本文整理汇总了Java中org.graylog2.plugin.journal.RawMessage类的典型用法代码示例。如果您正苦于以下问题:Java RawMessage类的具体用法?Java RawMessage怎么用?Java RawMessage使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
RawMessage类属于org.graylog2.plugin.journal包,在下文中一共展示了RawMessage类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: launchCreatesAndStartsAppenderAndProcessesMessages
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Test
public void launchCreatesAndStartsAppenderAndProcessesMessages() throws Exception {
final MessageInput messageInput = mock(MessageInput.class);
transport.launch(messageInput);
final DirectConsumingAppender appender = transport.getAppender();
assertThat(appender.getName()).isEqualTo("graylog-plugin-internal-logs");
assertThat(appender.getLayout()).isInstanceOf(SerializedLayout.class);
assertThat(appender.isStarted()).isTrue();
final MutableLogEvent logEvent = new MutableLogEvent();
logEvent.setMessage(new SimpleMessage("Processed"));
logEvent.setLevel(Level.ERROR);
appender.append(logEvent);
verify(messageInput, times(1)).processRawMessage(any(RawMessage.class));
final MutableLogEvent ignoredLogEvent = new MutableLogEvent();
ignoredLogEvent.setMessage(new SimpleMessage("Ignored"));
ignoredLogEvent.setLevel(Level.TRACE);
appender.append(ignoredLogEvent);
verifyNoMoreInteractions(messageInput);
}
开发者ID:graylog-labs,项目名称:graylog-plugin-internal-logs,代码行数:23,代码来源:SerializedLogEventTransportTest.java
示例2: testDecode
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Test
public void testDecode() throws Exception {
ObjectMapper objectMapper = new ObjectMapper();
S3Record s3Record = new S3Record();
s3Record.log = "this is a test message";
s3Record.s3Bucket = "some-bucket";
s3Record.s3ObjectKey = "mykey.tar.gz";
RawMessage rawMessage = new RawMessage(objectMapper.writeValueAsBytes(s3Record));
S3Codec s3Codec = new S3Codec(null, objectMapper);
Message message = s3Codec.decode(rawMessage);
assertTrue(message.getField("timestamp").toString().matches("\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}\\.\\d{3}([\\+|\\-]\\d{2}:\\d{2}|Z)"));
assertEquals(message.getField("source"), "s3");
assertEquals(message.getField("message"), "this is a test message");
assertEquals(message.getField("s3_bucket"), "some-bucket");
assertEquals(message.getField("s3_object_key"), "mykey.tar.gz");
}
示例3: doLaunch
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Override
protected void doLaunch(final MessageInput input) throws MisfireException {
consumer = new NsqClientBuilder(configuration).buildLookupd(new NSQMessageCallback() {
@Override
public void message(NSQMessage nsqMessage) {
final RawMessage rawMessage = new RawMessage(nsqMessage.getMessage());
nsqMessage.finished();
input.processRawMessage(rawMessage);
// do throttle the code
if (isThrottled()) {
blockUntilUnthrottled();
}
}
});
consumer.start();
}
示例4: decodeMessagesHandlesFilebeatMessages
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Test
public void decodeMessagesHandlesFilebeatMessages() throws Exception {
final byte[] json = Resources.toByteArray(Resources.getResource("filebeat.json"));
final RawMessage rawMessage = new RawMessage(json);
final Message message = codec.decode(rawMessage);
assertThat(message).isNotNull();
assertThat(message.getMessage()).isEqualTo("TEST");
assertThat(message.getSource()).isEqualTo("example.local");
assertThat(message.getTimestamp()).isEqualTo(new DateTime(2016, 4, 1, 0, 0, DateTimeZone.UTC));
assertThat(message.getField("facility")).isEqualTo("filebeat");
assertThat(message.getField("file")).isEqualTo("/tmp/test.log");
assertThat(message.getField("type")).isEqualTo("log");
assertThat(message.getField("count")).isEqualTo(1);
assertThat(message.getField("offset")).isEqualTo(0);
@SuppressWarnings("unchecked")
final List<String> tags = (List<String>) message.getField("tags");
assertThat(tags).containsOnly("foobar", "test");
}
示例5: decode
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Nullable
@Override
public Message decode(@Nonnull RawMessage rawMessage) {
final String s = new String(rawMessage.getPayload(), StandardCharsets.UTF_8);
final Matcher matcher = SYSLOG_PREFIX.matcher(s);
if (matcher.find()) {
final String priString = matcher.group("pri");
final Integer pri = Ints.tryParse(priString);
final Map<String, Object> syslogFields = new HashMap<>();
if (pri != null) {
final int facility = SyslogUtils.facilityFromPriority(pri);
syslogFields.put("level", SyslogUtils.levelFromPriority(pri));
syslogFields.put("facility", SyslogUtils.facilityToString(facility));
}
final String msg = matcher.group("msg");
final Message message = decodeCEF(rawMessage, msg);
message.addFields(syslogFields);
return message;
} else {
return decodeCEF(rawMessage, s);
}
}
示例6: decodeCEF
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
protected Message decodeCEF(@Nonnull RawMessage rawMessage, String s) {
try {
final MappedMessage cef = new MappedMessage(parser.parse(s, timezone.toTimeZone(), locale), useFullNames);
// Build standard message.
Message result = new Message(buildMessageSummary(cef), decideSource(cef, rawMessage), new DateTime(cef.timestamp()));
// Add all extensions.
result.addFields(cef.mappedExtensions());
// Add standard CEF fields.
result.addField("device_vendor", cef.deviceVendor());
result.addField("device_product", cef.deviceProduct());
result.addField("device_version", cef.deviceVersion());
result.addField("event_class_id", cef.deviceEventClassId());
result.addField("name", cef.name());
result.addField("severity", cef.severity());
return result;
} catch (Exception e) {
throw new RuntimeException("Could not decode CEF message.", e);
}
}
示例7: decideSource
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
protected String decideSource(MappedMessage cef, RawMessage raw) {
// Try getting the host name from the CEF extension "deviceAddress"/"dvc"
final Map<String, Object> fields = cef.mappedExtensions();
if (fields != null && !fields.isEmpty()) {
final String deviceAddress = (String) fields.getOrDefault(CEFMapping.dvc.getFullName(), fields.get(CEFMapping.dvc.getKeyName()));
if (!isNullOrEmpty(deviceAddress)) {
return deviceAddress;
}
}
// Try getting the hostname from the CEF message metadata (e. g. syslog)
if (!isNullOrEmpty(cef.host())) {
return cef.host();
}
// Use raw message source information if we were not able to parse a source from the CEF extensions.
final ResolvableInetSocketAddress address = raw.getRemoteAddress();
final InetSocketAddress remoteAddress;
if (address == null) {
remoteAddress = null;
} else {
remoteAddress = address.getInetSocketAddress();
}
return remoteAddress == null ? "unknown" : remoteAddress.getAddress().toString();
}
示例8: decodeMessagesReturnsNullIfNetFlowParserThrowsFlowException
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Test
public void decodeMessagesReturnsNullIfNetFlowParserThrowsFlowException() throws Exception {
final byte[] b = "Foobar".getBytes(StandardCharsets.UTF_8);
final InetSocketAddress source = new InetSocketAddress(InetAddress.getLocalHost(), 12345);
final RawMessage rawMessage = new RawMessage(b, source) {
private boolean triggered = false;
@Override
public byte[] getPayload() {
if (triggered) {
return new byte[]{};
}
triggered = true;
throw new FlowException("Boom!");
}
};
final Collection<Message> messages = codec.decodeMessages(rawMessage);
assertThat(messages).isNull();
}
示例9: readDataFromNOAA
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
private Runnable readDataFromNOAA(final MessageInput messageInput) {
return new Runnable() {
@Override
public void run() {
StringBuilder response = new StringBuilder();
try {
BufferedReader in = new BufferedReader(new InputStreamReader(urlACESWEPAM.openStream()));
String line;
while ((line = in.readLine()) != null) {
response.append(line).append("\n");
}
in.close();
} catch (Exception e) {
LOG.error("Could not read space weather information from NOAA.", e);
return;
}
messageInput.processRawMessage(new RawMessage(response.toString().getBytes()));
}
};
}
示例10: decode
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Nullable
@Override
public Message decode(@Nonnull RawMessage rawMessage) {
try {
final CloudTrailRecord record = objectMapper.readValue(rawMessage.getPayload(), CloudTrailRecord.class);
final String source = configuration.getString(Config.CK_OVERRIDE_SOURCE, "aws-cloudtrail");
final Message message = new Message(record.getConstructedMessage(), source, DateTime.parse(record.eventTime));
message.addFields(record.additionalFieldsAsMap());
message.addField("full_message", record.getFullMessage());
message.addField(AWS.SOURCE_GROUP_IDENTIFIER, true);
return message;
} catch (Exception e) {
throw new RuntimeException("Could not deserialize CloudTrail record.", e);
}
}
示例11: decode
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Nullable
@Override
public Message decode(@Nonnull RawMessage rawMessage) {
try {
S3Record s3Record = objectMapper.readValue(rawMessage.getPayload(), S3Record.class);
Message message = new Message(s3Record.log, "s3", rawMessage.getTimestamp());
message.addFields(s3Record.getFields());
return message;
} catch (Exception e) {
throw new RuntimeException("Could not deserialize S3 record.", e);
}
}
示例12: subscribeChannel
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Test
public void subscribeChannel() throws Exception {
final Configuration configuration = new Configuration(
ImmutableMap.of(
"redis_uri", "redis://" + REDIS_HOST + ":" + REDIS_PORT,
"channels", "graylog"
)
);
final RedisTransport redisTransport = new RedisTransport(configuration, eventBus, localMetricRegistry);
final RedisURI redisURI = RedisURI.create(REDIS_HOST, REDIS_PORT);
final RedisClient client = RedisClient.create(redisURI);
final StatefulRedisPubSubConnection<String, String> pubSub = client.connectPubSub();
final MessageInput messageInput = mock(MessageInput.class);
redisTransport.launch(messageInput);
final RedisPubSubCommands<String, String> commands = pubSub.sync();
final int numMessages = 100;
for (int i = 0; i < numMessages; i++) {
commands.publish("graylog", "TEST-" + i);
}
Thread.sleep(100L);
verify(messageInput, times(numMessages)).processRawMessage(any(RawMessage.class));
redisTransport.stop();
}
示例13: subscribePattern
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Test
public void subscribePattern() throws Exception {
final Configuration configuration = new Configuration(
ImmutableMap.of(
"redis_uri", "redis://" + REDIS_HOST + ":" + REDIS_PORT,
"patterns", "g*log"
)
);
final RedisTransport redisTransport = new RedisTransport(configuration, eventBus, localMetricRegistry);
final RedisURI redisURI = RedisURI.create(REDIS_HOST, REDIS_PORT);
final RedisClient client = RedisClient.create(redisURI);
final StatefulRedisPubSubConnection<String, String> pubSub = client.connectPubSub();
final MessageInput messageInput = mock(MessageInput.class);
redisTransport.launch(messageInput);
final RedisPubSubCommands<String, String> commands = pubSub.sync();
final int numMessages = 100;
for (int i = 0; i < numMessages; i++) {
commands.publish("graylog", "TEST-" + i);
}
Thread.sleep(100L);
verify(messageInput, times(numMessages)).processRawMessage(any(RawMessage.class));
redisTransport.stop();
}
示例14: decode
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Nullable
@Override
public Message decode(@Nonnull RawMessage rawMessage) {
final byte[] payload = rawMessage.getPayload();
final Map<String, Object> event;
try {
event = objectMapper.readValue(payload, new TypeReference<Map<String, Object>>() {
});
} catch (IOException e) {
LOG.error("Couldn't decode raw message {}", rawMessage);
return null;
}
return parseEvent(event);
}
示例15: decodeMessagesHandlesPacketbeatMessages
import org.graylog2.plugin.journal.RawMessage; //导入依赖的package包/类
@Test
public void decodeMessagesHandlesPacketbeatMessages() throws Exception {
final byte[] json = Resources.toByteArray(Resources.getResource("packetbeat-dns.json"));
final RawMessage rawMessage = new RawMessage(json);
final Message message = codec.decode(rawMessage);
assertThat(message).isNotNull();
assertThat(message.getSource()).isEqualTo("example.local");
assertThat(message.getTimestamp()).isEqualTo(new DateTime(2016, 4, 1, 0, 0, DateTimeZone.UTC));
assertThat(message.getField("facility")).isEqualTo("packetbeat");
assertThat(message.getField("type")).isEqualTo("dns");
}