diff options
| author | wangwei <[email protected]> | 2024-10-29 18:11:24 +0800 |
|---|---|---|
| committer | wangwei <[email protected]> | 2024-10-29 18:11:24 +0800 |
| commit | 7cee7407b03b9aafef278889df972c3ec8d038c8 (patch) | |
| tree | f1ef02787a4634a3332a2b167bbf56b072433a43 | |
| parent | d1f7cc812782f5b328b91b24a138d58a4af25790 (diff) | |
| parent | d5d1215f27ecf856e1370e6429421e175ad66c4c (diff) | |
Merge branch 'develop' into br-384
| -rw-r--r-- | config/flyway/tsg/R__init_datasets.sql | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/config/flyway/tsg/R__init_datasets.sql b/config/flyway/tsg/R__init_datasets.sql index 0707e2da..618a889a 100644 --- a/config/flyway/tsg/R__init_datasets.sql +++ b/config/flyway/tsg/R__init_datasets.sql @@ -144,7 +144,7 @@ INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-top-protection-rules', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT rule_uuid, count(*) AS count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY rule_uuid ORDER BY count DESC LIMIT ${limit}" }',null); INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-severity', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT severity, count(*) AS count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY severity ORDER BY severity LIMIT ${limit}" }',null); INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-destination-ip-distribution', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT destination_ip, any(destination_country) AS destination_country, groupUniqArray(source_country) AS source_coutries, MAX(bit_rate) AS max_bit_rate, MAX(packet_rate) AS max_packet_rate, MAX(session_rate) AS max_session_rate, FROM_UNIXTIME(MIN(start_time)) AS first_active_time, FROM_UNIXTIME(MAX(end_time)) AS last_active_time, MAX_DURATION(end_time, 600) AS max_duration, count(*) AS count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY destination_ip ORDER BY count DESC LIMIT ${limit}" }',null); -INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-attack-connection', 'dos_event', 'qgw', 'sql', '{ "statement": " SELECT FROM_UNIXTIME(recv_time) AS stat_time, rule_uuid, destination_country, source_country, bit_rate, bytes, packet_rate, packets, session_rate, sessions FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND (${filter}) ORDER BY recv_time ASC LIMIT ${limit}" }',null); +INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-attack-connection', 'dos_event', 'qgw', 'sql', '{ "statement": " SELECT FROM_UNIXTIME(recv_time) AS stat_time, rule_uuid, attack_type, destination_country, source_country, bit_rate, bytes, packet_rate, packets, session_rate, sessions FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND (${filter}) ORDER BY recv_time ASC LIMIT ${limit}" }',null); INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-attack-volume-summary', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT RATE(bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 as avg_bits_per_sec FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND (${filter})" }',null); INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-threat-map-attack-volume-trend', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, RATE(bytes, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), 1) * 8 as avg_bits_per_sec FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY stat_time ORDER BY stat_time ASC LIMIT ${limit}" }',null); INSERT INTO `dataset` (`identifier_name`, `category`, `backend_engine`, `type`, `template`, `description`) VALUES ('dos-event-timeline', 'dos_event', 'qgw', 'sql', '{ "statement": "SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time, CHART_GRANULARITY(''${start_time}'', ''${end_time}''), ''zero'')) AS stat_time, count(*) AS count FROM dos_event WHERE recv_time >= UNIX_TIMESTAMP(''${start_time}'') AND recv_time < UNIX_TIMESTAMP(''${end_time}'') AND vsys_id IN (${vsys_id}) AND ( ${filter} ) GROUP BY stat_time ORDER BY stat_time ASC LIMIT ${limit}" }',null); |