metron-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From nickwallen <...@git.apache.org>
Subject [GitHub] metron pull request #1245: METRON-1795: Initial Commit for Regular Expressio...
Date Thu, 06 Dec 2018 20:46:39 GMT
Github user nickwallen commented on a diff in the pull request:

    https://github.com/apache/metron/pull/1245#discussion_r239608145
  
    --- Diff: metron-platform/metron-parsers/src/test/java/org/apache/metron/parsers/regex/RegularExpressionsParserTest.java
---
    @@ -0,0 +1,152 @@
    +/**
    + * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
    + * agreements. See the NOTICE file distributed with this work for additional information
regarding
    + * copyright ownership. The ASF licenses this file to you under the Apache License, Version
2.0 (the
    + * "License"); you may not use this file except in compliance with the License. You may
obtain a
    + * copy of the License at
    + *
    + * http://www.apache.org/licenses/LICENSE-2.0
    + *
    + * Unless required by applicable law or agreed to in writing, software distributed under
the License
    + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
either express
    + * or implied. See the License for the specific language governing permissions and limitations
under
    + * the License.
    + */
    +package org.apache.metron.parsers.regex;
    +
    +import org.json.simple.JSONObject;
    +import org.json.simple.parser.JSONParser;
    +import org.junit.Before;
    +import org.junit.Test;
    +
    +import java.nio.file.Files;
    +import java.nio.file.Paths;
    +import java.util.HashMap;
    +import java.util.List;
    +import java.util.Map;
    +
    +import static org.junit.Assert.assertTrue;
    +
    +public class RegularExpressionsParserTest {
    +
    +  private RegularExpressionsParser regularExpressionsParser;
    +  private JSONObject parserConfig;
    +
    +  @Before
    +  public void setUp() throws Exception {
    +    regularExpressionsParser = new RegularExpressionsParser();
    +  }
    +
    +  @Test
    +  public void testSSHDParse() throws Exception {
    +    String message =
    +        "<38>Jun 20 15:01:17 deviceName sshd[11672]: Accepted publickey for prod
from 22.22.22.22 port 55555 ssh2";
    +
    +    parserConfig = getJsonConfig(
    +        Paths.get("src/test/resources/config/RegularExpressionsParserConfig.json").toString());
    --- End diff --
    
    Hi @jagdeepsingh2 - I was able to get this up and running in a debugger.  Your parser
will not parse messages successfully after the changes made in #1213. You are likely using
this on an older version of Metron.
    
    The parser must produce a JSONObject that contains both a `timestamp` and `original_string`
field based on the [validation performed here.](https://github.com/apache/metron/blob/2ee6cc7e0b448d8d27f56f873e2c15a603c53917/metron-platform/metron-parsers/src/main/java/org/apache/metron/parsers/BasicParser.java#L34-L46)
     
    If you add the timestamp like you mentioned it should work.


---

Mime
View raw message