sumologic-query 1.3.2 → 1.3.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fff9b3ee00ddf6f3adfd2bb84fb8488068149fc8e7bfd94a3aa1b9854f7b74f2
-  data.tar.gz: 898d75c6c4ca00c9e78ef21301d1345ec4e2c3806f33a8554b485486f314214a
+  metadata.gz: 72c4c0c9c57655df15506b9be19a21de47398ba2a2aedaae8e8d22d3efbd0873
+  data.tar.gz: 9cd38107b915187cb699e32305c8af8e6a970c2ea24c2b2340a443cc0a0e2637
 SHA512:
-  metadata.gz: b9d264177ec993228a116d3c17f77cf1ac0b0e16c48d19a3de2b6b6502fcf9d89bfa90dc1046609f5819c18bcccb0a30eeb3c57b7ba00363a94f4e08f2705318
-  data.tar.gz: 252af2f57e025938cbe9607eb5ae32b23140d0e84bbc8c8ecaceb10c06110436e37a096c9c6d21480c2408cbfb3f29a5f322e71655622954c5c7fc5881ac959f
+  metadata.gz: a073e490f4714e8f11c8c495775937dd42bb420535c38d82137a71a940b4b9db2b9fe33d4e6ec4b7745385a7661ec657db5472b9761dbecc110fb473efca757f
+  data.tar.gz: 3a9aa83222b99b34fbcdceb45f2e1cdd126c29d28ba4a93db818ea34438b366f7a7b5eb0290f7986e0a9ef9d5deaed95465cca45a72468ec432ec5d6d97a29f4

data/CHANGELOG.md

@@ -1,28 +1,187 @@
-## [1.2.2](https://github.com/patrick204nqh/sumologic-query/compare/v1.2.1...v1.2.2) (2025-11-15)
+# Changelog
 
+All notable changes to this project will be documented in this file.
 
+This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and release notes are automatically generated from commit messages.
+## [1.3.4](https://github.com/patrick204nqh/sumologic-query/compare/v1.3.3...v1.3.4) (2025-11-19)
+
+### 🎉 New Features
+
+- add time parsing utility and enhance CLI time options for flexible querying
+- enhance debug logging to include request headers for better traceability
+
+### 🐛 Bug Fixes
+
+- freeze regex for relative time parsing and improve error message formatting
+
+### 📚 Documentation
+
+- update README and examples to enhance time format usage and add new time format examples
+
+
+
+## [1.3.3](https://github.com/patrick204nqh/sumologic-query/compare/v1.3.2...v1.3.3) (2025-11-17)
+
+### 🎉 New Features
+
+- implement modular HTTP client components for improved organization and functionality
+- refactor CLI structure to modular commands and remove deprecated modules
+- update CHANGELOG entry creation to include changelog content directly
+- bump version to 1.3.3
+- add ADR for SSL certificate verification to address connection issues with Sumo Logic API
+- refactor CLI structure into modular components for improved organization and maintainability
+- implement debug logging for HTTP requests and responses
+- enhance release notes generation and update CHANGELOG format for better clarity
 
-## [1.2.1](https://github.com/patrick204nqh/sumologic-query/compare/v1.2.0...v1.2.1) (2025-11-14)
 
 
 
 ## [1.3.2](https://github.com/patrick204nqh/sumologic-query/compare/v1.3.1...v1.3.2) (2025-11-16)
 
-<!-- Release notes generated using configuration in .github/release.yml at main -->
+### 🎉 New Features
+
+- Refactor FzfViewer with modular configuration, formatting, and header building for better maintainability
+- Add modular file structure with separate concerns (Config, Formatter, SearchableBuilder, FzfConfig, HeaderBuilder)
+- Implement module_function for better encapsulation in all FzfViewer modules
+- Add RubyGems download badge to README
 
+### 🐛 Bug Fixes
 
+- Update source field reference in FzfViewer for consistency (use lowercase `_source` field)
+- Fix RuboCop offenses across all FzfViewer modules
 
-**Full Changelog**: https://github.com/patrick204nqh/sumologic-query/compare/v1.3.1...v1.3.2
+### 🔧 Refactoring
+
+- Extract searchable builder methods to reduce complexity
+- Separate FzfViewer into 6 focused modules (~50-100 lines each)
+- Use constants for display configuration (widths, colors, padding)
+- Improve code organization with clear section headers
+
+### 🧹 Maintenance
+
+- Update release notes generation and changelog management in CI pipeline
+
+## [1.3.1](https://github.com/patrick204nqh/sumologic-query/compare/v1.3.0...v1.3.1) (2025-11-15)
+
+### 🧹 Maintenance
+
+- Automated version bump and release preparation
+
+## [1.3.0](https://github.com/patrick204nqh/sumologic-query/compare/v1.2.1...v1.3.0) (2025-11-15)
+
+### 📚 Documentation
+
+- Establish commit message convention using Conventional Commits
+- Update CONTRIBUTING.md for clarity and best practices
+
+### 🧹 Maintenance
+
+- Remove path restriction for version file in release workflow
+- Improve CI/CD pipeline configuration
+
+## [1.2.1](https://github.com/patrick204nqh/sumologic-query/compare/v1.2.0...v1.2.1) (2025-11-14)
 
-# [1.2.0](https://github.com/patrick204nqh/sumologic-query/compare/v1.1.2...v1.2.0) (2025-11-14)
+### 🎉 New Features
 
+- Add interactive mode with FZF for enhanced log exploration
+- Support real-time log browsing and filtering
+- Add keyboard shortcuts for common operations
 
+### 📚 Documentation
+
+- Update CLI and documentation to support new interactive feature
+- Add usage examples for interactive mode
+
+## [1.2.0](https://github.com/patrick204nqh/sumologic-query/compare/v1.1.2...v1.2.0) (2025-11-14)
+
+### 🎉 New Features
+
+- Add ADR 004 for enhanced progress tracking and user experience
+- Implement real-time visibility with callbacks in CLI and fetcher classes
+- Add comprehensive progress indicators for long-running operations
+
+### 🔧 Refactoring
+
+- Implement reusable Worker utility for parallel execution
+- Refactor metadata and search fetching classes to utilize Worker
+- Remove deprecated ParallelFetcher and Paginator
+- Simplify pagination logic
+- Remove streaming APIs for better maintainability
+- Update configuration defaults for optimal performance
+
+### 📚 Documentation
+
+- Reorganize architecture documentation files
+- Add architectural overview and decision records
 
 ## [1.1.2](https://github.com/patrick204nqh/sumologic-query/compare/v1.1.1...v1.1.2) (2025-11-14)
 
+### 🐛 Bug Fixes
+
+- Fix command syntax in tldr.md for listing collectors and sources
+
+### 🎉 New Features
 
+- Add version command to CLI
+
+### 📚 Documentation
+
+- Add quick reference documentation (tldr.md)
+- Refactor documentation structure
+- Remove examples.md and consolidate content
+- Streamline troubleshooting.md
+- Consolidate queries.md with improved examples
 
 ## [1.1.1](https://github.com/patrick204nqh/sumologic-query/compare/v1.1.0...v1.1.1) (2025-11-14)
 
+### 🔧 Refactoring
+
+- Refactor search logging in CLI and Poller classes for improved readability
+- Consolidate attribute accessors in Configuration class
+- Improve CLI options structure
+
+## [1.1.0](https://github.com/patrick204nqh/sumologic-query/compare/v1.0.1...v1.1.0) (2025-11-13)
+
+### 🎉 New Features
+
+- Add CLI support with Thor framework
+- Refactor Sumo Logic client for better usability
+
+### 🔧 Refactoring
+
+- Refine polling logic in Sumo Logic client
+- Improve overall code structure and organization
+
+### 🧹 Maintenance
+
+- Refactor CI and release workflows
+- Streamline version checking and build process
+- Improve release tagging automation
+
+## [1.0.1](https://github.com/patrick204nqh/sumologic-query/compare/v1.0.0...v1.0.1) (2025-11-13)
+
+### 🎉 New Features
+
+- Add CODEOWNERS file for repository management
+
+### 🧹 Maintenance
+
+- Refactor release workflow to generate release notes using GitHub API
+- Update CHANGELOG.md format for better clarity
+- Add changelog extraction for automated versioning
+
+## [1.0.0](https://github.com/patrick204nqh/sumologic-query/releases/tag/v1.0.0) (2025-11-13)
 
+### 🎉 Initial Release
 
+- Initial release of Sumo Logic Query Tool
+- Core search functionality
+- Metadata querying (collectors, sources)
+- Basic CLI interface
+- HTTP client with authentication
+- Automated pagination
+- Search job polling
+- JSON output support

data/README.md

@@ -8,8 +8,11 @@
 
 ## Why This Tool?
 
+- **Intuitive time parsing**: Use relative times like `-1h`, `-30m`, or `now` - no more calculating timestamps!
+- **Flexible timezone support**: US, Australian, and IANA timezone formats supported
 - **Minimal dependencies**: Uses only Ruby stdlib + Thor for CLI
 - **Fast queries**: Efficient polling and automatic pagination
+- **Interactive mode**: Explore logs with FZF-powered fuzzy search and preview
 - **Simple interface**: Just query, get results, done
 - **Read-only**: No write operations, perfect for safe log access
 - **Modular architecture**: Clean separation of concerns (HTTP, Search, Metadata)
@@ -62,7 +65,13 @@ export SUMO_DEPLOYMENT="us2"  # Optional: us1, us2 (default), eu, au, etc.
 ### 2. Run Your First Query
 
 ```bash
-# Search logs
+# Search logs from last hour (easy!)
+sumo-query search --query 'error' --from '-1h' --to 'now' --limit 10
+
+# Search logs from last 30 minutes
+sumo-query search --query 'error' --from '-30m' --to 'now'
+
+# Or use ISO 8601 format
 sumo-query search --query 'error' \
   --from '2025-11-13T14:00:00' \
   --to '2025-11-13T15:00:00' \
@@ -108,13 +117,13 @@ sumo-query search --query "YOUR_QUERY" \
 Explore your logs interactively with a powerful FZF-based interface:
 
 ```bash
-# Launch interactive mode
-sumo-query search --query 'error' \
-  --from '2025-11-13T14:00:00' \
-  --to '2025-11-13T15:00:00' \
-  --interactive
+# Launch interactive mode - last hour
+sumo-query search --query 'error' --from '-1h' --to 'now' --interactive
 
-# Or use the shorthand
+# Last 30 minutes with shorthand
+sumo-query search -q 'error' -f '-30m' -t 'now' -i
+
+# Or use ISO 8601 format
 sumo-query search -q 'error' -f '2025-11-13T14:00:00' -t '2025-11-13T15:00:00' -i
 ```
 
@@ -141,6 +150,27 @@ sumo-query search -q 'error' -f '2025-11-13T14:00:00' -t '2025-11-13T15:00:00' -
 - Install FZF: `brew install fzf` (macOS) or `apt-get install fzf` (Linux)
 - See: https://github.com/junegunn/fzf#installation
 
+### Time Format Examples
+
+Combine relative times with timezones for powerful queries:
+
+```bash
+# Last hour in Sydney time
+sumo-query search -q 'error' -f '-1h' -t 'now' -z AEST
+
+# Last 30 minutes in US Eastern time
+sumo-query search -q 'error' -f '-30m' -t 'now' -z EST
+
+# Last 7 days with output to file (directories auto-created)
+sumo-query search -q 'error' -f '-7d' -t 'now' -o logs/weekly/errors.json
+
+# Mix relative and ISO 8601 formats
+sumo-query search -q 'error' -f '-24h' -t '2025-11-19T12:00:00'
+
+# Unix timestamps from last hour to now
+sumo-query search -q 'error' -f '1700000000' -t 'now'
+```
+
 ### List Collectors
 
 ```bash
@@ -157,12 +187,9 @@ sumo-query sources [--output FILE]
 
 Lists all sources from active collectors.
 
-**See [examples/queries.md](examples/queries.md) for more query patterns and examples.**
 
 ## Ruby Library Usage
 
-Use the library directly in your Ruby code:
-
 ```ruby
 require 'sumologic'
 
@@ -182,35 +209,48 @@ results = client.search(
   limit: 1000
 )
 
-results.each do |message|
-  puts message['map']['message']
-end
-
-# List collectors
+# List collectors and sources
 collectors = client.list_collectors
-
-# List all sources
 sources = client.list_all_sources
 ```
 
-**See [docs/api-reference.md](docs/api-reference.md) for complete API documentation.**
+**Time parsing utilities:**
+
+```ruby
+require 'sumologic/utils/time_parser'
+
+# Parse relative times and timezones
+from_time = Sumologic::Utils::TimeParser.parse('-1h')
+timezone = Sumologic::Utils::TimeParser.parse_timezone('AEST')
+```
+
 
 ## Time Formats
 
-Use ISO 8601 format for timestamps:
+Multiple time formats are supported:
 
 ```bash
-# UTC timestamps (default)
---from "2025-11-13T14:30:00" --to "2025-11-13T15:00:00"
+# Relative time (easiest!)
+sumo-query search -q 'error' -f '-1h' -t 'now'
+sumo-query search -q 'error' -f '-30m' -t 'now'
+
+# ISO 8601
+sumo-query search -q 'error' -f '2025-11-13T14:00:00' -t '2025-11-13T15:00:00'
 
-# With timezone
---from "2025-11-13T14:30:00" --time-zone "America/New_York"
+# Unix timestamps
+sumo-query search -q 'error' -f '1700000000' -t 'now'
 
-# Using shell helpers
---from "$(date -u -v-1H '+%Y-%m-%dT%H:%M:%S')"  # 1 hour ago
---to "$(date -u '+%Y-%m-%dT%H:%M:%S')"          # now
+# With timezones
+sumo-query search -q 'error' -f '-1h' -t 'now' -z 'AEST'
+sumo-query search -q 'error' -f '-1h' -t 'now' -z 'America/New_York'
 ```
 
+**Supported time units:** `s`, `m`, `h`, `d`, `w`, `M`, `now`
+
+**Supported timezones:** IANA names (`UTC`, `America/New_York`, `Australia/Sydney`), US abbreviations (`EST`, `PST`), Australian abbreviations (`AEST`, `ACST`, `AWST`), UTC offsets (`+10:00`)
+
+See [examples/time-formats.md](examples/time-formats.md) for comprehensive examples.
+
 ## Output Format
 
 Results are returned as JSON:
@@ -253,11 +293,10 @@ Query execution time depends on data volume:
 
 ## Documentation
 
-- **[Quick Reference (tldr)](docs/tldr.md)** - Concise command examples in tldr format
-- **[Query Examples](examples/queries.md)** - Common query patterns and use cases
-- **[API Reference](docs/api-reference.md)** - Complete Ruby library documentation
-- **[Architecture](docs/architecture/)** - System design and architecture decisions
-- **[Troubleshooting](docs/troubleshooting.md)** - Common issues and solutions
+- **[Quick Reference (tldr)](docs/tldr.md)** - Concise command examples
+- **[Query Examples](examples/queries.md)** - Common query patterns
+- **[Time Format Examples](examples/time-formats.md)** - Time parsing and timezone options
+- **[Architecture](docs/architecture/)** - Design and architecture decisions
 
 ## Development
 
@@ -271,16 +310,19 @@ git clone https://github.com/patrick204nqh/sumologic-query.git
 cd sumologic-query
 bundle install
 
-# Run tests
+# Run tests (73+ specs including time parser tests)
 bundle exec rspec
 
 # Run linter
 bundle exec rubocop
 
-# Test locally
+# Test locally with new time formats
+bundle exec bin/sumo-query search --query "error" \
+  --from "-1h" --to "now"
+
+# Test with timezone support
 bundle exec bin/sumo-query search --query "error" \
-  --from "2025-11-13T14:00:00" \
-  --to "2025-11-13T15:00:00"
+  --from "-30m" --to "now" --time-zone "AEST"
 ```
 
 ## Contributing

data/lib/sumologic/cli/commands/base_command.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require 'fileutils'
+
+module Sumologic
+  class CLI < Thor
+    module Commands
+      # Base class for all CLI commands
+      # Provides common functionality like client creation, output handling, and formatting
+      class BaseCommand
+        attr_reader :options, :client
+
+        def initialize(options, client)
+          @options = options
+          @client = client
+        end
+
+        private
+
+        def output_json(data)
+          json_output = JSON.pretty_generate(data)
+
+          if options[:output]
+            # Create parent directories if they don't exist
+            output_dir = File.dirname(options[:output])
+            FileUtils.mkdir_p(output_dir) unless output_dir == '.'
+
+            File.write(options[:output], json_output)
+            warn "\nResults saved to: #{options[:output]}"
+          else
+            puts json_output
+          end
+        end
+
+        def format_collector(collector)
+          {
+            id: collector['id'],
+            name: collector['name'],
+            collectorType: collector['collectorType'],
+            alive: collector['alive'],
+            category: collector['category']
+          }
+        end
+
+        def format_source(source)
+          {
+            id: source['id'],
+            name: source['name'],
+            category: source['category'],
+            sourceType: source['sourceType'],
+            alive: source['alive']
+          }
+        end
+      end
+    end
+  end
+end

data/lib/sumologic/cli/commands/list_collectors_command.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+require_relative 'base_command'
+
+module Sumologic
+  class CLI < Thor
+    module Commands
+      # Handles the list-collectors command execution
+      class ListCollectorsCommand < BaseCommand
+        def execute
+          warn 'Fetching collectors...'
+          collectors = client.list_collectors
+
+          output_json(
+            total: collectors.size,
+            collectors: collectors.map { |c| format_collector(c) }
+          )
+        end
+      end
+    end
+  end
+end

data/lib/sumologic/cli/commands/list_sources_command.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+require_relative 'base_command'
+
+module Sumologic
+  class CLI < Thor
+    module Commands
+      # Handles the list-sources command execution
+      class ListSourcesCommand < BaseCommand
+        def execute
+          if options[:collector_id]
+            list_sources_for_collector
+          else
+            list_all_sources
+          end
+        end
+
+        private
+
+        def list_sources_for_collector
+          warn "Fetching sources for collector: #{options[:collector_id]}"
+          sources = client.list_sources(collector_id: options[:collector_id])
+
+          output_json(
+            collector_id: options[:collector_id],
+            total: sources.size,
+            sources: sources.map { |s| format_source(s) }
+          )
+        end
+
+        def list_all_sources
+          warn 'Fetching all sources from all collectors...'
+          warn 'This may take a minute...'
+
+          all_sources = client.list_all_sources
+
+          output_json(
+            total_collectors: all_sources.size,
+            total_sources: all_sources.sum { |c| c['sources'].size },
+            data: all_sources.map { |item| format_collector_with_sources(item) }
+          )
+        end
+
+        def format_collector_with_sources(item)
+          {
+            collector: item['collector'],
+            sources: item['sources'].map { |s| format_source(s) }
+          }
+        end
+      end
+    end
+  end
+end

data/lib/sumologic/cli/commands/search_command.rb

@@ -0,0 +1,107 @@
+# frozen_string_literal: true
+
+require_relative 'base_command'
+require_relative '../../utils/time_parser'
+
+module Sumologic
+  class CLI < Thor
+    module Commands
+      # Handles the search command execution
+      class SearchCommand < BaseCommand
+        def execute
+          parse_time_options
+          log_search_info
+          results = perform_search
+
+          display_results_summary(results)
+
+          if options[:interactive]
+            launch_interactive_mode(results)
+          else
+            output_search_results(results)
+          end
+        end
+
+        private
+
+        def parse_time_options
+          # Parse time formats and store both original and parsed values
+          @original_from = options[:from]
+          @original_to = options[:to]
+          @parsed_from = Utils::TimeParser.parse(options[:from])
+          @parsed_to = Utils::TimeParser.parse(options[:to])
+          @parsed_timezone = Utils::TimeParser.parse_timezone(options[:time_zone])
+        rescue Utils::TimeParser::ParseError => e
+          warn "Error parsing time: #{e.message}"
+          exit 1
+        end
+
+        def log_search_info
+          warn '=' * 60
+          warn 'Sumo Logic Search Query'
+          warn '=' * 60
+          warn "Time Range: #{@original_from} to #{@original_to}"
+          if @original_from != @parsed_from || @original_to != @parsed_to
+            warn "  (Parsed: #{@parsed_from} to #{@parsed_to})"
+          end
+          warn "Query: #{options[:query]}"
+          warn "Limit: #{options[:limit] || 'unlimited'}"
+          warn '-' * 60
+          warn 'Creating search job...'
+          $stderr.puts
+        end
+
+        def perform_search
+          client.search(
+            query: options[:query],
+            from_time: @parsed_from,
+            to_time: @parsed_to,
+            time_zone: @parsed_timezone,
+            limit: options[:limit]
+          )
+        end
+
+        def display_results_summary(results)
+          warn '=' * 60
+          warn "Results: #{results.size} messages"
+          warn '=' * 60
+          $stderr.puts
+        end
+
+        def output_search_results(results)
+          output_json(
+            query: options[:query],
+            from: @parsed_from,
+            to: @parsed_to,
+            from_original: @original_from,
+            to_original: @original_to,
+            time_zone: @parsed_timezone,
+            message_count: results.size,
+            messages: results
+          )
+        end
+
+        def launch_interactive_mode(results)
+          require_relative '../../interactive'
+
+          formatted_results = build_formatted_results(results)
+          Sumologic::Interactive.launch(formatted_results)
+        rescue Sumologic::Interactive::Error => e
+          warn e.message
+          exit 1
+        end
+
+        def build_formatted_results(results)
+          {
+            'query' => options[:query],
+            'from' => @parsed_from,
+            'to' => @parsed_to,
+            'time_zone' => @parsed_timezone,
+            'message_count' => results.size,
+            'messages' => results
+          }
+        end
+      end
+    end
+  end
+end