      }},
       filter: {
-        and: [
-          query_string: {
-            query: 'foo:bar'
-          },
-          query_string: {
+        and: [{
+          range: {
+            '@timestamp' => {
+              gte: 1.day.ago.utc.iso8601(3),
+              lte: Time.now.utc.iso8601(3)
+            }
+          }},
+          {query_string: {
             query: 'baz:fez'
-          }
-    ]}}}}})
+          }},
+          {query_string: {
+            query: 'ham:delicious'
+          }}
+    ]}}}})
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: plunk
 version: !ruby/object:Gem::Version
-  version: 0.2.3
+  version: 0.2.4
 platform: ruby
 authors:
 - Ram Mehta
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-01-06 00:00:00.000000000 Z
+date: 2014-01-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: json