plunk 0.2.3 → 0.2.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +1 -1
  3. data/README.md +0 -2
  4. data/lib/plunk/parser.rb +1 -3
  5. data/lib/plunk/result_set.rb +22 -0
  6. data/lib/plunk/transformer.rb +56 -66
  7. data/plunk.gemspec +1 -1
  8. data/spec/chained_search_spec.rb +21 -16
  9. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c1ab0f072faeb1a05b3413f458b10d5dd500cf30
4
- data.tar.gz: aafaf284288faef6b480d6cb6c299f334f65fc49
3
+ metadata.gz: 8b2d250f3854539450efd4b1278acba089614c70
4
+ data.tar.gz: 7de49ac8c0c7b76f5ee71da7a67f7b23280ab5d4
5
5
  SHA512:
6
- metadata.gz: 20c23c67015a32cbddb76eddf8f1b6b61b4602cb6d937d780d60e92f2ceada0b72c547aec6acbab1f8debf5771b5e7b9e454dd299ff5a66dd3f356b1f76a08cf
7
- data.tar.gz: 8559ec2057e21f7a5215658827aa31a951ac44e784f5629c5ad70dfd0826dc5107216dd9b3404e9e94a380c86335a0cbbae2d9e6490a72ce4a4fdc15330a0f83
6
+ metadata.gz: 96e541a23fa1196774c0713333a321f5b0b15bf631bfc1383ef3687eec83fe60965217c20d80ab90df7e4f5b0bcb8c8323b86b6e5109192715db16dbc9315b9a
7
+ data.tar.gz: e384cc76ecdf086e7009e3efe2ebf191e042225f4905a50ee8935796e8aeba3efb7aa2257452dcac32cb10078256ee4ac752b2eee5df631df4e16af4375d446a
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- plunk (0.2.2)
4
+ plunk (0.2.3)
5
5
  activesupport
6
6
  elasticsearch
7
7
  json
data/README.md CHANGED
@@ -3,8 +3,6 @@ Plunk
3
3
 
4
4
  Human-friendly query language for Elasticsearch
5
5
 
6
- Currently assumes you're using Logstash to
7
-
8
6
  ## Installation
9
7
  ```
10
8
  gem install plunk
data/lib/plunk/parser.rb CHANGED
@@ -22,7 +22,7 @@ module Plunk
22
22
  }
23
23
  rule(:number) { integer | float }
24
24
  rule(:datetime) {
25
- # 1979-05-27T07:32:00Z
25
+ # 1979-05-27T07:32:00Z
26
26
  digit.repeat(4) >> str("-") >>
27
27
  digit.repeat(2) >> str("-") >>
28
28
  digit.repeat(2) >> str("T") >>
@@ -60,7 +60,6 @@ module Plunk
60
60
  # Grammar parts
61
61
  rule(:rhs) {
62
62
  regexp | subsearch | booleanop
63
- # regexp | subsearch | integer | wildcard | booleanop
64
63
  }
65
64
 
66
65
  rule(:boolean_value) {
@@ -110,7 +109,6 @@ module Plunk
110
109
  last | search | binaryop | paren
111
110
  }
112
111
 
113
- # root :job
114
112
  rule(:plunk_query) {
115
113
  job >> (space >> job).repeat
116
114
  }
data/lib/plunk/result_set.rb CHANGED
@@ -37,5 +37,27 @@ module Plunk
37
37
  size: Plunk.max_number_of_hits || 10
38
38
  ).to_json if @query
39
39
  end
40
+
41
+ # merges multiple queries with implicit AND
42
+ def self.merge(result_sets)
43
+ base = result_sets.first
44
+
45
+ base.query[:query][:filtered][:filter] ||= {}
46
+ base.query[:query][:filtered][:filter][:and] ||= []
47
+
48
+ (1..result_sets.size-1).each do |i|
49
+ result_set = result_sets[i]
50
+
51
+ base.query[:query][:filtered][:filter][:and] <<
52
+ result_set.query[:query][:filtered][:query]
53
+
54
+ if result_set.query[:query][:filtered][:filter]
55
+ base.query[:query][:filtered][:filter][:and] +=
56
+ result_set.query[:query][:filtered][:filter][:and]
57
+ end
58
+ end
59
+
60
+ base
61
+ end
40
62
  end
41
63
  end
data/lib/plunk/transformer.rb CHANGED
@@ -2,8 +2,38 @@ require 'parslet'
2
2
  require 'active_support/core_ext'
3
3
 
4
4
  module Plunk
5
+
6
+ class Helper
7
+ def self.time_query_to_timestamp(int_quantity, quantifier)
8
+ case quantifier
9
+ when 's'
10
+ int_quantity.seconds.ago
11
+ when 'm'
12
+ int_quantity.minutes.ago
13
+ when 'h'
14
+ int_quantity.hours.ago
15
+ when 'd'
16
+ int_quantity.days.ago
17
+ when 'w'
18
+ int_quantity.weeks.ago
19
+ end
20
+ end
21
+
22
+ def self.timestamp_format(time)
23
+ time.utc.to_datetime.iso8601(3)
24
+ end
25
+
26
+ def self.time_range_hash(start_time, end_time)
27
+ {
28
+ start_time: Plunk::Helper.timestamp_format(start_time),
29
+ end_time: Plunk::Helper.timestamp_format(end_time)
30
+ }
31
+ end
32
+ end
33
+
5
34
  class Transformer < Parslet::Transform
6
35
 
36
+ # last 24h foo=bar
7
37
  rule(
8
38
  field: simple(:field),
9
39
  value: {
@@ -17,46 +47,27 @@ module Plunk
17
47
  }) do
18
48
 
19
49
  int_quantity = quantity.to_s.to_i
20
-
21
- start_time =
22
- case quantifier
23
- when 's'
24
- int_quantity.seconds.ago
25
- when 'm'
26
- int_quantity.minutes.ago
27
- when 'h'
28
- int_quantity.hours.ago
29
- when 'd'
30
- int_quantity.days.ago
31
- when 'w'
32
- int_quantity.weeks.ago
33
- end
34
-
35
- end_time = Time.now
50
+ start_time = Plunk::Helper.time_query_to_timestamp(int_quantity, quantifier)
51
+ end_time = Time.now
36
52
 
37
53
  # recursively apply nested query
38
54
  result_set = Plunk::Transformer.new.apply(initial_query)
39
55
 
40
56
  json = JSON.parse result_set.eval
41
- values = Plunk::Utils.extract_values json, extractors.to_s.split(',')
57
+ values = Plunk::Utils.extract_values json, extractors.to_s.split(',')
42
58
 
59
+ result_set_params = Plunk::Helper.time_range_hash(start_time, end_time)
43
60
  if values.empty?
44
- ResultSet.new(
45
- start_time: start_time.utc.to_datetime.iso8601(3),
46
- end_time: end_time.utc.to_datetime.iso8601(3))
47
-
48
- else
49
- ResultSet.new(
50
- query_string: "#{field}:(#{values.uniq.join(' OR ')})",
51
- start_time: start_time.utc.to_datetime.iso8601(3),
52
- end_time: end_time.utc.to_datetime.iso8601(3))
61
+ result_set_params.merge!(query_string: "#{field}:(#{values.uniq.join(' OR ')})",)
53
62
  end
63
+ Plunk::ResultSet.new(result_set_params)
54
64
  end
55
65
 
56
66
  rule(match: simple(:value)) do
57
67
  ResultSet.new(query_string: "#{value}")
58
68
  end
59
69
 
70
+ # foo=`bar=baz|field1,field2,field3`
60
71
  rule(
61
72
  field: simple(:field),
62
73
  value: {
@@ -69,7 +80,7 @@ module Plunk
69
80
  result_set = Transformer.new.apply(initial_query)
70
81
 
71
82
  json = JSON.parse result_set.eval
72
- values = Utils.extract_values json, extractors.to_s.split(',')
83
+ values = Utils.extract_values json, extractors.to_s.split(',')
73
84
 
74
85
  if values.empty?
75
86
  ResultSet.new
@@ -78,6 +89,7 @@ module Plunk
78
89
  end
79
90
  end
80
91
 
92
+ # foo=bar
81
93
  rule(field: simple(:field), value: simple(:value), op: '=') do
82
94
  ResultSet.new(query_string: "#{field}:#{value}")
83
95
  end
@@ -89,28 +101,14 @@ module Plunk
89
101
  }) do
90
102
 
91
103
  int_quantity = quantity.to_s.to_i
104
+ start_time = Plunk::Helper.time_query_to_timestamp(int_quantity, quantifier)
105
+ end_time = Time.now
92
106
 
93
- start_time =
94
- case quantifier
95
- when 's'
96
- int_quantity.seconds.ago
97
- when 'm'
98
- int_quantity.minutes.ago
99
- when 'h'
100
- int_quantity.hours.ago
101
- when 'd'
102
- int_quantity.days.ago
103
- when 'w'
104
- int_quantity.weeks.ago
105
- end
106
-
107
- end_time = Time.now
108
-
109
- ResultSet.new(
110
- start_time: start_time.utc.to_datetime.iso8601(3),
111
- end_time: end_time.utc.to_datetime.iso8601(3))
107
+ result_set_params = Plunk::Helper.time_range_hash(start_time, end_time)
108
+ Plunk::ResultSet.new(result_set_params)
112
109
  end
113
110
 
111
+ # last 24h
114
112
  rule(
115
113
  search: simple(:result_set),
116
114
  timerange: {
@@ -119,27 +117,19 @@ module Plunk
119
117
  }) do
120
118
 
121
119
  int_quantity = quantity.to_s.to_i
120
+ start_time = Plunk::Helper.time_query_to_timestamp(int_quantity, quantifier)
121
+ end_time = Time.now
122
122
 
123
- start_time =
124
- case quantifier
125
- when 's'
126
- int_quantity.seconds.ago
127
- when 'm'
128
- int_quantity.minutes.ago
129
- when 'h'
130
- int_quantity.hours.ago
131
- when 'd'
132
- int_quantity.days.ago
133
- when 'w'
134
- int_quantity.weeks.ago
135
- end
136
-
137
- end_time = Time.now
138
-
139
- ResultSet.new(
140
- query_string: result_set.query_string,
141
- start_time: start_time.utc.to_datetime.iso8601(3),
142
- end_time: end_time.utc.to_datetime.iso8601(3))
123
+ result_set_params = Plunk::Helper.time_range_hash(start_time, end_time)
124
+ result_set_params.merge!(query_string: result_set.query_string)
125
+ Plunk::ResultSet.new(result_set_params)
126
+ end
127
+
128
+ # last 24h foo=bar baz=fez
129
+ rule(
130
+ sequence(:set)
131
+ ) do
132
+ Plunk::ResultSet.merge(set)
143
133
  end
144
134
  end
145
135
  end
data/plunk.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = "plunk"
3
- s.version = "0.2.3"
3
+ s.version = "0.2.4"
4
4
  s.add_runtime_dependency "json"
5
5
  s.add_runtime_dependency "parslet"
6
6
  s.add_runtime_dependency "elasticsearch"
data/spec/chained_search_spec.rb CHANGED
@@ -1,24 +1,29 @@
1
1
  require 'spec_helper'
2
2
 
3
3
  describe 'chained searches' do
4
- pending 'should parse last 24h foo=bar baz=fez' do
5
- result = @transformer.apply @parser.parse 'last 24h foo=bar baz=fez'
6
- puts result
4
+ it 'should parse last 24h foo=bar baz=fez' do
5
+ parsed = @parser.parse 'last 24h foo=bar baz=fez ham=delicious'
6
+ result = @transformer.apply parsed
7
+ puts "PARSED: #{parsed}"
8
+ puts "RESULT_SET: #{result.inspect}"
7
9
  expect(result.query).to eq({query:{filtered:{query:{
8
- range: {
9
- '@timestamp' => {
10
- gte: 1.day.ago.utc.iso8601(3),
11
- lte: Time.now.utc.iso8601(3)
12
- }
13
- },
10
+ query_string: {
11
+ query: 'foo:bar'
12
+ }},
14
13
  filter: {
15
- and: [
16
- query_string: {
17
- query: 'foo:bar'
18
- },
19
- query_string: {
14
+ and: [{
15
+ range: {
16
+ '@timestamp' => {
17
+ gte: 1.day.ago.utc.iso8601(3),
18
+ lte: Time.now.utc.iso8601(3)
19
+ }
20
+ }},
21
+ {query_string: {
20
22
  query: 'baz:fez'
21
- }
22
- ]}}}}})
23
+ }},
24
+ {query_string: {
25
+ query: 'ham:delicious'
26
+ }}
27
+ ]}}}})
23
28
  end
24
29
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: plunk
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.3
4
+ version: 0.2.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ram Mehta
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2014-01-06 00:00:00.000000000 Z
12
+ date: 2014-01-07 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: json