diff options
| author | liuwentan <[email protected]> | 2023-11-20 18:50:11 +0800 |
|---|---|---|
| committer | liuwentan <[email protected]> | 2023-11-20 18:50:11 +0800 |
| commit | a0cd830eaa1162fc35d71690319525fe8d20f980 (patch) | |
| tree | 3e570cb61442176ccd3f8137cb1af5a920ced4e2 /src | |
| parent | 91937cdbfbc04e746a3db7cbc9fae8430ca036e2 (diff) | |
[FEATURE]user-defined expr table scanning engine
Diffstat (limited to 'src')
| -rw-r--r-- | src/maat_compile.c | 4 | ||||
| -rw-r--r-- | src/maat_expr.c | 32 | ||||
| -rw-r--r-- | src/maat_group.c | 2 | ||||
| -rw-r--r-- | src/maat_ip.c | 2 | ||||
| -rw-r--r-- | src/maat_ip_plugin.c | 2 | ||||
| -rw-r--r-- | src/maat_plugin.c | 2 |
6 files changed, 33 insertions, 11 deletions
diff --git a/src/maat_compile.c b/src/maat_compile.c index 8da7589..7d7fec2 100644 --- a/src/maat_compile.c +++ b/src/maat_compile.c @@ -40,7 +40,7 @@ struct compile_schema { int compile_id_column; int rule_tag_column; int declared_clause_num_column; - int table_id; //ugly + int table_id; struct table_manager *ref_tbl_mgr; struct log_handle *logger; }; @@ -52,7 +52,7 @@ struct group2compile_schema { int vtable_name_column; int clause_index_column; int asso_compile_table_id; //asso is abbreviation for associated - int table_id;//ugly + int table_id; struct table_manager *ref_tbl_mgr; }; diff --git a/src/maat_expr.c b/src/maat_expr.c index a381d10..2da71a2 100644 --- a/src/maat_expr.c +++ b/src/maat_expr.c @@ -34,7 +34,8 @@ struct expr_schema { int expr_type_column; int match_method_column; int is_hexbin_column; - int table_id; //ugly + int table_id; + int expr_engine; struct table_manager *ref_tbl_mgr; }; @@ -327,6 +328,7 @@ void *expr_schema_new(cJSON *json, struct table_manager *tbl_mgr, { char table_type[NAME_MAX] = {0}; struct expr_schema *expr_schema = ALLOC(struct expr_schema, 1); + expr_schema->expr_engine = EXPR_ENGINE_TYPE_MAX; cJSON *custom_item = NULL; cJSON *item = cJSON_GetObjectItem(json, "table_id"); @@ -343,6 +345,20 @@ void *expr_schema_new(cJSON *json, struct table_manager *tbl_mgr, item = cJSON_GetObjectItem(json, "table_type"); memcpy(table_type, item->valuestring, strlen(item->valuestring)); + item = cJSON_GetObjectItem(json, "expr_engine"); + if (item != NULL && item->type == cJSON_String) { + if (strcmp(item->valuestring, "hyperscan") == 0) { + expr_schema->expr_engine = EXPR_ENGINE_TYPE_HS; + } else if (strcmp(item->valuestring, "rulescan") == 0) { + expr_schema->expr_engine = EXPR_ENGINE_TYPE_RS; + } else { + log_fatal(logger, MODULE_EXPR, + "[%s:%d] expr table:<%s> schema has invalid expr_engine", + __FUNCTION__, __LINE__, table_name); + goto error; + } + } + item = cJSON_GetObjectItem(json, "custom"); if (item == NULL || item->type != cJSON_Object) { log_fatal(logger, MODULE_EXPR, @@ -482,9 +498,14 @@ void *expr_runtime_new(void *expr_schema, size_t max_thread_num, expr_rt->n_worker_thread = max_thread_num; expr_rt->ref_garbage_bin = garbage_bin; expr_rt->logger = logger; - expr_rt->expr_engine = table_manager_get_expr_engine(schema->ref_tbl_mgr); expr_rt->district_map = maat_kv_store_new(); + if (schema->expr_engine != EXPR_ENGINE_TYPE_MAX) { + expr_rt->expr_engine = schema->expr_engine; + } else { + expr_rt->expr_engine = table_manager_get_expr_engine(schema->ref_tbl_mgr); + } + expr_rt->hit_cnt = alignment_int64_array_alloc(max_thread_num); expr_rt->scan_cnt = alignment_int64_array_alloc(max_thread_num); expr_rt->scan_bytes = alignment_int64_array_alloc(max_thread_num); @@ -875,7 +896,7 @@ int expr_runtime_commit(void *expr_runtime, const char *table_name, if (rule_cnt > 0) { enum expr_engine_type engine_type = EXPR_ENGINE_TYPE_HS; if (expr_rt->expr_engine == MAAT_EXPR_ENGINE_RS) { - engine_type = EXPR_ENGINE_TYPE_RS; + engine_type = EXPR_ENGINE_TYPE_RS; } struct timespec start, end; @@ -894,8 +915,9 @@ int expr_runtime_commit(void *expr_runtime, const char *table_name, } else { log_info(expr_rt->logger, MODULE_EXPR, "table[%s] has %zu rules, commit %zu expr rules(regex rules:%zu) " - "and rebuild adapter_hs completed, version:%lld, consume:%lldms", table_name, rule_cnt, - real_rule_cnt, real_regex_rule_cnt, maat_rt_version, time_elapse_ms); + "and rebuild expr_matcher(%s) completed, version:%lld, consume:%lldms", table_name, rule_cnt, + real_rule_cnt, real_regex_rule_cnt, engine_type == EXPR_ENGINE_TYPE_HS ? "hyperscan" : "rulescan", + maat_rt_version, time_elapse_ms); } } diff --git a/src/maat_group.c b/src/maat_group.c index 02ad9a6..3ed41de 100644 --- a/src/maat_group.c +++ b/src/maat_group.c @@ -31,7 +31,7 @@ struct group2group_schema { int group_id_column; int super_group_id_column; int is_exclude_column; - int table_id;//ugly + int table_id; struct table_manager *ref_tbl_mgr; }; diff --git a/src/maat_ip.c b/src/maat_ip.c index cfa3c68..2a738c7 100644 --- a/src/maat_ip.c +++ b/src/maat_ip.c @@ -40,7 +40,7 @@ struct ip_schema { int port1_column; int port2_column; int protocol_column; - int table_id; //ugly + int table_id; struct table_manager *ref_tbl_mgr; }; diff --git a/src/maat_ip_plugin.c b/src/maat_ip_plugin.c index 34705e7..fa521db 100644 --- a/src/maat_ip_plugin.c +++ b/src/maat_ip_plugin.c @@ -28,7 +28,7 @@ struct ip_plugin_schema { int end_ip_column; int rule_tag_column; int gc_timeout_s; - int table_id; //ugly + int table_id; struct ex_container_schema container_schema; struct table_manager *ref_tbl_mgr; struct log_handle *logger; diff --git a/src/maat_plugin.c b/src/maat_plugin.c index c9cdb15..3e2a562 100644 --- a/src/maat_plugin.c +++ b/src/maat_plugin.c @@ -64,7 +64,7 @@ struct plugin_schema { size_t cb_cnt; struct plugin_callback_schema cb[MAX_PLUGIN_PER_TABLE]; struct ex_container_schema container_schema; - int table_id; //ugly + int table_id; struct table_manager *ref_tbl_mgr; struct log_handle *logger; }; |