We Keep Coding

Need help in splunk regex field extraction

I have a splunk query(index=sat sourcetype="sat_logs" Message="application message published for") which returns list of messages published by different applications.I need to extract specific field values from the messages.Please let me know the query to get the expected results. Thanks
Splunk query results:
Message:Alpha application message published for UserId: 12345678, UID: 92345678, Date: 2019-10-04, Message: {"Application":"Alpha","ID":"123"}
Message:Beta application message published for UserId: 12345670, UID: 92345670,Date: 2019-10-03, Message: {"Application":"Beta","ID":"623"}
Message:Zeta application message published for UserId: 12345677, UID: 92345677,Date: 2019-10-02, Message: {"Application":"Zeta","ID":"523"}
Expected fields to be extracted and displayed as Table
Application UserId UID ID
Alpha 12345678 92345678 123
Beta 12345670 92345670 623
Zeta 12345677 92345677 523

The rex command can do that for you. Assuming the fields are always in the same order, this should do the job.
index=sat sourcetype="sat_logs" Message="application message published for"
| rex field=Message "UserId: (?<UserId>[^,]+), UID: (?<UID>[^,]+).*{"Application":"(?<Application>[^"]+)","ID":"(?<ID>[^"]+)"
| table Application UserId UID ID

SQL: How to virtually combine two tables and link to the result?

Imagine three tables:
user:
- id
- name (string)
event:
- id
- description (string)
- points (int)
history:
- user_id
- event_id
Now imagine that the tables are currently filled with the following data:
user:
id: 1, name: foo
id: 2, name: bar
id: 3, name: beef
event:
id: 1, description: "walked 5 miles", points: +10
id: 2, description: "awake the whole night", points: +15
id: 3, description: "wasn't naughty", points: +20
history:
id: 1, user_id: 1, event_id: 1
id: 2, user_id: 1, event_id: 3
id: 3, user_id: 2, event_id: 1
So the schema is something like "how many points does a user have". Currently, e.g., the user 1 has in sum 10+20 = 30 points, right?
I would like to add another table with things the user can "buy" for his/her points.
gift:
- id
- points (int)
- description (string)
which is filled with e.g.
gift:
id: 1, points: -30, description: "a bottle of beer"
id: 2, points: -5, description: "coffee"
My problem:
Currently I am creating a new entry in history when the user gets points. But how would you substract points when he buys a gift?
I thought about something like a combined table which includes the events and the gifts entries:
[USER]-----[HISTORY]-----[COMBINED]--+--[EVENTS]
|
+--[GIFTS]
But I cannot really join them because I need the gift table somewhere else.
I have absolutely no clue how to do that in SQL, it's a long time since I learned it and I unfortunately never used it since then. I hope somebody can point me into the right direction :)
Thanks!

karate - Can we fetch data from excel file in karate? if yes then can we set the fetch data in examples in scenario outline?

Examples:
|sku_code |property_code |sale_price |override_source|persistent_override | stay_date|
|'48' | '0001661' | 2000 |'DASHBOARD' | 'true' | 2 |
like I have this data hardcoded , I want this data to fetched from excel sheet!

Yes you can use csv to do it using Dynamic scenario outline in karate
Example from karate demo:
Scenario Outline: cat name: <name>
Given url demoBaseUrl
And path 'cats'
And request { name: '<name>', age: <age> }
When method post
Then status 200
And match response == { id: '#number', name: '<name>' }
Examples:
| read('kittens.csv') |
Links:
Dynamic csv demo
Dynamic scenario outline doc

Total duration of the route with time windows is not optimal

I prepared a test case illustrating the problem.
The route consists of three points:
1001 - depot.
1002 - timewindow 10:00-15:00.
1003 - timewindow 8:00-15:00.
I expected that the route will be 1001-1003-1002, but received 1001-1002-1003.
As I understand, soft score constraint doesn't optimize downtime interval = readyTime - arrivalTime.
Although total travel time is minimal (calculated only by the matrix), but the total duration of the route now is more than could be.
Can I somehow optimize total route duration?
Thanks in advance.
Vrp file:
NAME: P1568C3-n3-k1
COMMENT: P1568C3-n3-k1
TYPE: CVRPTW
DIMENSION: 3
EDGE_WEIGHT_TYPE: EXPLICIT
EDGE_WEIGHT_FORMAT: FULL_MATRIX
EDGE_WEIGHT_UNIT_OF_MEASUREMENT: SEC
CAPACITY: 4
NODE_COORD_SECTION
1001 52.086 23.687 address
1002 52.089 23.71 address
1003 52.095 23.742 address
EDGE_WEIGHT_SECTION
0 0.1675 0.4053
0.1675 0 0.2378
0.4893 0.3218 0
DEMAND_SECTION
1001 0 21600 54000 0
1002 1 36000 54000 1800
1003 1 28800 54000 1800
DEPOT_SECTION
1001
-1
EOF
Result xml:
<vehicleList id="11">
<VrpVehicle id="12">
<id>0</id>
<capacity>4</capacity>
<depot class="VrpTimeWindowedDepot" reference="10"/>
<nextCustomer class="VrpTimeWindowedCustomer" id="13">
<id>1002</id>
<location class="VrpRoadLocation" reference="5"/>
<demand>1</demand>
<previousStandstill class="VrpVehicle" reference="12"/>
<nextCustomer class="VrpTimeWindowedCustomer" id="14">
<id>1003</id>
<location class="VrpRoadLocation" reference="7"/>
<demand>1</demand>
<previousStandstill class="VrpTimeWindowedCustomer" reference="13"/>
<vehicle reference="12"/>
<readyTime>28800</readyTime>
<dueTime>54000</dueTime>
<serviceDuration>1800</serviceDuration>
<arrivalTime>38038</arrivalTime>
</nextCustomer>
<vehicle reference="12"/>
<readyTime>36000</readyTime>
<dueTime>54000</dueTime>
<serviceDuration>1800</serviceDuration>
<arrivalTime>36000</arrivalTime>
</nextCustomer>
</VrpVehicle>
</vehicleList>

In the optaplanner-examples implementation, which follows the academic paper's problem definition, the score implementation soft score is only the time spend on the road. The current score constraints do not include any penalty for lost time (if any) of vehicles before leaving the depot.
You can see that in the example UI if you click on the bottom left button "constraint matches":
-489 for driving back to the depot
-406: -168 for driving from the depot to closest customer and -238 to drive to other customer.
So OptaPlanner does return the optimal solution, you just have a different problem definition. Simply add a soft constraint to penalize the depot's opening time till the departure time.

Does anybody knows How to get a table's hdfs directory with select statement in hive environment

I used use a select statement like 'select T** from xxx' to get a table's hdfs directory location in hive. But now I forgot the statement. Does anyone know it! Thanks!

I think you need DESCRIBE formatted.
The desired location:
Location: file:/tmp/warehouse/part_table/d=abc
DEMO
hive> DESCRIBE formatted part_table partition (d='abc');
OK
# col_name data_type comment
i int
# Partition Information
# col_name data_type comment
d string
# Detailed Partition Information
Partition Value: [abc]
Database: default
Table: part_table
CreateTime: Wed Mar 30 16:57:14 PDT 2016
LastAccessTime: UNKNOWN
Protect Mode: None
####### HERE IS THE LOCATION YOU WANT ########
Location: file:/tmp/warehouse/part_table/d=abc
Partition Parameters:
COLUMN_STATS_ACCURATE true
numFiles 1
numRows 1
rawDataSize 1
totalSize 2
transient_lastDdlTime 1459382234
# Storage Information
SerDe Library: org.apache.hadoop.hive.serde2.lazy.LazySimpleSerDe
InputFormat: org.apache.hadoop.mapred.TextInputFormat
OutputFormat: org.apache.hadoop.hive.ql.io.HiveIgnoreKeyTextOutputFormat
Compressed: No
Num Buckets: -1
Bucket Columns: []
Sort Columns: []
Storage Desc Params:
serialization.format 1
Time taken: 0.334 seconds, Fetched: 35 row(s)