diff options
| author | gujinkai <[email protected]> | 2024-04-18 10:05:54 +0800 |
|---|---|---|
| committer | gujinkai <[email protected]> | 2024-04-18 10:05:54 +0800 |
| commit | e1416e693581bb062ce1d316403bfa28cb4fc973 (patch) | |
| tree | a9af77d7e943d0f18e9630e7215192a59b0fcef9 | |
| parent | 5e92920c12e2683ba2e1af0821391e648a48ede8 (diff) | |
[Feature][core] modify the knowledge hit metric of user define tag
| -rw-r--r-- | groot-core/src/main/java/com/geedgenetworks/core/udf/cn/UserDefineTagLookup.java | 63 |
1 files changed, 36 insertions, 27 deletions
diff --git a/groot-core/src/main/java/com/geedgenetworks/core/udf/cn/UserDefineTagLookup.java b/groot-core/src/main/java/com/geedgenetworks/core/udf/cn/UserDefineTagLookup.java index 3e924ab..0eaf2ad 100644 --- a/groot-core/src/main/java/com/geedgenetworks/core/udf/cn/UserDefineTagLookup.java +++ b/groot-core/src/main/java/com/geedgenetworks/core/udf/cn/UserDefineTagLookup.java @@ -44,39 +44,48 @@ public class UserDefineTagLookup extends AbstractKnowledgeWithRuleUDF { switch (option) { case "IP_TO_TAG": List<AbstractMultipleKnowledgeBaseHandler.Node> ipNodes = ipKnowledgeBaseHandler.lookup(lookupValue); - ipNodes.forEach(node -> { - lookupTagsCounter.inc(); - tags.add(node.getTag()); - List<RuleKnowledgeBaseHandler.Rule> rules = ruleKnowledgeBaseHandler.lookupByKbId(node.getKbId()); - if (rules != null) { - ruleHitCounter.inc(); - rules.forEach(rule -> ruleMetadata.addRule(rule.getRuleId(), IocType.IP.getType())); - } - }); + if (ipNodes != null && ipNodes.size() > 0) { + hitCounter.inc(); + ipNodes.forEach(node -> { + lookupTagsCounter.inc(); + tags.add(node.getTag()); + List<RuleKnowledgeBaseHandler.Rule> rules = ruleKnowledgeBaseHandler.lookupByKbId(node.getKbId()); + if (rules != null) { + ruleHitCounter.inc(); + rules.forEach(rule -> ruleMetadata.addRule(rule.getRuleId(), IocType.IP.getType())); + } + }); + } break; case "DOMAIN_TO_TAG": List<AbstractMultipleKnowledgeBaseHandler.Node> domainNodes = domainKnowledgeBaseHandler.lookup(lookupValue); - domainNodes.forEach(node -> { - lookupTagsCounter.inc(); - tags.add(node.getTag()); - List<RuleKnowledgeBaseHandler.Rule> rules = ruleKnowledgeBaseHandler.lookupByKbId(node.getKbId()); - if (rules != null) { - ruleHitCounter.inc(); - rules.forEach(rule -> ruleMetadata.addRule(rule.getRuleId(), IocType.DOMAIN.getType())); - } - }); + if (domainNodes != null && domainNodes.size() > 0) { + hitCounter.inc(); + domainNodes.forEach(node -> { + lookupTagsCounter.inc(); + tags.add(node.getTag()); + List<RuleKnowledgeBaseHandler.Rule> rules = ruleKnowledgeBaseHandler.lookupByKbId(node.getKbId()); + if (rules != null) { + ruleHitCounter.inc(); + rules.forEach(rule -> ruleMetadata.addRule(rule.getRuleId(), IocType.DOMAIN.getType())); + } + }); + } break; case "APP_TO_TAG": List<AbstractMultipleKnowledgeBaseHandler.Node> appNodes = appKnowledgeBaseHandler.lookup(lookupValue); - appNodes.forEach(node -> { - lookupTagsCounter.inc(); - tags.add(node.getTag()); - List<RuleKnowledgeBaseHandler.Rule> rules = ruleKnowledgeBaseHandler.lookupByKbId(node.getKbId()); - if (rules != null) { - ruleHitCounter.inc(); - rules.forEach(rule -> ruleMetadata.addRule(rule.getRuleId(), IocType.APP.getType())); - } - }); + if (appNodes != null && appNodes.size() > 0) { + hitCounter.inc(); + appNodes.forEach(node -> { + lookupTagsCounter.inc(); + tags.add(node.getTag()); + List<RuleKnowledgeBaseHandler.Rule> rules = ruleKnowledgeBaseHandler.lookupByKbId(node.getKbId()); + if (rules != null) { + ruleHitCounter.inc(); + rules.forEach(rule -> ruleMetadata.addRule(rule.getRuleId(), IocType.APP.getType())); + } + }); + } break; default: break; |