diff options
| author | 尹姜谊 <[email protected]> | 2024-04-17 09:53:04 +0800 |
|---|---|---|
| committer | 尹姜谊 <[email protected]> | 2024-04-17 09:53:04 +0800 |
| commit | 98832dd8a51b48c5487f038ade43972b87a10089 (patch) | |
| tree | 1f195d3cbb96f28c7d96f0ae976601d0852d907e | |
| parent | 7fa88127a69a09a396d3e36f891fb5ae0311709f (diff) | |
Modify:默认配置修改
| -rw-r--r-- | config24.01.yaml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/config24.01.yaml b/config24.01.yaml index c75e79b..9129c9f 100644 --- a/config24.01.yaml +++ b/config24.01.yaml @@ -56,7 +56,7 @@ hotspotvpn: plugin_id: 1 object_type: ip confidence: confirmed - sql: SELECT server_ip, any(server_asn) AS asn, count(*) AS session_num, groupUniqArray(server_domain) as domains, length(domains) as domain_count, countDistinct(client_ip) AS cip_num FROM {$db_name}.{$table_name} WHERE {$time_filter} AND (ssl_sni IN ({$domain_list})) GROUP BY server_ip having domain_count >= 5 + sql: SELECT server_ip FROM {$db_name}.{$table_name} WHERE {$time_filter} AND (ssl_ja3_hash in ('f49621211538d12435b8498f195d0c31', '908e8001ed339d74cedd91a4eb7abfab')) UNION ALL SELECT server_ip FROM {$db_name}.{$table_name} WHERE {$time_filter} AND (ssl_sni IN ({$domain_list})) GROUP BY server_ip having length(groupUniqArray(server_domain)) >= 5 domains: paypal.com, facebook.com, twitter.com, whatsapp.com, get.adobe.com, cloudfront.net, mozilla.org |