metron-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ceste...@apache.org
Subject [3/3] incubator-metron git commit: METRON-765: Add GUID to messages (iraghumitra via cestella) closes apache/incubator-metron#483
Date Mon, 27 Mar 2017 13:38:50 GMT
METRON-765: Add GUID to messages (iraghumitra via cestella) closes apache/incubator-metron#483


Project: http://git-wip-us.apache.org/repos/asf/incubator-metron/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-metron/commit/27b0d6e3
Tree: http://git-wip-us.apache.org/repos/asf/incubator-metron/tree/27b0d6e3
Diff: http://git-wip-us.apache.org/repos/asf/incubator-metron/diff/27b0d6e3

Branch: refs/heads/master
Commit: 27b0d6e31de94317b085766349a892395f0d3309
Parents: 340e923
Author: iraghumitra <raghumitra.ksv@gmail.com>
Authored: Mon Mar 27 09:38:31 2017 -0400
Committer: cstella <cestella@gmail.com>
Committed: Mon Mar 27 09:38:31 2017 -0400

----------------------------------------------------------------------
 .../org/apache/metron/common/Constants.java     |   1 +
 .../enrichment/bolt/EnrichmentSplitterBolt.java |   6 +-
 .../bolt/EnrichmentSplitterBoltTest.java        |   4 +
 .../src/main/sample/data/asa/parsed/asa_parsed  | 256 +++++++++----------
 .../sample/data/bro/parsed/BroExampleParsed     |  20 +-
 .../data/jsonMap/parsed/jsonMapExampleParsed    |   4 +-
 .../main/sample/data/snort/parsed/SnortParsed   |   6 +-
 .../sample/data/squid/parsed/SquidExampleParsed |   4 +-
 .../data/websphere/parsed/WebsphereParsed       |  10 +-
 .../sample/data/yaf/parsed/YafExampleParsed     |  20 +-
 .../apache/metron/parsers/bolt/ParserBolt.java  |   4 +
 .../metron/parsers/bolt/ParserBoltTest.java     |  13 +-
 ...pleHbaseEnrichmentWriterIntegrationTest.java |   2 +-
 .../metron/test/utils/ValidationUtils.java      |   2 +-
 14 files changed, 182 insertions(+), 170 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/27b0d6e3/metron-platform/metron-common/src/main/java/org/apache/metron/common/Constants.java
----------------------------------------------------------------------
diff --git a/metron-platform/metron-common/src/main/java/org/apache/metron/common/Constants.java
b/metron-platform/metron-common/src/main/java/org/apache/metron/common/Constants.java
index 29be31e..1dc73da 100644
--- a/metron-platform/metron-common/src/main/java/org/apache/metron/common/Constants.java
+++ b/metron-platform/metron-common/src/main/java/org/apache/metron/common/Constants.java
@@ -31,6 +31,7 @@ public class Constants {
   public static final String ERROR_STREAM = "error";
   public static final String SIMPLE_HBASE_ENRICHMENT = "hbaseEnrichment";
   public static final String SIMPLE_HBASE_THREAT_INTEL = "hbaseThreatIntel";
+  public static final String GUID = "guid";
 
   public static enum Fields {
      SRC_ADDR("ip_src_addr")

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/27b0d6e3/metron-platform/metron-enrichment/src/main/java/org/apache/metron/enrichment/bolt/EnrichmentSplitterBolt.java
----------------------------------------------------------------------
diff --git a/metron-platform/metron-enrichment/src/main/java/org/apache/metron/enrichment/bolt/EnrichmentSplitterBolt.java
b/metron-platform/metron-enrichment/src/main/java/org/apache/metron/enrichment/bolt/EnrichmentSplitterBolt.java
index 1ec4252..f9cad80 100644
--- a/metron-platform/metron-enrichment/src/main/java/org/apache/metron/enrichment/bolt/EnrichmentSplitterBolt.java
+++ b/metron-platform/metron-enrichment/src/main/java/org/apache/metron/enrichment/bolt/EnrichmentSplitterBolt.java
@@ -61,9 +61,10 @@ public class EnrichmentSplitterBolt extends SplitBolt<JSONObject>
{
   }
   @Override
   public String getKey(Tuple tuple, JSONObject message) {
-    String key = null;
+    String key = null, guid = null;
     try {
       key = tuple.getStringByField("key");
+      guid = (String)message.get(Constants.GUID);
     }
     catch(Throwable t) {
       //swallowing this just in case.
@@ -71,6 +72,9 @@ public class EnrichmentSplitterBolt extends SplitBolt<JSONObject>
{
     if(key != null) {
       return key;
     }
+    else if(guid != null) {
+      return guid;
+    }
     else {
       return UUID.randomUUID().toString();
     }

http://git-wip-us.apache.org/repos/asf/incubator-metron/blob/27b0d6e3/metron-platform/metron-enrichment/src/test/java/org/apache/metron/enrichment/bolt/EnrichmentSplitterBoltTest.java
----------------------------------------------------------------------
diff --git a/metron-platform/metron-enrichment/src/test/java/org/apache/metron/enrichment/bolt/EnrichmentSplitterBoltTest.java
b/metron-platform/metron-enrichment/src/test/java/org/apache/metron/enrichment/bolt/EnrichmentSplitterBoltTest.java
index f3a1f2f..c79eb10 100644
--- a/metron-platform/metron-enrichment/src/test/java/org/apache/metron/enrichment/bolt/EnrichmentSplitterBoltTest.java
+++ b/metron-platform/metron-enrichment/src/test/java/org/apache/metron/enrichment/bolt/EnrichmentSplitterBoltTest.java
@@ -68,6 +68,10 @@ public class EnrichmentSplitterBoltTest extends BaseEnrichmentBoltTest
{
     when(tuple.getStringByField("key")).thenReturn(someKey);
     key = enrichmentSplitterBolt.getKey(tuple, sampleMessage);
     Assert.assertEquals(someKey, key);
+    String guid = "sample-guid";
+    when(sampleMessage.get("guid")).thenReturn(guid);
+    key = enrichmentSplitterBolt.getKey(tuple, sampleMessage);
+    Assert.assertEquals(guid, key);
     when(tuple.getBinary(0)).thenReturn(sampleMessageString.getBytes());
     JSONObject generatedMessage = enrichmentSplitterBolt.generateMessage(tuple);
     removeTimingFields(generatedMessage);


Mime
View raw message