From 836b47cb7e99a977c5a23b059ca1d0b5065d310e Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Wed, 24 Jul 2024 11:54:23 +0200 Subject: Merging upstream version 1.46.3. Signed-off-by: Daniel Baumann --- src/logsmanagement/query.h | 157 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 157 insertions(+) create mode 100644 src/logsmanagement/query.h (limited to 'src/logsmanagement/query.h') diff --git a/src/logsmanagement/query.h b/src/logsmanagement/query.h new file mode 100644 index 000000000..a9da4368a --- /dev/null +++ b/src/logsmanagement/query.h @@ -0,0 +1,157 @@ +// SPDX-License-Identifier: GPL-3.0-or-later + +/** @file query.h + * @brief Header of query.c + */ + +#ifndef QUERY_H_ +#define QUERY_H_ + +#include +#include +#include "libnetdata/libnetdata.h" +#include "defaults.h" + +#define LOGS_QRY_VERSION "1" + +#define LOGS_MANAG_FUNC_PARAM_AFTER "after" +#define LOGS_MANAG_FUNC_PARAM_BEFORE "before" +#define LOGS_QRY_KW_QUOTA "quota" +#define LOGS_QRY_KW_CHARTNAME "chartname" +#define LOGS_QRY_KW_FILENAME "filename" +#define LOGS_QRY_KW_KEYWORD "keyword" +#define LOGS_QRY_KW_IGNORE_CASE "ignore_case" +#define LOGS_QRY_KW_SANITIZE_KW "sanitize_keyword" + +typedef struct { + const enum {LOGS_QRY_RES_ERR_CODE_OK = 0, + LOGS_QRY_RES_ERR_CODE_INV_TS_ERR, + LOGS_QRY_RES_ERR_CODE_NOT_FOUND_ERR, + LOGS_QRY_RES_ERR_CODE_NOT_INIT_ERR, + LOGS_QRY_RES_ERR_CODE_SERVER_ERR, + LOGS_QRY_RES_ERR_CODE_UNMODIFIED, + LOGS_QRY_RES_ERR_CODE_CANCELLED, + LOGS_QRY_RES_ERR_CODE_TIMEOUT } err_code; + char const *const err_str; + const int http_code; +} logs_qry_res_err_t; + +static const logs_qry_res_err_t logs_qry_res_err[] = { + { LOGS_QRY_RES_ERR_CODE_OK, "success", HTTP_RESP_OK }, + { LOGS_QRY_RES_ERR_CODE_INV_TS_ERR, "invalid timestamp range", HTTP_RESP_BAD_REQUEST }, + { LOGS_QRY_RES_ERR_CODE_NOT_FOUND_ERR, "no results found", HTTP_RESP_OK }, + { LOGS_QRY_RES_ERR_CODE_NOT_INIT_ERR, "logs management engine not running", HTTP_RESP_SERVICE_UNAVAILABLE }, + { LOGS_QRY_RES_ERR_CODE_SERVER_ERR, "server error", HTTP_RESP_INTERNAL_SERVER_ERROR }, + { LOGS_QRY_RES_ERR_CODE_UNMODIFIED, "not modified", HTTP_RESP_NOT_MODIFIED }, + { LOGS_QRY_RES_ERR_CODE_CANCELLED, "cancelled", HTTP_RESP_CLIENT_CLOSED_REQUEST }, + { LOGS_QRY_RES_ERR_CODE_TIMEOUT, "query timed out", HTTP_RESP_OK } +}; + +const logs_qry_res_err_t *fetch_log_sources(BUFFER *wb); + + +/** + * @brief Parameters of the query. + * @param req_from_ts Requested start timestamp of query in epoch + * milliseconds. + * + * @param req_to_ts Requested end timestamp of query in epoch milliseconds. + * If it doesn't match the requested start timestamp, there may be more results + * to be retrieved (for descending timestamp order queries). + * + * @param act_from_ts Actual start timestamp of query in epoch milliseconds. + * + * @param act_to_ts Actual end timestamp of query in epoch milliseconds. + * If it doesn't match the requested end timestamp, there may be more results to + * be retrieved (for ascending timestamp order queries). + * + * @param order_by_asc Equal to 1 if req_from_ts <= req_to_ts, otherwise 0. + * + * @param quota Request quota for results. When exceeded, query will + * return, even if there are more pending results. + * + * @param stop_monotonic_ut Monotonic time in usec after which the query + * will be timed out. + * + * @param chartname Chart name of log source to be queried, as it appears + * on the netdata dashboard. If this is defined and not an empty string, the + * filename parameter is ignored. + * + * @param filename Full path of log source to be queried. Will only be used + * if the chartname is not used. + * + * @param keyword The keyword to be searched. IMPORTANT! Regular expressions + * are supported (if sanitize_keyword is not set) but have not been tested + * extensively, so use with caution! + * + * @param ignore_case If set to any integer other than 0, the query will be + * case-insensitive. If not set or if set to 0, the query will be case-sensitive + * + * @param sanitize_keyword If set to any integer other than 0, the keyword + * will be sanitized before used by the regex engine (which means the keyword + * cannot be a regular expression, as it will be taken as a literal input). + * + * @param results_buff Buffer of BUFFER type to store the results of the + * query in. + * + * @param results_buff->size Defines the maximum quota of results to be + * expected. If exceeded, the query will return the results obtained so far. + * + * @param results_buff->len The exact size of the results matched. + * + * @param results_buff->buffer String containing the results of the query. + * + * @param num_lines Number of log records that match the keyword. + * + * @warning results_buff->size argument must be <= MAX_LOG_MSG_SIZE. + */ +typedef struct logs_query_params { + msec_t req_from_ts; + msec_t req_to_ts; + msec_t act_from_ts; + msec_t act_to_ts; + int order_by_asc; + unsigned long quota; + bool *cancelled; + usec_t *stop_monotonic_ut; + char *chartname[LOGS_MANAG_MAX_COMPOUND_QUERY_SOURCES]; + char *filename[LOGS_MANAG_MAX_COMPOUND_QUERY_SOURCES]; + char *keyword; + int ignore_case; + int sanitize_keyword; + BUFFER *results_buff; + unsigned long num_lines; +} logs_query_params_t; + +typedef struct logs_query_res_hdr { + msec_t timestamp; + size_t text_size; + int matches; + char log_source[20]; + char log_type[20]; + char basename[20]; + char filename[50]; + char chartname[20]; +} logs_query_res_hdr_t; + +/** + * @brief Check if query should be terminated. + * @param p_query_params See documentation of logs_query_params_t struct. + * @return true if query should be terminated of false otherwise. +*/ +bool terminate_logs_manag_query(logs_query_params_t *p_query_params); + +/** + * @brief Primary query API. + * @param p_query_params See documentation of logs_query_params_t struct. + * @return enum of LOGS_QRY_RES_ERR_CODE with result of query + * @todo Cornercase if filename not found in DB? Return specific message? + */ +const logs_qry_res_err_t *execute_logs_manag_query(logs_query_params_t *p_query_params); + +#ifdef ENABLE_LOGSMANAGEMENT_TESTS +/* Used as public only for unit testing, normally defined as static */ +char *sanitise_string(char *s); +#endif // ENABLE_LOGSMANAGEMENT_TESTS + +#endif // QUERY_H_ -- cgit v1.2.3