Skip to content

Commit

Permalink
WIP:
Browse files Browse the repository at this point in the history
  • Loading branch information
hitenkoku committed Sep 13, 2023
1 parent a98c79d commit e63c656
Show file tree
Hide file tree
Showing 3 changed files with 37 additions and 3 deletions.
35 changes: 33 additions & 2 deletions src/afterfact.rs
Original file line number Diff line number Diff line change
Expand Up @@ -411,6 +411,7 @@ fn emit_csv<W: std::io::Write>(
jsonl_output_flag,
GEOIP_DB_PARSER.read().unwrap().is_some(),
remove_duplicate_data_flag,
detect_info.is_condition,
&[&detect_info.details_convert_map, &prev_details_convert_map],
);
prev_message = result.1;
Expand All @@ -425,6 +426,7 @@ fn emit_csv<W: std::io::Write>(
jsonl_output_flag,
GEOIP_DB_PARSER.read().unwrap().is_some(),
remove_duplicate_data_flag,
detect_info.is_condition,
&[&detect_info.details_convert_map, &prev_details_convert_map],
);
prev_message = result.1;
Expand Down Expand Up @@ -1431,6 +1433,7 @@ pub fn output_json_str(
jsonl_output_flag: bool,
is_included_geo_ip: bool,
remove_duplicate_flag: bool,
is_condition: bool,
details_infos: &[&HashMap<CompactString, Vec<CompactString>>],
) -> (String, HashMap<CompactString, Profile>) {
let mut target: Vec<String> = vec![];
Expand Down Expand Up @@ -1538,19 +1541,47 @@ pub fn output_json_str(
}
Profile::Details(_) | Profile::AllFieldInfo(_) | Profile::ExtraFieldInfo(_) => {
let mut output_stock: Vec<String> = vec![];
output_stock.push(format!(" \"{key}\": {{"));
let details_key = match profile {
Profile::Details(_) => "Details",
Profile::AllFieldInfo(_) => "AllFieldInfo",
Profile::ExtraFieldInfo(_) => "ExtraFieldInfo",
_ => "",
};
// 個々の段階でDetails, AllFieldInfo, ExtraFieldInfoの要素はdetails_infosに格納されているのでunwrapする
let details_target_stocks =
details_infos[0].get(&CompactString::from(format!("#{details_key}")));
if details_target_stocks.is_none() {
continue;
}
// aggregation conditionの場合は分解せずにそのまま出力する
if is_condition {
let agg_result = &details_target_stocks.unwrap();
if agg_result.is_empty() {
output_stock.push(format!(
"{}",
_create_json_output_format(
&key,
"-",
key.starts_with('\"'),
false,
4
)
));
} else {
output_stock.push(format!(
"{}",
_create_json_output_format(
&key,
agg_result[0].as_str(),
key.starts_with('\"'),
agg_result[0].starts_with('\"'),
4
)
));
}
continue;
} else {
output_stock.push(format!(" \"{key}\": {{"));
};
let details_stocks = details_target_stocks.unwrap();
for (idx, contents) in details_stocks.iter().enumerate() {
let (key, value) = contents.split_once(": ").unwrap_or_default();
Expand Down
4 changes: 3 additions & 1 deletion src/detections/message.rs
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,8 @@ pub fn insert(
),
) {
let mut record_details_info_map = HashMap::new();
println!("dbg timestamp: {:?}", time);
println!("dbg output: {:?}", &output);
if !is_agg {
//ここの段階でdetailsの内容でaliasを置き換えた内容と各種、key,valueの組み合わせのmapを取得する
let (removed_sp_parsed_detail, details_in_record) = parse_message(
Expand Down Expand Up @@ -182,7 +184,7 @@ pub fn insert(
} else {
replaced_profiles
.push((key.to_owned(), Details(detect_info.detail.clone().into())));
detect_info.details_convert_map.insert(
record_details_info_map.insert(
"#Details".into(),
detect_info.detail.split(" ¦ ").map(|x| x.into()).collect(),
);
Expand Down
1 change: 1 addition & 0 deletions src/timeline/search.rs
Original file line number Diff line number Diff line change
Expand Up @@ -465,6 +465,7 @@ pub fn search_result_dsp_msg(
jsonl_output,
false,
false,
false,
&[&HashMap::default(), &HashMap::default()],
);

Expand Down

0 comments on commit e63c656

Please sign in to comment.