gfwleak/galaxy-deployment-schema-updater-tool
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
4be242ba89982b65250045ebd099ca837bbec7d1
galaxy-deployment-schema-up…/testSchemaFiles/dos_event.json
qidaijie ae9ea847dc 原schema-upgrade项目更名,发布初版
2023-09-26 14:48:35 +08:00

434 lines
11 KiB
JSON
Raw Blame History

{
"type":"record",
"name":"dos_event",
"namespace":"tsg_galaxy_v3",
"doc":
{
"primary_key":"log_id",
"partition_key":"start_time",
"ttl":null,
"default_ttl":2592000,
"index_key":
[
"log_id",
"start_time",
"destination_ip"
],
"functions":
{
"aggregation":
[
{
"name":"COUNT",
"label":"COUNT",
"function":"count(expr)"
},
{
"name":"COUNT_DISTINCT",
"label":"COUNT_DISTINCT",
"function":"count(distinct expr)"
},
{
"name":"AVG",
"label":"AVG",
"function":"avg(expr)"
},
{
"name":"SUM",
"label":"SUM",
"function":"sum(expr)"
},
{
"name":"MAX",
"label":"MAX",
"function":"max(expr)"
},
{
"name":"MIN",
"label":"MIN",
"function":"min(expr)"
}
],
"operator":
[
{
"name":"=",
"label":"=",
"function":"expr = value"
},
{
"name":"!=",
"label":"!=",
"function":"expr != value"
},
{
"name":">",
"label":">",
"function":"expr > value"
},
{
"name":"<",
"label":"<",
"function":"expr < value"
},
{
"name":">=",
"label":">=",
"function":"expr >= value"
},
{
"name":"<=",
"label":"<=",
"function":"expr <= value"
},
{
"name":"has",
"label":"HAS",
"function":"has(expr, value)"
},
{
"name":"in",
"label":"IN",
"function":"expr in (values)"
},
{
"name":"not in",
"label":"NOT IN",
"function":"expr not in (values)"
},
{
"name":"like",
"label":"LIKE",
"function":"expr like value"
},
{
"name":"not like",
"label":"NOT LIKE",
"function":"expr not like value"
},
{
"name":"notEmpty",
"label":"NOT EMPTY",
"function":"notEmpty(expr)"
},
{
"name":"empty",
"label":"EMPTY",
"function":"empty(expr)"
}
]
},
"schema_query":
{
"references":
{
"aggregation":
[
{
"type":"int",
"functions":"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN"
},
{
"type":"long",
"functions":"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN"
},
{
"type":"float",
"functions":"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN"
},
{
"type":"double",
"functions":"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN"
},
{
"type":"string",
"functions":"COUNT,COUNT_DISTINCT"
},
{
"type":"date",
"functions":"COUNT,COUNT_DISTINCT,MAX,MIN"
},
{
"type":"timestamp",
"functions":"COUNT,COUNT_DISTINCT,MAX,MIN"
}
],
"operator":
[
{
"type":"int",
"functions":"=,!=,>,<,>=,<=,in,not in"
},
{
"type":"long",
"functions":"=,!=,>,<,>=,<=,in,not in"
},
{
"type":"float",
"functions":"=,!=,>,<,>=,<="
},
{
"type":"double",
"functions":"=,!=,>,<,>=,<="
},
{
"type":"string",
"functions":"=,!=,in,not in,like,not like,notEmpty,empty"
},
{
"type":"date",
"functions":"=,!=,>,<,>=,<="
},
{
"type":"timestamp",
"functions":"=,!=,>,<,>=,<="
},
{
"type":"array",
"functions":"has"
}
]
}
},
"default_columns":
[
"log_id",
"attack_type",
"source_ip_list",
"destination_ip",
"severity",
"start_time",
"end_time",
"packet_rate",
"bit_rate",
"session_rate"
],
"internal_columns":
[
"start_time",
"log_id",
"end_time"
]
},
"fields":
[
{
"name":"start_time",
"label":"Start Time",
"doc":
{
"allow_query":"false",
"constraints":
{
"type":"timestamp"
},
"visibility":"enabled",
"ttl":null
},
"type":"long"
},
{
"name":"end_time",
"label":"End Time",
"doc":
{
"allow_query":"false",
"constraints":
{
"type":"timestamp"
},
"visibility":"enabled",
"ttl":null
},
"type":"long"
},
{
"name":"log_id",
"label":"Log ID",
"doc":
{
"format":
{
"functions":"snowflake_id"
},
"visibility":"enabled",
"ttl":null
},
"type":"long"
},
{
"name":"attack_type",
"label":"Attack Type",
"doc":
{
"constraints":
{
"operator_functions":"=,!="
},
"data":
[
{
"code":"TCP SYN Flood",
"value":"TCP SYN Flood"
},
{
"code":"UDP Flood",
"value":"UDP Flood"
},
{
"code":"ICMP Flood",
"value":"ICMP Flood"
},
{
"code":"DNS Flood",
"value":"DNS Flood"
}
],
"visibility":"enabled",
"ttl":null
},
"type":"string"
},
{
"name":"severity",
"label":"Severity",
"doc":
{
"constraints":
{
"operator_functions":"=,!="
},
"data":
[
{
"code":"Critical",
"value":"Critical"
},
{
"code":"Severe",
"value":"Severe"
},
{
"code":"Major",
"value":"Major"
},
{
"code":"Warning",
"value":"Warning"
},
{
"code":"Minor",
"value":"Minor"
}
],
"visibility":"enabled",
"ttl":null
},
"type":"string"
},
{
"name":"conditions",
"label":"Conditions",
"doc":
{
"visibility":"enabled",
"ttl":null
},
"type":"string"
},
{
"name":"destination_ip",
"label":"Destination IP",
"doc":
{
"visibility":"enabled",
"ttl":null
},
"type":"string"
},
{
"name":"destination_country",
"label":"Destination Country",
"doc":
{
"visibility":"enabled",
"ttl":null
},
"type":"string"
},
{
"name":"source_ip_list",
"label":"Source IPs",
"doc":
{
"visibility":"enabled",
"ttl":null
},
"type":"string"
},
{
"name":"source_country_list",
"label":"Source Countries",
"doc":
{
"visibility":"enabled",
"ttl":null
},
"type":"string"
},
{
"name":"session_rate",
"label":"Sessions/s",
"doc":
{
"constraints":
{
"type":"sessions/sec"
},
"visibility":"enabled",
"ttl":null
},
"type":"long"
},
{
"name":"packet_rate",
"label":"Packets/s",
"doc":
{
"constraints":
{
"type":"packets/sec"
},
"visibility":"enabled",
"ttl":null
},
"type":"long"
},
{
"name":"bit_rate",
"label":"Bits/s",
"doc":
{
"constraints":
{
"type":"bits/sec"
},
"visibility":"enabled",
"ttl":null
},
"type":"long"
}
]
}
Reference in New Issue View Git Blame Copy Permalink