/// <summary>
/// Create a KqlNodeHub from an existing KQL query as a string. The string must contain only one KQL query.
/// The KqlNodeHub automatically creates a KqlNode and subscribes the KqlNode to the observable sequence,
/// observableInput.
/// </summary>
/// <param name="observableInput">
/// IObservable<IDictionary
/// <string, object>> - the data that the KQL queries will run against.
/// </param>
/// <param name="delegateOutput">Action<KqlOutput> - the structure of the query output as a KqlOutput instance.</param>
/// <param name="observableName">the observable input stream name</param>
/// <param name="kqlQueryList">KqlQuery - a list of instances of the KqlQuery object type</param>
/// <returns>a boolean value containing the operations success.</returns>
public bool AddFromKqlQueryList(
IObservable <IDictionary <string, object> > observableInput,
Action <KqlOutput> delegateOutput,
string observableName,
List <KqlQuery> kqlQueryList)
{
var kqlNodeHub = new KqlNodeHub(delegateOutput);
kqlNodeHub._node.AddKqlQueryList(kqlQueryList);
kqlNodeHub.AddInput(observableName, observableInput);
return(KqlNodeHubs.TryAdd(observableName, kqlNodeHub));
}
/// <summary>
/// Create a KqlNodeHub from existing *.csl files. Csl files contain one of more KQL queries as strings.
/// The KqlNodeHub automatically creates a KqlNode and subscribes the KqlNode to the observable sequence, observableInput.
/// </summary>
/// <param name="observableInput">IObservable<IDictionary<string, object>> - the data that the KQL queries will run against.</param>
/// <param name="delegateOutput">Action<KqlOutput> - the structure of the query output as a KqlOutput instance.</param>
/// <param name="observableName">string - the name of the subscription.</param>
/// <param name="fileList">string[] - one or more paths to the *.csl files.</param>
/// <returns>KqlNodeHub - a KqlNodeHub instance.</returns>
public static KqlNodeHub FromFiles(
IObservable <IDictionary <string, object> > observableInput,
Action <KqlOutput> delegateOutput,
string observableName,
params string[] fileList)
{
var kqlNodeHub = new KqlNodeHub(delegateOutput);
foreach (string f in fileList)
{
kqlNodeHub._node.AddCslFile(f);
}
kqlNodeHub.AddInput(observableName, observableInput);
return(kqlNodeHub);
}
/// <summary>
/// Create a KqlNodeHub from an existing KQL query as a string. The string must contain only one KQL query.
/// The KqlNodeHub automatically creates a KqlNode and subscribes the KqlNode to the observable sequence, observableInput.
/// </summary>
/// <param name="observableInput">IObservable<IDictionary<string, object>> - the data that the KQL queries will run against.</param>
/// <param name="delegateOutput">Action<KqlOutput> - the structure of the query output as a KqlOutput instance.</param>
/// <param name="observableName">string - the name of the subscription.</param>
/// <param name="kqlQuery">the KQL query to run against the stream</param>
/// <returns>KqlNodeHub - a KqlNodeHub instance.</returns>
public static KqlNodeHub FromKqlQuery(
IObservable <IDictionary <string, object> > observableInput,
Action <KqlOutput> delegateOutput,
string observableName,
string kqlQuery)
{
var kqlNodeHub = new KqlNodeHub(delegateOutput);
kqlNodeHub._node.AddKqlQuery(new CslParagraph
{
Query = kqlQuery,
Description = "Description",
Comment = "Query"
});
kqlNodeHub.AddInput(observableName, observableInput);
return(kqlNodeHub);
}
/// <summary>
/// Create a KqlNodeHub from an existing KQL query as a string. The string must contain only one KQL query.
/// The KqlNodeHub automatically creates a KqlNode and subscribes the KqlNode to the observable sequence,
/// observableInput.
/// </summary>
/// <param name="observableInput">
/// IObservable<IDictionary
/// <string, object>> - the data that the KQL queries will run against.
/// </param>
/// <param name="delegateOutput">Action<KqlOutput> - the structure of the query output as a KqlOutput instance.</param>
/// <param name="observableName">the observable input stream name</param>
/// <param name="kqlQuery">string - the KQL query as a string.</param>
/// <param name="comment"></param>
/// <param name="description"></param>
/// <returns>a boolean value containing the operations success.</returns>
public bool AddFromKqlQuery(
IObservable <IDictionary <string, object> > observableInput,
Action <KqlOutput> delegateOutput,
string observableName,
string kqlQuery,
string comment = null,
string description = null
)
{
var kqlNodeHub = new KqlNodeHub(delegateOutput);
kqlNodeHub._node.AddKqlQuery(new CslParagraph
{
Query = kqlQuery,
Description = description,
Comment = comment
});
kqlNodeHub.AddInput(observableName, observableInput);
return(KqlNodeHubs.TryAdd(observableName, kqlNodeHub));
}