Hi Nalaka, I think these are two concepts. DAS Lucene queries used as a pulling mechanism where you execute queries and get results. On the hand receivers, publishers and streams work with the event flow. From Lucene queries you are pulling data which has been persisted from the event flow. If you are doing a scheduled Lucene query from Log Analyzer level, try to create a new event at Log Analyzer level and publish that data to a DAS receiver which belongs to an event flow that publish alerts.
Regards, On Wed, Apr 20, 2016 at 10:25 AM, Nalaka Perera <nal...@wso2.com> wrote: > Hi Charini, > > Log analyzer built on top of the DAS Server. I am using DAS Email Event > Publisher for sending emails alerts. Data Processing part is doing by log > analyzer, but the problem is how do we put multiple events as a event to > the out_put_stream which is connected to the email publisher. > > Thank you, > Nalaka, > > On Wed, Apr 20, 2016 at 9:52 AM, Charini Nanayakkara <chari...@wso2.com> > wrote: > >> Hi, >> >> Can we not use WSO2 ESB as a mediator in achieving this task. To my >> knowledge we can do some processing with ESB prior to sending received >> information as mail. >> >> >> http://sparkletechthoughts.blogspot.com/2012/08/how-to-send-mails-using-wso2-esb.html >> >> >> http://sparkletechthoughts.blogspot.com/2013/10/how-to-receive-emails-to-wso2-esb.html >> >> Regards, >> Charini >> >> On Wed, Apr 20, 2016 at 9:47 AM, Sachith Withana <sach...@wso2.com> >> wrote: >> >>> Nalaka, >>> >>> Currently we cannot schedule tasks for lucene queries or aggregate the >>> results as you've described above. >>> >>> You would have to implement a task that would schedule the lucene >>> queries, and a triggering mechanism that would be triggered through the >>> lucene results. >>> >>> Then you would have to aggregate those results and send it as an event >>> to the corresponding stream. >>> >>> @Gimantha: any other ways of doing this? >>> >>> Regards, >>> Sachith >>> >>> >>> On Tue, Apr 19, 2016 at 6:29 PM, Nalaka Perera <nal...@wso2.com> wrote: >>> >>>> Hi Sachith, >>>> >>>> In Log analyzer users are able to schedule a search and if search >>>> result met trigger condition then it creates an alert. Search result may >>>> contains multiple log lines. >>>> Ex. Log data have persisted in a DAS table. Using lucene >>>> search(_level:ERROR AND _timestamp:[timefrom TO timeto]) I got 8 log lines >>>> which log level is WARN. >>>> >>>> User need to get data of results (fields data ex. time_stamp, level, >>>> log_message .ect) with the alert. Each alert has output stream which is >>>> connected to the publisher(Email Publisher). User required fields are >>>> attributes of the output stream(outputStream_1.0.0 {timestamp STRING, level >>>> STRING, log_message STRING}). >>>> >>>> Let's say an alert condition is met and assume alert publisher is >>>> email, so now publisher send multiple emails since the search result has >>>> multiple log lines/events. >>>> >>>> But what I need is, when search result met the trigger condition at >>>> scheduled time it should send one email which contains all the field data. >>>> Ex. Email should contains following field data >>>> "_timestamp": "2016-03-21 12:04:11,557", "_level": "ERROR", >>>> "_log_message": "The [action] cannot be processed at the receiver. " >>>> "_timestamp": "2016-03-21 12:04:45,597", "_level": "ERROR", >>>> "_log_message": "The [action] cannot be processed at the receiver. " >>>> "_timestamp": "2016-03-21 12:04:09,605", "_level": "ERROR", >>>> "_log_message": "The [action] cannot be processed at the receiver. " >>>> "_timestamp": "2016-03-21 12:04:44,301", "_level": "ERROR", >>>> "_log_message": "The [action] cannot be processed at the receiver. " >>>> >>>> Is that possible? >>>> >>>> Thank you, >>>> Nalaka >>>> >>>> On Tue, Apr 19, 2016 at 3:18 PM, Sachith Withana <sach...@wso2.com> >>>> wrote: >>>> >>>>> Hi Nalaka, >>>>> >>>>> Can you provide an example? >>>>> >>>>> WDYM by adding multiple events into a single event? >>>>> >>>>> Regards, >>>>> Sachith >>>>> >>>>> On Tue, Apr 19, 2016 at 2:52 PM, Nalaka Perera <nal...@wso2.com> >>>>> wrote: >>>>> >>>>>> Hi all, >>>>>> >>>>>> How do we send multiple results (events) from a lucene search and add >>>>>> them as a single event to a publish stream to create one alert >>>>>> (ex.Email)? >>>>>> >>>>>> Thank you, >>>>>> Nalaka >>>>>> -- >>>>>> *Nalaka Perera* >>>>>> >>>>>> *Intern - Software Engineering* >>>>>> *WSO2* >>>>>> >>>>>> *Mobile: * *+94 71 9165748 <%2B94%2071%209165748>* >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> Dev@wso2.org >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Sachith Withana >>>>> Software Engineer; WSO2 Inc.; http://wso2.com >>>>> E-mail: sachith AT wso2.com >>>>> M: +94715518127 >>>>> Linked-In: <http://goog_416592669> >>>>> https://lk.linkedin.com/in/sachithwithana >>>>> >>>> >>>> >>>> >>>> -- >>>> *Nalaka Perera* >>>> >>>> *Intern - Software Engineering* >>>> *WSO2* >>>> >>>> *Mobile: * *+94 71 9165748 <%2B94%2071%209165748>* >>>> >>> >>> >>> >>> -- >>> Sachith Withana >>> Software Engineer; WSO2 Inc.; http://wso2.com >>> E-mail: sachith AT wso2.com >>> M: +94715518127 >>> Linked-In: <http://goog_416592669> >>> https://lk.linkedin.com/in/sachithwithana >>> >>> _______________________________________________ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> Charini Vimansha Nanayakkara >> Software Engineer at WSO2 >> Mobile: 0714126293 >> >> > > > -- > *Nalaka Perera* > > *Intern - Software Engineering* > *WSO2* > > *Mobile: * *+94 71 9165748 <%2B94%2071%209165748>* > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Tharik Kanaka* WSO2, Inc |#20, Palm Grove, Colombo 03, Sri Lanka Email: tha...@wso2.com | Web: www.wso2.com
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
