enrichment/
lib.rs

1#![deny(warnings)]
2
3pub mod find_enrichment_table_records;
4pub mod get_enrichment_table_record;
5pub mod tables;
6
7#[cfg(test)]
8mod test_util;
9mod vrl_util;
10
11use dyn_clone::DynClone;
12pub use tables::{TableRegistry, TableSearch};
13use vrl::{
14    compiler::Function,
15    value::{ObjectMap, Value},
16};
17
18#[derive(Copy, Clone, Debug, PartialEq, Eq)]
19pub struct IndexHandle(pub usize);
20
21#[derive(Clone, Debug, PartialEq, Eq)]
22pub enum Condition<'a> {
23    /// Condition exactly matches the field value.
24    Equals { field: &'a str, value: Value },
25    /// The date in the field is between from and to (inclusive).
26    BetweenDates {
27        field: &'a str,
28        from: chrono::DateTime<chrono::Utc>,
29        to: chrono::DateTime<chrono::Utc>,
30    },
31    /// The date in the field is greater than or equal to `from`.
32    FromDate {
33        field: &'a str,
34        from: chrono::DateTime<chrono::Utc>,
35    },
36    /// The date in the field is less than or equal to `to`.
37    ToDate {
38        field: &'a str,
39        to: chrono::DateTime<chrono::Utc>,
40    },
41}
42
43#[derive(Clone, Copy, Debug, PartialEq, Eq)]
44pub enum Case {
45    Sensitive,
46    Insensitive,
47}
48
49/// Enrichment tables represent additional data sources that can be used to enrich the event data
50/// passing through Vector.
51pub trait Table: DynClone {
52    /// Search the enrichment table data with the given condition.
53    /// All conditions must match (AND).
54    ///
55    /// # Errors
56    /// Errors if no rows, or more than 1 row is found.
57    fn find_table_row<'a>(
58        &self,
59        case: Case,
60        condition: &'a [Condition<'a>],
61        select: Option<&[String]>,
62        wildcard: Option<&Value>,
63        index: Option<IndexHandle>,
64    ) -> Result<ObjectMap, String>;
65
66    /// Search the enrichment table data with the given condition.
67    /// All conditions must match (AND).
68    /// Can return multiple matched records
69    fn find_table_rows<'a>(
70        &self,
71        case: Case,
72        condition: &'a [Condition<'a>],
73        select: Option<&[String]>,
74        wildcard: Option<&Value>,
75        index: Option<IndexHandle>,
76    ) -> Result<Vec<ObjectMap>, String>;
77
78    /// Hints to the enrichment table what data is going to be searched to allow it to index the
79    /// data in advance.
80    ///
81    /// # Errors
82    /// Errors if the fields are not in the table.
83    fn add_index(&mut self, case: Case, fields: &[&str]) -> Result<IndexHandle, String>;
84
85    /// Returns a list of the field names that are in each index
86    fn index_fields(&self) -> Vec<(Case, Vec<String>)>;
87
88    /// Returns true if the underlying data has changed and the table needs reloading.
89    fn needs_reload(&self) -> bool;
90}
91
92dyn_clone::clone_trait_object!(Table);
93
94pub fn vrl_functions() -> Vec<Box<dyn Function>> {
95    vec![
96        Box::new(get_enrichment_table_record::GetEnrichmentTableRecord) as _,
97        Box::new(find_enrichment_table_records::FindEnrichmentTableRecords) as _,
98    ]
99}
enrichment/lib.rs

enrichment/
lib.rs
