gfwleak/galaxy-deployment-updata-record
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
d66a75b61cb981420d2ea36254da9eaab17a7e0f
galaxy-deployment-updata-re…/TSG-21.03/网关/proxy_event_log.avsc
qidaijie d66a75b61c 提交网关更新schema
2021-03-02 09:51:39 +08:00

656 lines
26 KiB
JSON
Raw Blame History

{
"type": "record",
"name": "proxy_event_log",
"namespace": "tsg_galaxy_v3",
"doc": "{\"primary_key\":\"common_log_id\",\"partition_key\":\"common_recv_time\",\"functions\":{\"aggregation\":[{\"name\":\"COUNT\",\"function\":\"count(expr)\"},{\"name\":\"COUNT_DISTINCT\",\"function\":\"count(distinct expr)\"},{\"name\":\"AVG\",\"function\":\"avg(expr)\"},{\"name\":\"SUM\",\"function\":\"sum(expr)\"},{\"name\":\"MAX\",\"function\":\"max(expr)\"},{\"name\":\"MIN\",\"function\":\"min(expr)\"}],\"operator\":[{\"name\":\"=\",\"function\":\"expr = value\"},{\"name\":\"!=\",\"function\":\"expr != value\"},{\"name\":\">\",\"function\":\"expr > value\"},{\"name\":\"<\",\"function\":\"expr < value\"},{\"name\":\">=\",\"function\":\"expr >= value\"},{\"name\":\"<=\",\"function\":\"expr <= value\"},{\"name\":\"in\",\"function\":\"expr in (values)\"},{\"name\":\"not in\",\"function\":\"expr not in (values)\"},{\"name\":\"like\",\"function\":\"expr like value\"},{\"name\":\"not like\",\"function\":\"expr not like value\"},{\"name\":\"not empty\",\"function\":\"notEmpty(expr)\"},{\"name\":\"empty\",\"function\":\"empty(expr)\"}]},\"schema_query\":{\"dimensions\":[\"common_server_ip\",\"common_client_ip\",\"common_internal_ip\",\"common_external_ip\",\"common_policy_id\",\"common_sub_action\",\"common_sled_ip\",\"common_device_id\",\"common_client_location\",\"common_server_location\",\"common_subscriber_id\",\"common_client_port\",\"common_server_port\",\"common_schema_type\",\"common_data_center\",\"common_client_asn\",\"common_server_asn\",\"http_host\",\"http_domain\",\"http_url\",\"doh_host\",\"doh_qname\"],\"metrics\":[\"common_server_ip\",\"common_client_ip\",\"common_internal_ip\",\"common_external_ip\",\"common_subscriber_id\",\"common_sled_ip\",\"common_device_id\",\"common_sessions\",\"common_c2s_byte_num\",\"common_s2c_byte_num\",\"http_host\",\"http_domain\",\"http_url\",\"doh_host\",\"doh_qname\"],\"filters\":[\"common_policy_id\",\"common_sub_action\",\"common_address_type\",\"common_server_ip\",\"common_client_ip\",\"common_internal_ip\",\"common_external_ip\",\"common_client_port\",\"common_server_port\",\"common_client_location\",\"common_server_location\",\"common_subscriber_id\",\"common_l4_protocol\",\"common_data_center\",\"common_sled_ip\",\"common_device_id\",\"common_client_asn\",\"common_server_asn\",\"common_direction\",\"common_schema_type\",\"http_host\",\"http_domain\",\"http_url\",\"http_content_type\",\"doh_host\",\"doh_qname\"],\"references\":{\"aggregation\":[{\"type\":\"int\",\"functions\":\"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN\"},{\"type\":\"long\",\"functions\":\"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN\"},{\"type\":\"float\",\"functions\":\"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN\"},{\"type\":\"double\",\"functions\":\"COUNT,COUNT_DISTINCT,AVG,SUM,MAX,MIN\"},{\"type\":\"string\",\"functions\":\"COUNT,COUNT_DISTINCT\"},{\"type\":\"date\",\"functions\":\"COUNT,COUNT_DISTINCT,MAX,MIN\"},{\"type\":\"timestamp\",\"functions\":\"COUNT,COUNT_DISTINCT,MAX,MIN\"}],\"operator\":[{\"type\":\"int\",\"functions\":\"=,!=,>,<,>=,<=,in,not in\"},{\"type\":\"long\",\"functions\":\"=,!=,>,<,>=,<=,in,not in\"},{\"type\":\"float\",\"functions\":\"=,!=,>,<,>=,<=\"},{\"type\":\"double\",\"functions\":\"=,!=,>,<,>=,<=\"},{\"type\":\"string\",\"functions\":\"=,!=,in,not in,like,not like,not empty,empty\"},{\"type\":\"date\",\"functions\":\"=,!=,>,<,>=,<=\"},{\"type\":\"timestamp\",\"functions\":\"=,!=,>,<,>=,<=\"}]}},\"schema_type\":{\"HTTP\":{\"columns\":[\"common_recv_time\",\"common_log_id\",\"common_policy_id\",\"common_subscriber_id\",\"common_client_ip\",\"common_client_port\",\"common_internal_ip\",\"common_l4_protocol\",\"common_address_type\",\"common_server_ip\",\"common_server_port\",\"common_external_ip\",\"common_action\",\"common_direction\",\"common_entrance_id\",\"common_sled_ip\",\"common_client_location\",\"common_client_asn\",\"common_server_location\",\"common_server_asn\",\"common_sessions\",\"common_c2s_pkt_num\",\"common_s2c_pkt_num\",\"common_c2s_byte_num\",\"common_s2c_byte_num\",\"common_service\",\"common_schema_type\",\"common_user_tags\",\"common_sub_action\",\"common_user_region\",\"common_device_id\",\"common_link_id\",\"common_isp\",\"common_device_tag\",\"common_data_center\",\"common_encapsulation\",\"common_app_label\",\"common_protocol_label\",\"common_app_id\",\"common_app_surrogate_id\",\"common_l7_protocol\",\"common_start_time\",\"common_end_time\",\"common_establish_latency_ms\",\"common_con_duration_ms\",\"common_stream_dir\",\"common_address_list\",\"common_has_dup_traffic\",\"common_stream_error\",\"common_stream_trace_id\",\"common_link_info_c2s\",\"common_link_info_s2c\",\"common_c2s_ipfrag_num\",\"common_s2c_ipfrag_num\",\"common_c2s_tcp_lostlen\",\"common_s2c_tcp_lostlen\",\"common_c2s_tcp_unorder_num\",\"common_s2c_tcp_unorder_num\",\"common_tcp_client_isn\",\"common_tcp_server_isn\",\"common_first_ttl\",\"common_processing_time\",\"http_url\",\"http_host\",\"http_domain\",\"http_request_line\",\"http_response_line\",\"http_request_header\",\"http_response_header\",\"http_request_body\",\"http_response_body\",\"http_request_body_key\",\"http_response_body_key\",\"http_proxy_flag\",\"http_sequence\",\"http_snapshot\",\"http_cookie\",\"http_referer\",\"http_user_agent\",\"http_content_length\",\"http_content_type\",\"http_set_cookie\",\"http_version\",\"http_response_lantency_ms\",\"http_session_duration_ms\",\"http_action_file_size\"],\"default_columns\":[\"common_recv_time\",\"common_log_id\",\"common_policy_id\",\"common_subscriber_id\",\"common_client_ip\",\"http_url\",\"common_sub_action\"]},\"DoH\":{\"columns\":[\"common_recv_time\",\"common_log_id\",\"common_policy_id\",\"common_subscriber_id\",\"common_client_ip\",\"common_client_port\",\"common_internal_ip\",\"common_l4_protocol\",\"common_address_type\",\"common_server_ip\",\"common_server_port\",\"common_external_ip\",\"common_action\",\"common_direction\",\"common_entrance_id\",\"common_sled_ip\",\"common_client_location\",\"common_client_asn\",\"common_server_location\",\"common_server_asn\",\"common_sessions\",\"common_c2s_pkt_num\",\"common_s2c_pkt_num\",\"common_c2s_byte_num\",\"common_s2c_byte_num\",\"common_service\",\"common_schema_type\",\"common_user_tags\",\"common_sub_action\",\"common_user_region\",\"common_device_id\",\"common_link_id\",\"common_isp\",\"common_device_tag\",\"common_data_center\",\"common_encapsulation\",\"common_app_label\",\"common_protocol_label\",\"common_app_id\",\"common_app_surrogate_id\",\"common_l7_protocol\",\"common_start_time\",\"common_end_time\",\"common_establish_latency_ms\",\"common_con_duration_ms\",\"common_stream_dir\",\"common_address_list\",\"common_has_dup_traffic\",\"common_stream_error\",\"common_stream_trace_id\",\"common_link_info_c2s\",\"common_link_info_s2c\",\"common_c2s_ipfrag_num\",\"common_s2c_ipfrag_num\",\"common_c2s_tcp_lostlen\",\"common_s2c_tcp_lostlen\",\"common_c2s_tcp_unorder_num\",\"common_s2c_tcp_unorder_num\",\"common_tcp_client_isn\",\"common_tcp_server_isn\",\"common_first_ttl\",\"common_processing_time\",\"doh_url\",\"doh_host\",\"doh_request_line\",\"doh_response_line\",\"doh_cookie\",\"doh_referer\",\"doh_user_agent\",\"doh_content_length\",\"doh_content_type\",\"doh_set_cookie\",\"doh_version\",\"doh_message_id\",\"doh_qr\",\"doh_opcode\",\"doh_aa\",\"doh_tc\",\"doh_rd\",\"doh_ra\",\"doh_rcode\",\"doh_qdcount\",\"doh_ancount\",\"doh_nscount\",\"doh_arcount\",\"doh_qname\",\"doh_qtype\",\"doh_qclass\",\"doh_cname\",\"doh_sub\",\"doh_rr\"],\"default_columns\":[\"common_recv_time\",\"common_log_id\",\"common_policy_id\",\"common_client_ip\",\"doh_url\",\"doh_qname\",\"common_server_port\"]}},\"default_columns\":[\"common_recv_time\",\"common_log_id\",\"common_policy_id\",\"common_client_ip\",\"common_server_ip\",\"common_server_port\",\"common_sub_action\",\"common_schema_type\"]}",
"fields": [
{
"name": "common_recv_time",
"label": "Receive Time",
"type": "long",
"doc": "{\"allow_query\":\"true\",\"constraints\":{\"type\":\"timestamp\"}}"
},
{
"name": "common_log_id",
"label": "Log ID",
"type": "long",
"doc": "{\"allow_query\":\"true\",\"format\":{\"functions\":\"snowflake_id\"}}"
},
{
"name": "common_policy_id",
"label": "Policy ID",
"type": "long",
"doc": "{\"allow_query\":\"true\"}"
},
{
"name": "common_subscriber_id",
"label": "Subscriber ID",
"type": "string",
"doc": "{\"allow_query\":\"true\"}"
},
{
"name": "common_client_ip",
"label": "Client IP",
"type": "string",
"doc": "{\"allow_query\":\"true\",\"constraints\":{\"type\":\"ip\"},\"format\":{\"functions\":\"geo_asn,radius_match\",\"appendTo\":\"common_client_asn,common_subscriber_id\"}}"
},
{
"name": "common_internal_ip",
"label": "Internal IP",
"type": "string",
"doc": "{\"allow_query\":\"true\",\"constraints\":{\"type\":\"ip\"},\"format\":{\"functions\":\"if\",\"param\":\"$.common_direction=69,$.common_client_ip,$.common_server_ip\"}}"
},
{
"name": "common_client_port",
"label": "Client Port",
"type": "int",
"doc": "{\"allow_query\":\"true\"}"
},
{
"name": "common_l4_protocol",
"label": "L4 Protocol",
"type": "string"
},
{
"name": "common_address_type",
"label": "Address Type",
"type": "int",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"4\",\"value\":\"ipv4\"},{\"code\":\"6\",\"value\":\"ipv6\"}]}"
},
{
"name": "common_server_ip",
"label": "Server IP",
"type": "string",
"doc": "{\"allow_query\":\"true\",\"constraints\":{\"type\":\"ip\"},\"format\":{\"functions\":\"geo_asn\",\"appendTo\":\"common_server_asn\"}}"
},
{
"name": "common_server_port",
"label": "Server Port",
"type": "int",
"doc": "{\"allow_query\":\"true\"}"
},
{
"name": "common_external_ip",
"label": "External IP",
"type": "string",
"doc": "{\"allow_query\":\"true\",\"constraints\":{\"type\":\"ip\"},\"format\":{\"functions\":\"if\",\"param\":\"$.common_direction=73,$.common_client_ip,$.common_server_ip\"}}"
},
{
"name": "common_action",
"label": "Action",
"type": "int",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"0\",\"value\":\"None\"},{\"code\":\"1\",\"value\":\"Monitor\"},{\"code\":\"2\",\"value\":\"Intercept\"},{\"code\":\"16\",\"value\":\"Deny\"},{\"code\":\"48\",\"value\":\"Manipulation\"},{\"code\":\"128\",\"value\":\"Allow\"}]}"
},
{
"name": "common_direction",
"label": "Direction",
"type": "int",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"69\",\"value\":\"outbound\"},{\"code\":\"73\",\"value\":\"inbound\"}]}"
},
{
"name": "common_entrance_id",
"label": "Entrance ID",
"type": "int",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "common_sled_ip",
"label": "Sled IP",
"type": "string",
"doc": "{\"allow_query\":\"true\",\"constraints\":{\"type\":\"ip\"}}"
},
{
"name": "common_client_location",
"label": "Client Location",
"type": "string"
},
{
"name": "common_client_asn",
"label": "Client ASN",
"type": "string"
},
{
"name": "common_server_location",
"label": "Server Location",
"type": "string"
},
{
"name": "common_server_asn",
"label": "Server ASN",
"type": "string"
},
{
"name": "common_sessions",
"label": "Sessions",
"type": "long",
"doc": "{\"format\":{\"functions\":\"set_value\",\"param\":\"1\"}}"
},
{
"name": "common_c2s_pkt_num",
"label": "Packets Sent",
"type": "long",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_s2c_pkt_num",
"label": "Packets Received",
"type": "long",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_c2s_byte_num",
"label": "Bytes Sent",
"type": "long"
},
{
"name": "common_s2c_byte_num",
"label": "Bytes Received",
"type": "long"
},
{
"name": "common_service",
"label": "Service",
"type": "int",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "common_schema_type",
"label": "Schema Type",
"type": "string",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"allow_query\":\"true\",\"data\":[{\"code\":\"HTTP\",\"value\":\"HTTP\"},{\"code\":\"DoH\",\"value\":\"DoH\"}]}"
},
{
"name": "common_user_tags",
"label": "User Tags",
"type": "string",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "common_sub_action",
"label": "Sub Action",
"type": "string",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"allow\",\"value\":\"allow\"},{\"code\":\"deny\",\"value\":\"deny\"},{\"code\":\"monitor\",\"value\":\"monitor\"},{\"code\":\"replace\",\"value\":\"replace\"},{\"code\":\"redirect\",\"value\":\"redirect\"},{\"code\":\"insert\",\"value\":\"insert\"},{\"code\":\"hijack\",\"value\":\"hijack\"}],\"allow_query\":\"true\"}"
},
{
"name": "common_user_region",
"label": "User Region",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_device_id",
"label": "Device ID",
"type": "string"
},
{
"name": "common_link_id",
"label": "Link ID",
"type": "int",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "common_isp",
"label": "ISP",
"type": "string",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "common_device_tag",
"label": "Device Tag",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_data_center",
"label": "Data Center",
"type": "string",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"Nur-sultan\",\"value\":\"Nur-sultan\"},{\"code\":\"Aktau\",\"value\":\"Aktau\"},{\"code\":\"Aktubinsk\",\"value\":\"Aktubinsk\"},{\"code\":\"Almaty\",\"value\":\"Almaty\"},{\"code\":\"Atyrau\",\"value\":\"Atyrau\"},{\"code\":\"Karaganda\",\"value\":\"Karaganda\"},{\"code\":\"Kokshetau\",\"value\":\"Kokshetau\"},{\"code\":\"Kostanay\",\"value\":\"Kostanay\"},{\"code\":\"Kyzylorda\",\"value\":\"Kyzylorda\"},{\"code\":\"Pavlodar\",\"value\":\"Pavlodar\"},{\"code\":\"Petropavl\",\"value\":\"Petropavl\"},{\"code\":\"Semey\",\"value\":\"Semey\"},{\"code\":\"Shymkent\",\"value\":\"Shymkent\"},{\"code\":\"Taldykurgan\",\"value\":\"Taldykurgan\"},{\"code\":\"Taraz\",\"value\":\"Taraz\"},{\"code\":\"Uralsk\",\"value\":\"Uralsk\"},{\"code\":\"Ust-Kamenogorsk\",\"value\":\"Ust-Kamenogorsk\"},{\"code\":\"Zhezkazgan\",\"value\":\"Zhezkazgan\"}],\"allow_query\":\"true\"}"
},
{
"name": "common_encapsulation",
"label": "Encapsulation",
"type": "int",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"0\",\"value\":\"Ethernet\"},{\"code\":\"8\",\"value\":\"PPP\"},{\"code\":\"12\",\"value\":\"CiscoHDLC\"}],\"visibility\":\"hidden\"}"
},
{
"name": "common_app_label",
"label": "Application Label",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_protocol_label",
"label": "Protocol Label",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_app_id",
"label": "Application ID",
"type": "int",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_app_surrogate_id",
"label": "Surrogate ID",
"type": "int",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_l7_protocol",
"label": "L7 Protocol",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_start_time",
"label": "Start Time",
"type": "long",
"doc": "{\"constraints\":{\"type\":\"timestamp\"}}"
},
{
"name": "common_end_time",
"label": "End Time",
"type": "long",
"doc": "{\"constraints\":{\"type\":\"timestamp\"},\"format\":{\"functions\":\"get_value\",\"appendTo\":\"common_recv_time\"}}"
},
{
"name": "common_establish_latency_ms",
"label": "Establish Latency(ms)",
"type": "int"
},
{
"name": "common_con_duration_ms",
"label": "Duration(ms)",
"type": "int"
},
{
"name": "common_stream_dir",
"label": "Stream Direction",
"type": "int",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"1\",\"value\":\"c2s\"},{\"code\":\"2\",\"value\":\"s2c\"},{\"code\":\"3\",\"value\":\"double\"}]}"
},
{
"name": "common_address_list",
"label": "Address List",
"type": "string",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "common_has_dup_traffic",
"label": "Duplication Traffic",
"type": "int",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"0\",\"value\":\"No\"},{\"code\":\"1\",\"value\":\"Yes\"}],\"visibility\":\"hidden\"}"
},
{
"name": "common_stream_error",
"label": "Stream Error",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_stream_trace_id",
"label": "Session ID",
"type": "long",
"doc": "{\"allow_query\":\"true\"}"
},
{
"name": "common_link_info_c2s",
"label": "Link Info(c2s)",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_link_info_s2c",
"label": "Link Info(s2c)",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_c2s_ipfrag_num",
"label": "Fragmentation Packets(c2s)",
"type": "long",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_s2c_ipfrag_num",
"label": "Fragmentation Packets(s2c)",
"type": "long",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_c2s_tcp_lostlen",
"label": "Sequence Gap Loss(c2s)",
"type": "long",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_s2c_tcp_lostlen",
"label": "Sequence Gap Loss(s2c)",
"type": "long",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_c2s_tcp_unorder_num",
"label": "Unorder Packets(c2s)",
"type": "long",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_s2c_tcp_unorder_num",
"label": "Unorder Packets(s2c)",
"type": "long",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_tcp_client_isn",
"label": "TCP Client ISN",
"type": "long",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "common_tcp_server_isn",
"label": "TCP Server ISN",
"type": "long",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "common_first_ttl",
"label": "First TTL",
"type": "int",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "common_processing_time",
"label": "Processing Time",
"doc": "{\"constraints\":{\"type\":\"timestamp\"},\"format\":{\"functions\":\"current_timestamp\"}}",
"type": "long"
},
{
"name": "http_url",
"label": "Http.URL",
"type": "string",
"doc": "{\"allow_query\":\"true\"}"
},
{
"name": "http_host",
"label": "Http.Host",
"type": "string",
"doc": "{\"format\":{\"functions\":\"sub_domain\",\"appendTo\":\"http_domain\"}}"
},
{
"name": "http_domain",
"label": "Http.Domain",
"type": "string",
"doc": "{\"allow_query\":\"true\"}"
},
{
"name": "http_request_line",
"label": "Http.Request Line",
"type": "string",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "http_response_line",
"label": "Http.Response Line",
"type": "string",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "http_request_header",
"label": "Http.Request Header",
"type": "string"
},
{
"name": "http_response_header",
"label": "Http.Response Header",
"type": "string"
},
{
"name": "http_request_body",
"label": "Http.Request Body",
"type": "string",
"doc": "{\"constraints\":{\"type\":\"file\"}}"
},
{
"name": "http_response_body",
"label": "Http.Response Body",
"type": "string",
"doc": "{\"constraints\":{\"type\":\"file\"}}"
},
{
"name": "http_request_body_key",
"label": "Http.Request Body Key",
"type": "string",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "http_response_body_key",
"label": "Http.Response Body Key",
"type":"string",
"doc": "{\"visibility\":\"disabled\"}"
},
{
"name": "http_proxy_flag",
"label": "Http.Proxy Flag",
"type": "int",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "http_sequence",
"label": "Http.Sequence",
"type": "int",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "http_snapshot",
"label": "Http.Snapshot",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "http_cookie",
"label": "Http.Cookie",
"type": "string"
},
{
"name": "http_referer",
"label": "Http.Referer",
"type": "string"
},
{
"name": "http_user_agent",
"label": "Http.User Agent",
"type": "string"
},
{
"name": "http_content_length",
"label": "Http.Content Length",
"type": "string"
},
{
"name": "http_content_type",
"label": "Http.Content Type",
"type": "string"
},
{
"name": "http_set_cookie",
"label": "Http.Set Cookie",
"type": "string"
},
{
"name": "http_version",
"label": "Http.Version",
"type": "string"
},
{
"name": "http_response_lantency_ms",
"label": "Http.Response Latency(ms)",
"type": "int"
},
{
"name": "http_session_duration_ms",
"label": "Http.Session Duration(ms)",
"type": "int"
},
{
"name": "http_action_file_size",
"label": "Http.Action File Size",
"type": "int"
},
{
"name": "doh_url",
"label": "DoH.URL",
"type": "string"
},
{
"name": "doh_host",
"label": "DoH.Host",
"type": "string"
},
{
"name": "doh_request_line",
"label": "DoH.Request Line",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "doh_response_line",
"label": "DoH.Response Line",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "doh_cookie",
"label": "DoH.Cookie",
"type": "string"
},
{
"name": "doh_referer",
"label": "DoH.Referer",
"type": "string"
},
{
"name": "doh_user_agent",
"label": "DoH.User Agent",
"type": "string"
},
{
"name": "doh_content_length",
"label": "DoH.Content Length",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "doh_content_type",
"label": "DoH.Content Type",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "doh_set_cookie",
"label": "DoH.Set Cookie",
"type": "string",
"doc": "{\"visibility\":\"hidden\"}"
},
{
"name": "doh_version",
"label": "DoH.Version",
"type": "string"
},
{
"name": "doh_message_id",
"label": "DoH.Message ID",
"type": "int"
},
{
"name": "doh_qr",
"label": "DoH.QR",
"type": "int",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"0\",\"value\":\"QUERY\"},{\"code\":\"1\",\"value\":\"REESPONSE\"}]}"
},
{
"name": "doh_opcode",
"label": "DoH.OPCODE",
"type": "int",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"0\",\"value\":\"QUERY\"},{\"code\":\"1\",\"value\":\"IQUERY\"},{\"code\":\"2\",\"value\":\"STATUS\"},{\"code\":\"5\",\"value\":\"UPDATE\"}]}"
},
{
"name": "doh_aa",
"label": "DoH.AA",
"type": "int"
},
{
"name": "doh_tc",
"label": "DoH.TC",
"type": "int"
},
{
"name": "doh_rd",
"label": "DoH.RD",
"type": "int"
},
{
"name": "doh_ra",
"label": "DoH.RA",
"type": "int"
},
{
"name": "doh_rcode",
"label": "DoH.RCODE",
"type": "int"
},
{
"name": "doh_qdcount",
"label": "DoH.QDCOUNT",
"type": "int"
},
{
"name": "doh_ancount",
"label": "DoH.ANCOUNT",
"type": "int"
},
{
"name": "doh_nscount",
"label": "DoH.NSCOUNT",
"type": "int"
},
{
"name": "doh_arcount",
"label": "DoH.ARCOUNT",
"type": "int"
},
{
"name": "doh_qname",
"label": "DoH.QNAME",
"type": "string"
},
{
"name": "doh_qtype",
"label": "DoH.QTYPE",
"type": "int",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"1\",\"value\":\"A\"},{\"code\":\"2\",\"value\":\"NS\"},{\"code\":\"5\",\"value\":\"CNAME\"},{\"code\":\"6\",\"value\":\"SOA\"},{\"code\":\"11\",\"value\":\"WKS\"},{\"code\":\"12\",\"value\":\"PTR\"},{\"code\":\"13\",\"value\":\"HINFO\"},{\"code\":\"11\",\"value\":\"WKS\"},{\"code\":\"15\",\"value\":\"MX\"},{\"code\":\"28\",\"value\":\"AAAA\"}]}"
},
{
"name": "doh_qclass",
"label": "DoH.QCLASS",
"type": "int"
},
{
"name": "doh_cname",
"label": "DoH.CNAME",
"type": "string"
},
{
"name": "doh_sub",
"label": "DoH.SUB",
"type": "int",
"doc": "{\"constraints\":{\"operator_functions\":\"=,!=\"},\"data\":[{\"code\":\"1\",\"value\":\"DNS\"},{\"code\":\"2\",\"value\":\"DNSSEC\"}]}"
},
{
"name": "doh_rr",
"label": "DoH.RR",
"type": "string"
}
]
}
Reference in New Issue View Git Blame Copy Permalink