sumologic-query 1.3.2 → 1.3.4

data/lib/sumologic/cli.rb

@@ -2,9 +2,13 @@
 
 require 'thor'
 require 'json'
+require_relative 'cli/commands/search_command'
+require_relative 'cli/commands/list_collectors_command'
+require_relative 'cli/commands/list_sources_command'
 
 module Sumologic
   # Thor-based CLI for Sumo Logic query tool
+  # Delegates commands to specialized command classes
   class CLI < Thor
     class_option :debug, type: :boolean, aliases: '-d', desc: 'Enable debug output'
     class_option :output, type: :string, aliases: '-o', desc: 'Output file (default: stdout)'
@@ -13,49 +17,51 @@ module Sumologic
       true
     end
 
+    def initialize(*args)
+      super
+      $DEBUG = true if options[:debug]
+    end
+
     desc 'search', 'Search Sumo Logic logs'
     long_desc <<~DESC
       Search Sumo Logic logs using a query string.
 
+      Time Formats:
+        --from and --to support multiple formats:
+        • 'now' - current time
+        • Relative: '-30s', '-5m', '-2h', '-7d', '-1w', '-1M' (sec/min/hour/day/week/month)
+        • Unix timestamp: '1700000000' (seconds since epoch)
+        • ISO 8601: '2025-11-13T14:00:00'
+
       Examples:
-        # Error timeline with 5-minute buckets
+        # Last 30 minutes
+        sumo-query search --query 'error' --from '-30m' --to 'now'
+
+        # Last hour with ISO format
         sumo-query search --query 'error | timeslice 5m | count' \\
           --from '2025-11-13T14:00:00' --to '2025-11-13T15:00:00'
 
-        # Search for specific text
+        # Last 7 days
         sumo-query search --query '"connection timeout"' \\
-          --from '2025-11-13T14:00:00' --to '2025-11-13T15:00:00' \\
-          --limit 100
+          --from '-7d' --to 'now' --limit 100
+
+        # Using Unix timestamps
+        sumo-query search --query 'error' \\
+          --from '1700000000' --to '1700003600'
 
         # Interactive mode with FZF
         sumo-query search --query 'error' \\
-          --from '2025-11-13T14:00:00' --to '2025-11-13T15:00:00' \\
-          --interactive
+          --from '-1h' --to 'now' --interactive
     DESC
     option :query, type: :string, required: true, aliases: '-q', desc: 'Search query'
-    option :from, type: :string, required: true, aliases: '-f', desc: 'Start time (ISO 8601)'
-    option :to, type: :string, required: true, aliases: '-t', desc: 'End time (ISO 8601)'
-    option :time_zone, type: :string, default: 'UTC', aliases: '-z', desc: 'Time zone'
+    option :from, type: :string, required: true, aliases: '-f', desc: 'Start time (now, -30m, unix timestamp, ISO 8601)'
+    option :to, type: :string, required: true, aliases: '-t', desc: 'End time (now, -30m, unix timestamp, ISO 8601)'
+    option :time_zone, type: :string, default: 'UTC', aliases: '-z',
+                       desc: 'Time zone (UTC, EST, AEST, +00:00, America/New_York, Australia/Sydney)'
     option :limit, type: :numeric, aliases: '-l', desc: 'Maximum messages to return'
     option :interactive, type: :boolean, aliases: '-i', desc: 'Launch interactive browser (requires fzf)'
     def search
-      $DEBUG = true if options[:debug]
-
-      client = create_client
-
-      log_search_info
-      results = execute_search(client)
-
-      warn '=' * 60
-      warn "Results: #{results.size} messages"
-      warn '=' * 60
-      $stderr.puts
-
-      if options[:interactive]
-        launch_interactive_mode(results)
-      else
-        output_search_results(results)
-      end
+      Commands::SearchCommand.new(options, create_client).execute
     end
 
     desc 'list-collectors', 'List all Sumo Logic collectors'
@@ -66,17 +72,7 @@ module Sumologic
         sumo-query list-collectors --output collectors.json
     DESC
     def list_collectors
-      $DEBUG = true if options[:debug]
-
-      client = create_client
-
-      warn 'Fetching collectors...'
-      collectors = client.list_collectors
-
-      output_json(
-        total: collectors.size,
-        collectors: collectors.map { |c| format_collector(c) }
-      )
+      Commands::ListCollectorsCommand.new(options, create_client).execute
     end
 
     desc 'list-sources', 'List sources from collectors'
@@ -92,15 +88,7 @@ module Sumologic
     DESC
     option :collector_id, type: :string, desc: 'Collector ID to list sources for'
     def list_sources
-      $DEBUG = true if options[:debug]
-
-      client = create_client
-
-      if options[:collector_id]
-        list_sources_for_collector(client, options[:collector_id])
-      else
-        list_all_sources(client)
-      end
+      Commands::ListSourcesCommand.new(options, create_client).execute
     end
 
     desc 'version', 'Show version information'
@@ -127,120 +115,8 @@ module Sumologic
       exit 1
     end
 
-    def list_sources_for_collector(client, collector_id)
-      warn "Fetching sources for collector: #{collector_id}"
-      sources = client.list_sources(collector_id: collector_id)
-
-      output_json(
-        collector_id: collector_id,
-        total: sources.size,
-        sources: sources.map { |s| format_source(s) }
-      )
-    end
-
-    def list_all_sources(client)
-      warn 'Fetching all sources from all collectors...'
-      warn 'This may take a minute...'
-
-      all_sources = client.list_all_sources
-
-      output_json(
-        total_collectors: all_sources.size,
-        total_sources: all_sources.sum { |c| c['sources'].size },
-        data: all_sources.map do |item|
-          {
-            collector: item['collector'],
-            sources: item['sources'].map { |s| format_source(s) }
-          }
-        end
-      )
-    end
-
-    def format_collector(collector)
-      {
-        id: collector['id'],
-        name: collector['name'],
-        collectorType: collector['collectorType'],
-        alive: collector['alive'],
-        category: collector['category']
-      }
-    end
-
-    def format_source(source)
-      {
-        id: source['id'],
-        name: source['name'],
-        category: source['category'],
-        sourceType: source['sourceType'],
-        alive: source['alive']
-      }
-    end
-
-    def output_json(data)
-      json_output = JSON.pretty_generate(data)
-
-      if options[:output]
-        File.write(options[:output], json_output)
-        warn "\nResults saved to: #{options[:output]}"
-      else
-        puts json_output
-      end
-    end
-
     def error(message)
       warn message
     end
-
-    def log_search_info
-      warn '=' * 60
-      warn 'Sumo Logic Search Query'
-      warn '=' * 60
-      warn "Time Range: #{options[:from]} to #{options[:to]}"
-      warn "Query: #{options[:query]}"
-      warn "Limit: #{options[:limit] || 'unlimited'}"
-      warn '-' * 60
-      warn 'Creating search job...'
-      $stderr.puts
-    end
-
-    def execute_search(client)
-      client.search(
-        query: options[:query],
-        from_time: options[:from],
-        to_time: options[:to],
-        time_zone: options[:time_zone],
-        limit: options[:limit]
-      )
-    end
-
-    def output_search_results(results)
-      output_json(
-        query: options[:query],
-        from: options[:from],
-        to: options[:to],
-        time_zone: options[:time_zone],
-        message_count: results.size,
-        messages: results
-      )
-    end
-
-    def launch_interactive_mode(results)
-      require_relative 'interactive'
-
-      # Format results for interactive mode
-      formatted_results = {
-        'query' => options[:query],
-        'from' => options[:from],
-        'to' => options[:to],
-        'time_zone' => options[:time_zone],
-        'message_count' => results.size,
-        'messages' => results
-      }
-
-      Sumologic::Interactive.launch(formatted_results)
-    rescue Sumologic::Interactive::Error => e
-      error e.message
-      exit 1
-    end
   end
 end

data/lib/sumologic/http/client.rb

@@ -1,30 +1,41 @@
 # frozen_string_literal: true
 
-require 'net/http'
-require 'json'
-require 'uri'
 require_relative 'connection_pool'
+require_relative 'debug_logger'
+require_relative 'cookie_jar'
+require_relative 'request_builder'
+require_relative 'response_handler'
 
 module Sumologic
   module Http
-    # Handles HTTP communication with Sumo Logic API
-    # Responsibilities: request execution, error handling, SSL configuration
-    # Uses connection pooling for thread-safe parallel requests
+    # Orchestrates HTTP communication with Sumo Logic API
+    # Delegates to specialized components for request building,
+    # response handling, connection pooling, and cookie management
     class Client
       def initialize(base_url:, authenticator:)
-        @base_url = base_url
-        @authenticator = authenticator
+        @cookie_jar = CookieJar.new
+        @request_builder = RequestBuilder.new(
+          base_url: base_url,
+          authenticator: authenticator,
+          cookie_jar: @cookie_jar
+        )
+        @response_handler = ResponseHandler.new
         @connection_pool = ConnectionPool.new(base_url: base_url, max_connections: 10)
       end
 
       # Execute HTTP request with error handling
       # Uses connection pool for thread-safe parallel execution
       def request(method:, path:, body: nil, query_params: nil)
-        uri = build_uri(path, query_params)
-        request = build_request(method, uri, body)
+        uri = @request_builder.build_uri(path, query_params)
+        request = @request_builder.build_request(method, uri, body)
+
+        DebugLogger.log_request(method, uri, body, request.to_hash)
 
         response = execute_request(uri, request)
-        handle_response(response)
+
+        DebugLogger.log_response(response)
+
+        @response_handler.handle(response)
       rescue Errno::ECONNRESET, Errno::EPIPE, EOFError, Net::HTTPBadResponse => e
         # Connection error - raise for retry at higher level
         raise Error, "Connection error: #{e.message}"
@@ -37,49 +48,15 @@ module Sumologic
 
       private
 
-      def build_uri(path, query_params)
-        uri = URI("#{@base_url}#{path}")
-        uri.query = URI.encode_www_form(query_params) if query_params
-        uri
-      end
-
-      def build_request(method, uri, body)
-        request_class = case method
-                        when :get then Net::HTTP::Get
-                        when :post then Net::HTTP::Post
-                        when :delete then Net::HTTP::Delete
-                        else raise ArgumentError, "Unsupported HTTP method: #{method}"
-                        end
-
-        request = request_class.new(uri)
-        request['Authorization'] = @authenticator.auth_header
-        request['Accept'] = 'application/json'
-
-        if body
-          request['Content-Type'] = 'application/json'
-          request.body = body.to_json
-        end
-
-        request
-      end
-
       def execute_request(uri, request)
-        @connection_pool.with_connection(uri) do |http|
+        response = @connection_pool.with_connection(uri) do |http|
           http.request(request)
         end
-      end
 
-      def handle_response(response)
-        case response.code.to_i
-        when 200..299
-          JSON.parse(response.body)
-        when 401, 403
-          raise AuthenticationError, "Authentication failed: #{response.body}"
-        when 429
-          raise Error, "Rate limit exceeded: #{response.body}"
-        else
-          raise Error, "HTTP #{response.code}: #{response.body}"
-        end
+        # Store cookies from response for subsequent requests
+        @cookie_jar.store_from_response(response)
+
+        response
       end
     end
   end

data/lib/sumologic/http/connection_pool.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'openssl'
+
 module Sumologic
   module Http
     # Thread-safe connection pool for HTTP clients
@@ -84,10 +86,22 @@ module Sumologic
         http.read_timeout = READ_TIMEOUT
         http.open_timeout = OPEN_TIMEOUT
         http.keep_alive_timeout = 30
+
+        # SSL configuration
+        http.verify_mode = OpenSSL::SSL::VERIFY_PEER
+        http.cert_store = ssl_cert_store
+
         http.start
         http
       end
 
+      def ssl_cert_store
+        # Use system's default certificate store
+        store = OpenSSL::X509::Store.new
+        store.set_default_paths
+        store
+      end
+
       def create_temporary_connection(uri)
         # Fallback: create a temporary connection if pool is exhausted
         create_connection(uri)

data/lib/sumologic/http/cookie_jar.rb

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Sumologic
+  module Http
+    # Simple cookie jar for storing and managing HTTP cookies
+    # Handles Set-Cookie response headers and Cookie request headers
+    class CookieJar
+      def initialize
+        @cookies = {}
+      end
+
+      # Store cookies from response Set-Cookie headers
+      def store_from_response(response)
+        return unless response['Set-Cookie']
+
+        Array(response['Set-Cookie']).each do |cookie_header|
+          parse_and_store(cookie_header)
+        end
+      end
+
+      # Format cookies for Cookie request header
+      # Returns nil if no cookies stored
+      def to_header
+        return nil if @cookies.empty?
+
+        @cookies.map { |name, value| "#{name}=#{value}" }.join('; ')
+      end
+
+      # Check if any cookies are stored
+      def any?
+        @cookies.any?
+      end
+
+      # Clear all stored cookies
+      def clear
+        @cookies.clear
+      end
+
+      private
+
+      def parse_and_store(cookie_header)
+        # Parse cookie name=value (ignore path, domain, expires, etc.)
+        # Example: "session_id=abc123; Path=/; HttpOnly"
+        return unless cookie_header =~ /^([^=]+)=([^;]+)/
+
+        name = Regexp.last_match(1).strip
+        value = Regexp.last_match(2).strip
+        @cookies[name] = value
+      end
+    end
+  end
+end

data/lib/sumologic/http/debug_logger.rb

@@ -0,0 +1,46 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module Sumologic
+  module Http
+    # Handles debug logging for HTTP requests and responses
+    # Only logs when $DEBUG is enabled
+    module DebugLogger
+      module_function
+
+      def log_request(method, uri, body, headers = {})
+        return unless $DEBUG
+
+        warn "\n[DEBUG] API Request:"
+        warn "  Method: #{method.to_s.upcase}"
+        warn "  URL: #{uri}"
+        warn "  Cookie: #{headers['Cookie']}" if headers['Cookie']
+        log_request_body(body) if body
+        warn ''
+      end
+
+      def log_response(response)
+        return unless $DEBUG
+
+        warn '[DEBUG] API Response:'
+        warn "  Status: #{response.code} #{response.message}"
+        log_response_body(response.body)
+        warn ''
+      end
+
+      def log_request_body(body)
+        warn "  Body: #{JSON.pretty_generate(body)}"
+      rescue JSON::GeneratorError
+        warn "  Body: #{body.inspect}"
+      end
+
+      def log_response_body(body)
+        truncated = body.length > 500
+        display_body = truncated ? "#{body[0..500]}..." : body
+        warn "  Body: #{display_body}"
+        warn "  (truncated, full length: #{body.length} characters)" if truncated
+      end
+    end
+  end
+end

data/lib/sumologic/http/request_builder.rb

@@ -0,0 +1,63 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'json'
+require 'uri'
+
+module Sumologic
+  module Http
+    # Builds HTTP requests with proper headers, authentication, and cookies
+    class RequestBuilder
+      def initialize(base_url:, authenticator:, cookie_jar:)
+        @base_url = base_url
+        @authenticator = authenticator
+        @cookie_jar = cookie_jar
+      end
+
+      # Build complete URI from path and query parameters
+      def build_uri(path, query_params = nil)
+        uri = URI("#{@base_url}#{path}")
+        uri.query = URI.encode_www_form(query_params) if query_params
+        uri
+      end
+
+      # Build HTTP request with all necessary headers
+      def build_request(method, uri, body = nil)
+        request = create_request_object(method, uri)
+        add_headers(request)
+        add_body(request, body) if body
+        request
+      end
+
+      private
+
+      def create_request_object(method, uri)
+        request_class = request_class_for(method)
+        request_class.new(uri)
+      end
+
+      def request_class_for(method)
+        case method
+        when :get then Net::HTTP::Get
+        when :post then Net::HTTP::Post
+        when :delete then Net::HTTP::Delete
+        else raise ArgumentError, "Unsupported HTTP method: #{method}"
+        end
+      end
+
+      def add_headers(request)
+        request['Authorization'] = @authenticator.auth_header
+        request['Accept'] = 'application/json'
+
+        # Add cookies if available
+        cookie_header = @cookie_jar.to_header
+        request['Cookie'] = cookie_header if cookie_header
+      end
+
+      def add_body(request, body)
+        request['Content-Type'] = 'application/json'
+        request.body = body.to_json
+      end
+    end
+  end
+end

data/lib/sumologic/http/response_handler.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module Sumologic
+  module Http
+    # Handles HTTP response parsing and error handling
+    class ResponseHandler
+      # Parse response and handle errors
+      def handle(response)
+        case response.code.to_i
+        when 200..299
+          parse_success(response)
+        when 401, 403
+          handle_authentication_error(response)
+        when 429
+          handle_rate_limit_error(response)
+        else
+          handle_generic_error(response)
+        end
+      end
+
+      private
+
+      def parse_success(response)
+        JSON.parse(response.body)
+      end
+
+      def handle_authentication_error(response)
+        raise AuthenticationError, "Authentication failed: #{response.body}"
+      end
+
+      def handle_rate_limit_error(response)
+        raise Error, "Rate limit exceeded: #{response.body}"
+      end
+
+      def handle_generic_error(response)
+        raise Error, "HTTP #{response.code}: #{response.body}"
+      end
+    end
+  end
+end