I’m trying to create a pipeline processor function that I can use to lookup a value from another stream and use that value to enrich the current message with a new field.
The project is located here and will compile and load in 2.1.3 as of this writing.
I am stuck at the point where I conduct the search which would provide the SearchResult. It appears I am not properly instantiating org.graylog2.indexer.searches.Searches to use the search method and I am not quite sure how to do so.
For something like Configuration and Client, how do I specify or obtain the current configuration and client that is being utilized. Also, for IndexRangeService I am wanting to start off with a relative value, how do I do the conversion to get the right range.
Graylog is using Guice internally for dependency injection. This means that you can simply “request” a configured Searches instance in your constructor using the @Inject annotation.
See SourcesResource for an example inside Graylog:
@jochen, Can you tell me what the easiest way is to iterate through SearchResult to get to the message output?
I can see that response.getResults().size() returns 1 and , but I cannot get to the messages. I’ve tried something like this, which does not appear to be working for me.
What I mean is that the size() method indicates there is a message present and yet my LOG.info commands inside the for loop are not getting output into the log.
I have validated that there should be data available.
I am uncertain how to access the data in Message msg. It seems like something is wrong with my loop.
OK @jochen, If I access it using getField with the string of the field I am interested in, I can obtain the value I am after. I guess I was trying to access the field too direct.
