Fix deprecated date_histogram (#22)

hnhdev · May 6, 2024 · 923c06d · 923c06d
1 parent 4465e49
commit 923c06d
Show file tree

Hide file tree

Showing 7 changed files with 15 additions and 14 deletions.
diff --git a/timesketch/frontend-ng/dist/index.html b/timesketch/frontend-ng/dist/index.html
@@ -1 +1 @@
-<!DOCTYPE html><html lang=en><head><meta name=csrf-token content="{{ csrf_token() }}"><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1"><link rel=icon href=/dist/favicon.ico><link href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900" rel=stylesheet><title>Timesketch</title><link href=/dist/css/chunk-vendors.c3145da3.css rel=preload as=style><link href=/dist/css/index.100e3102.css rel=preload as=style><link href=/dist/js/chunk-vendors.92ea151e.js rel=preload as=script><link href=/dist/js/index.ef101153.js rel=preload as=script><link href=/dist/css/chunk-vendors.c3145da3.css rel=stylesheet><link href=/dist/css/index.100e3102.css rel=stylesheet></head><body><div id=app></div><script src=/dist/js/chunk-vendors.92ea151e.js></script><script src=/dist/js/index.ef101153.js></script></body></html>
+<!DOCTYPE html><html lang=en><head><meta name=csrf-token content="{{ csrf_token() }}"><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1"><link rel=icon href=/dist/favicon.ico><link href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900" rel=stylesheet><title>Timesketch</title><link href=/dist/css/chunk-vendors.c3145da3.css rel=preload as=style><link href=/dist/css/index.100e3102.css rel=preload as=style><link href=/dist/js/chunk-vendors.92ea151e.js rel=preload as=script><link href=/dist/js/index.9aa19108.js rel=preload as=script><link href=/dist/css/chunk-vendors.c3145da3.css rel=stylesheet><link href=/dist/css/index.100e3102.css rel=stylesheet></head><body><div id=app></div><script src=/dist/js/chunk-vendors.92ea151e.js></script><script src=/dist/js/index.9aa19108.js></script></body></html>
diff --git a/timesketch/frontend-ng/dist/js/index.9aa19108.js b/timesketch/frontend-ng/dist/js/index.9aa19108.js
diff --git a/timesketch/frontend-ng/dist/js/index.9aa19108.js.map b/timesketch/frontend-ng/dist/js/index.9aa19108.js.map
diff --git a/timesketch/frontend-ng/dist/js/index.ef101153.js b/timesketch/frontend-ng/dist/js/index.ef101153.js
diff --git a/timesketch/frontend-ng/dist/js/index.ef101153.js.map b/timesketch/frontend-ng/dist/js/index.ef101153.js.map
diff --git a/timesketch/frontend-ng/src/components/Explore/AggregateDialog.vue b/timesketch/frontend-ng/src/components/Explore/AggregateDialog.vue
@@ -555,7 +555,7 @@ export default {
         aggregator_name: 'field_summary',
         aggregator_parameters: {
           field: this.eventKey,
-          field_query_string: this.eventValue
+          field_query_string: String(this.eventValue)
         }
       }).then((response) => {
         this.stats = response.data.objects[0].field_summary.buckets[0]
@@ -620,7 +620,7 @@ export default {
         aggregator_name: 'date_histogram',
         aggregator_parameters: {
           field: this.eventKey,
-          field_query_string: this.eventValue,
+          field_query_string: String(this.eventValue),
           supported_intervals: supportedIntervals,
           start_time: startTime.toISOString().slice(0, -1),
           end_time: endTime.toISOString().slice(0, -1),

diff --git a/timesketch/lib/aggregators/date_histogram.py b/timesketch/lib/aggregators/date_histogram.py
@@ -17,14 +17,13 @@
 import copy
 from datetime import datetime
 
-from timesketch.lib.aggregators import interface
-from timesketch.lib.aggregators import manager
+from timesketch.lib.aggregators import interface, manager
 
 
 class DateHistogramAggregation(interface.BaseAggregator):
     """Date Histogram Aggregation.
 
-    This aggregator uses "date_histogram" which is a type of OpenSearch
+    This aggregator uses "calendar_interval" which is a type of OpenSearch
     aggregation that buckets documents (i.e. events in Timesketch) into
     time-based intervals.
     """
@@ -35,7 +34,9 @@ class DateHistogramAggregation(interface.BaseAggregator):
 
     SUPPORTED_CHARTS = frozenset(["heatmap", "date_histogram", "table"])
 
-    SUPPORTED_INTERVALS = frozenset(["year", "month", "day", "day_of_week", "hour"])
+    SUPPORTED_INTERVALS = frozenset(
+        ["year", "quarter", "month", "week", "day", "hour", "minute"]
+    )
 
     FORM_FIELDS = [
         {
@@ -108,7 +109,7 @@ class DateHistogramAggregation(interface.BaseAggregator):
             "aggregation": {
                 "date_histogram": {
                     "field": "datetime",
-                    # "interval": "TODO"
+                    "calendar_interval": None,
                 }
             }
         },
@@ -184,7 +185,7 @@ def _get_histogram_aggregation_spec(self, start_time, end_time):
             {"query_string": {"query": query}}
         )
         aggregation_spec["aggs"]["aggregation"]["date_histogram"][
-            "interval"
+            "calendar_interval"
         ] = self.interval
         aggregation_spec["aggs"]["aggregation"]["date_histogram"]["missing"] = 0
         aggregation_spec["aggs"]["aggregation"]["date_histogram"]["min_doc_count"] = 0
@@ -266,10 +267,10 @@ def run(
                 "year": dt.year,
             }
 
-            if self.interval in ("month", "day", "day_of_week", "hour"):
+            if self.interval in ("month", "day", "hour"):
                 value["month"] = dt.month
 
-                if self.interval in ("day", "day_of_week", "hour"):
+                if self.interval in ("day", "hour"):
                     value["day"] = dt.day
                     value["dow"] = dt.weekday()
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		<!DOCTYPE html><html lang=en><head><meta name=csrf-token content="{{ csrf_token() }}"><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1"><link rel=icon href=/dist/favicon.ico><link href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900" rel=stylesheet><title>Timesketch</title><link href=/dist/css/chunk-vendors.c3145da3.css rel=preload as=style><link href=/dist/css/index.100e3102.css rel=preload as=style><link href=/dist/js/chunk-vendors.92ea151e.js rel=preload as=script><link href=/dist/js/index.ef101153.js rel=preload as=script><link href=/dist/css/chunk-vendors.c3145da3.css rel=stylesheet><link href=/dist/css/index.100e3102.css rel=stylesheet></head><body><div id=app></div><script src=/dist/js/chunk-vendors.92ea151e.js></script><script src=/dist/js/index.ef101153.js></script></body></html>
		<!DOCTYPE html><html lang=en><head><meta name=csrf-token content="{{ csrf_token() }}"><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge"><meta name=viewport content="width=device-width,initial-scale=1"><link rel=icon href=/dist/favicon.ico><link href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900" rel=stylesheet><title>Timesketch</title><link href=/dist/css/chunk-vendors.c3145da3.css rel=preload as=style><link href=/dist/css/index.100e3102.css rel=preload as=style><link href=/dist/js/chunk-vendors.92ea151e.js rel=preload as=script><link href=/dist/js/index.9aa19108.js rel=preload as=script><link href=/dist/css/chunk-vendors.c3145da3.css rel=stylesheet><link href=/dist/css/index.100e3102.css rel=stylesheet></head><body><div id=app></div><script src=/dist/js/chunk-vendors.92ea151e.js></script><script src=/dist/js/index.9aa19108.js></script></body></html>