[GitHub] metron pull request #1245: METRON-1795: Initial Commit for Regular Expressio...

Thu, 06 Dec 2018 12:47:36 -0800 

Github user nickwallen commented on a diff in the pull request:

    https://github.com/apache/metron/pull/1245#discussion_r239608145
  
    --- Diff: 
metron-platform/metron-parsers/src/test/java/org/apache/metron/parsers/regex/RegularExpressionsParserTest.java
 ---
    @@ -0,0 +1,152 @@
    +/**
    + * Licensed to the Apache Software Foundation (ASF) under one or more 
contributor license
    + * agreements. See the NOTICE file distributed with this work for 
additional information regarding
    + * copyright ownership. The ASF licenses this file to you under the Apache 
License, Version 2.0 (the
    + * "License"); you may not use this file except in compliance with the 
License. You may obtain a
    + * copy of the License at
    + *
    + * http://www.apache.org/licenses/LICENSE-2.0
    + *
    + * Unless required by applicable law or agreed to in writing, software 
distributed under the License
    + * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF 
ANY KIND, either express
    + * or implied. See the License for the specific language governing 
permissions and limitations under
    + * the License.
    + */
    +package org.apache.metron.parsers.regex;
    +
    +import org.json.simple.JSONObject;
    +import org.json.simple.parser.JSONParser;
    +import org.junit.Before;
    +import org.junit.Test;
    +
    +import java.nio.file.Files;
    +import java.nio.file.Paths;
    +import java.util.HashMap;
    +import java.util.List;
    +import java.util.Map;
    +
    +import static org.junit.Assert.assertTrue;
    +
    +public class RegularExpressionsParserTest {
    +
    +  private RegularExpressionsParser regularExpressionsParser;
    +  private JSONObject parserConfig;
    +
    +  @Before
    +  public void setUp() throws Exception {
    +    regularExpressionsParser = new RegularExpressionsParser();
    +  }
    +
    +  @Test
    +  public void testSSHDParse() throws Exception {
    +    String message =
    +        "<38>Jun 20 15:01:17 deviceName sshd[11672]: Accepted publickey 
for prod from 22.22.22.22 port 55555 ssh2";
    +
    +    parserConfig = getJsonConfig(
    +        
Paths.get("src/test/resources/config/RegularExpressionsParserConfig.json").toString());
    --- End diff --
    
    Hi @jagdeepsingh2 - I was able to get this up and running in a debugger.  
Your parser will not parse messages successfully after the changes made in 
#1213. You are likely using this on an older version of Metron.
    
    The parser must produce a JSONObject that contains both a `timestamp` and 
`original_string` field based on the [validation performed 
here.](https://github.com/apache/metron/blob/2ee6cc7e0b448d8d27f56f873e2c15a603c53917/metron-platform/metron-parsers/src/main/java/org/apache/metron/parsers/BasicParser.java#L34-L46)
     
    If you add the timestamp like you mentioned it should work.


---

Reply via email to