diff --git a/23.09/Galaxy Trouble Shooting API V23.09.postman_collection.json b/23.09/Galaxy Trouble Shooting API V23.09.postman_collection.json
index 1a84ce9..4f07791 100644
--- a/23.09/Galaxy Trouble Shooting API V23.09.postman_collection.json	
+++ b/23.09/Galaxy Trouble Shooting API V23.09.postman_collection.json	
@@ -2,7 +2,7 @@
 	"info": {
 		"_postman_id": "868bc69c-c241-4552-859c-24b9f0ad19b4",
 		"name": "Galaxy Trouble Shooting API V23.09",
-		"description": "# galaxy-troubleshooting-api\n\n使用Postman组件，基于Rest API接口对TSG OLAP 进行功能验证。包括组件健康检查，功能集成测试及故障诊断。\n## Release 23.09 (30 SEP 2023)\n\n###### Update\n* metrics 修改表名由statistics_object改为object_statistics\n* Flags统计增加Bidirectional标识\n* Closed Session Records 增加http_status_code\n* 删除Kafka Topics 目录\n\n## Release 23.08 (21 AUG 2023)\n\n###### New Features\n* Metrics增加Statistics Policy 相关接口\n* Metrics增加Statistics Object 相关接口\n* Metrics增加Statistics rule 命中计数接口\n\n###### Update\n* 会话日志查询，增加重命名字段common_out_link_id、common_in_link_id \n\n## Release 23.07 (21 JUL 2023)\n###### Update\n* 修复Network Throughput Active Sessions计算错误，不除时间粒度\n\n## Release 23.06 (21 JUN 2023)\n###### Update\n* 优化Limit返回值\n\n## Release 23.05 (28 MAY 2023)\n###### New Features\n* 增加Service chaining统计接口\n* QGW增加嵌套子查询接口，用于验证高级搜索\n\n###### Update\n* Main Dashboard统计接口重构，更改统计源\n* Live Traffic Chart 接口重构，更改统计源\n* 原代理日志拆分为Intercept和Manipulation\n* 相关Metrics的Schema更改为重构后的数据源\n\n\n## Release 23.04 (28 APR 2023)\n###### New Features\n* 增加数据写入延迟接口Session Insert Latency Distribution\n* 增加数据写入Kafka延迟接口 Session Ingestion Latency Distribution\n\n###### Update\n* 重构 Security Policy Hits Metrics 统计\n* 重构 Traffic Shaping Metrics 统计\n\n## Release 23.03 (28 MAR 2023)\n\n###### New Features\n* 目录整体重构，重新梳理功能，便于Newman CLI运行\n* ClickHouse目录下增加慢查询故障诊断语句\n* 参数与API接口统一改为英文，避免中文编码执行异常\n* 加密环境变量密码、token等敏感信息\n* 定义全局动态变量：时间范围、随机IP、随机域名等\n\n###### Update\n\n* Flags 添加C2S与S2C标志位标签\n\n\n## Release 23.02 (28 FEB 2023)\n\n###### New Features\n* 增加Traffic Shaping 相关统计接口\n\n###### Update\n* 会话日志增加列common_shaping_rule_ids\n* 会话与安全事件日志增加列common_server_domain\n*会话与安全事件日志增加列common_flags_identify_info\n\n## Release 23.01 (31 JAN 2023)\n###### Update\n* 会话与安全事件日志增加列common_server_fqdn\n* 会话与安全事件日志增加列common_app_full_path\n\n\n## Release 22.12 (30 DEC 2022)\n###### New Features\n* 新增Dashboards-增加App推荐\n* 新增系统报告-会话日志Flags统计\n* 新增系统报告-会话日志Flags占比\n\n###### Update\n* 会话与安全事件日志增加common_flags列\n* 自定义IP映射-增加对ASN函数\n\n\n## Release 22.1 (30 NOV 2022)\n###### New Features\n\n###### Update\n* 会话与安全事件日志增加ssl_ja3s_hash列\n\n\n## Release 22.10 (30 OCT 2022)\n###### New Features\n* 06其它-功能验证-Traffic Summary增加Throughput接口 \n###### Update\n* 更新原有查询，将VSYS ID作为默认查询条件\n\n## Release 22.09 (30 SEP 2022)\n\n###### Update\n* 会话与安全事件日志增加common_tunnel_endpoint_a_desc, common_tunnel_endpoint_b_desc,dtls_sni 列\n\n## Release 22.08 (31 AUG 2022)\n\n###### New Features\n* 其它-查询网关-Live Charts 总带宽流量校验\n* 增加检查数据流-SQL执行计划\n* 增加检查数据流-SQL查看表结构\n* 增加检查数据推荐-推荐IMSI到TEID关系\n* 增加检查数据推荐-推荐IMEI到TEID关系\n* 增加检查数据推荐-推荐Phone Number到TEID关系\n* 增加检查数据推荐-推荐apn到TEID关系\n* 增加检查数据推荐-实时查询任务-提交查询任务(实时统计)\n* 增加检查数据推荐-实时查询任务-获取任务结果(实时统计)\n* 增加检查数据推荐-知识库列表\n* 增加预处理检查-检测预处理延迟\n* 增加预处理检查-已关闭会话日志延迟分布\n###### Update\n\n\n## Release 22.07 (30 JUL 2022)\n\n###### New Features\n* 增加检查数据推荐-Top Server IP流量概况评估\n* 增加检查数据推荐-Top SNI 流量概况评估\n###### Update\n\n\n## Release 22.06 (30 JUE 2022)\n\n###### New Features\n* 检查数据流-增加存储配额一致性检查\n###### Update\n* 系统报告检查-增加与CM默认VSYSID=1参数\n\n\n## Release 22.05 (31 MAY 2022)\n\n###### New Features\n\n###### Update\n* 检查日志-会话日志/安全事件日志增加RDP类型校验\n\n\n## Release 22.04 (29 APR 2022)\n\n###### New Features\n\n###### Update\n* 预处理检查-是否有数据验证，改为通过console后台打印日志\n* Dashboards Top部分功能增加device_group, data_center维度校验\n\n\n## Release 22.03 (8 APR 2022)\n\n###### New Features\n* 增加数据预处理检查，为每类日志增加多个测试用例，区分功能或无数据问题\n###### Update\n* 其它-评估日志预处理，增加ETL处理时延和写入Kafka时延指标\n* 检查日志模块对会话，安全和代理事件日志基于具体字段查询\n\n###### Delete\n* 删除检查数据流，关于Topic的测试用例\n\n## Release 22.02 (8 MAR 2022)\n\n###### New Features\n\n*  检查数据流-元数据检查 增加schema评价文件事件日志\n    \n \n\n## Release 22.01 (27 JAN 2022)\n\n###### New Features\n\n*   检查数据流-TopN计算 增加Application接口验证\n    \n\n###### Update\n\n*   重新梳理分类，删除无用接口\n*   重新排列分类，将系统自检放到首位\n    \n\n## Release 21.12 (1 Dec 2021)\n\n###### New Features\n\n*   新增数据推荐查询-实时查询任务\n*   新增数据推荐查询-推荐Subscriber ID 到IP关系\n*   新增数据推荐查询-推荐APP活跃客户端IP\n*   新增数据推荐查询-推荐TopN Server IP\n*   新增数据推荐查询-推荐TopN SNI\n*   新增常用快捷功能-查询网关，增加优化查询测试集\n    *   Top 查询优化\n    *   Calcite 缓存查询\n    *   自定义时间函数补全功能\n\n###### Update\n\n*   Dashboard 查询，代理策略命中动作增加Edit Element 统计\n    \n\n## Release 21.11 (5 Nov 2021)\n\n###### New Features\n\n*   Delete\n*   Update\n*   修改报告查询接口(由查询mariadb方式变更为API接口)\n*   修改规范“数据推荐查询”所有接口的命名\n    \n\n## Release 21.10 (28 OCT 2021)\n\n###### New Features\n\n*   新增HOS健康状态检测接口\n*   Delete\n*   删除原ClickHouse/Druid/ArangoDB 状态检查接口\n    \n\n## Release 21.09 (23 SEP 2021)\n\n###### New Features\n\n*   Update\n*   删除分布式调度任务，5分钟TOPN校验，交由FLink统计\n*   原始日志表名进行重命名，相关查询接口更新\n*   修正DNS分析的SQL数据集\n    \n\n## Release 21.08 (15 AUG 2021)\n\n###### New Features\n\n*   新增“Dashboard查询-DoS Threat Map”功能列表，显示DoS检测地图接口\n*   新增“原始日志查询-DoS事件日志”，显示DoS攻击检测日志\n*   新增“原始日志查询-DoS事件日志-Summary”，显示DoS攻击趋势统计\n*   新增“原始日志查询-DoS事件日志-Destination IP Traffic Trend”，显示受害者IP历史流量趋势\n*   Update\n*   迁移“Dashboard查询”liveCharts接口，放到“Live Charts”目录中统一管理。\n*   对DNS分析，增加一些查询样例\n    \n\n## Release 21.07 (5 JUL 2021)\n\n###### New Features\n\n*   增加”常用快捷功能-基数统计“，用于分析日志分布情况\n*   增加”常用快捷功能-DNS放大攻击“，查询特征数据集\n*   增加”通用检查-对象存储-获取某个文件“，用于文件获取验证\n    \n\n###### Update\n\n*   为所有接口增加Tests脚本，对接口进行批量验证测试\n*   修正部分接口查询异常\n    \n\n## Release 21.06 (7 JUN 2021)\n\n###### New Features\n\n*   Environments 增加环境变量domain、client_ip、server_ip、l7_protocol和PT1M_TIME\n*   常用快捷功能增加某域名下钻、某IP下钻、协议下钻和DNS分析功能\n    \n\n###### Update\n\n*   原始日志查询，基于Druid近1小时日志变化粒度从5分钟改为1分钟。包含通联、策略和代理日志。\n    \n\n## Release 21.05 (6 MAY 2021)\n\n###### New Features\n\n*   新增“GTP-C日志”功能，辅助故障诊断\n*   新增“事务日志”功能，辅助故障诊断\n*   新增“活跃会话日志”功能，辅助故障诊断\n*   新增“07.常用快捷功能-评估写入日志量”，查看当前系统的吞吐\n    \n\n###### Update\n\n*   修改\"01.通用检查-数据存储检查\"，增加事务、活跃及GTP-C 检测\n    \n\n## Release 21.04 (3 APR 2021)\n\n###### New Features\n\n*   增加“VoIP日志”功能，辅助故障诊断\n*   增加“元数据检查”分类目录\n*   增加“HOS对象存储”目录，用于定位对象存储\n    \n\n###### Update\n\n*   修改“SQL语法检查”为“SQL语法验证”，支持SQL语句的静态分析和数据库语义验证\n*   迁移功能项位置，方便问题定位\n    \n\n###### Delete\n\n*   删除“系统检查-查询引擎SQL测试集\\[过时\\]”功能，由“故障诊断-sql性能测试”替代。\n    \n\n## Release 21.03 (2 MAR 2021)\n\n###### New Features\n\n*   增加故障诊断-元数据功能，可分析日志字段是否与schema一致\n*   增加故障诊断-sql性能测试，可对查询引擎进行功能性验证和POC性能测试\n    \n\n###### Update\n\n*   对查询引擎SQL测试集标记过时\n    \n\n## Release 21.02 (1 FEB 2021)\n\n###### Update\n\n*   改善内部测试集，应对新的功能修改\n    \n\n## Release 20.11.rc3 (11 DEC 2020)\n\n###### New Features\n\n*   增加常用快捷功能- 安装证书独立客户端IP数据趋势\n*   增加常用快捷功能-访问速度最慢TOP20 域名\n*   增加常用快捷功能-报告预置Metrics\n*   增加原始日志查询-安全策略-动作命中计数\n*   增加原始日志查询-代理策略-动作命中计数\n*   增加原始日志查询-通联-流量计数(now)\n    \n\n###### Update\n\n*   改善Dashboard查询-基础统计-新建、活跃（计数）-now\n*   改善Dashboard查询-新建、活跃（趋势）\n*   目录增加编号，便于管理\n*   修改分布式调度任务-5分钟TOPN-hot表验证表名\n*   部分Action为post 改为 get，便于导出命令行",
+		"description": "# galaxy-troubleshooting-api\n\n使用Postman组件，基于Rest API接口对TSG OLAP 进行功能验证。包括组件健康检查，功能集成测试及故障诊断。\n## Release 23.09 (30 SEP 2023)\n\n###### Update\n* metrics 修改表名由statistics_object改为object_statistics\n* Flags统计增加Bidirectional标识\n* Closed Session Records 增加http_status_code, ssl_esni_flag, ssl_ech_flag\n* 删除Kafka Topics 目录\n\n## Release 23.08 (21 AUG 2023)\n\n###### New Features\n* Metrics增加Statistics Policy 相关接口\n* Metrics增加Statistics Object 相关接口\n* Metrics增加Statistics rule 命中计数接口\n\n###### Update\n* 会话日志查询，增加重命名字段common_out_link_id、common_in_link_id \n\n## Release 23.07 (21 JUL 2023)\n###### Update\n* 修复Network Throughput Active Sessions计算错误，不除时间粒度\n\n## Release 23.06 (21 JUN 2023)\n###### Update\n* 优化Limit返回值\n\n## Release 23.05 (28 MAY 2023)\n###### New Features\n* 增加Service chaining统计接口\n* QGW增加嵌套子查询接口，用于验证高级搜索\n\n###### Update\n* Main Dashboard统计接口重构，更改统计源\n* Live Traffic Chart 接口重构，更改统计源\n* 原代理日志拆分为Intercept和Manipulation\n* 相关Metrics的Schema更改为重构后的数据源\n\n\n## Release 23.04 (28 APR 2023)\n###### New Features\n* 增加数据写入延迟接口Session Insert Latency Distribution\n* 增加数据写入Kafka延迟接口 Session Ingestion Latency Distribution\n\n###### Update\n* 重构 Security Policy Hits Metrics 统计\n* 重构 Traffic Shaping Metrics 统计\n\n## Release 23.03 (28 MAR 2023)\n\n###### New Features\n* 目录整体重构，重新梳理功能，便于Newman CLI运行\n* ClickHouse目录下增加慢查询故障诊断语句\n* 参数与API接口统一改为英文，避免中文编码执行异常\n* 加密环境变量密码、token等敏感信息\n* 定义全局动态变量：时间范围、随机IP、随机域名等\n\n###### Update\n\n* Flags 添加C2S与S2C标志位标签\n\n\n## Release 23.02 (28 FEB 2023)\n\n###### New Features\n* 增加Traffic Shaping 相关统计接口\n\n###### Update\n* 会话日志增加列common_shaping_rule_ids\n* 会话与安全事件日志增加列common_server_domain\n*会话与安全事件日志增加列common_flags_identify_info\n\n## Release 23.01 (31 JAN 2023)\n###### Update\n* 会话与安全事件日志增加列common_server_fqdn\n* 会话与安全事件日志增加列common_app_full_path\n\n\n## Release 22.12 (30 DEC 2022)\n###### New Features\n* 新增Dashboards-增加App推荐\n* 新增系统报告-会话日志Flags统计\n* 新增系统报告-会话日志Flags占比\n\n###### Update\n* 会话与安全事件日志增加common_flags列\n* 自定义IP映射-增加对ASN函数\n\n\n## Release 22.1 (30 NOV 2022)\n###### New Features\n\n###### Update\n* 会话与安全事件日志增加ssl_ja3s_hash列\n\n\n## Release 22.10 (30 OCT 2022)\n###### New Features\n* 06其它-功能验证-Traffic Summary增加Throughput接口 \n###### Update\n* 更新原有查询，将VSYS ID作为默认查询条件\n\n## Release 22.09 (30 SEP 2022)\n\n###### Update\n* 会话与安全事件日志增加common_tunnel_endpoint_a_desc, common_tunnel_endpoint_b_desc,dtls_sni 列\n\n## Release 22.08 (31 AUG 2022)\n\n###### New Features\n* 其它-查询网关-Live Charts 总带宽流量校验\n* 增加检查数据流-SQL执行计划\n* 增加检查数据流-SQL查看表结构\n* 增加检查数据推荐-推荐IMSI到TEID关系\n* 增加检查数据推荐-推荐IMEI到TEID关系\n* 增加检查数据推荐-推荐Phone Number到TEID关系\n* 增加检查数据推荐-推荐apn到TEID关系\n* 增加检查数据推荐-实时查询任务-提交查询任务(实时统计)\n* 增加检查数据推荐-实时查询任务-获取任务结果(实时统计)\n* 增加检查数据推荐-知识库列表\n* 增加预处理检查-检测预处理延迟\n* 增加预处理检查-已关闭会话日志延迟分布\n###### Update\n\n\n## Release 22.07 (30 JUL 2022)\n\n###### New Features\n* 增加检查数据推荐-Top Server IP流量概况评估\n* 增加检查数据推荐-Top SNI 流量概况评估\n###### Update\n\n\n## Release 22.06 (30 JUE 2022)\n\n###### New Features\n* 检查数据流-增加存储配额一致性检查\n###### Update\n* 系统报告检查-增加与CM默认VSYSID=1参数\n\n\n## Release 22.05 (31 MAY 2022)\n\n###### New Features\n\n###### Update\n* 检查日志-会话日志/安全事件日志增加RDP类型校验\n\n\n## Release 22.04 (29 APR 2022)\n\n###### New Features\n\n###### Update\n* 预处理检查-是否有数据验证，改为通过console后台打印日志\n* Dashboards Top部分功能增加device_group, data_center维度校验\n\n\n## Release 22.03 (8 APR 2022)\n\n###### New Features\n* 增加数据预处理检查，为每类日志增加多个测试用例，区分功能或无数据问题\n###### Update\n* 其它-评估日志预处理，增加ETL处理时延和写入Kafka时延指标\n* 检查日志模块对会话，安全和代理事件日志基于具体字段查询\n\n###### Delete\n* 删除检查数据流，关于Topic的测试用例\n\n## Release 22.02 (8 MAR 2022)\n\n###### New Features\n\n*  检查数据流-元数据检查 增加schema评价文件事件日志\n    \n \n\n## Release 22.01 (27 JAN 2022)\n\n###### New Features\n\n*   检查数据流-TopN计算 增加Application接口验证\n    \n\n###### Update\n\n*   重新梳理分类，删除无用接口\n*   重新排列分类，将系统自检放到首位\n    \n\n## Release 21.12 (1 Dec 2021)\n\n###### New Features\n\n*   新增数据推荐查询-实时查询任务\n*   新增数据推荐查询-推荐Subscriber ID 到IP关系\n*   新增数据推荐查询-推荐APP活跃客户端IP\n*   新增数据推荐查询-推荐TopN Server IP\n*   新增数据推荐查询-推荐TopN SNI\n*   新增常用快捷功能-查询网关，增加优化查询测试集\n    *   Top 查询优化\n    *   Calcite 缓存查询\n    *   自定义时间函数补全功能\n\n###### Update\n\n*   Dashboard 查询，代理策略命中动作增加Edit Element 统计\n    \n\n## Release 21.11 (5 Nov 2021)\n\n###### New Features\n\n*   Delete\n*   Update\n*   修改报告查询接口(由查询mariadb方式变更为API接口)\n*   修改规范“数据推荐查询”所有接口的命名\n    \n\n## Release 21.10 (28 OCT 2021)\n\n###### New Features\n\n*   新增HOS健康状态检测接口\n*   Delete\n*   删除原ClickHouse/Druid/ArangoDB 状态检查接口\n    \n\n## Release 21.09 (23 SEP 2021)\n\n###### New Features\n\n*   Update\n*   删除分布式调度任务，5分钟TOPN校验，交由FLink统计\n*   原始日志表名进行重命名，相关查询接口更新\n*   修正DNS分析的SQL数据集\n    \n\n## Release 21.08 (15 AUG 2021)\n\n###### New Features\n\n*   新增“Dashboard查询-DoS Threat Map”功能列表，显示DoS检测地图接口\n*   新增“原始日志查询-DoS事件日志”，显示DoS攻击检测日志\n*   新增“原始日志查询-DoS事件日志-Summary”，显示DoS攻击趋势统计\n*   新增“原始日志查询-DoS事件日志-Destination IP Traffic Trend”，显示受害者IP历史流量趋势\n*   Update\n*   迁移“Dashboard查询”liveCharts接口，放到“Live Charts”目录中统一管理。\n*   对DNS分析，增加一些查询样例\n    \n\n## Release 21.07 (5 JUL 2021)\n\n###### New Features\n\n*   增加”常用快捷功能-基数统计“，用于分析日志分布情况\n*   增加”常用快捷功能-DNS放大攻击“，查询特征数据集\n*   增加”通用检查-对象存储-获取某个文件“，用于文件获取验证\n    \n\n###### Update\n\n*   为所有接口增加Tests脚本，对接口进行批量验证测试\n*   修正部分接口查询异常\n    \n\n## Release 21.06 (7 JUN 2021)\n\n###### New Features\n\n*   Environments 增加环境变量domain、client_ip、server_ip、l7_protocol和PT1M_TIME\n*   常用快捷功能增加某域名下钻、某IP下钻、协议下钻和DNS分析功能\n    \n\n###### Update\n\n*   原始日志查询，基于Druid近1小时日志变化粒度从5分钟改为1分钟。包含通联、策略和代理日志。\n    \n\n## Release 21.05 (6 MAY 2021)\n\n###### New Features\n\n*   新增“GTP-C日志”功能，辅助故障诊断\n*   新增“事务日志”功能，辅助故障诊断\n*   新增“活跃会话日志”功能，辅助故障诊断\n*   新增“07.常用快捷功能-评估写入日志量”，查看当前系统的吞吐\n    \n\n###### Update\n\n*   修改\"01.通用检查-数据存储检查\"，增加事务、活跃及GTP-C 检测\n    \n\n## Release 21.04 (3 APR 2021)\n\n###### New Features\n\n*   增加“VoIP日志”功能，辅助故障诊断\n*   增加“元数据检查”分类目录\n*   增加“HOS对象存储”目录，用于定位对象存储\n    \n\n###### Update\n\n*   修改“SQL语法检查”为“SQL语法验证”，支持SQL语句的静态分析和数据库语义验证\n*   迁移功能项位置，方便问题定位\n    \n\n###### Delete\n\n*   删除“系统检查-查询引擎SQL测试集\\[过时\\]”功能，由“故障诊断-sql性能测试”替代。\n    \n\n## Release 21.03 (2 MAR 2021)\n\n###### New Features\n\n*   增加故障诊断-元数据功能，可分析日志字段是否与schema一致\n*   增加故障诊断-sql性能测试，可对查询引擎进行功能性验证和POC性能测试\n    \n\n###### Update\n\n*   对查询引擎SQL测试集标记过时\n    \n\n## Release 21.02 (1 FEB 2021)\n\n###### Update\n\n*   改善内部测试集，应对新的功能修改\n    \n\n## Release 20.11.rc3 (11 DEC 2020)\n\n###### New Features\n\n*   增加常用快捷功能- 安装证书独立客户端IP数据趋势\n*   增加常用快捷功能-访问速度最慢TOP20 域名\n*   增加常用快捷功能-报告预置Metrics\n*   增加原始日志查询-安全策略-动作命中计数\n*   增加原始日志查询-代理策略-动作命中计数\n*   增加原始日志查询-通联-流量计数(now)\n    \n\n###### Update\n\n*   改善Dashboard查询-基础统计-新建、活跃（计数）-now\n*   改善Dashboard查询-新建、活跃（趋势）\n*   目录增加编号，便于管理\n*   修改分布式调度任务-5分钟TOPN-hot表验证表名\n*   部分Action为post 改为 get，便于导出命令行",
 		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
 	},
 	"item": [
@@ -1477,7 +1477,7 @@
 								"method": "GET",
 								"header": [],
 								"url": {
-									"raw": "http://{{qgw_ip}}:{{qgw_port}}/?query=select  toDateTime(common_recv_time) AS common_recv_time, common_log_id, common_vsys_id, common_subscriber_id, common_imei, common_imsi, common_phone_number, common_client_ip, common_internal_ip, common_client_port, common_l4_protocol, common_address_type, common_server_ip, common_server_port, common_external_ip, common_direction, common_sled_ip, common_client_location, common_client_asn, common_server_location, common_server_asn, common_sessions, common_c2s_pkt_num, common_s2c_pkt_num, common_c2s_byte_num, common_s2c_byte_num, common_schema_type, common_device_id, common_device_group, common_app_behavior, common_app_label, common_tunnels, common_protocol_label, common_userdefine_app_name, common_l7_protocol, common_service_category, toDateTime(common_start_time) AS common_start_time, toDateTime(common_end_time) AS common_end_time, common_establish_latency_ms, common_con_duration_ms, common_stream_dir, common_stream_trace_id, common_c2s_ipfrag_num, common_s2c_ipfrag_num, common_c2s_tcp_lostlen, common_s2c_tcp_lostlen, common_c2s_tcp_unorder_num, common_s2c_tcp_unorder_num, common_c2s_pkt_retrans, common_s2c_pkt_retrans, common_c2s_byte_retrans, common_s2c_byte_retrans, common_tcp_client_isn, common_tcp_server_isn, toDateTime(common_processing_time) AS common_processing_time, toDateTime(common_ingestion_time) AS common_ingestion_time,common_tunnel_endpoint_a_desc, common_tunnel_endpoint_b_desc, common_flags,common_flags_identify_info,common_server_fqdn,common_server_domain, common_app_full_path,common_shaping_rule_ids, common_in_link_id,common_out_link_id,http_url, http_host, http_domain, http_request_line, http_response_line, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_request_body, http_response_body, http_cookie, http_referer, http_user_agent, http_set_cookie, http_version, http_response_latency_ms, http_session_duration_ms, http_action_file_size, http_status_code, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_to, mail_cc, mail_bcc, mail_subject, mail_attachment_name, mail_eml_file, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_sub, dns_cname,dns_rr, dns_response_latency_ms, ssl_sni, ssl_cn, ssl_pinningst, ssl_intercept_state, ssl_server_side_latency, ssl_client_side_latency, ssl_server_side_version, ssl_client_side_version, ssl_cert_verify, ssl_error, ssl_con_latency_ms, ssl_ja3_hash, ssl_ja3s_hash, ssl_cert_issuer, ssl_cert_subject, dtls_sni ,quic_version, quic_sni, quic_user_agent, ftp_account, ftp_url, ftp_content, ftp_link_type, app_extra_info, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, stratum_cryptocurrency, stratum_mining_pools,stratum_mining_program,rdp_cookie,rdp_security_protocol,rdp_client_channels,rdp_keyboard_layout,rdp_client_version,rdp_client_name,rdp_client_product_id,rdp_desktop_width,rdp_desktop_height,rdp_requested_color_depth,rdp_certificate_type,rdp_certificate_count,rdp_certificate_permanent,rdp_encryption_level,rdp_encryption_method from session_record where  common_recv_time  >= UNIX_TIMESTAMP('{{start_time}}') and common_recv_time <  UNIX_TIMESTAMP('{{end_time}}')  and common_vsys_id in (1,2,3,4)  order by  common_recv_time desc  limit 0 , 20",
+									"raw": "http://{{qgw_ip}}:{{qgw_port}}/?query=select  toDateTime(common_recv_time) AS common_recv_time, common_log_id, common_vsys_id, common_subscriber_id, common_imei, common_imsi, common_phone_number, common_client_ip, common_internal_ip, common_client_port, common_l4_protocol, common_address_type, common_server_ip, common_server_port, common_external_ip, common_direction, common_sled_ip, common_client_location, common_client_asn, common_server_location, common_server_asn, common_sessions, common_c2s_pkt_num, common_s2c_pkt_num, common_c2s_byte_num, common_s2c_byte_num, common_schema_type, common_device_id, common_device_group, common_app_behavior, common_app_label, common_tunnels, common_protocol_label, common_userdefine_app_name, common_l7_protocol, common_service_category, toDateTime(common_start_time) AS common_start_time, toDateTime(common_end_time) AS common_end_time, common_establish_latency_ms, common_con_duration_ms, common_stream_dir, common_stream_trace_id, common_c2s_ipfrag_num, common_s2c_ipfrag_num, common_c2s_tcp_lostlen, common_s2c_tcp_lostlen, common_c2s_tcp_unorder_num, common_s2c_tcp_unorder_num, common_c2s_pkt_retrans, common_s2c_pkt_retrans, common_c2s_byte_retrans, common_s2c_byte_retrans, common_tcp_client_isn, common_tcp_server_isn, toDateTime(common_processing_time) AS common_processing_time, toDateTime(common_ingestion_time) AS common_ingestion_time,common_tunnel_endpoint_a_desc, common_tunnel_endpoint_b_desc, common_flags,common_flags_identify_info,common_server_fqdn,common_server_domain, common_app_full_path,common_shaping_rule_ids, common_in_link_id,common_out_link_id,http_url, http_host, http_domain, http_request_line, http_response_line, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_request_body, http_response_body, http_cookie, http_referer, http_user_agent, http_set_cookie, http_version, http_response_latency_ms, http_session_duration_ms, http_action_file_size, http_status_code, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_to, mail_cc, mail_bcc, mail_subject, mail_attachment_name, mail_eml_file, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_sub, dns_cname,dns_rr, dns_response_latency_ms, ssl_sni, ssl_cn, ssl_pinningst, ssl_intercept_state, ssl_server_side_latency, ssl_client_side_latency, ssl_server_side_version, ssl_client_side_version, ssl_cert_verify, ssl_error, ssl_con_latency_ms, ssl_ja3_hash, ssl_ja3s_hash, ssl_cert_issuer, ssl_cert_subject, ssl_esni_flag, ssl_ech_flag, dtls_sni ,quic_version, quic_sni, quic_user_agent, ftp_account, ftp_url, ftp_content, ftp_link_type, app_extra_info, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, stratum_cryptocurrency, stratum_mining_pools,stratum_mining_program,rdp_cookie,rdp_security_protocol,rdp_client_channels,rdp_keyboard_layout,rdp_client_version,rdp_client_name,rdp_client_product_id,rdp_desktop_width,rdp_desktop_height,rdp_requested_color_depth,rdp_certificate_type,rdp_certificate_count,rdp_certificate_permanent,rdp_encryption_level,rdp_encryption_method from session_record where  common_recv_time  >= UNIX_TIMESTAMP('{{start_time}}') and common_recv_time <  UNIX_TIMESTAMP('{{end_time}}')  and common_vsys_id in (1,2,3,4)  order by  common_recv_time desc  limit 0 , 20",
 									"protocol": "http",
 									"host": [
 										"{{qgw_ip}}"
@@ -1489,7 +1489,7 @@
 									"query": [
 										{
 											"key": "query",
-											"value": "select  toDateTime(common_recv_time) AS common_recv_time, common_log_id, common_vsys_id, common_subscriber_id, common_imei, common_imsi, common_phone_number, common_client_ip, common_internal_ip, common_client_port, common_l4_protocol, common_address_type, common_server_ip, common_server_port, common_external_ip, common_direction, common_sled_ip, common_client_location, common_client_asn, common_server_location, common_server_asn, common_sessions, common_c2s_pkt_num, common_s2c_pkt_num, common_c2s_byte_num, common_s2c_byte_num, common_schema_type, common_device_id, common_device_group, common_app_behavior, common_app_label, common_tunnels, common_protocol_label, common_userdefine_app_name, common_l7_protocol, common_service_category, toDateTime(common_start_time) AS common_start_time, toDateTime(common_end_time) AS common_end_time, common_establish_latency_ms, common_con_duration_ms, common_stream_dir, common_stream_trace_id, common_c2s_ipfrag_num, common_s2c_ipfrag_num, common_c2s_tcp_lostlen, common_s2c_tcp_lostlen, common_c2s_tcp_unorder_num, common_s2c_tcp_unorder_num, common_c2s_pkt_retrans, common_s2c_pkt_retrans, common_c2s_byte_retrans, common_s2c_byte_retrans, common_tcp_client_isn, common_tcp_server_isn, toDateTime(common_processing_time) AS common_processing_time, toDateTime(common_ingestion_time) AS common_ingestion_time,common_tunnel_endpoint_a_desc, common_tunnel_endpoint_b_desc, common_flags,common_flags_identify_info,common_server_fqdn,common_server_domain, common_app_full_path,common_shaping_rule_ids, common_in_link_id,common_out_link_id,http_url, http_host, http_domain, http_request_line, http_response_line, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_request_body, http_response_body, http_cookie, http_referer, http_user_agent, http_set_cookie, http_version, http_response_latency_ms, http_session_duration_ms, http_action_file_size, http_status_code, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_to, mail_cc, mail_bcc, mail_subject, mail_attachment_name, mail_eml_file, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_sub, dns_cname,dns_rr, dns_response_latency_ms, ssl_sni, ssl_cn, ssl_pinningst, ssl_intercept_state, ssl_server_side_latency, ssl_client_side_latency, ssl_server_side_version, ssl_client_side_version, ssl_cert_verify, ssl_error, ssl_con_latency_ms, ssl_ja3_hash, ssl_ja3s_hash, ssl_cert_issuer, ssl_cert_subject, dtls_sni ,quic_version, quic_sni, quic_user_agent, ftp_account, ftp_url, ftp_content, ftp_link_type, app_extra_info, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, stratum_cryptocurrency, stratum_mining_pools,stratum_mining_program,rdp_cookie,rdp_security_protocol,rdp_client_channels,rdp_keyboard_layout,rdp_client_version,rdp_client_name,rdp_client_product_id,rdp_desktop_width,rdp_desktop_height,rdp_requested_color_depth,rdp_certificate_type,rdp_certificate_count,rdp_certificate_permanent,rdp_encryption_level,rdp_encryption_method from session_record where  common_recv_time  >= UNIX_TIMESTAMP('{{start_time}}') and common_recv_time <  UNIX_TIMESTAMP('{{end_time}}')  and common_vsys_id in (1,2,3,4)  order by  common_recv_time desc  limit 0 , 20"
+											"value": "select  toDateTime(common_recv_time) AS common_recv_time, common_log_id, common_vsys_id, common_subscriber_id, common_imei, common_imsi, common_phone_number, common_client_ip, common_internal_ip, common_client_port, common_l4_protocol, common_address_type, common_server_ip, common_server_port, common_external_ip, common_direction, common_sled_ip, common_client_location, common_client_asn, common_server_location, common_server_asn, common_sessions, common_c2s_pkt_num, common_s2c_pkt_num, common_c2s_byte_num, common_s2c_byte_num, common_schema_type, common_device_id, common_device_group, common_app_behavior, common_app_label, common_tunnels, common_protocol_label, common_userdefine_app_name, common_l7_protocol, common_service_category, toDateTime(common_start_time) AS common_start_time, toDateTime(common_end_time) AS common_end_time, common_establish_latency_ms, common_con_duration_ms, common_stream_dir, common_stream_trace_id, common_c2s_ipfrag_num, common_s2c_ipfrag_num, common_c2s_tcp_lostlen, common_s2c_tcp_lostlen, common_c2s_tcp_unorder_num, common_s2c_tcp_unorder_num, common_c2s_pkt_retrans, common_s2c_pkt_retrans, common_c2s_byte_retrans, common_s2c_byte_retrans, common_tcp_client_isn, common_tcp_server_isn, toDateTime(common_processing_time) AS common_processing_time, toDateTime(common_ingestion_time) AS common_ingestion_time,common_tunnel_endpoint_a_desc, common_tunnel_endpoint_b_desc, common_flags,common_flags_identify_info,common_server_fqdn,common_server_domain, common_app_full_path,common_shaping_rule_ids, common_in_link_id,common_out_link_id,http_url, http_host, http_domain, http_request_line, http_response_line, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_request_body, http_response_body, http_cookie, http_referer, http_user_agent, http_set_cookie, http_version, http_response_latency_ms, http_session_duration_ms, http_action_file_size, http_status_code, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_to, mail_cc, mail_bcc, mail_subject, mail_attachment_name, mail_eml_file, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_sub, dns_cname,dns_rr, dns_response_latency_ms, ssl_sni, ssl_cn, ssl_pinningst, ssl_intercept_state, ssl_server_side_latency, ssl_client_side_latency, ssl_server_side_version, ssl_client_side_version, ssl_cert_verify, ssl_error, ssl_con_latency_ms, ssl_ja3_hash, ssl_ja3s_hash, ssl_cert_issuer, ssl_cert_subject, ssl_esni_flag, ssl_ech_flag, dtls_sni ,quic_version, quic_sni, quic_user_agent, ftp_account, ftp_url, ftp_content, ftp_link_type, app_extra_info, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, stratum_cryptocurrency, stratum_mining_pools,stratum_mining_program,rdp_cookie,rdp_security_protocol,rdp_client_channels,rdp_keyboard_layout,rdp_client_version,rdp_client_name,rdp_client_product_id,rdp_desktop_width,rdp_desktop_height,rdp_requested_color_depth,rdp_certificate_type,rdp_certificate_count,rdp_certificate_permanent,rdp_encryption_level,rdp_encryption_method from session_record where  common_recv_time  >= UNIX_TIMESTAMP('{{start_time}}') and common_recv_time <  UNIX_TIMESTAMP('{{end_time}}')  and common_vsys_id in (1,2,3,4)  order by  common_recv_time desc  limit 0 , 20"
 										}
 									]
 								}