diff --git a/24.07/README.md b/24.07/README.md new file mode 100644 index 0000000..52425d8 --- /dev/null +++ b/24.07/README.md @@ -0,0 +1,79 @@ +# TSG OLAP End-to-End Test + +## 概述 + +TSG OLAP 支持对Logs,Metrics和Files进行端到端业务自检,自检数据流: Smaple Datasets -> Kafka Topic -> FLINK ETL -> Storage DB -> QGW API . + +## 环境依赖 + +- 样例数据生成工具:`e2e-mockdata-generator` ,需要JDK11环境 +- Report诊断工具:`Newman`,具体参考[帮助文档](https://learning.postman.com/docs/collections/using-newman-cli/newman-options/) + +## 使用方法 + +### 修改 enviroment.json 配置 + +`Newman CLI 使用QGW HTTP REST API 输出诊断报告,需要添加访问IP` +```json +[ + { + "key": "qgw_ip", + "value": "127.0.0.1", + "type": "default", + "enabled": true + }, + { + "key": "hos_token", + "value": "c21f969b5f03d33d43e04f8f136e7682", + "type": "secret", + "enabled": true + } +] +``` +### 修改e2e_test.sh配置 + +- 增加每个分中心的kafka broker地址 + +```shell + # [data_center_name]:kafka_server_list + declare -A KAFKA_SERVERS=( + ["tsg_olap_dc_a"]="192.168.44.11:9092" + ["tsg_olap_dc_b"]="192.168.44.11:9092" + ) +``` +- 增加每个分中心的HOS访问地址 +```shell + # [data_center_name]:hos_endpoint_uri + declare -A HOS_ENDPOINTS=( + ["tsg_olap_dc_a"]="192.168.44.11" + ["tsg_olap_dc_b"]="192.168.44.11" + ) +``` + +### 命令详解 + +`./e2e_test.sh -h` + +```shell +Usage: ./e2e_test.sh [options] + +Options: + -g Generate data (logs, metrics, files) + -d Run diagnostic report (logs, metrics, files) + -c Clear test data + -a Perform all operations: generate data, run diagnostics, and clear data + -i Set environment variable (data_center, hos_ip) + -v Enable verbose reporting + -e Enable emojitrain reporting + -h Show this help message + +Examples: + ./e2e_test.sh -a -e Perform all operations and enable emojitrain reporting + ./e2e_test.sh -g logs -i data_center=my_data_center Generate log data at my_data_center + ./e2e_test.sh -d logs -v Run diagnostics on logs data with verbose reporting + ./e2e_test.sh -d metrics -v Run diagnostics on metrics data with verbose reporting + ./e2e_test.sh -g logs Generate log data use default data center + ./e2e_test.sh -c Clear test data + + +``` diff --git a/24.07/bin/e2e_test.sh b/24.07/bin/e2e_test.sh new file mode 100755 index 0000000..11e6ec9 --- /dev/null +++ b/24.07/bin/e2e_test.sh @@ -0,0 +1,268 @@ +#!/bin/bash +#BASE_DIR=$(cd $(dirname $0) && pwd) +BASE_DIR="$(dirname "$(pwd)")" +# Check if required tools are installed +if ! command -v java &> /dev/null; then + echo "Error: Java is not installed." + exit 1 +fi + +# Define common variables +E2E_MOCKDATA_GENERATOR_PATH="$BASE_DIR/e2e-mockdata-generator" +CONFIG_PATH="$BASE_DIR/config" +COLLECTION="tsg-olap-e2e-test-collection.json" +ENVIRONMENT="$BASE_DIR/environment.json" +DATA_CENTER="tsg_olap" # Default Data Center +OTHER_VAR="" +current=`date "+%Y-%m-%d %H:%M:%S"` +timeStamp=`date -d "$current" +%s` +currentTimeStamp=$((timeStamp*1000+10#`date "+%N"`/1000000)) + +# data_center_name:kafka_server +declare -A KAFKA_SERVERS=( + ["tsg_olap"]="192.168.44.11:9092" + ["tsg_olap_dc_a"]="192.168.44.11:9092" + ["tsg_olap_dc_b"]="192.168.44.11:9092" +) + +# data_center_name:hos_endpoint +HOS_ENDPOINTS=( + ["tsg_olap"]="192.168.44.11" + ["tsg_olap_dc_a"]="192.168.44.11" + ["tsg_olap_dc_b"]="192.168.44.11" +) + +log_message() { + echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" +} + +generate_logs() { + log_message "Generating logs for $1 $2 ..." + local data_center=$1 + local bootstrap_server=$2 + cd $E2E_MOCKDATA_GENERATOR_PATH || { echo "Error: Cannot change directory to $E2E_MOCKDATA_GENERATOR_PATH"; exit 1; } + declare -A LOGS=( + ["SESSION-RECORD"]="session_record.dat" + ["VOIP-RECORD"]="voip_record.dat" + ["PROXY-EVENT"]="proxy_event.dat" + ) + for topic in "${!LOGS[@]}"; do + # Replace the "data_center" value in the file + sed -i "s/\"data_center\":\"[^\"]*\"/\"data_center\":\"$data_center\"/g" ./datasets/logs/${LOGS[$topic]} + sed -i "s/\"start_timestamp_ms\":[0-9]*/\"start_timestamp_ms\":$currentTimeStamp/" ./datasets/logs/${LOGS[$topic]} + sed -i "s/\"end_timestamp_ms\":[0-9]*/\"end_timestamp_ms\":$currentTimeStamp/" ./datasets/logs/${LOGS[$topic]} + java -cp e2e-mockdata-generator.jar com.geedgenetworks.LogGenerator --bootstrap_server $bootstrap_server --topic $topic -f ./datasets/logs/${LOGS[$topic]} + done +} + +generate_metrics() { + log_message "Generating metrics for $1 $2..." + local data_center=$1 + local bootstrap_server=$2 + cd $E2E_MOCKDATA_GENERATOR_PATH || { echo "Error: Cannot change directory to $E2E_MOCKDATA_GENERATOR_PATH"; exit 1; } + declare -A METRICS=( + ["NETWORK-TRAFFIC-METRIC"]="network_traffic_metric.dat" + ["POLICY-RULE-METRIC"]="policy_rule_metric.dat" + ["OBJECT-STATISTICS-METRIC"]="object_statistics_metric.dat" + ["STATISTICS-RULE-METRIC"]="statistics_rule_metric.dat" + ["TRAFFIC-SKETCH-METRIC"]="traffic_sketch_metric.dat" + ) + for topic in "${!METRICS[@]}"; do + # Replace the "data_center" value in the file + sed -i "s/\"data_center\":\"[^\"]*\"/\"data_center\":\"$data_center\"/g" ./datasets/metrics/${METRICS[$topic]} + # Replace the "timestamp_ms" value in the file + sed -i "s/\"timestamp_ms\":[0-9]*/\"timestamp_ms\":$currentTimeStamp/" ./datasets/metrics/${METRICS[$topic]} + + java -cp e2e-mockdata-generator.jar com.geedgenetworks.LogGenerator --bootstrap_server $bootstrap_server --topic $topic -f ./datasets/metrics/${METRICS[$topic]} + done +} + + +generate_files() { + log_message "Generating files for $1 $2 ..." + local data_center=$1 + local bootstrap_server=$2 + cd $E2E_MOCKDATA_GENERATOR_PATH || { echo "Error: Cannot change directory to $E2E_MOCKDATA_GENERATOR_PATH"; exit 1; } + # 123e4567-e89b-12d3-a456-426614174006 troubleshooting_pcapng + # 123e4567-e89b-12d3-a456-426614174007 datapath_telemetry_pcapng + declare -A FILES=( + ["123e4567-e89b-12d3-a456-426614174001"]="traffic_pcapng" + ["123e4567-e89b-12d3-a456-426614174002"]="html" + ["123e4567-e89b-12d3-a456-426614174003"]="html" + ["123e4567-e89b-12d3-a456-426614174004"]="eml" + ["123e4567-e89b-12d3-a456-426614174005"]="traffic_pcapng" + ) + for uuid in "${!FILES[@]}"; do + java -cp e2e-mockdata-generator.jar com.geedgenetworks.FileChunkGenerator --bootstrap_server $bootstrap_server --topic TRAFFIC-FILE-STREAM-RECORD -n $uuid --file_type ${FILES[$uuid]} + done +} + + +# Define function to run diagnostic report + # -folder logs :对日志进行故障诊断,输出诊断明细;指定data_center。 + # -folder metrics:对Metrics进行故障诊断,输出诊断明细;指定data_center。 + # -folder files:对文件进行故障诊断,输出诊断明细;指定分中心HOS访问地址。 + # -folder logs:对日志进行故障诊断,通过表情形式输出测试结果 + # -folder files:对文件进行故障诊断,通过表情形式输出测试结果 + # newman run ./tsg-olap-e2e-test-collection.json -n 1 --delay-request 500 -e $ENVIRONMENT --env-var "data_center=$DATA_CENTER" --ignore-redirects --folder logs -r emojitrain + # newman run ./tsg-olap-e2e-test-collection.json -n 1 --delay-request 500 -e $ENVIRONMENT --env-var "hos_ip=$HOS_IP" --ignore-redirects --folder files -r emojitrain +run_diagnostic() { + log_message "Running diagnostic for $1..." + cd $BASE_DIR || { echo "Error: Cannot change directory to $BASE_DIR"; exit 1; } + local folder=$1 + local env_var=$2 + local verbose="" + local emojitrain="" + if $verbose_flag; then + verbose="--verbose" + fi + + if $emojitrain_flag; then + emojitrain="-r emojitrain" + fi + + # Split the env_var string by comma and prepare the env_var_str + IFS=',' read -ra env_vars <<< "$env_var" + local env_var_str="" + for var in "${env_vars[@]}"; do + env_var_str+="--env-var $var " + done + + newman run $CONFIG_PATH/tsg-olap-e2e-test-collection.json -g $CONFIG_PATH/globals.json -n 1 -e $CONFIG_PATH/environment.json --delay-request 500 --timeout-script 10000 --timeout-request 300000 --timeout 3600000 --insecure $verbose --ignore-redirects $env_var_str --folder $folder $emojitrain +} + +clear_data() { + log_message "Clearing test data..." + newman run $CONFIG_PATH/tsg-olap-e2e-test-collection.json -g $CONFIG_PATH/globals.json -n 1 --delay-request 500 -e $CONFIG_PATH/environment.json --ignore-redirects --folder clear_test_data -r emojitrain +} + +# Help message +show_help() { + echo "" + echo "Usage: $0 [options]" + echo "" + echo "Options:" + echo " -g Generate data (logs, metrics, files)" + echo " -d Run diagnostic report (logs, metrics, files)" + echo " -c Clear test data" + echo " -a Perform all operations: generate data, run diagnostics, and clear data" + echo " -i " + echo " Set environment variable (data_center, hos_ip)" + echo " -v Enable verbose reporting" + echo " -e Enable emojitrain reporting" + echo " -h Show this help message" + echo "" + echo "Examples:" + echo " $0 -a Perform all operations" + echo " $0 -g logs Generate log data" + echo " $0 -d metrics -v Run diagnostics on metrics data with verbose reporting" + echo " $0 -c Clear test data" + echo " $0 -g logs -i data_center=my_data_center Generate log data in my_data_center" + echo "" +} + +# Initialize flags +generate_flag=false +diagnostic_flag=false +verbose_flag=false +emojitrain_flag=false +clear_flag=false +all_flag=false +generate_type="" +diagnostic_type="" + + +# Parse command-line arguments +while getopts ":g:d:i:acveh" opt; do + case $opt in + g) + generate_type=$OPTARG + generate_flag=true + ;; + d) + diagnostic_type=$OPTARG + diagnostic_flag=true + ;; + c) + clear_flag=true + ;; + a) + all_flag=true + ;; + i) + # Split the input based on whitespace, then further split by '=' to assign key-value pairs + IFS=',' read -ra vars <<< "$OPTARG" + for var in "${vars[@]}"; do + # Remove leading and trailing whitespaces + var=$(echo "$var" | sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//') + IFS='=' read -r key value <<< "$var" + case $key in + data_center) DATA_CENTER=$value ;; + other_var) OTHER_VAR=$value ;; + *) echo "Invalid environment variable: $key"; show_help; exit 1 ;; + esac + done + ;; + v) + verbose_flag=true + ;; + e) + emojitrain_flag=true + ;; + h) + show_help + exit 0 + ;; + \?) + echo "Invalid option: -$OPTARG" >&2 + show_help + exit 1 + ;; + esac +done + + +if $generate_flag; then + case $generate_type in + logs) generate_logs "$DATA_CENTER" "${KAFKA_SERVERS[$DATA_CENTER]}" ;; + metrics) generate_metrics "$DATA_CENTER" "${KAFKA_SERVERS[$DATA_CENTER]}" ;; + files) generate_files "$DATA_CENTER" "${KAFKA_SERVERS[$DATA_CENTER]}" ;; + *) echo "Invalid generate type"; show_help; exit 1 ;; + esac +fi + +if $diagnostic_flag; then + case $diagnostic_type in + logs) run_diagnostic "logs" "data_center=$DATA_CENTER" ;; + metrics) run_diagnostic "metrics" "data_center=$DATA_CENTER" ;; + files) run_diagnostic "files" "data_center=$DATA_CENTER,hos_ip=${HOS_ENDPOINTS[$DATA_CENTER]}" ;; + *) echo "Invalid diagnostic type"; show_help; exit 1 ;; + esac +fi + +if $clear_flag; then + clear_data +fi + +if $all_flag; then + + for data_center_var in "${!KAFKA_SERVERS[@]}"; do + generate_logs "$data_center_var" "${KAFKA_SERVERS[$data_center_var]}" + generate_metrics "$data_center_var" "${KAFKA_SERVERS[$data_center_var]}" + generate_files "$data_center_var" "${KAFKA_SERVERS[$data_center_var]}" + echo "Wait 30 Seconds..." + sleep 30 + run_diagnostic "logs" "data_center=$data_center_var" + run_diagnostic "metrics" "data_center=$data_center_var" + run_diagnostic "files" "data_center=$data_center_var,hos_ip=${HOS_ENDPOINTS[$data_center_var]}" + clear_data + done +fi + +# Display help message if no arguments are passed +if ! $generate_flag && ! $diagnostic_flag && ! $clear_flag && ! $all_flag; then + show_help + exit 1 +fi + +log_message "E2E test execution completed." diff --git a/24.07/bin/function_test.sh b/24.07/bin/function_test.sh new file mode 100755 index 0000000..772e9f3 --- /dev/null +++ b/24.07/bin/function_test.sh @@ -0,0 +1,118 @@ +#!/bin/bash + +show_help() { + echo " +Usage: $(basename "$0") [-f FOLDER_NUMBER] [-a] [-v] [-e] + +Options: + -f FOLDER_NUMBER Specify a single folder to run from a collection: + 1. Query + 2. Dataset + 3. Database + 4. Util + 5. Troubleshooting + 6. HOS + 7. Knowledge Base File + -a Run all options [1-7] + -v Enable verbose reporting + -e Enable emojitrain reporting + -h, --help Show this help message and exit +" +} + +BASE_DIR="$(dirname "$(pwd)")" +CONFIG_PATH="$BASE_DIR/config" +FOLDER="" +ALL=false +VERBOSE_FLAG=false +EMOJITRAIN_FLAG=false + +# Flag to check if any valid option is provided +VALID_OPTION_PROVIDED=false + +# Parse command-line arguments +while [[ $# -gt 0 ]]; do + case $1 in + -f) + VALID_OPTION_PROVIDED=true + if [[ -n $2 && $2 =~ ^[1-7]$ ]]; then + case $2 in + 1) FOLDER="--folder Query" ;; + 2) FOLDER="--folder Dataset" ;; + 3) FOLDER="--folder Database" ;; + 4) FOLDER="--folder Util" ;; + 5) FOLDER="--folder Troubleshooting" ;; + 6) FOLDER="--folder HOS" ;; + 7) FOLDER="--folder Knowledge Base File" ;; + esac + shift 2 + else + echo "Error: Invalid folder number." + show_help + exit 1 + fi + ;; + -a) + VALID_OPTION_PROVIDED=true + ALL=true + shift + ;; + -v) + VERBOSE_FLAG=true + shift + ;; + -e) + EMOJITRAIN_FLAG=true + shift + ;; + -h|--help) + show_help + exit 0 + ;; + *) + echo "Error: Unknown option $1" + show_help + exit 1 + ;; + esac +done + +if ! $VALID_OPTION_PROVIDED; then + show_help + exit 1 +fi + +if $ALL; then + FOLDER="" +fi + +NEW_MAN_OPTS=( + "$CONFIG_PATH/tsg-olap-function-test-collection.json" + -n 1 + -e "$CONFIG_PATH/environment.json" + -g "$CONFIG_PATH/globals.json" + --delay-request 200 + --timeout-script 10000 + --timeout-request 300000 + --timeout 3600000 + --insecure +) + +# Add verbose reporting option if enabled +if $VERBOSE_FLAG; then + NEW_MAN_OPTS+=(--verbose) +fi + +# Add folder option if set +if [[ -n $FOLDER ]]; then + NEW_MAN_OPTS+=($FOLDER) +fi + +# Add emojitrain reporting option if enabled +if $EMOJITRAIN_FLAG; then + NEW_MAN_OPTS+=(-r emojitrain) +fi + +# Run the newman command +newman run "${NEW_MAN_OPTS[@]}" + diff --git a/24.07/config/environment.json b/24.07/config/environment.json new file mode 100644 index 0000000..7b1a0b6 --- /dev/null +++ b/24.07/config/environment.json @@ -0,0 +1,250 @@ +{ + "id": "b3e1e379-56c2-46b8-a9bf-ed68e1460469", + "name": "Test", + "values": [ + { + "key": "qgw_ip", + "value": "192.168.44.67", + "enabled": true + }, + { + "key": "qgw_port", + "value": "9999", + "enabled": true + }, + { + "key": "druid_ip", + "value": "192.168.44.67", + "enabled": true + }, + { + "key": "druid_port", + "value": "8089", + "enabled": true + }, + { + "key": "hbase_ip", + "value": "192.168.44.11", + "enabled": true + }, + { + "key": "hbase_port", + "value": "50070", + "enabled": true + }, + { + "key": "hos_ip", + "value": "192.168.44.67", + "enabled": true + }, + { + "key": "hos_port", + "value": "9098", + "enabled": true + }, + { + "key": "hos_token", + "value": "c21f969b5f03d33d43e04f8f136e7682", + "type": "secret", + "enabled": true + }, + { + "key": "report_ip", + "value": "192.168.44.67", + "enabled": true + }, + { + "key": "report_port", + "value": "9093", + "enabled": true + }, + { + "key": "clickhouse_ip", + "value": "192.168.44.67", + "enabled": true + }, + { + "key": "clickhouse_port", + "value": "8124", + "enabled": true + }, + { + "key": "clickhouse_database", + "value": "tsg_galaxy_v3", + "enabled": true + }, + { + "key": "clickhouse_user", + "value": "default", + "enabled": true + }, + { + "key": "clickhouse_password", + "value": "galaxy2019", + "type": "secret", + "enabled": true + }, + { + "key": "arango_ip", + "value": "192.168.44.13", + "enabled": true + }, + { + "key": "arango_port", + "value": "8529", + "enabled": true + }, + { + "key": "kafka_ip", + "value": "192.168.44.11", + "enabled": true + }, + { + "key": "kafka_monitor_port", + "value": "9901", + "enabled": true + }, + { + "key": "Last 5 Minutes Start", + "value": "FROM_UNIXTIME(UNIX_TIMESTAMP(now())-300)", + "enabled": true + }, + { + "key": "now", + "value": "now()", + "enabled": true + }, + { + "key": "Last 1 Hour Start", + "value": "FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600)", + "enabled": true + }, + { + "key": "Last 12 Hour Start", + "value": "FROM_UNIXTIME(UNIX_TIMESTAMP(now())-43200)", + "enabled": true + }, + { + "key": "Last 24 Hour Start", + "value": "FROM_UNIXTIME(UNIX_TIMESTAMP(now())-86400)", + "enabled": true + }, + { + "key": "Today Start", + "value": "DATE(FROM_UNIXTIME(UNIX_TIMESTAMP(now())))", + "enabled": true + }, + { + "key": "Today End", + "value": "DATE(FROM_UNIXTIME(UNIX_TIMESTAMP(now()) +86400))", + "enabled": true + }, + { + "key": "Today so far Start", + "value": "DATE(FROM_UNIXTIME(UNIX_TIMESTAMP(now())))", + "enabled": true + }, + { + "key": "Yesterday Start", + "value": "DATE(FROM_UNIXTIME(UNIX_TIMESTAMP(now()) -86400))", + "enabled": true + }, + { + "key": "Yesterday End", + "value": "DATE(FROM_UNIXTIME(UNIX_TIMESTAMP(now())))", + "enabled": true + }, + { + "key": "PT5S_RECV_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(common_recv_time,'PT5s'))", + "enabled": true + }, + { + "key": "PT30S_RECV_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(common_recv_time,'PT30S'))", + "enabled": true + }, + { + "key": "PT5M_RECV_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(common_recv_time,'PT5M'))", + "enabled": true + }, + { + "key": "PT30M_RECV_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(common_recv_time,'PT30M'))", + "enabled": true + }, + { + "key": "PT1H_RECV_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(common_recv_time,'PT1H'))", + "enabled": true + }, + { + "key": "P1D_RECV_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(common_recv_time,'P1D'))", + "enabled": true + }, + { + "key": "PT5S_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT5s'))", + "enabled": true + }, + { + "key": "PT30S_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT30S'))", + "enabled": true + }, + { + "key": "PT1M_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M'))", + "enabled": true + }, + { + "key": "PT5M_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT5M'))", + "enabled": true + }, + { + "key": "PT30M_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT30M'))", + "enabled": true + }, + { + "key": "PT1H_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1H'))", + "enabled": true + }, + { + "key": "P1D_TIME", + "value": "FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'P1D'))", + "enabled": true + }, + { + "key": "fd_statistics_job_id", + "value": "", + "type": "any", + "enabled": true + }, + { + "key": "Last 10 Minutes Start", + "value": "FROM_UNIXTIME(UNIX_TIMESTAMP(now())-600)", + "type": "default", + "enabled": true + }, + { + "key": "metric_fixed_time", + "value": "FROM_UNIXTIME(946681200)", + "type": "default", + "enabled": true + }, + { + "key": "data_center", + "value": "tsg_olap", + "type": "default", + "enabled": true + } + ], + "_postman_variable_scope": "environment", + "_postman_exported_at": "2024-07-22T11:04:35.566Z", + "_postman_exported_using": "Postman/11.4.0" +} \ No newline at end of file diff --git a/24.07/config/globals.json b/24.07/config/globals.json new file mode 100644 index 0000000..0397c3f --- /dev/null +++ b/24.07/config/globals.json @@ -0,0 +1,39 @@ +{ + "id": "0083244f-f7da-4ec8-8c09-317c1121d3ad", + "values": [ + { + "key": "start_time", + "value": "", + "type": "any", + "enabled": true + }, + { + "key": "end_time", + "value": "", + "type": "any", + "enabled": true + }, + { + "key": "domain", + "value": "", + "type": "any", + "enabled": true + }, + { + "key": "client_ip", + "value": "", + "type": "any", + "enabled": true + }, + { + "key": "server_ip", + "value": "", + "type": "any", + "enabled": true + } + ], + "name": "Globals", + "_postman_variable_scope": "globals", + "_postman_exported_at": "2024-05-21T02:39:11.566Z", + "_postman_exported_using": "Postman/11.1.3" +} \ No newline at end of file diff --git a/24.07/config/tsg-olap-e2e-test-collection.json b/24.07/config/tsg-olap-e2e-test-collection.json new file mode 100644 index 0000000..f1c0702 --- /dev/null +++ b/24.07/config/tsg-olap-e2e-test-collection.json @@ -0,0 +1,1536 @@ +{ + "info": { + "_postman_id": "8d632c51-8d7b-426a-ae7d-baaf5d41dca3", + "name": "tsg-olap-e2e-test-24.07", + "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", + "_exporter_id": "8105037" + }, + "item": [ + { + "name": "logs", + "item": [ + { + "name": "proxy_event_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from proxy_event where vsys_id=1024 and recv_time >={{Last 10 Minutes Start}} and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "voip_record_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from voip_record where vsys_id=1024 and decoded_as='VoIP' and recv_time >={{Last 10 Minutes Start}} and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "monitor_event_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(7);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from monitor_event where vsys_id=1024 and recv_time >={{Last 10 Minutes Start}} and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "security_event_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(7);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from security_event where vsys_id=1024 and recv_time >={{Last 10 Minutes Start}} and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "session_record_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(7);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from session_record where vsys_id=1024 and recv_time >={{Last 10 Minutes Start}} and data_center='{{data_center}}' group by data_center order by cnt asc\",\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "metrics", + "item": [ + { + "name": "traffic_general_stat_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from traffic_general_stat where __time >={{Last 10 Minutes Start}} and vsys_id=1024 and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "application_protocol_stat_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from application_protocol_stat where __time >={{Last 10 Minutes Start}} and vsys_id=1024 and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "statistics_rule_hits_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center,count(*) as cnt from statistics_rule_hits where __time>={{Last 10 Minutes Start}} and vsys_id=1024 and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "security_rule_hits_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from security_rule_hits where __time >={{Last 10 Minutes Start}} and vsys_id=1024 and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "monitor_rule_hits_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from monitor_rule_hits where __time>={{Last 10 Minutes Start}} and vsys_id=1024 and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "proxy_rule_hits_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center,count(*) as cnt from proxy_rule_hits where __time >={{Last 10 Minutes Start}} and vsys_id=1024 and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "service_chaining_rule_hits_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from service_chaining_rule_hits where __time>={{Last 10 Minutes Start}} and vsys_id=1024 and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "object_statistics_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from object_statistics where __time >={{Last 10 Minutes Start}} and vsys_id=1024 and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "statistics_rule_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from statistics_rule where __time>={{Last 10 Minutes Start}} and vsys_id=1024 and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "traffic_sketch_metric_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + " const responseJson = pm.response.json();", + " pm.expect(Number(responseJson.data[0].cnt)).to.at.least(1);", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select data_center, count(*) as cnt from traffic_sketch_metric where recv_time >={{Last 10 Minutes Start}} and vsys_id=1024 and data_center='{{data_center}}' group by data_center order by cnt asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "files", + "item": [ + { + "name": "monitor_packet_capture_file_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "method": "HEAD", + "header": [ + { + "key": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + } + ], + "body": { + "mode": "urlencoded", + "urlencoded": [] + }, + "url": { + "raw": "http://{{hos_ip}}:{{hos_port}}/hos/traffic_file_bucket/123e4567-e89b-12d3-a456-426614174001", + "protocol": "http", + "host": [ + "{{hos_ip}}" + ], + "port": "{{hos_port}}", + "path": [ + "hos", + "traffic_file_bucket", + "123e4567-e89b-12d3-a456-426614174001" + ] + } + }, + "response": [] + }, + { + "name": "http_request_body_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "method": "HEAD", + "header": [ + { + "key": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + } + ], + "body": { + "mode": "urlencoded", + "urlencoded": [] + }, + "url": { + "raw": "http://{{hos_ip}}:{{hos_port}}/hos/traffic_file_bucket/123e4567-e89b-12d3-a456-426614174002", + "protocol": "http", + "host": [ + "{{hos_ip}}" + ], + "port": "{{hos_port}}", + "path": [ + "hos", + "traffic_file_bucket", + "123e4567-e89b-12d3-a456-426614174002" + ] + } + }, + "response": [] + }, + { + "name": "http_response_body_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "method": "HEAD", + "header": [ + { + "key": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + } + ], + "body": { + "mode": "urlencoded", + "urlencoded": [] + }, + "url": { + "raw": "http://{{hos_ip}}:{{hos_port}}/hos/traffic_file_bucket/123e4567-e89b-12d3-a456-426614174003", + "protocol": "http", + "host": [ + "{{hos_ip}}" + ], + "port": "{{hos_port}}", + "path": [ + "hos", + "traffic_file_bucket", + "123e4567-e89b-12d3-a456-426614174003" + ] + } + }, + "response": [] + }, + { + "name": "mail_eml_file_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "method": "HEAD", + "header": [ + { + "key": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + } + ], + "body": { + "mode": "urlencoded", + "urlencoded": [] + }, + "url": { + "raw": "http://{{hos_ip}}:{{hos_port}}/hos/traffic_file_bucket/123e4567-e89b-12d3-a456-426614174004", + "protocol": "http", + "host": [ + "{{hos_ip}}" + ], + "port": "{{hos_port}}", + "path": [ + "hos", + "traffic_file_bucket", + "123e4567-e89b-12d3-a456-426614174004" + ] + } + }, + "response": [] + }, + { + "name": "rtp_pcap_path_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "method": "HEAD", + "header": [ + { + "key": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + } + ], + "body": { + "mode": "urlencoded", + "urlencoded": [] + }, + "url": { + "raw": "http://{{hos_ip}}:{{hos_port}}/hos/traffic_file_bucket/123e4567-e89b-12d3-a456-426614174005", + "protocol": "http", + "host": [ + "{{hos_ip}}" + ], + "port": "{{hos_port}}", + "path": [ + "hos", + "traffic_file_bucket", + "123e4567-e89b-12d3-a456-426614174005" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Reports", + "item": [ + { + "name": "Session Record Summary", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " postman.setEnvironmentVariable(\"saved_query_job_id\", JSON.parse(responseBody).job.job_id);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select round(tcp_logs / logs,4) as \\\"TCP Percentage\\\", round(udp_logs / logs,4) as \\\"UDP Percentage\\\", round(out_bytes / bytes,4) as \\\"Outgoing Percentage\\\", round(in_bytes / bytes,4) as \\\"Incoming Percentage\\\", formatReadableQuantity(tcp_logs) as \\\"TCP Logs\\\", formatReadableQuantity(udp_logs) as \\\"UDP Logs\\\", formatReadableQuantity(logs) as \\\"Logs\\\", formatReadableSize(out_bytes) as \\\"Outgoing Bytes\\\", formatReadableSize(in_bytes) as \\\"Incoming Bytes\\\", formatReadableSize(bytes) as \\\"Bytes\\\" from ( select sum(if(ip_protocol='tcp', 1, 0)) as tcp_logs, sum(if(ip_protocol='udp', 1, 0)) as udp_logs, sum(if(bitAnd(flags, 8) = 8, sent_bytes, received_bytes))as out_bytes, sum(if(bitAnd(flags, 8) = 8, received_bytes, sent_bytes)) as in_bytes, count(*) as logs, sum(sent_bytes + received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time \n true\n \n 123e4567-e89b-12d3-a456-426614174001\n \n \n 123e4567-e89b-12d3-a456-426614174002\n \n \n 123e4567-e89b-12d3-a456-426614174003\n \n \n 123e4567-e89b-12d3-a456-426614174004\n \n \n 123e4567-e89b-12d3-a456-426614174005\n \n", + "options": { + "raw": { + "language": "xml" + } + } + }, + "url": { + "raw": "http://{{hos_ip}}:{{hos_port}}/hos/traffic_file_bucket?delete", + "protocol": "http", + "host": [ + "{{hos_ip}}" + ], + "port": "{{hos_port}}", + "path": [ + "hos", + "traffic_file_bucket" + ], + "query": [ + { + "key": "delete", + "value": null + } + ] + } + }, + "response": [] + }, + { + "name": "delete_datapath_telemery_pcap_files_test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.not.be.error;", + " pm.response.to.be.json;", + "});", + "", + "", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "DELETE", + "header": [ + { + "key": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + } + ], + "body": { + "mode": "urlencoded", + "urlencoded": [] + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/hos/traffic_file_bucket?file_names=123e4567-e89b-12d3-a456-426614174007", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "hos", + "traffic_file_bucket" + ], + "query": [ + { + "key": "file_names", + "value": "123e4567-e89b-12d3-a456-426614174007" + } + ] + } + }, + "response": [] + } + ] + } + ] +} \ No newline at end of file diff --git a/24.07/config/tsg-olap-function-test-collection.json b/24.07/config/tsg-olap-function-test-collection.json new file mode 100644 index 0000000..2cf55dd --- /dev/null +++ b/24.07/config/tsg-olap-function-test-collection.json @@ -0,0 +1,13358 @@ +{ + "info": { + "_postman_id": "5cf7b968-33c6-4c40-a178-d4f15a8803cb", + "name": "tsg-olap-function-test-24.07", + "description": "# galaxy-troubleshooting-api\n\n使用Postman组件,基于Rest API接口对TSG OLAP 进行功能验证。包括组件健康检查,功能集成测试及故障诊断。\n\n## Release 24.07 (28 JUL 2024)\n\n###### New Features\n\n- Datasets Time_Floor 函数支持时间粒度获取函数 CHART_GRANULARITY, SAMPLE_GRANULARITY\n \n\n###### Update\n\n- Druid Datasets 增加函数HDR_DESCRIBE,HDR_GET_PERCENTILES_DESCRIPTION使用\n \n\n###### Delete\n\n- 删除Apache Druid ,Report and Metrics 接口\n \n\n## Release 24.06 (28 JUN 2024)\n\n###### New Features\n\n- 增加Traffic Spectrum 数据集\n \n\n###### Update\n\n- Troubleshooting 增加Test Script\n \n- Statistics Rule Metrics 增加Client Port,Server Port及Packet Length 数据集\n \n\n## Release 24.05 (28 MAY 2024)\n\n###### New Features\n\n- 增加Scehma datapath_telemetry_record\n \n\n###### Update\n\n- Session Records 查询增加c2s_ttl,s2c_ttl\n \n\n## Release 24.04 (28 APR 2024)\n\n###### New Features\n\n- 增加DoS Protection Rule Metric 相关Datasets\n \n- 增加DoS Protection Policy Rule Hits\n \n\n###### Update\n\n- 日志公共字段增加tunnel_id_list,client_country, client_super_administrative_area, client_administrative_area, client_sub_administrative_area,server_country, server_super_administrative_area, server_administrative_area, server_sub_administrative_area\n \n- QGW Query API 参数由execution_mode修改 execution_mode\n \n- DoS Threat Map 增加 attack volume接口\n \n- Statistics Rule Metric增加Client ASN和Server ASN Dataset\n \n- TopK 增加维度rank_by\n \n- TopK Metric 增加Top Client Countries,Top Server Countries\n \n\n###### Delete\n\n- 删除Top Subscribers\n \n\n## Release 24.03 (28 MAR 2024)\n\n###### Update\n\n- Top-k metrics 去掉metric维度\n \n- Saved query scheduler 增加monitor 接口\n \n\n## Release 24.02 (29 FEB 2024)\n\n###### Update\n\n- Metric相关接口内层嵌套查询调整粒度为1s\n \n- 基础字段tunnels修改为encapsulation\n \n\n## Release 24.01 (31 JAN 2024)\n\n###### New Features\n\n- 依据OLAP API 组织接口\n \n- 接口进行重构,不再兼容23.10及之前版本\n \n\n## Release 23.10 (30 OCT 2023)\n\n###### Update\n\n- 会话日志增加毫米级时间戳字段common_start_timestamp_ms, common_end_timestamp_ms\n \n- 会话日志增加操作系统指纹common_client_os_name,common_server_os_name\n \n\n## Release 23.09 (30 SEP 2023)\n\n###### Update\n\n- metrics 修改表名由statistics_object改为object_statistics\n \n- Flags统计增加Bidirectional标识\n \n- Closed Session Records 增加http_status_code, ssl_esni_flag, ssl_ech_flag\n \n- 删除Kafka Topics 目录\n \n\n## Release 23.08 (21 AUG 2023)\n\n###### New Features\n\n- Metrics增加Statistics Policy 相关接口\n \n- Metrics增加Statistics Object 相关接口\n \n- Metrics增加Statistics rule 命中计数接口\n \n\n###### Update\n\n- 会话日志查询,增加重命名字段common_out_link_id、common_in_link_id\n \n\n## Release 23.07 (21 JUL 2023)\n\n###### Update\n\n- 修复Network Throughput Active Sessions计算错误,不除时间粒度\n \n\n## Release 23.06 (21 JUN 2023)\n\n###### Update\n\n- 优化Limit返回值\n \n\n## Release 23.05 (28 MAY 2023)\n\n###### New Features\n\n- 增加Service chaining统计接口\n \n- QGW增加嵌套子查询接口,用于验证高级搜索\n \n\n###### Update\n\n- Main Dashboard统计接口重构,更改统计源\n \n- Live Traffic Chart 接口重构,更改统计源\n \n- 原代理日志拆分为Intercept和Manipulation\n \n- 相关Metrics的Schema更改为重构后的数据源\n \n\n## Release 23.04 (28 APR 2023)\n\n###### New Features\n\n- 增加数据写入延迟接口Session Insert Latency Distribution\n \n- 增加数据写入Kafka延迟接口 Session Ingestion Latency Distribution\n \n\n###### Update\n\n- 重构 Security Policy Hits Metrics 统计\n \n- 重构 Traffic Shaping Metrics 统计\n \n\n## Release 23.03 (28 MAR 2023)\n\n###### New Features\n\n- 目录整体重构,重新梳理功能,便于Newman CLI运行\n \n- ClickHouse目录下增加慢查询故障诊断语句\n \n- 参数与API接口统一改为英文,避免中文编码执行异常\n \n- 加密环境变量密码、token等敏感信息\n \n- 定义全局动态变量:时间范围、随机IP、随机域名等\n \n\n###### Update\n\n- Flags 添加C2S与S2C标志位标签\n \n\n## Release 23.02 (28 FEB 2023)\n\n###### New Features\n\n- 增加Traffic Shaping 相关统计接口\n \n\n###### Update\n\n- 会话日志增加列common_shaping_rule_ids\n \n- 会话与安全事件日志增加列common_server_domain\n \n- 会话与安全事件日志增加列common_flags_identify_info\n \n\n## Release 23.01 (31 JAN 2023)\n\n###### Update\n\n- 会话与安全事件日志增加列common_server_fqdn\n \n- 会话与安全事件日志增加列common_app_full_path\n \n\n## Release 22.12 (30 DEC 2022)\n\n###### New Features\n\n- 新增Dashboards-增加App推荐\n \n- 新增系统报告-会话日志Flags统计\n \n- 新增系统报告-会话日志Flags占比\n \n\n###### Update\n\n- 会话与安全事件日志增加common_flags列\n \n- 自定义IP映射-增加对ASN函数\n \n\n## Release 22.1 (30 NOV 2022)\n\n###### New Features\n\n###### Update\n\n- 会话与安全事件日志增加ssl_ja3s_hash列\n \n\n## Release 22.10 (30 OCT 2022)\n\n###### New Features\n\n- 06其它-功能验证-Traffic Summary增加Throughput接口\n \n ###### Update\n \n- 更新原有查询,将VSYS ID作为默认查询条件\n \n\n## Release 22.09 (30 SEP 2022)\n\n###### Update\n\n- 会话与安全事件日志增加common_tunnel_endpoint_a_desc, common_tunnel_endpoint_b_desc,dtls_sni 列\n \n\n## Release 22.08 (31 AUG 2022)\n\n###### New Features\n\n- 其它-查询网关-Live Charts 总带宽流量校验\n \n- 增加检查数据流-SQL执行计划\n \n- 增加检查数据流-SQL查看表结构\n \n- 增加检查数据推荐-推荐IMSI到TEID关系\n \n- 增加检查数据推荐-推荐IMEI到TEID关系\n \n- 增加检查数据推荐-推荐Phone Number到TEID关系\n \n- 增加检查数据推荐-推荐apn到TEID关系\n \n- 增加检查数据推荐-实时查询任务-提交查询任务(实时统计)\n \n- 增加检查数据推荐-实时查询任务-获取任务结果(实时统计)\n \n- 增加检查数据推荐-知识库列表\n \n- 增加预处理检查-检测预处理延迟\n \n- 增加预处理检查-已关闭会话日志延迟分布\n \n ###### Update\n \n\n## Release 22.07 (30 JUL 2022)\n\n###### New Features\n\n- 增加检查数据推荐-Top Server IP流量概况评估\n \n- 增加检查数据推荐-Top SNI 流量概况评估\n \n ###### Update\n \n\n## Release 22.06 (30 JUE 2022)\n\n###### New Features\n\n- 检查数据流-增加存储配额一致性检查\n \n ###### Update\n \n- 系统报告检查-增加与CM默认VSYSID=1参数\n \n\n## Release 22.05 (31 MAY 2022)\n\n###### New Features\n\n###### Update\n\n- 检查日志-会话日志/安全事件日志增加RDP类型校验\n \n\n## Release 22.04 (29 APR 2022)\n\n###### New Features\n\n###### Update\n\n- 预处理检查-是否有数据验证,改为通过console后台打印日志\n \n- Dashboards Top部分功能增加device_group, data_center维度校验\n \n\n## Release 22.03 (8 APR 2022)\n\n###### New Features\n\n- 增加数据预处理检查,为每类日志增加多个测试用例,区分功能或无数据问题\n \n ###### Update\n \n- 其它-评估日志预处理,增加ETL处理时延和写入Kafka时延指标\n \n- 检查日志模块对会话,安全和代理事件日志基于具体字段查询\n \n\n###### Delete\n\n- 删除检查数据流,关于Topic的测试用例\n \n\n## Release 22.02 (8 MAR 2022)\n\n###### New Features\n\n- 检查数据流-元数据检查 增加schema评价文件事件日志\n \n\n## Release 22.01 (27 JAN 2022)\n\n###### New Features\n\n- 检查数据流-TopN计算 增加Application接口验证\n \n\n###### Update\n\n- 重新梳理分类,删除无用接口\n \n- 重新排列分类,将系统自检放到首位\n \n\n## Release 21.12 (1 Dec 2021)\n\n###### New Features\n\n- 新增数据推荐查询-实时查询任务\n \n- 新增数据推荐查询-推荐Subscriber ID 到IP关系\n \n- 新增数据推荐查询-推荐APP活跃客户端IP\n \n- 新增数据推荐查询-推荐TopN Server IP\n \n- 新增数据推荐查询-推荐TopN SNI\n \n- 新增常用快捷功能-查询网关,增加优化查询测试集\n \n - Top 查询优化\n \n - Calcite 缓存查询\n \n - 自定义时间函数补全功能\n \n\n###### Update\n\n- Dashboard 查询,代理策略命中动作增加Edit Element 统计\n \n\n## Release 21.11 (5 Nov 2021)\n\n###### New Features\n\n- Delete\n \n- Update\n \n- 修改报告查询接口(由查询mariadb方式变更为API接口)\n \n- 修改规范“数据推荐查询”所有接口的命名\n \n\n## Release 21.10 (28 OCT 2021)\n\n###### New Features\n\n- 新增HOS健康状态检测接口\n \n- Delete\n \n- 删除原ClickHouse/Druid/ArangoDB 状态检查接口\n \n\n## Release 21.09 (23 SEP 2021)\n\n###### New Features\n\n- Update\n \n- 删除分布式调度任务,5分钟TOPN校验,交由FLink统计\n \n- 原始日志表名进行重命名,相关查询接口更新\n \n- 修正DNS分析的SQL数据集\n \n\n## Release 21.08 (15 AUG 2021)\n\n###### New Features\n\n- 新增“Dashboard查询-DoS Threat Map”功能列表,显示DoS检测地图接口\n \n- 新增“原始日志查询-DoS事件日志”,显示DoS攻击检测日志\n \n- 新增“原始日志查询-DoS事件日志-Summary”,显示DoS攻击趋势统计\n \n- 新增“原始日志查询-DoS事件日志-Destination IP Traffic Trend”,显示受害者IP历史流量趋势\n \n- Update\n \n- 迁移“Dashboard查询”liveCharts接口,放到“Live Charts”目录中统一管理。\n \n- 对DNS分析,增加一些查询样例\n \n\n## Release 21.07 (5 JUL 2021)\n\n###### New Features\n\n- 增加”常用快捷功能-基数统计“,用于分析日志分布情况\n \n- 增加”常用快捷功能-DNS放大攻击“,查询特征数据集\n \n- 增加”通用检查-对象存储-获取某个文件“,用于文件获取验证\n \n\n###### Update\n\n- 为所有接口增加Tests脚本,对接口进行批量验证测试\n \n- 修正部分接口查询异常\n \n\n## Release 21.06 (7 JUN 2021)\n\n###### New Features\n\n- Environments 增加环境变量domain、client_ip、server_ip、l7_protocol和PT1M_TIME\n \n- 常用快捷功能增加某域名下钻、某IP下钻、协议下钻和DNS分析功能\n \n\n###### Update\n\n- 原始日志查询,基于Druid近1小时日志变化粒度从5分钟改为1分钟。包含通联、策略和代理日志。\n \n\n## Release 21.05 (6 MAY 2021)\n\n###### New Features\n\n- 新增“GTP-C日志”功能,辅助故障诊断\n \n- 新增“事务日志”功能,辅助故障诊断\n \n- 新增“活跃会话日志”功能,辅助故障诊断\n \n- 新增“07.常用快捷功能-评估写入日志量”,查看当前系统的吞吐\n \n\n###### Update\n\n- 修改\"01.通用检查-数据存储检查\",增加事务、活跃及GTP-C 检测\n \n\n## Release 21.04 (3 APR 2021)\n\n###### New Features\n\n- 增加“VoIP日志”功能,辅助故障诊断\n \n- 增加“元数据检查”分类目录\n \n- 增加“HOS对象存储”目录,用于定位对象存储\n \n\n###### Update\n\n- 修改“SQL语法检查”为“SQL语法验证”,支持SQL语句的静态分析和数据库语义验证\n \n- 迁移功能项位置,方便问题定位\n \n\n###### Delete\n\n- 删除“系统检查-查询引擎SQL测试集\\[过时\\]”功能,由“故障诊断-sql性能测试”替代。\n \n\n## Release 21.03 (2 MAR 2021)\n\n###### New Features\n\n- 增加故障诊断-元数据功能,可分析日志字段是否与schema一致\n \n- 增加故障诊断-sql性能测试,可对查询引擎进行功能性验证和POC性能测试\n \n\n###### Update\n\n- 对查询引擎SQL测试集标记过时\n \n\n## Release 21.02 (1 FEB 2021)\n\n###### Update\n\n- 改善内部测试集,应对新的功能修改\n \n\n## Release 20.11.rc3 (11 DEC 2020)\n\n###### New Features\n\n- 增加常用快捷功能- 安装证书独立客户端IP数据趋势\n \n- 增加常用快捷功能-访问速度最慢TOP20 域名\n \n- 增加常用快捷功能-报告预置Metrics\n \n- 增加原始日志查询-安全策略-动作命中计数\n \n- 增加原始日志查询-代理策略-动作命中计数\n \n- 增加原始日志查询-通联-流量计数(now)\n \n\n###### Update\n\n- 改善Dashboard查询-基础统计-新建、活跃(计数)-now\n \n- 改善Dashboard查询-新建、活跃(趋势)\n \n- 目录增加编号,便于管理\n \n- 修改分布式调度任务-5分钟TOPN-hot表验证表名\n \n- 部分Action为post 改为 get,便于导出命令行", + "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", + "_exporter_id": "8105037" + }, + "item": [ + { + "name": "Query", + "item": [ + { + "name": "Raw Logs", + "item": [ + { + "name": "Session Records", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"SELECT FROM_UNIXTIME(recv_time) as recv_time, log_id, decoded_as, session_id, start_timestamp_ms, end_timestamp_ms, duration_ms, tcp_handshake_latency_ms, ingestion_time, processing_time, insert_time, device_id, out_link_id, in_link_id, device_tag, data_center, device_group, sled_ip, address_type, vsys_id, t_vsys_id, flags, flags_identify_info, security_rule_list, security_action, monitor_rule_list, sc_rule_list, sc_rsp_raw, sc_rsp_decrypted, shaping_rule_list, proxy_rule_list, proxy_action, proxy_pinning_status, proxy_intercept_status, proxy_passthrough_reason, proxy_client_side_latency_ms, proxy_server_side_latency_ms, proxy_client_side_version, proxy_server_side_version, proxy_cert_verify, proxy_intercept_error, monitor_mirrored_pkts, monitor_mirrored_bytes, client_ip, client_port, client_os_desc, client_geolocation, client_asn, subscriber_id, imei, imsi, phone_number, apn, server_ip, server_port, server_os_desc, server_geolocation, server_asn, server_fqdn, server_domain, app_transition, app, app_debug_info, app_content, fqdn_category_list, decoded_path,ip_protocol, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_rr, dns_response_latency_ms, http_url, http_host, http_request_line, http_response_line, http_request_body, http_response_body, http_proxy_flag, http_sequence, http_cookie, http_referer, http_user_agent, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_set_cookie, http_version, http_status_code, http_response_latency_ms, http_session_duration_ms, http_action_file_size, ssl_version, ssl_sni, ssl_san, ssl_cn, ssl_handshake_latency_ms, ssl_ja3_hash, ssl_ja3s_hash, ssl_cert_issuer, ssl_cert_subject, ssl_esni_flag, ssl_ech_flag, dtls_cookie, dtls_version, dtls_sni, dtls_san, dtls_cn, dtls_handshake_latency_ms, dtls_ja3_fingerprint, dtls_ja3_hash, dtls_cert_issuer, dtls_cert_subject, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_password, mail_to, mail_cc, mail_bcc, mail_subject, mail_subject_charset, mail_attachment_name, mail_attachment_name_charset, mail_eml_file, ftp_account, ftp_url, ftp_link_type, quic_version, quic_sni, quic_user_agent, rdp_cookie, rdp_security_protocol, rdp_client_channels, rdp_keyboard_layout, rdp_client_version, rdp_client_name, rdp_client_product_id, rdp_desktop_width, rdp_desktop_height, rdp_requested_color_depth, rdp_certificate_type, rdp_certificate_count, rdp_certificate_permanent, rdp_encryption_level, rdp_encryption_method, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, rtp_originator_dir, stratum_cryptocurrency, stratum_mining_pools, stratum_mining_program, stratum_mining_subscribe, sent_pkts, received_pkts, sent_bytes, received_bytes, tcp_c2s_ip_fragments, tcp_s2c_ip_fragments, tcp_c2s_lost_bytes, tcp_s2c_lost_bytes, tcp_c2s_o3_pkts, tcp_s2c_o3_pkts, tcp_c2s_rtx_pkts, tcp_s2c_rtx_pkts, tcp_c2s_rtx_bytes, tcp_s2c_rtx_bytes, tcp_rtt_ms, tcp_client_isn, tcp_server_isn, packet_capture_file, in_src_mac, out_src_mac, in_dest_mac, out_dest_mac, encapsulation, dup_traffic_flag, tunnel_endpoint_a_desc, tunnel_endpoint_b_desc,mail_starttls_flag,client_country, client_super_administrative_area, client_administrative_area, client_sub_administrative_area,server_country, server_super_administrative_area, server_administrative_area, server_sub_administrative_area,tunnel_id_list, app_extra_info,c2s_ttl,s2c_ttl FROM session_record AS session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Total count of Session Record", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select count(*) as events from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') )\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Session Duration Distribution", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select min(duration) min_sec, median(duration) as median_sec, round(avg(duration),2) as avg_sec,round(QUANTILE(duration,0.8),2) as P80_sec, round(QUANTILE(duration,0.95),2) as P95_sec, round(QUANTILE(duration,0.99),2) as P99_sec, max(duration) as max_sec from ( select (toUnixTimestamp64Milli(end_timestamp_ms)-toUnixTimestamp64Milli(start_timestamp_ms))/1000 as duration FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') )\" , \"execution_mode\":\"oneshot\",\"output_mode\":\"json\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Security Events", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"SELECT recv_time, log_id, decoded_as, session_id, start_timestamp_ms, end_timestamp_ms, duration_ms, tcp_handshake_latency_ms, ingestion_time, processing_time, insert_time, device_id, out_link_id, in_link_id, device_tag, data_center, device_group, sled_ip, address_type, vsys_id, t_vsys_id, flags, flags_identify_info, security_rule_list, security_action, monitor_rule_list, shaping_rule_list, proxy_rule_list, sc_rule_list, sc_rsp_raw, sc_rsp_decrypted, proxy_action, proxy_pinning_status, proxy_intercept_status, proxy_passthrough_reason, proxy_client_side_latency_ms, proxy_server_side_latency_ms, proxy_client_side_version, proxy_server_side_version, proxy_cert_verify, proxy_intercept_error, monitor_mirrored_pkts, monitor_mirrored_bytes, client_ip, client_port, client_os_desc, client_geolocation, client_asn, subscriber_id, imei, imsi, phone_number, apn, server_ip, server_port, server_os_desc, server_geolocation, server_asn, server_fqdn, server_domain, app_transition, app, app_debug_info, app_content, fqdn_category_list, decoded_path, ip_protocol,dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_rr, dns_response_latency_ms, http_url, http_host, http_request_line, http_response_line, http_request_body, http_response_body, http_proxy_flag, http_sequence, http_cookie, http_referer, http_user_agent, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_set_cookie, http_version, http_status_code, http_response_latency_ms, http_session_duration_ms, http_action_file_size, ssl_version, ssl_sni, ssl_san, ssl_cn, ssl_handshake_latency_ms, ssl_ja3_hash, ssl_ja3s_hash, ssl_cert_issuer, ssl_cert_subject, ssl_esni_flag, ssl_ech_flag, dtls_cookie, dtls_version, dtls_sni, dtls_san, dtls_cn, dtls_handshake_latency_ms, dtls_ja3_fingerprint, dtls_ja3_hash, dtls_cert_issuer, dtls_cert_subject, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_password, mail_to, mail_cc, mail_bcc, mail_subject, mail_subject_charset, mail_attachment_name, mail_attachment_name_charset, mail_eml_file, ftp_account, ftp_url, ftp_link_type, quic_version, quic_sni, quic_user_agent, rdp_cookie, rdp_security_protocol, rdp_client_channels, rdp_keyboard_layout, rdp_client_version, rdp_client_name, rdp_client_product_id, rdp_desktop_width, rdp_desktop_height, rdp_requested_color_depth, rdp_certificate_type, rdp_certificate_count, rdp_certificate_permanent, rdp_encryption_level, rdp_encryption_method, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, rtp_originator_dir, stratum_cryptocurrency, stratum_mining_pools, stratum_mining_program, stratum_mining_subscribe, sent_pkts, received_pkts, sent_bytes, received_bytes, tcp_c2s_ip_fragments, tcp_s2c_ip_fragments, tcp_c2s_lost_bytes, tcp_s2c_lost_bytes, tcp_c2s_o3_pkts, tcp_s2c_o3_pkts, tcp_c2s_rtx_pkts, tcp_s2c_rtx_pkts, tcp_c2s_rtx_bytes, tcp_s2c_rtx_bytes, tcp_rtt_ms, tcp_client_isn, tcp_server_isn, packet_capture_file, in_src_mac, out_src_mac, in_dest_mac, out_dest_mac, encapsulation, dup_traffic_flag, tunnel_endpoint_a_desc, tunnel_endpoint_b_desc,tunnel_id_list,client_country, client_super_administrative_area, client_administrative_area, client_sub_administrative_area,server_country, server_super_administrative_area, server_administrative_area, server_sub_administrative_area FROM security_event AS security_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Security Policy Rule Hits by Action", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select security_action as action, count(*) as hits, sum(sent_bytes ) as bytes_sent, sum(received_bytes ) as bytes_received, sum(sent_bytes+received_bytes ) as bytes,sum(sent_pkts ) as packets_sent, sum(received_pkts ) as packets_received, sum(sent_pkts+received_pkts ) as packets from security_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time = FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and action=128 and vsys_id in (1,2,3,4) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')),'shunt' union all select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')) as stat_time, 'allow' as type, sum(hit_count) as events from security_rule_hits where __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and action=96 and vsys_id in (1,2,3,4) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')),'allow' union all select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')) as stat_time, 'deny' as type, sum(hit_count) as events from security_rule_hits where __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and action=16 and vsys_id in (1,2,3,4) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')),'deny' union all select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')) as stat_time, 'monitor' as type, sum(hit_count) as events from security_rule_hits where __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and action=1 and vsys_id in (1,2,3,4) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')),'monitor' union all select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')) as stat_time, 'intercept' as type, sum(hit_count) as events from security_rule_hits where __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and action=2 and vsys_id in (1,2,3,4) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')), 'intercept'\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Security Hit Distribution of Logs by Action", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time,'PT5M','zero')) as stat_time, security_action as type, count(*) as events from security_event where recv_time > FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and vsys_id in (1,2,3,4) group by stat_time, security_action order by stat_time asc\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Total Security Events", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select count(*) as events from security_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Transaction Records", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"SELECT recv_time, log_id, decoded_as, session_id, ingestion_time, processing_time, insert_time, address_type, vsys_id, client_ip, client_port, server_ip, server_port, sent_pkts, received_pkts, sent_bytes, received_bytes, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_rr, dns_response_latency_ms, http_url, http_host, http_request_line, http_response_line, http_request_body, http_response_body, http_proxy_flag, http_sequence, http_cookie, http_referer, http_user_agent, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_set_cookie, http_version, http_status_code, http_response_latency_ms, http_session_duration_ms, http_action_file_size, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_password, mail_to, mail_cc, mail_bcc, mail_subject, mail_subject_charset, mail_attachment_name, mail_attachment_name_charset, mail_eml_file, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye FROM transaction_record AS transaction_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "VoIP Records", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select recv_time, log_id, decoded_as, session_id, start_timestamp_ms, end_timestamp_ms, duration_ms, tcp_handshake_latency_ms, ingestion_time, processing_time, insert_time, device_id, out_link_id, in_link_id, device_tag, data_center, device_group, sled_ip, address_type, vsys_id, t_vsys_id, flags, flags_identify_info, client_ip, client_port, client_os_desc, client_geolocation, client_asn, server_ip, server_port, server_os_desc, server_geolocation, server_asn, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, rtp_originator_dir, sent_pkts, received_pkts, sent_bytes, received_bytes FROM voip_record AS voip_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "DoS Events", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select vsys_id, recv_time, log_id, rule_id, start_time, end_time, attack_type, severity, conditions, destination_ip, destination_country, source_ip_list, source_country_list, session_rate, sessions, packet_rate, packets, bit_rate, bytes FROM dos_event AS dos_event WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "First and Last Insert", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select * from (select 'Session Records' as type, from_unixtime(min(recv_time) ) as first_time, from_unixtime(max(recv_time) ) as last_time from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') union all select 'Transaction Records' as type, from_unixtime(min(recv_time) ) as first_time, from_unixtime(max(recv_time) ) as last_time from transaction_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') union all select 'Security Event' as type, from_unixtime(min(recv_time) ) as first_time, from_unixtime(max(recv_time) ) as last_time from security_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') union all select 'Proxy Event' as type, from_unixtime(min(recv_time) ) as first_time, from_unixtime(max(recv_time) ) as last_time from proxy_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') union all select 'Monitor Events' as type, from_unixtime(min(recv_time) ) as first_time, from_unixtime(max(recv_time) ) as last_time from monitor_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') ) order by type\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "ETL and Insert Latency", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select 'Session Record' as type, round(count(*)/300,0) as \\\"logs/sec\\\", round(avg(processing_time-ingestion_time),2) as \\\"avg_etl_latency(s)\\\", round(avg(insert_time-ingestion_time),2) as \\\"avg_insert_latency(s)\\\" from session_record crl where recv_time >= UNIX_TIMESTAMP({{Last 5 Minutes Start}}) and recv_time < UNIX_TIMESTAMP({{now}}) union all select 'Transaction Record' as type, round(count(*)/300,0) as \\\"logs/sec\\\", round(avg(processing_time-ingestion_time),2) as \\\"etl_latency(s)\\\", round(avg(insert_time-ingestion_time),2) as \\\"avg_insert_latency(s)\\\" from transaction_record crl where recv_time >= UNIX_TIMESTAMP({{Last 5 Minutes Start}}) and recv_time < UNIX_TIMESTAMP({{now}}) union all select 'Security Event' as type, round(count(*)/300,0) as \\\"logs/sec\\\", round(avg(processing_time-ingestion_time),2) as \\\"avg_etl_latency(s)\\\", round(avg(insert_time-ingestion_time),2) as \\\"avg_insert_latency(s)\\\" from security_event crl where recv_time >= UNIX_TIMESTAMP({{Last 5 Minutes Start}}) and recv_time < UNIX_TIMESTAMP({{now}})\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Current Traffic Metrics by Session Records", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select sum(received_bytes)* 8 / 300 as trafficReceivedBits, sum(sent_bytes)* 8 / 300 as trafficSentBits, sum(received_bytes + sent_bytes)* 8 / 300 as trafficTotalBits, sum(received_pkts)/ 300 as trafficReceivedPackets, sum(sent_pkts)/ 300 as trafficSentPackets, sum(received_pkts + sent_pkts)/ 300 as trafficTotalPackets, count(1)/ 300 as sessions from session_record where recv_time >= UNIX_TIMESTAMP(now())-300 and vsys_id in (1,2,3,4,5,6,7,8)\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Traffic Distribution of Logs by Schema Type", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time,'PT5M','zero')) as stat_time, decoded_as as type, count(1) as sessions, sum(sent_bytes + received_bytes) as bytes, sum(sent_pkts + received_pkts) as packets from session_record where recv_time > FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and vsys_id in (1,2,3,4) group by stat_time, decoded_as order by stat_time asc\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Proxy Intercept Events", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(recv_time) as recv_time_str, vsys_id,* from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5) and notEmpty(proxy_rule_list) order by recv_time desc limit 0 , 20\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Proxy Manipulation Events", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(recv_time) as recv_time_str, vsys_id,* from proxy_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5) order by recv_time desc limit 0 , 20\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Proxy Policy Rule Hits by Action", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select proxy_action , count(*) as hits from proxy_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5) group by proxy_action\" ,\n \"execution_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Total Proxy Events", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select count(*) as hit_count from proxy_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time =FROM_UNIXTIME(UNIX_TIMESTAMP(now())-15) and __time= '{{start_time}}' AND __time < '{{end_time}}' AND vsys_id IN (1) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), CHART_GRANULARITY('{{start_time}}', '{{end_time}}'), 'zero')) ORDER BY stat_time ASC\" ,\n \"output_mode\": \"json\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + }, + "description": "This endpoint allows you to make an HTTP POST request to the specified URL in order to execute a SQL query. The request should include a JSON payload with the following parameters:\n\n- \"statement\": This parameter should contain the SQL query statement to be executed, including the SELECT, FROM, WHERE, GROUP BY, and ORDER BY clauses.\n \n- \"output_mode\": This parameter specifies the desired output mode, and should be set to \"json\".\n \n- \"execution_mode\": This parameter specifies the execution mode and should be set to \"oneshot\".\n \n\nHere is an example of the request body:\n\n``` json\n{\n \"statement\": \"SELECT ...\",\n \"output_mode\": \"json\",\n \"execution_mode\": \"oneshot\"\n}\n\n ```\n\nThe last execution of this request returned a response with a status code of 400 and a content type of \"application/json\". The response body included the following JSON data:\n\n``` json\n{\n \"status\": 0,\n \"message\": \"\",\n \"request_id\": \"\",\n \"success\": true,\n \"code\": \"\",\n \"job\": null,\n \"output_mode\": null,\n \"statistics\": null,\n \"meta\": null,\n \"data\": null\n}\n\n ```" + }, + "response": [] + }, + { + "name": "Network Throughput trend in RATE", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " ", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT30S', 'zero')) as time_s, RATE(in_bytes,30)*8 as avg_in_bits_per_sec, RATE(out_bytes,30)*8 as avg_out_bits_per_sec, RATE(in_bytes + out_bytes,30)*8 as avg_bits_per_sec, RATE(in_bytes,30) as avg_in_bytes_per_sec, RATE(out_bytes,30) as avg_out_bytes_per_sec, RATE(in_bytes + out_bytes,30) as avg_bytes_per_sec,RATE(in_pkts,30) as avg_in_pkts_per_sec, RATE(out_pkts,30) as avg_out_pkts_per_sec, RATE(in_pkts + out_pkts,30) as avg_pkts_per_sec from traffic_general_stat where __time >= '2024-03-14 16:00:00' and __time < '2024-03-14 16:05:00' and vsys_id in (1) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT30S','zero') order by time_s asc \" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Network Throughput in Bps", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"SELECT FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY('{{start_time}}', '{{end_time}}'), 'zero')) AS stat_time, AVG( in_pkts_per_sec) AS avg_in_pkts_per_sec, AVG( out_pkts_per_sec ) AS avg_out_pkts_per_sec, AVG( pkts_per_sec ) AS avg_pkts_per_sec, MAX( in_pkts_per_sec ) AS max_in_pkts_per_sec, MAX( out_pkts_per_sec ) AS max_out_pkts_per_sec, MAX( pkts_per_sec ) AS max_pkts_per_sec, MIN( in_pkts_per_sec ) AS min_in_pkts_per_sec, MIN( out_pkts_per_sec ) AS min_out_pkts_per_sec, MIN( pkts_per_sec ) AS min_pkts_per_sec FROM( SELECT TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY('{{start_time}}', '{{end_time}}')) AS stat_time, RATE( in_pkts, SAMPLE_GRANULARITY('{{start_time}}', '{{end_time}}'), 1) AS in_pkts_per_sec, RATE( out_pkts, SAMPLE_GRANULARITY('{{start_time}}', '{{end_time}}'), 1) AS out_pkts_per_sec, RATE( in_pkts + out_pkts, SAMPLE_GRANULARITY('{{start_time}}', '{{end_time}}'), 1) AS pkts_per_sec FROM traffic_general_stat WHERE __time >= '{{start_time}}' AND __time < '{{end_time}}' AND vsys_id in (1,2,3,4,5,6,7,8) GROUP BY TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), SAMPLE_GRANULARITY('{{start_time}}', '{{end_time}}')) ) GROUP BY FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, CHART_GRANULARITY('{{start_time}}', '{{end_time}}'), 'zero')) ORDER BY stat_time ASC\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Network Throughput in pkts/s", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " ", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , avg(sum_in_pkts)/1 as avg_in_pkts_per_sec, avg(sum_out_pkts)/1 as avg_out_pkts_per_sec, avg(sum_pkts)/1 as avg_pkts_per_sec, max(sum_in_pkts)/1 as max_in_pkts_per_sec, max(sum_out_pkts)/1 as max_out_pkts_per_sec, max(sum_pkts)/1 as max_pkts_per_sec, min(sum_in_pkts)/1 as min_in_pkts_per_sec, min(sum_out_pkts)/1 as min_out_pkts_per_sec, min(sum_pkts)/1 as min_pkts_per_sec from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1S') as stat_time, sum(in_pkts) as sum_in_pkts, sum(out_pkts) as sum_out_pkts, sum(in_pkts + out_pkts) as sum_pkts from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Network Throughput in sessions/s", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " ", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , avg(sum_sessions)/1 as avg_sessions_per_sec, max(sum_sessions)/1 as max_sessions_per_sec, min(sum_sessions)/30 as min_sessions_per_sec from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1S') as stat_time, sum(sessions) as sum_sessions from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Network Throughput Active Sessions", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " ", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time, avg(sum_active_sessions) as avg_active_sessions, max(sum_active_sessions) as max_active_sessions, min(sum_active_sessions) as min_active_sessions from ( select stat_time, sum(max_active_sessions) sum_active_sessions from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1S') as stat_time, device_id, vsys_id, max(active_sessions) as max_active_sessions from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1S'), device_id, vsys_id ) group by stat_time ) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Total Security Policy Rule Hits by Action", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " ", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"SELECT (CASE WHEN action = 1 THEN 'Monitor' WHEN action = 2 THEN 'Intercept' WHEN action = 16 THEN 'Deny' WHEN action = 48 THEN 'Manipulation' WHEN action = 96 THEN 'Allow' WHEN action = 128 THEN 'Shunt' ELSE concat(action) END) as action, SUM(hit_count) as hit_count, SUM(in_bytes + out_bytes) as bytes, SUM(in_pkts + out_pkts) as packets from security_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) GROUP BY action order by action\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Security Policy Rule Hits Trend by Action", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " ", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT30S','zero')) as stat_time, (CASE WHEN action = 1 THEN 'Monitor' WHEN action = 2 THEN 'Intercept' WHEN action = 16 THEN 'Deny' WHEN action = 48 THEN 'Manipulation' WHEN action = 96 THEN 'Allow' WHEN action = 128 THEN 'Shunt' ELSE concat(action) END) as action, sum(hit_count) as hit_count, sum(in_bytes + out_bytes) as bytes, SUM(in_pkts + out_pkts) as packets from security_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT30S','zero')) , action order by stat_time limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Security Policy Rule Hits", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " ", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select rule_id, action, sum(hit_count) as hits from security_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by rule_id, action order by hits desc limit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Protection Policy Rule Hits", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " ", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select rule_id, sum(hit_count) as hits from dos_protection_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) group by rule_id order by hits desc limit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Total Proxy Manipulate Rule Hits by Action", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select sub_action, sum(hit_count) as hits from proxy_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and action = 48 group by sub_action order by sub_action\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Proxy Manipulate Rule Hits Trend by Action", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT300S','zero')) as stat_time, sub_action, sum(hit_count) as hits from proxy_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and action = 48 group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT300S','zero')) , sub_action order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Proxy Policy Hits", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select rule_id, sub_action, sum(hit_count) as hits from proxy_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and vsys_id in (1,2,3,4,5) and action = 48 group by rule_id, sub_action order by hits desc limit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Proxy SSL Intercept Pinning", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT300S','zero')) as stat_time, (CASE WHEN pinning_status = 0 THEN 'not_pinning_num' WHEN pinning_status = 1 THEN 'pinning_num' WHEN pinning_status = 2 THEN 'maybe_pinning_num' ELSE concat(pinning_status) END) as type, SUM(hit_count) as hits from proxy_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and action = 2 group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT300S','zero')) , (CASE WHEN pinning_status = 0 THEN 'not_pinning_num' WHEN pinning_status = 1 THEN 'pinning_num' WHEN pinning_status = 2 THEN 'maybe_pinning_num' ELSE concat(pinning_status) END) order by stat_time asc limit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Application and Protocol", + "item": [ + { + "name": "application-and-protocol-summary", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"application-and-protocol-summary\",\n \"granularity\": \"PT5M\",\n \"filter\": \"vsys_id in (1)\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"execution_mode\" : \"oneshot\"\n \n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + }, + { + "name": "application-and-protocol-tree-composition", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"application-and-protocol-tree-composition\",\n \"filter\": \"vsys_id in (1,2,3,4,5)\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"execution_mode\" : \"oneshot\"\n \n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + }, + { + "name": "application-and-protocol-tree-throughput", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"application-and-protocol-tree-throughput\",\n \"filter\": \"vsys_id in (1,2,3,4,5) AND (protocol_stack_id = 'ETHERNET' OR (protocol_stack_id LIKE 'ETHERNET.%' AND NOT CONTAINS_STRING(REPLACE(protocol_stack_id, 'ETHERNET.', ''), '.')))\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"execution_mode\" : \"oneshot\"\n \n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + }, + { + "name": "application-and-protocol-top-apps", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"application-and-protocol-top-apps\",\n \"filter\": \"vsys_id in (1,2,3,4,5)\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"execution_mode\" : \"oneshot\"\n \n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + }, + { + "name": "application-and-protocol-app-related-internal-ips", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"application-and-protocol-app-related-internal-ips\",\n \"filter\": \"vsys_id in (1,2,3,4,5) and app in ('http')\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"execution_mode\" : \"oneshot\",\n \"limit\" : 10\n \n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + }, + { + "name": "application-and-protocol-app-throughput", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"application-and-protocol-app-throughput\",\n \"granularity\": \"PT1S\",\n \"filter\": \"vsys_id in (1,2,3,4,5) and app_name in ('http')\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"execution_mode\" : \"oneshot\"\n \n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + }, + { + "name": "application-and-protocol-app-summary", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"application-and-protocol-app-summary\",\n \"filter\": \"vsys_id in (1,2,3,4,5) and app_name in ('http')\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"execution_mode\" : \"oneshot\"\n \n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Top Metric", + "item": [ + { + "name": "Top Client IPs in Sessions", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " ", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select client_ip as client_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_client_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and rank_by='sessions' and vsys_id in (1) group by client_ip order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Client IPs in Packets", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select client_ip as client_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets,sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_client_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='packets' group by client_ip order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Client IPs in Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select client_ip as client_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_client_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='bytes' group by client_ip order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server IPs in Sessions", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_ip as server_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='sessions' group by server_ip order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server IPs in Packets", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_ip as server_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='packets' group by server_ip order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server IPs in Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_ip as server_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='bytes' group by server_ip order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Internal IPs in Sessions", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select internal_ip as internal_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_internal_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='sessions' group by internal_ip order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Internal IPs in Packets", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select internal_ip as internal_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_internal_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='packets' group by internal_ip order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Internal IPs in Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select internal_ip as internal_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_internal_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='bytes' group by internal_ip order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top External IPs in Sessions", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select external_ip as external_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_external_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='sessions' group by external_ip order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top External IPs in Packets", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select external_ip as external_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_external_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='packets' group by external_ip order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top External IPs in Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select external_ip as external_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_external_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='bytes' group by external_ip order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server Domains in Sessions", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_domain, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_domains where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='sessions' group by server_domain order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server Domains in Packets", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_domain, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_domains where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by server_domain order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server Domains in Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_domain, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_domains where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by server_domain order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server FQDNs in Sessions", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_fqdn, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_fqdns where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by server_fqdn order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server FQDNs in Packets", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_fqdn, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_fqdns where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by server_fqdn order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server FQDNs in Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_fqdn, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_fqdns where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by server_fqdn order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Apps in Packets", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select app_name, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from application_protocol_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and app_name IS NOT NUll group by app_name order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Apps in Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select app_name, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from application_protocol_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and app_name IS NOT NUll group by app_name order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Apps in Sessions", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select app_name, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from application_protocol_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and app_name IS NOT NUll group by app_name order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Client Countries in Packets", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select client_country, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_client_countries where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='packets' and client_country IS NOT NUll group by client_country order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Client Countries in Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select client_country, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_client_countries where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='bytes' and client_country IS NOT NUll group by client_country order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Client Countries in Sessions", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select client_country, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_client_countries where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='sessions' and client_country IS NOT NUll group by client_country order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server Countries in Packets", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_country, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_countries where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='packets' and server_country IS NOT NUll group by server_country order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server Countries in Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_country, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_countries where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='bytes' and server_country IS NOT NUll group by server_country order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top Server Countries in Sessions", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_country, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_countries where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rank_by='sessions' and server_country IS NOT NUll group by server_country order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Traffic Shaping", + "item": [ + { + "name": "Shaping Profiles Metrics", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select profile_id, sum(in_bytes+out_bytes) as bytes, sum(in_pkts+out_pkts) as packets, sum(in_drop_pkts+out_drop_pkts) as drops, max(in_max_latency_us+out_max_latency_us) as max_latency_us, avg(in_queue_len+out_queue_len) as avg_q, max(in_queue_len+out_queue_len) as max_q from traffic_shaping_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by profile_id\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Shaping Rule Summary", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select rule_id,DATE_FORMAT(max(__time) ,'%Y-%m-%d %H:%i:%s') as last_used,DATE_FORMAT(min(__time) ,'%Y-%m-%d %H:%i:%s') as first_used, sum(in_bytes+out_bytes) as total_bytes from traffic_shaping_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5) and rule_id in (1,2,103,273) group by rule_id\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Shaping Profile Summary", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select profile_id, DATE_FORMAT(max(__time) ,'%Y-%m-%d %H:%i:%s') as last_used, DATE_FORMAT(min(__time) ,'%Y-%m-%d %H:%i:%s') as first_used, sum(in_drop_pkts+out_drop_pkts) as drops from traffic_shaping_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5) and profile_id in (1,2,103,273) group by profile_id\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Shaping Profile Metrics", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select sum(bytes)*8/10 as bps, sum(packets)/10 as pps, max(max_latency_us) as max_latency_us, avg(avg_q) as avg_q, max(max_q) as max_q from ( select device_id, vsys_id, sum(in_bytes+out_bytes) as bytes, sum(in_pkts+out_pkts) as packets, max(in_max_latency_us+out_max_latency_us) as max_latency_us, avg(in_queue_len+out_queue_len) as avg_q, max(in_queue_len+out_queue_len) as max_q from traffic_shaping_rule_hits where __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-10) and vsys_id in (1,2,3,4,5) and profile_id =1 group by device_id, vsys_id )\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Shaping Rule/Profile Throughput", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1s', 'zero')) as stat_time, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes from traffic_shaping_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and profile_id=273 group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1s', 'zero')) order by stat_time asc limit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "DoS Protection Rule", + "item": [ + { + "name": "DoS Protection Rule Metrics", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select rule_id, sum(hit_count) as hits, sum( in_bytes + out_bytes ) AS bytes from dos_protection_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by rule_id\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "DoS Protection Rule Summary", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select rule_id,DATE_FORMAT(max(__time) ,'%Y-%m-%d %H:%i:%s') as last_used,DATE_FORMAT(min(__time) ,'%Y-%m-%d %H:%i:%s') as first_used, sum(in_bytes+out_bytes) as total_bytes from dos_protection_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5) and rule_id in (1,2) group by rule_id\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "DoS Protection Rule Throughput", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1s', 'zero')) as stat_time, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes from dos_protection_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rule_id=1 group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1s', 'zero')) order by stat_time asc limit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Service Chaining", + "item": [ + { + "name": "Chaining Rule or Function Throuphput Trend", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1s', 'zero')) as stat_time, sum(sent_bytes) as sent_bytes, sum(recv_bytes) as received_bytes from service_chaining_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and ( rule_id in (1,2,3,4,5) or sff_profile_id in (1,2,3,4,5) or sf_profile_id in (1,2,3,4,5)) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1s', 'zero')) order by stat_time asc limit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Chaining Rule Metrics", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select rule_id, sum(sent_bytes) as sent_bytes, sum(recv_bytes) as received_bytes, sum(sent_pkts) as sent_packets, sum(recv_pkts) as received_packets from service_chaining_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rule_id in (1,2,3,4,5) group by rule_id\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Function Forwarder Metrics", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select sff_profile_id, sum(sent_bytes) as sent_bytes, sum(recv_bytes) as received_bytes, sum(sent_pkts) as sent_packets, sum(recv_pkts) as received_packets from service_chaining_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and sff_profile_id in (1,2,3,4,5) group by sff_profile_id\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Function Profile Metrics", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select sf_profile_id, sum(sent_bytes) as sent_bytes, sum(recv_bytes) as received_bytes, sum(sent_pkts) as sent_packets, sum(recv_pkts) as received_packets from service_chaining_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and sf_profile_id in (1,2,3,4,5) group by sf_profile_id\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Function Profile Status", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"SELECT sf_profile_id, sf_status, CASE WHEN last_active_time = 0 THEN '' ELSE FROM_UNIXTIME(last_active_time) END AS last_active_time, CASE WHEN last_inactive_time = 0 THEN '' ELSE FROM_UNIXTIME(last_inactive_time) END AS last_inactive_time FROM ( SELECT sf_profile_id, LATEST(sf_status) as sf_status, MAX(CASE WHEN sf_status = 1 THEN UNIX_TIMESTAMP(__time) ELSE 0 END) as last_active_time, MAX(CASE WHEN sf_status = 0 THEN UNIX_TIMESTAMP(__time) ELSE 0 END) as last_inactive_time from service_function_status where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and sf_profile_id in (1,2,3,4,5) group by sf_profile_id)\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Object Statistics", + "item": [ + { + "name": "Top 30 Objects by Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select object_id, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes, sum(new_in_sessions) as new_in_sessions, sum(new_out_sessions) as new_out_sessions, sum(sessions) as sessions from object_statistics where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by object_id order by bytes desc limit 30\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Parent Level Object Stat", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes, sum(new_in_sessions) as new_in_sessions, sum(new_out_sessions) as new_out_sessions, sum(sessions) as sessions from object_statistics where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and object_id > 0\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top 30 Items by Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select item_id, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes, sum(new_in_sessions) as new_in_sessions, sum(new_out_sessions) as new_out_sessions, sum(sessions) as sessions from object_statistics where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by item_id order by bytes desc limit 30\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Object Traffic Stat Trend", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , sum(in_bytes) as in_bytes, avg(in_bytes)* 8 / 1 as avg_in_bits_per_sec, sum(out_bytes) as out_bytes, avg(out_bytes)* 8 / 1 as avg_out_bits_per_sec, sum(bytes) as bytes, avg(bytes)* 8 / 1 as avg_bits_per_sec, sum(new_in_sessions) as new_in_sessions, avg(new_in_sessions)/ 1 as avg_new_in_sessions_per_sec, sum(new_out_sessions) as new_out_sessions, avg(new_out_sessions)/ 1 as avg_new_out_sessions_per_sec, sum(sessions) as sessions, avg(sessions)/ 1 as avg_sessions_per_sec from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S') as stat_time, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes, sum(new_in_sessions) as new_in_sessions, sum(new_out_sessions) as new_out_sessions, sum(sessions) as sessions from object_statistics where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) and object_id = 1 group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Item Traffic Stat Trend", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , sum(in_bytes) as in_bytes, avg(in_bytes)* 8 / 1 as avg_in_bits_per_sec, sum(out_bytes) as out_bytes, avg(out_bytes)* 8 / 1 as avg_out_bits_per_sec, sum(bytes) as bytes, avg(bytes)* 8 / 1 as avg_bits_per_sec, sum(new_in_sessions) as new_in_sessions, avg(new_in_sessions)/ 1 as avg_new_in_sessions_per_sec, sum(new_out_sessions) as new_out_sessions, avg(new_out_sessions)/ 1 as avg_new_out_sessions_per_sec, sum(sessions) as sessions, avg(sessions)/ 1 as avg_sessions_per_sec from (select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S') as stat_time, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes, sum(new_in_sessions) as new_in_sessions, sum(new_out_sessions) as new_out_sessions, sum(sessions) as sessions from object_statistics where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and item_id = 1 group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Statistics Rule", + "item": [ + { + "name": "Incoming Bytes, Outgoing Bytes and Bytes", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S') as stat_time, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) and version=1 group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Average Incoming bits/s, Average Outgoing bits/s and Average bits/s", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time, avg(in_bytes)*8/1 as avg_in_bits_per_sec, avg(out_bytes)*8/1 as avg_out_bits_per_sec, avg(bytes)*8/1 as avg_bits_per_sec from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S') as stat_time, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Unique Client IPs and Unique Server IPs", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time, APPROX_COUNT_DISTINCT_HLLD(client_ip_sketch) as unique_client_ips, APPROX_COUNT_DISTINCT_HLLD(server_ip_sketch) as unique_server_ips from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S') as stat_time, HLLD(client_ip_sketch) as client_ip_sketch, HLLD(server_ip_sketch) as server_ip_sketch from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "95th TCP Latency (ms) and 99th TCP Latency (ms)", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time, QUANTILE_HDR(latency_ms_sketch,0.95) as p95th_tcp_latency_ms, QUANTILE_HDR(latency_ms_sketch,0.99) as p99th_tcp_latency_ms from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S') as stat_time, HDR_HISTOGRAM(latency_ms_sketch) as latency_ms_sketch from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Histogram TCP Latency (ms)", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select HDR_DESCRIBE(HDR_HISTOGRAM(latency_ms_sketch)) as tcp_latency_distribution, PERCENTILES_HDR(latency_ms_sketch) as histogram_tcp_latency_ms,HDR_GET_QUANTILES(HDR_HISTOGRAM(latency_ms_sketch), 0.5,0.95,0.99) as tcp_latency_quantiles from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8)\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Histogram Packet Length (Bytes)", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select HDR_GET_PERCENTILES_DESCRIPTION(HDR_HISTOGRAM(pkt_length_sketch),100) as histogram_packet_length_bytes,HDR_GET_QUANTILES(HDR_HISTOGRAM(pkt_length_sketch), 0.5,0.95,0.99) as packet_length_quantiles from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8)\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Bytes Sessions and Packets Distributed by Application", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select application, sum(bytes) as bytes, sum(sessions) as sessions,sum(pkts) as packets from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by application order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Bytes Sessions and Packets Distributed by Device Group", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select device_group, sum(bytes) as bytes, sum(sessions) as sessions,sum(pkts) as packets from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by device_group order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Bytes Sessions and PacketsDistributed by Client Port", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select client_port, sum(bytes) as bytes, sum(sessions) as sessions, sum(pkts) as packets from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by client_port order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Bytes Sessions and Packets Distributed by Server Port", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select server_port, sum(bytes) as bytes, sum(pkts) as packets,sum(sessions) as sessions from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by server_port order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Bytes Sessions and Packets Distributed by Server IP", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select server_ip, sum(bytes) as bytes, sum(sessions) as sessions,sum(pkts) as packets from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by server_ip order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Bytes Sessions and Packets Distributed by FQDN Category", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select fqdn_category, sum(bytes) as bytes, sum(sessions) as sessions, sum(pkts) as packets from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by fqdn_category order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Multi-value Raw Column Distribution of FQDN Category", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select MV_TO_STRING(fqdn_category,',') , sum(bytes) as bytes, sum(sessions) as sessions from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and fqdn_category is not null group by MV_TO_STRING(fqdn_category,',') order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Multi-value Distribution of FQDN Category", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select fqdn_category , sum(bytes) as bytes, sum(sessions) as sessions from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and fqdn_category is not null group by fqdn_category order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "New Unestablished Sessions Distributed by Client IP and Server IP", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select client_ip, server_ip, sum(new_unestablished_sessions) as new_unestablished_sessions from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by client_ip, server_ip order by new_unestablished_sessions desc limit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "New Unestablished Sessions Distributed by Client ASN and Server ASN", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select client_asn, server_asn, sum(new_unestablished_sessions) as new_unestablished_sessions from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by client_asn, server_asn order by new_unestablished_sessions desc limit 100\" ,\n \"output_mode\":\"json\",\n \"exection_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Statistics Rule Hits Throughput", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , avg(sum_in_bytes)*8/1 as avg_in_bits_per_sec, avg(sum_out_bytes)*8/1 as avg_out_bits_per_sec, avg(sum_bytes)*8/1 as avg_bits_per_sec, sum(sum_in_bytes) as total_in_bytes, sum(sum_out_bytes) as total_out_bytes, sum(sum_bytes) as total_bytes from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1S') as stat_time, sum(in_bytes) as sum_in_bytes, sum(out_bytes) as sum_out_bytes, sum(in_bytes + out_bytes) as sum_bytes from statistics_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "DoS Threat Map", + "item": [ + { + "name": "dos-threat-map-top-source-countries", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\":\"select arrayJoin(splitByString(',',source_country_list)) as source_country, count(*) as count from dos_event where start_time >= UNIX_TIMESTAMP('{{start_time}}') and start_time = UNIX_TIMESTAMP('{{start_time}}') and start_time = UNIX_TIMESTAMP('{{start_time}}') and start_time = UNIX_TIMESTAMP('{{start_time}}') and start_time = UNIX_TIMESTAMP('{{start_time}}')and start_time = UNIX_TIMESTAMP('{{start_time}}') and start_time = UNIX_TIMESTAMP('{{start_time}}') and start_time = UNIX_TIMESTAMP('{{start_time}}') and start_time = UNIX_TIMESTAMP('{{start_time}}') and start_time =UNIX_TIMESTAMP('{{start_time}}') and recv_time <=UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5,6,7,8)\",\n \"custom.field_discovery.metric\": \"sessions\",\n \"custom.field_discovery.metric.fn\": \"sum\",\n \"custom.field_discovery.fields\": [\n \"log_id\",\n \"security_action\",\n \"app\",\n \"client_ip\",\n \"server_ip\",\n \"client_port\",\n \"server_port\",\n \"decoded_as\",\n \"server_domain\"\n ]\n \n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + }, + { + "name": "field-discovery-session-record-result", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " postman.clearEnvironmentVariable(\"fd_job_id\");", + "", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [ + { + "key": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + } + ], + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/job/{{fd_job_id}}/result", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "job", + "{{fd_job_id}}", + "result" + ] + } + }, + "response": [] + }, + { + "name": "field-discovery-statistics", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " postman.setEnvironmentVariable(\"fd_statistics_job_id\", JSON.parse(responseBody).job.job_id);", + "", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" :\"select client_ip,count(*) as count from session_record where recv_time >=UNIX_TIMESTAMP('{{start_time}}') and recv_time <=UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5) group by client_ip order by count asc limit 10\"\n \n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "field-discovery-statistics-result", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " postman.clearEnvironmentVariable(\"fd_job_id\");", + "", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [ + { + "key": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + } + ], + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/job/{{fd_statistics_job_id}}/result", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "job", + "{{fd_statistics_job_id}}", + "result" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "IP Learning", + "item": [ + { + "name": "ip-learning-fqdn-relate-ip", + "event": [ + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "test", + "script": { + "exec": [ + "tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "Authorization", + "value": "bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjEuNTkzNTIwMTQyMTI4MTA3OGUrNiwiZXhwIjoxNTk2MTEyMTQyLCJpc3MiOiJhcmFuZ29kYiIsInByZWZlcnJlZF91c2VybmFtZSI6InJvb3QifQ==.6KZ2P32UymePwXgB3QudnufM2ZgnKepGzuYYkQHNF0A=", + "disabled": true + } + ], + "body": { + "mode": "raw", + "raw": "{\r\n \"name\": \"ip-learning-fqdn-relate-ip\",\r\n \"data_source\":\"ip_learnging_view\",\r\n \"filter\": \"VSYS_ID in (1) AND PROTOCOL in ('SSL', 'HTTP','DNS') AND DEPTH = 1 and UNIQ_CIP > 12 AND FQDN_NAME in ('itunes.apple', 'itunes.apple.com') \",\r\n \"intervals\": [\"2024-04-01 00:00:00/2024-04-02 00:00:00\"],\r\n \"execution_mode\":\"oneshot\",\r\n \"limit\": 4\r\n }", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + } + ], + "event": [ + { + "listen": "prerequest", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + }, + { + "listen": "test", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + } + ] + }, + { + "name": "Traffic Spectrum", + "item": [ + { + "name": "traffic-spectrum-summary", + "event": [ + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "test", + "script": { + "exec": [ + "tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "Authorization", + "value": "bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjEuNTkzNTIwMTQyMTI4MTA3OGUrNiwiZXhwIjoxNTk2MTEyMTQyLCJpc3MiOiJhcmFuZ29kYiIsInByZWZlcnJlZF91c2VybmFtZSI6InJvb3QifQ==.6KZ2P32UymePwXgB3QudnufM2ZgnKepGzuYYkQHNF0A=", + "disabled": true + } + ], + "body": { + "mode": "raw", + "raw": "{\r\n \"name\": \"traffic-spectrum-summary\",\r\n \"filter\": \"vsys_id in (1)\",\r\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\r\n \"execution_mode\":\"oneshot\"\r\n }", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + }, + { + "name": "traffic-spectrum-unique-client-and-server-ips", + "event": [ + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "test", + "script": { + "exec": [ + "tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "Authorization", + "value": "bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjEuNTkzNTIwMTQyMTI4MTA3OGUrNiwiZXhwIjoxNTk2MTEyMTQyLCJpc3MiOiJhcmFuZ29kYiIsInByZWZlcnJlZF91c2VybmFtZSI6InJvb3QifQ==.6KZ2P32UymePwXgB3QudnufM2ZgnKepGzuYYkQHNF0A=", + "disabled": true + } + ], + "body": { + "mode": "raw", + "raw": "{\r\n \"name\": \"traffic-spectrum-unique-client-and-server-ips\",\r\n \"filter\": \"vsys_id in (1)\",\r\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\r\n \"execution_mode\":\"oneshot\"\r\n }", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + }, + { + "name": "traffic-spectrum-app-distribution", + "event": [ + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "test", + "script": { + "exec": [ + "tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "Authorization", + "value": "bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjEuNTkzNTIwMTQyMTI4MTA3OGUrNiwiZXhwIjoxNTk2MTEyMTQyLCJpc3MiOiJhcmFuZ29kYiIsInByZWZlcnJlZF91c2VybmFtZSI6InJvb3QifQ==.6KZ2P32UymePwXgB3QudnufM2ZgnKepGzuYYkQHNF0A=", + "disabled": true + } + ], + "body": { + "mode": "raw", + "raw": "{\r\n \"name\": \"traffic-spectrum-app-distribution\",\r\n \"filter\": \"vsys_id in (1) and app in ('unknown')\",\r\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\r\n \"execution_mode\":\"oneshot\"\r\n }", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + }, + { + "name": "traffic-spectrum-client-ip-connect-application-usage", + "event": [ + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "test", + "script": { + "exec": [ + "tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "Authorization", + "value": "bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjEuNTkzNTIwMTQyMTI4MTA3OGUrNiwiZXhwIjoxNTk2MTEyMTQyLCJpc3MiOiJhcmFuZ29kYiIsInByZWZlcnJlZF91c2VybmFtZSI6InJvb3QifQ==.6KZ2P32UymePwXgB3QudnufM2ZgnKepGzuYYkQHNF0A=", + "disabled": true + } + ], + "body": { + "mode": "raw", + "raw": "{\r\n \"name\": \"traffic-spectrum-client-ip-connect-application-usage\",\r\n \"filter\": \"vsys_id in (1)\",\r\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\r\n \"execution_mode\":\"oneshot\"\r\n }", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + }, + { + "name": "traffic-spectrum-network-throughput-trend", + "event": [ + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "test", + "script": { + "exec": [ + "tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "Authorization", + "value": "bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjEuNTkzNTIwMTQyMTI4MTA3OGUrNiwiZXhwIjoxNTk2MTEyMTQyLCJpc3MiOiJhcmFuZ29kYiIsInByZWZlcnJlZF91c2VybmFtZSI6InJvb3QifQ==.6KZ2P32UymePwXgB3QudnufM2ZgnKepGzuYYkQHNF0A=", + "disabled": true + } + ], + "body": { + "mode": "raw", + "raw": "{\r\n \"name\": \"traffic-spectrum-network-throughput-trend\",\r\n \"filter\": \"vsys_id in (1)\",\r\n \"granularity\": \"PT60S\",\r\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\r\n \"execution_mode\":\"oneshot\"\r\n }", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "dsl" + ] + } + }, + "response": [] + } + ] + } + ], + "event": [ + { + "listen": "prerequest", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + }, + { + "listen": "test", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + } + ] + }, + { + "name": "Create SQL Query", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " // Set an environment variable", + " postman.setEnvironmentVariable(\"normal_job_id\", JSON.parse(responseBody).job.job_id);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"SELECT FROM_UNIXTIME(recv_time) AS stat_time,RATE(bytes, 600) * 8 FROM dos_event\" ,\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Create SQL Explain Query", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200); ", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"explain select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , avg(sum_in_bytes)*8/1 as avg_in_bits_per_sec, avg(sum_out_bytes)*8/1 as avg_out_bits_per_sec, avg(sum_bytes)*8/1 as avg_bits_per_sec, max(sum_in_bytes)*8/1 as max_in_bits_per_sec, max(sum_out_bytes)*8/1 as max_out_bits_per_sec, max(sum_bytes)*8/1 as max_bits_per_sec, min(sum_in_bytes)*8/1 as min_in_bits_per_sec, min(sum_out_bytes)*8/1 as min_out_bits_per_sec, min(sum_bytes)*8/1 as min_bits_per_sec from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1S') as stat_time, sum(in_bytes) as sum_in_bytes, sum(out_bytes) as sum_out_bytes, sum(in_bytes + out_bytes) as sum_bytes from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Create SQL Describe Query", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200); ", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"describe session_record\" ,\n \"output_mode\":\"json\",\n \"execution_mode\": \"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Create SQL Dry Run Query", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200); ", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time,'PT30S')) as stat_time, round(sum(sent_bytes)*8/30/1000/1000,2) as Bytes_Sent_Mbps, round(sum(received_bytes)*8/30/1000/1000,2) as Bytes_Received_Mbps, round(sum(sent_bytes + received_bytes)*8/30/1000/1000,2) as Mbps, round(sum(sent_pkts + received_pkts)/30/1000,2) as Kpps, round(count(1)/30/1000,2) as \\\"Ksessions/s\\\" from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"execution_mode\":\"blocking\",\n \"output_mode\":\"json\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Create Saved SQL Query", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " // Set an environment variable", + " postman.setEnvironmentVariable(\"saved_query_job_id\", JSON.parse(responseBody).job.job_id);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select uniq(client_ip) as \\\"Client IPs\\\", uniq(server_ip) as \\\"Server IPs\\\",uniq(server_domain) as \\\"Domains\\\",uniq(http_host) as \\\"Hosts\\\", uniq(ssl_sni) as \\\"SNIs\\\" from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Federation Query by Calcite", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select * from (select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time,'PT1h','zero')) as stat_time from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = UNIX_TIMESTAMP('{{start_time}}') and recv_time = '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT30m') order by stat_time asc \",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + }, + "description": "平均速率的两种计算方式。例如计算5分钟的平均速率:\n\n- sum(bytes)/5分钟:若5分钟内仅有30秒产生流量,产生结果将不准确\n- sum(bytes)/活跃时间 : 其中活跃时间=count(distinct(统计时间))\\* 预聚合粒度\n - 统计时间:time_floor(时间字段,'PT15S')\n - 预聚合粒度: 存储到时序数据库的统计粒度" + }, + "response": [] + }, + { + "name": "Top 100 slowest domains", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select server_domain as domain, round(avg(tcp_rtt_ms),0) avg_rtt_latency_ms from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time (now()-86400) and event_time < now() order by event_time desc limit 100 \" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Historical Slow Queries", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select databases, initial_query_id ,intDiv(query_duration_ms,1000) as query_duration_s, event_time, read_rows , read_bytes , initial_user, http_user_agent, initial_address, query from system.query_log_cluster where query_kind = 'Select' and query_start_time>(now()-86400) and initial_query_id = query_id and type IN ('QueryFinish') order by query_duration_ms desc limit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Most Frequent Query Columns", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select arrayJoin(columns) as used_columns, count() as columns_num from system.query_log_cluster where query_kind = 'Select' and query_start_time>(now()-86400) and initial_query_id = query_id and type IN ('QueryFinish') group by used_columns order by columns_num desc limit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Aggregate Queries Latency Statistics", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select\\n anyLast(query) as sql,\\n intDiv(avg(query_duration_ms),1000) as avg_query_duration_s,\\n intDiv(max(query_duration_ms),1000) as max_query_duration_s,\\n QUANTILE(query_duration_ms, 0.95)/1000 as p95_query_duration_s, \\n max(read_rows) ,\\n anyLast(http_user_agent) as last_http_user_agent,\\n used_aggregate_functions,\\n count() as query_count\\nfrom\\n system.query_log_cluster\\nwhere\\n query_kind = 'Select'\\n and query_start_time>(now()-86400)\\n and initial_query_id = query_id\\n and type IN ('QueryFinish')\\n and empty(used_aggregate_functions ) = 0\\ngroup by\\n toString(used_functions),\\n toString(used_aggregate_functions ),\\n toString(columns)\\norder by\\n avg_query_duration_s desc\\nlimit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Aggregate Queries Resource Usage Statistics", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select anyLast(query) as sql, intDiv(avg(query_duration_ms),1000) as avg_query_duration_s, toInt64(avg(memory_usage))/1024/1024 as avg_memory_MB, used_aggregate_functions, avg(ProfileEvents['FileOpen']) as FileOpen, avg(ProfileEvents['DiskReadElapsedMicroseconds'])/1000000 as DiskRead_s,count() as query_count from system.query_log_cluster where query_kind = 'Select' and query_start_time>(now()-86400) and initial_query_id != query_id and type IN ('QueryFinish') and empty(used_aggregate_functions ) = 0 group by toString(used_functions), toString(used_aggregate_functions ), toString(columns) order by avg_memory_MB desc limit 100\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Top 10 Queries using the most CPU and memory", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"SELECT type, event_time, initial_query_id, formatReadableSize(memory_usage) AS memory, \n `ProfileEvents.Values`[indexOf(`ProfileEvents.Names`, 'UserTimeMicroseconds')] AS userCPU,\n `ProfileEvents.Values`[indexOf(`ProfileEvents.Names`, 'SystemTimeMicroseconds')] AS systemCPU, normalizedQueryHash(query) AS normalized_query_hash FROM system.query_log_cluster where query_start_time>(now()-86400) ORDER BY memory_usage DESC LIMIT 10\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Apache Druid", + "item": [ + { + "name": "used_size", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\r\n \"query\": \"SELECT SUM(curr_size)/1024/1024/1024 AS curr_size_GB FROM sys.servers WHERE server_type = 'historical'\",\r\n \"context\": {\r\n \"skipEmptyBuckets\": \"false\"\r\n },\r\n \"resultFormat\": \"object\"\r\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql", + "protocol": "http", + "host": [ + "{{druid_ip}}" + ], + "port": "{{druid_port}}", + "path": [ + "druid", + "v2", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "max_size", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\r\n \"query\": \"SELECT SUM(max_size)/1024/1024/1024 AS max_size_GB FROM sys.servers WHERE server_type = 'historical'\",\r\n \"context\": {\r\n \"skipEmptyBuckets\": \"false\"\r\n },\r\n \"resultFormat\": \"object\"\r\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql", + "protocol": "http", + "host": [ + "{{druid_ip}}" + ], + "port": "{{druid_port}}", + "path": [ + "druid", + "v2", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "The Latest Ingestion Date for Druid", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\"query\":\"SELECT version FROM sys.segments WHERE version LIKE '2%' ORDER BY version DESC LIMIT 1\"}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql", + "protocol": "http", + "host": [ + "{{druid_ip}}" + ], + "port": "{{druid_port}}", + "path": [ + "druid", + "v2", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "The Earliest Ingestion Date for Druid", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\r\n \"query\": \"SELECT \\\"start\\\" FROM sys.segments order by \\\"start\\\" limit 1\"\r\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql", + "protocol": "http", + "host": [ + "{{druid_ip}}" + ], + "port": "{{druid_port}}", + "path": [ + "druid", + "v2", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Druid Tables", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/datasources", + "protocol": "http", + "host": [ + "{{druid_ip}}" + ], + "port": "{{druid_port}}", + "path": [ + "druid", + "v2", + "datasources" + ] + } + }, + "response": [] + }, + { + "name": "apache-druid-servers", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + "", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{druid_ip}}:{{druid_port}}/druid/coordinator/v1/servers?simple", + "protocol": "http", + "host": [ + "{{druid_ip}}" + ], + "port": "{{druid_port}}", + "path": [ + "druid", + "coordinator", + "v1", + "servers" + ], + "query": [ + { + "key": "simple", + "value": null + } + ] + }, + "description": "1. 将环境切换至 druid\r\n\r\n2. 执行此接口,如果接口正常返回数据,代表druid服务运行正常" + }, + "response": [] + }, + { + "name": "Average usage analysis in druid", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript" + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select time_floor(__time,'PT30m') as stat_time, sum(in_bytes + out_bytes)*8/1800/1000/1000 as normal_rate_mbps, sum(in_bytes + out_bytes)/count(distinct(time_floor(__time,'PT15S')))*8/15/1000/1000 as usage_rate_mbps from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) group by time_floor(__time,'PT30m') order by stat_time asc\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "password-generator", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "Content-Type", + "value": "application/json", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"password\":\"1234\",\n \"salt\":\"galaxy\"\n}" + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/util/password_generator", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "util", + "password_generator" + ] + } + }, + "response": [] + }, + { + "name": "sql-parser", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "method": "GET", + "header": [ + { + "key": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + } + ], + "body": { + "mode": "urlencoded", + "urlencoded": [] + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/util/sql_parser?sql=select * from session_record limit 1", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "util", + "sql_parser" + ], + "query": [ + { + "key": "sql", + "value": "select * from session_record limit 1" + } + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Troubleshooting", + "item": [ + { + "name": "component-health-status", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " const responseJson = pm.response.json();", + " pm.expect(responseJson.status).equals(\"UP\");", + "", + "});" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/troubleshooting/component/status", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "troubleshooting", + "component", + "status" + ] + }, + "description": "查询数据引擎引用的数据库健康状态及目前的配置。" + }, + "response": [] + }, + { + "name": "saved-query-scheduler-status", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + " const responseJson = pm.response.json();", + " pm.expect(responseJson.status).equals(\"UP\");", + "});" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{report_ip}}:{{report_port}}/v1/monitor", + "protocol": "http", + "host": [ + "{{report_ip}}" + ], + "port": "{{report_port}}", + "path": [ + "v1", + "monitor" + ] + } + }, + "response": [] + }, + { + "name": "hos-status", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{hos_ip}}:{{hos_port}}/admin/verification", + "protocol": "http", + "host": [ + "{{hos_ip}}" + ], + "port": "{{hos_port}}", + "path": [ + "admin", + "verification" + ] + } + }, + "response": [] + }, + { + "name": "ttl-consistency-test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/troubleshooting/sanity?test=ttl_consistency", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "troubleshooting", + "sanity" + ], + "query": [ + { + "key": "test", + "value": "ttl_consistency" + } + ] + } + }, + "response": [] + }, + { + "name": "schema-consistency-test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/troubleshooting/sanity?test=schema_consistency", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "troubleshooting", + "sanity" + ], + "query": [ + { + "key": "test", + "value": "schema_consistency" + } + ] + } + }, + "response": [] + }, + { + "name": "dataset-verification-test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/troubleshooting/sanity?test=dataset_verification", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "troubleshooting", + "sanity" + ], + "query": [ + { + "key": "test", + "value": "dataset_verification" + } + ] + } + }, + "response": [] + }, + { + "name": "sql-benchmark-test", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/troubleshooting/benchmark?test=benchmark&is_saved=0", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "troubleshooting", + "benchmark" + ], + "query": [ + { + "key": "test", + "value": "benchmark" + }, + { + "key": "is_saved", + "value": "0" + } + ] + } + }, + "response": [] + }, + { + "name": "saved-query-scheduler-job-status", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{report_ip}}:{{report_port}}/v1/monitor/job/test127897d819062beafc8db85b9ece", + "protocol": "http", + "host": [ + "{{report_ip}}" + ], + "port": "{{report_port}}", + "path": [ + "v1", + "monitor", + "job", + "test127897d819062beafc8db85b9ece" + ] + } + }, + "response": [] + }, + { + "name": "apache-druid-task-status", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + "", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{druid_ip}}:{{druid_port}}/druid/indexer/v1/supervisor?state=true", + "protocol": "http", + "host": [ + "{{druid_ip}}" + ], + "port": "{{druid_port}}", + "path": [ + "druid", + "indexer", + "v1", + "supervisor" + ], + "query": [ + { + "key": "state", + "value": "true" + } + ] + }, + "description": "1. 将环境切换至 druid\r\n\r\n2. 执行此接口,如果接口正常返回数据,代表druid服务运行正常" + }, + "response": [] + }, + { + "name": "apache-druid-service-health", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "", + "", + "pm.test(\"Response body is a boolean value\", function () {", + " pm.expect(pm.response.text()).to.be.oneOf(['true']);", + "});", + "", + "", + "", + "", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{druid_ip}}:{{druid_port}}/status/health", + "protocol": "http", + "host": [ + "{{druid_ip}}" + ], + "port": "{{druid_port}}", + "path": [ + "status", + "health" + ] + }, + "description": "1. 将环境切换至 druid\r\n\r\n2. 执行此接口,如果接口正常返回数据,代表druid服务运行正常" + }, + "response": [] + }, + { + "name": "apache-druid-configuration-properties", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + "", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "http://{{druid_ip}}:{{druid_port}}/status/properties", + "protocol": "http", + "host": [ + "{{druid_ip}}" + ], + "port": "{{druid_port}}", + "path": [ + "status", + "properties" + ] + }, + "description": "1. 将环境切换至 druid\r\n\r\n2. 执行此接口,如果接口正常返回数据,代表druid服务运行正常" + }, + "response": [] + }, + { + "name": "Top 30 Statistics Object by Count", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "protocolProfileBehavior": { + "followOriginalHttpMethod": false, + "followRedirects": false + }, + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\" : \"select object_id, count(distinct item_id) unique_items, count(*) as cnt from object_statistics where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) group by object_id order by cnt desc limit 30\" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "First and Last Found of Metric Sources", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "", + "});", + "" + ], + "type": "text/javascript", + "packages": {} + } + }, + { + "listen": "prerequest", + "script": { + "exec": [ + "" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select 'General Metrics' as type, min(__time) as first_time, max(__time) as last_time from traffic_general_stat where __time >= '{{start_time}}' and vsys_id in (1) union all select 'Application Protocol Stat' as type, min(__time) as first_time, max(__time) as last_time from application_protocol_stat where __time >= '{{start_time}}' and vsys_id in (1) union all select 'Object Statistics' as type, min(__time) as first_time, max(__time) as last_time from object_statistics where __time >= '{{start_time}}' and vsys_id in (1) union all select 'Statistics Rule' as type, min(__time) as first_time, max(__time) as last_time from statistics_rule where __time >= '{{start_time}}' and vsys_id in (1) union all select 'Security Policy Rule Hits' as type, min(__time) as first_time, max(__time) as last_time from security_rule_hits where __time >= '{{start_time}}' and vsys_id in (1) union all select 'Proxy Policy Rule Hits' as type, min(__time) as first_time, max(__time) as last_time from proxy_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) union all select 'Traffic Shaping Rule Hits' as type, min(__time) as first_time, max(__time) as last_time from traffic_shaping_rule_hits where __time >= '{{start_time}}' and vsys_id in (1) union all select 'Service Chaining Rule Hits' as type, min(__time) as first_time, max(__time) as last_time from service_chaining_rule_hits where __time >= '{{start_time}}' and vsys_id in (1) union all select 'Internal IPs' as type, min(__time) as first_time, max(__time) as last_time from top_internal_ips where __time >= '{{start_time}}' and vsys_id in (1) union all select 'Client IPs' as type, min(__time) as first_time, max(__time) as last_time from top_client_ips union all select 'Server Domains' as type, min(__time) as first_time, max(__time) as last_time from top_server_domains where __time >= '{{start_time}}' and vsys_id in (1) union all select 'Server FQDNs' as type, min(__time) as first_time, max(__time) as last_time from top_server_fqdns where __time >= '{{start_time}}' and vsys_id in (1) \" ,\n \"output_mode\":\"json\",\n \"execution_mode\":\"oneshot\"\n\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + } + }, + "response": [] + }, + { + "name": "Duplicate Session Records", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript", + "packages": {} + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"statement\": \"select 'Session Records' as type, count(*) as num from (select log_id,count(*) as num from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time 1)\",\n \"execution_mode\": \"oneshot\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "query", + "sql" + ] + }, + "description": "平均速率的两种计算方式。例如计算5分钟的平均速率:\n\n- sum(bytes)/5分钟:若5分钟内仅有30秒产生流量,产生结果将不准确\n- sum(bytes)/活跃时间 : 其中活跃时间=count(distinct(统计时间))\\* 预聚合粒度\n - 统计时间:time_floor(时间字段,'PT15S')\n - 预聚合粒度: 存储到时序数据库的统计粒度" + }, + "response": [] + } + ] + }, + { + "name": "HOS", + "item": [ + { + "name": "Get File List", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [ + { + "key": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + } + ], + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/hos/troubleshooting_file_bucket?prefix=1", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "hos", + "troubleshooting_file_bucket" + ], + "query": [ + { + "key": "prefix", + "value": "1" + } + ] + } + }, + "response": [] + }, + { + "name": "Test All Buckets", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [ + { + "key": "Token", + "value": "{{hos_token}}", + "type": "text" + } + ], + "url": { + "raw": "http://{{hos_ip}}:{{hos_port}}/hos/", + "protocol": "http", + "host": [ + "{{hos_ip}}" + ], + "port": "{{hos_port}}", + "path": [ + "hos", + "" + ], + "query": [ + { + "key": "AccessKey", + "value": "default", + "disabled": true + } + ] + } + }, + "response": [] + }, + { + "name": "Test List Objects", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [ + { + "key": "Token", + "value": "{{hos_token}}", + "type": "text" + } + ], + "url": { + "raw": "http://{{hos_ip}}:{{hos_port}}/hos/pcap_file_bucket/?max-keys=100", + "protocol": "http", + "host": [ + "{{hos_ip}}" + ], + "port": "{{hos_port}}", + "path": [ + "hos", + "pcap_file_bucket", + "" + ], + "query": [ + { + "key": "AccessKey", + "value": "default", + "disabled": true + }, + { + "key": "max-keys", + "value": "100" + } + ] + } + }, + "response": [] + }, + { + "name": "Test Get Object Metadata", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [ + { + "key": "Token", + "value": "{{hos_token}}", + "type": "text" + } + ], + "url": { + "raw": "http://{{hos_ip}}:{{hos_port}}/hos/default/galaxy-hos.txt?metadata=", + "protocol": "http", + "host": [ + "{{hos_ip}}" + ], + "port": "{{hos_port}}", + "path": [ + "hos", + "default", + "galaxy-hos.txt" + ], + "query": [ + { + "key": "metadata", + "value": "" + }, + { + "key": "AccessKey", + "value": "default", + "disabled": true + } + ] + } + }, + "response": [] + }, + { + "name": "Test Get a File", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [ + { + "key": "Token", + "value": "{{hos_token}}", + "type": "text" + } + ], + "url": { + "raw": "http://{{hos_ip}}:{{hos_port}}/hos/default/galaxy-hos.txt", + "protocol": "http", + "host": [ + "{{hos_ip}}" + ], + "port": "{{hos_port}}", + "path": [ + "hos", + "default", + "galaxy-hos.txt" + ], + "query": [ + { + "key": "AccessKey", + "value": "default", + "disabled": true + } + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Knowledge Base File", + "item": [ + { + "name": "Get List", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status code is 200\", function () {", + " pm.response.to.have.status(200);", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [ + { + "key": "Content-Type", + "value": "application/x-www-form-urlencoded", + "type": "text" + } + ], + "url": { + "raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/knowledge_base", + "protocol": "http", + "host": [ + "{{qgw_ip}}" + ], + "port": "{{qgw_port}}", + "path": [ + "v1", + "knowledge_base" + ] + } + }, + "response": [] + } + ] + } + ], + "event": [ + { + "listen": "prerequest", + "script": { + "type": "text/javascript", + "exec": [ + "var startDate = new Date(Date.now()-86400000);", + "var start_time = startDate.getFullYear().toString() + \"-\" +", + " (startDate.getMonth() + 1).toString().padStart(2, '0') + \"-\" +", + " startDate.getDate().toString().padStart(2, '0') + \" \" +", + " startDate.getHours().toString().padStart(2, '0') + \":\" +", + " startDate.getMinutes().toString().padStart(2, '0') + \":\" +", + " startDate.getSeconds().toString().padStart(2, '0');", + "", + "pm.globals.set(\"start_time\", start_time);", + "var endDate = new Date(Date.now());", + "var end_time = endDate.getFullYear().toString() + \"-\" +", + " (endDate.getMonth() + 1).toString().padStart(2, '0') + \"-\" +", + " endDate.getDate().toString().padStart(2, '0') + \" \" +", + " endDate.getHours().toString().padStart(2, '0') + \":\" +", + " endDate.getMinutes().toString().padStart(2, '0') + \":\" +", + " endDate.getSeconds().toString().padStart(2, '0'); ", + "pm.globals.set(\"end_time\", end_time);", + "pm.globals.set(\"domain\",pm.variables.replaceIn('{{$randomDomainName}}'));", + "pm.globals.set(\"client_ip\",pm.variables.replaceIn('{{$randomIP}}'));", + "pm.globals.set(\"server_ip\",pm.variables.replaceIn('{{$randomIP}}'));", + "" + ] + } + }, + { + "listen": "test", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + } + ] +} \ No newline at end of file diff --git a/24.07/e2e-mockdata-generator/config.properties b/24.07/e2e-mockdata-generator/config.properties new file mode 100644 index 0000000..9080c00 --- /dev/null +++ b/24.07/e2e-mockdata-generator/config.properties @@ -0,0 +1,3 @@ +#####kafka SASL username/password +#kafka.user=admin +#kafka.pin=galaxy2019 \ No newline at end of file diff --git a/24.07/e2e-mockdata-generator/datasets/logs/proxy_event.dat b/24.07/e2e-mockdata-generator/datasets/logs/proxy_event.dat new file mode 100644 index 0000000..8f8ea89 --- /dev/null +++ b/24.07/e2e-mockdata-generator/datasets/logs/proxy_event.dat @@ -0,0 +1 @@ +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240001,"decoded_as":"HTTP","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.1","server_ip":"192.0.2.1","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.HTTP","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"http_version":"http1","http_request_line":"GET www.google.com/ HTTP/1.1","http_response_line":"HTTP/1.1 200 OK","http_status_code":200,"http_url":"www.google.com/","http_host":"www.google.com","http_cookie":"NID=513","http_user_agent":"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)","http_response_content_type":"text/html; charset=UTF-8","proxy_rule_list":[4450],"proxy_action":"insert","http_action_file_size":35} diff --git a/24.07/e2e-mockdata-generator/datasets/logs/session_record.dat b/24.07/e2e-mockdata-generator/datasets/logs/session_record.dat new file mode 100644 index 0000000..1db77e7 --- /dev/null +++ b/24.07/e2e-mockdata-generator/datasets/logs/session_record.dat @@ -0,0 +1,7 @@ +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240001,"decoded_as":"BASE","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.1","server_ip":"192.0.2.1","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]"} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240002,"decoded_as":"HTTP","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.2","server_ip":"192.0.2.2","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.HTTP","server_fqdn":"static-pcs-sdk-server.test.com","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","packet_capture_file":"123e4567-e89b-12d3-a456-426614174001","http_request_body":"123e4567-e89b-12d3-a456-426614174002","http_response_body":"123e4567-e89b-12d3-a456-426614174003","http_version":"http1","http_request_line":"POST /a HTTP/1.1","http_user_agent":"WinHttpClient","http_request_content_length":0,"http_host":"static-pcs-sdk-server.test.com","http_url":"static-pcs-sdk-server.test.com/a","http_status_code":200,"http_response_line":"HTTP/1.1 200 OK","http_response_content_type":"application/json;charset=UTF-8","http_response_content_length":0,"http_response_latency_ms":0,"http_session_duration_ms":0,"http_sequence":1} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240003,"decoded_as":"SSL","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.3","server_ip":"192.0.2.3","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.ssl","server_fqdn":"storeedgefd.dsx.mp.microsoft.com","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","ssl_ja3_hash":"","ssl_esni_flag":0,"ssl_ech_flag":0,"ssl_sni":"storeedgefd.dsx.mp.microsoft.com","ssl_ja3s_hash":"","ssl_version":"v3","ssl_cn":"sfdataservice.microsoft.com","ssl_cert_issuer":"","ssl_cert_subject":"","ssl_san":"","ssl_handshake_latency_ms":0} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240004,"decoded_as":"DNS","ip_protocol":"udp","address_type":4,"client_ip":"10.0.0.4","server_ip":"192.0.2.4","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.UDP.dns","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","dns_response_latency_ms":0,"dns_qr":1,"dns_aa":0,"dns_message_id":47610,"dns_opcode":0,"dns_ra":1,"dns_rcode":0,"dns_rd":1,"dns_tc":0,"dns_qdcount":1,"dns_ancount":1,"dns_nscount":6,"dns_arcount":13,"dns_qname":"","dns_qtype":1,"dns_qclass":1} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240005,"decoded_as":"QUIC","ip_protocol":"udp","address_type":4,"client_ip":"10.0.0.5","server_ip":"192.0.2.5","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.UDP.quic","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","quic_version":"IETF QUIC RFC9000"} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240006,"decoded_as":"MAIL","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.6","server_ip":"192.0.2.6","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.mail.imap","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","mail_protocol_type":"IMAP","mail_eml_file":"123e4567-e89b-12d3-a456-426614174004"} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240007,"decoded_as":"SSH","ip_protocol":"tcp","address_type":4,"client_ip":"10.0.0.7","server_ip":"192.0.2.7","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.TCP.ssh","server_fqdn":"","out_src_mac":"00:1A:2B:3C:4D:5E","out_dest_mac":"5E:4D:3C:2B:1A:00","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"tcp_c2s_ip_fragments":0,"tcp_s2c_ip_fragments":0,"tcp_c2s_rtx_pkts":0,"tcp_c2s_rtx_bytes":0,"tcp_s2c_rtx_pkts":0,"tcp_s2c_rtx_bytes":0,"tcp_c2s_o3_pkts":0,"tcp_s2c_o3_pkts":0,"tcp_c2s_lost_bytes":0,"tcp_s2c_lost_bytes":0,"flags":0,"flags_identify_info":[1,1],"fqdn_category_list":[0],"monitor_rule_list":[0],"security_rule_list":[0],"sc_rule_list":[0],"shaping_rule_list":[0],"proxy_rule_list":[0],"statistics_rule_list":[0],"monitor_mirrored_pkts":0,"monitor_mirrored_bytes":0,"client_os_desc":"Windows","server_os_desc":"Linux","dup_traffic_flag":0,"sc_rsp_raw":[0],"encapsulation":"[{\"tunnels_schema_type\":\"ETHERNET\",\"source_mac\":\"00:1A:2B:3C:4D:5E\",\"destination_mac\":\"5E:4D:3C:2B:1A:00\"}]","ssh_server_version":"SSH-2.0-OpenSSH_7.4","ssh_client_version":"SSH-2.0-OpenSSH_9.0","ssh_version":2,"ssh_hassh":"0","ssh_kex_alg":"curve25519-sha256","ssh_host_key_alg":"ssh-ed25519","ssh_cipher_alg":"chacha20-poly1305@openssh.com","ssh_mac_alg":"umac-64-etm@openssh.com","ssh_compression_alg":"none","ssh_host_key":"0"} diff --git a/24.07/e2e-mockdata-generator/datasets/logs/voip_record.dat b/24.07/e2e-mockdata-generator/datasets/logs/voip_record.dat new file mode 100644 index 0000000..be513fb --- /dev/null +++ b/24.07/e2e-mockdata-generator/datasets/logs/voip_record.dat @@ -0,0 +1,4 @@ +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240001,"decoded_as":"RTP","ip_protocol":"udp","address_type":4,"client_ip":"192.168.64.8","server_ip":"192.168.39.62","client_port":25524,"server_port":4580,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.UDP.rtp","server_fqdn":"","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"flags":24576,"flags_identify_info":[1,1],"fqdn_category_list":[0],"client_os_desc":"Windows","server_os_desc":"Linux","rtp_pcap_path":"123e4567-e89b-12d3-a456-426614174005"} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240002,"decoded_as":"SIP","ip_protocol":"udp","address_type":4,"client_ip":"10.0.0.1","server_ip":"192.0.2.1","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.UDP.sip","server_fqdn":"","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"flags":24584,"flags_identify_info":[1,1],"fqdn_category_list":[0],"client_os_desc":"Windows","server_os_desc":"Linux","sip_call_id":"NGMxZWY3Y2NmMzNlNGE3NzJhODgyZDAwM2YyMzQ4NGI.","sip_originator_description":"\"lina\";tag=1837055d","sip_responder_description":"\"1075\"","sip_originator_sdp_connect_ip":"192.168.64.8","sip_originator_sdp_media_port":25524,"sip_originator_sdp_media_type":"application/sdp","sip_server":"OpenSIPS (2.4.11 (x86_64/linux))","sip_responder_sdp_connect_ip":"192.168.39.62","sip_responder_sdp_media_port":4580,"sip_responder_sdp_media_type":"application/sdp","sip_duration_s":590,"sip_bye":"responder","sip_cseq":"2 BYE","sip_via":"SIP/2.0/UDP 192.0.2.1:5060;branch=z9hG4bKbe7c.392190f1.0","sip_user_agent":"eyeBeam release 1011d stamp 40820","sip_is_request":0} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240003,"decoded_as":"RTP","ip_protocol":"udp","address_type":4,"client_ip":"192.168.164.18","server_ip":"192.168.39.162","client_port":65121,"server_port":4670,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.UDP.rtp","server_fqdn":"","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"flags":24584,"flags_identify_info":[1,1],"fqdn_category_list":[0],"client_os_desc":"Windows","server_os_desc":"Linux","rtp_pcap_path":"123e4567-e89b-12d3-a456-426614174001"} +{"__timestamp":946681200,"__inputid":"tsg_olap","session_id":10240004,"decoded_as":"SIP","ip_protocol":"udp","address_type":4,"client_ip":"10.0.0.2","server_ip":"192.0.2.2","client_port":1000,"server_port":60000,"t_vsys_id":0,"vsys_id":1024,"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","sled_ip":"127.0.0.1","app":"unknown","app_transition":"","client_geolocation":"unknown","server_geolocation":"unknown","decoded_path":"ETHERNET.IPv4.UDP.sip","server_fqdn":"","start_timestamp_ms":946681200000,"end_timestamp_ms":946681200000,"tcp_rtt_ms":0,"tcp_client_isn":0,"tcp_server_isn":0,"tcp_handshake_latency_ms":0,"in_link_id":0,"out_link_id":0,"duration_ms":0,"sent_pkts":0,"sent_bytes":0,"received_pkts":0,"received_bytes":0,"flags":24584,"flags_identify_info":[1,1],"fqdn_category_list":[0],"client_os_desc":"Windows","server_os_desc":"Linux","sip_call_id":"CUMxZWY3Y2NmMzNlNGE3NzJhODgyZDAwM2YyMzQ4NGI.","sip_originator_description":"\"lina\";tag=1837055d","sip_responder_description":"\"1075\"","sip_originator_sdp_connect_ip":"192.68.64.8","sip_originator_sdp_media_port":25524,"sip_originator_sdp_media_type":"application/sdp","sip_server":"OpenSIPS (2.4.11 (x86_64/linux))","sip_responder_sdp_connect_ip":"192.18.39.62","sip_responder_sdp_media_port":4580,"sip_responder_sdp_media_type":"application/sdp","sip_duration_s":590,"sip_bye":"responder","sip_cseq":"2 BYE","sip_via":"SIP/2.0/UDP 192.0.2.1:5060;branch=z9hG4bKbe7c.392190f1.0","sip_user_agent":"eyeBeam release 1011d stamp 40820","sip_is_request":0} diff --git a/24.07/e2e-mockdata-generator/datasets/metrics/network_traffic_metric.dat b/24.07/e2e-mockdata-generator/datasets/metrics/network_traffic_metric.dat new file mode 100644 index 0000000..2b1a500 --- /dev/null +++ b/24.07/e2e-mockdata-generator/datasets/metrics/network_traffic_metric.dat @@ -0,0 +1,3 @@ +{"fields":{"sessions":0,"in_bytes":0,"out_bytes":0,"in_pkts":0,"out_pkts":0,"c2s_pkts":0,"s2c_pkts":0,"c2s_bytes":0,"s2c_bytes":0,"c2s_fragments":0,"s2c_fragments":0,"c2s_tcp_lost_bytes":0,"s2c_tcp_lost_bytes":0,"c2s_tcp_ooorder_pkts":0,"s2c_tcp_ooorder_pkts":0,"c2s_tcp_retransmitted_pkts":0,"s2c_tcp_retransmitted_pkts":0,"c2s_tcp_retransmitted_bytes":0,"s2c_tcp_retransmitted_bytes":0},"name":"traffic_application_protocol_stat","tags":{"decoded_path":"ETHERNET.IPv4.TCP.ssl","app":"ssl","data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","vsys_id":1024,"__timestamp":946681200,"__inputid":"tsg_olap"},"timestamp_ms":946681200000} +{"fields":{"c2s_bytes":0,"c2s_fragments":0,"c2s_pkts":0,"c2s_tcp_lost_bytes":0,"c2s_tcp_ooorder_pkts":0,"c2s_tcp_retransmitted_bytes":0,"c2s_tcp_retransmitted_pkts":0,"in_bytes":0,"in_pkts":0,"out_bytes":0,"out_pkts":0,"s2c_bytes":0,"s2c_fragments":0,"s2c_pkts":0,"s2c_tcp_lost_bytes":0,"s2c_tcp_ooorder_pkts":0,"s2c_tcp_retransmitted_bytes":0,"s2c_tcp_retransmitted_pkts":0,"sessions":0},"name":"application_protocol_stat","tags":{"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","protocol_stack_id":"","vsys_id":1024,"__timestamp":946681200,"__inputid":"tsg_olap"},"timestamp_ms":946681200000} +{"name":"traffic_general_stat","tags":{"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","vsys_id":1024},"fields":{"sessions":0,"active_sessions":0,"closed_sessions":0,"in_bytes":0,"out_bytes":0,"in_pkts":0,"out_pkts":0,"asymmetric_c2s_flows":0,"asymmetric_s2c_flows":0,"tcp_syn_pkts":0,"tcp_ack_pkts":0,"tcp_fin_pkts":0,"tcp_rst_pkts":0,"__timestamp":946681200,"__inputid":"tsg_olap"},"timestamp_ms":946681200000} diff --git a/24.07/e2e-mockdata-generator/datasets/metrics/object_statistics_metric.dat b/24.07/e2e-mockdata-generator/datasets/metrics/object_statistics_metric.dat new file mode 100644 index 0000000..fb57b91 --- /dev/null +++ b/24.07/e2e-mockdata-generator/datasets/metrics/object_statistics_metric.dat @@ -0,0 +1 @@ +{"name":"object_statistics","tags":{"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","action":0,"vsys_id":1024,"__timestamp":946681200,"__inputid":"tsg_olap","object_type":"application","object_id":0,"chart_id":0,"version":1,"template_id":0},"fields":{"in_bytes":0,"out_bytes":0,"bytes":0},"timestamp_ms":946681200000} diff --git a/24.07/e2e-mockdata-generator/datasets/metrics/policy_rule_metric.dat b/24.07/e2e-mockdata-generator/datasets/metrics/policy_rule_metric.dat new file mode 100644 index 0000000..e3286e5 --- /dev/null +++ b/24.07/e2e-mockdata-generator/datasets/metrics/policy_rule_metric.dat @@ -0,0 +1,6 @@ +{"fields":{"recv_bytes":0,"recv_pkts":0,"sent_bytes":0,"sent_pkts":0},"name":"service_chaining_rule_hits","tags":{"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","rule_id":"-1","sf_profile_id":"-1","sff_profile_id":"-1","vsys_id":"1024","__timestamp":946681200,"__inputid":"tsg_olap"},"timestamp_ms":946681200000} +{"name":"monitor_rule_hits","tags":{"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","rule_id":"-1","action":0,"vsys_id":1024,"__timestamp":946681200,"__inputid":"tsg_olap"},"fields":{"hit_count":0,"in_bytes":0,"out_bytes":0,"in_pkts":0,"out_pkts":0},"timestamp_ms":946681200000} +{"name":"statistics_rule_hits","tags":{"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","rule_id":"-1","action":0,"vsys_id":1024,"__timestamp":946681200,"__inputid":"tsg_olap"},"fields":{"hit_count":0,"in_bytes":0,"out_bytes":0,"in_pkts":0,"out_pkts":0},"timestamp_ms":946681200000} +{"name":"security_rule_hits","tags":{"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","rule_id":"-1","action":0,"vsys_id":1024,"__timestamp":946681200,"__inputid":"tsg_olap"},"fields":{"hit_count":0,"in_bytes":0,"out_bytes":0,"in_pkts":0,"out_pkts":0},"timestamp_ms":946681200000} +{"fields":{"hit_count":1,"in_bytes":0,"in_pkts":0,"out_bytes":603,"out_pkts":1},"name":"proxy_rule_hits","tags":{"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","rule_id":"-1","action":0,"sub_action":"","vsys_id":1024,"__timestamp":946681200,"__inputid":"tsg_olap","pinning_status":0},"timestamp_ms":946681200000} + diff --git a/24.07/e2e-mockdata-generator/datasets/metrics/statistics_rule_metric.dat b/24.07/e2e-mockdata-generator/datasets/metrics/statistics_rule_metric.dat new file mode 100644 index 0000000..30fe735 --- /dev/null +++ b/24.07/e2e-mockdata-generator/datasets/metrics/statistics_rule_metric.dat @@ -0,0 +1 @@ +{"name":"statistics_rule","tags":{"data_center":"tsg_olap","device_group":"tsg_olap","device_id":"0000000000000000","rule_id":"-1","action":0,"vsys_id":1024,"__timestamp":946681200,"__inputid":"tsg_olap","chart_id":0,"version":1,"template_id":0,"c2s_ttl":0,"s2c_ttl":0,"c2s_link_id":0,"s2c_link_id":0},"fields":{"in_bytes":0,"out_bytes":0},"timestamp_ms":946681200000} diff --git a/24.07/e2e-mockdata-generator/datasets/metrics/traffic_sketch_metric.dat b/24.07/e2e-mockdata-generator/datasets/metrics/traffic_sketch_metric.dat new file mode 100644 index 0000000..4f80dbc --- /dev/null +++ b/24.07/e2e-mockdata-generator/datasets/metrics/traffic_sketch_metric.dat @@ -0,0 +1 @@ +{"name":"traffic_sketch_metric","tags":{"direction":"Outbound","c2s_link_id":0,"s2c_link_id":0,"ip_protocol":"","client_ip":"0.0.0.0","server_ip":"0.0.0.0","server_country":"","client_asn":0,"server_asn":0,"server_fqdn":"","server_domain":"","app":"","app_category":"","c2s_ttl":0,"s2c_ttl":0,"device_id":"0000000000000000","device_group":"tsg_olap","data_center":"tsg_olap","vsys_id":1024},"fields":{"sessions":0,"bytes":0,"sent_bytes":0,"received_bytes":0,"pkts":0,"sent_pkts":0,"received_pkts":0},"timestamp_ms":946681200000} diff --git a/24.07/e2e-mockdata-generator/e2e-mockdata-generator.jar b/24.07/e2e-mockdata-generator/e2e-mockdata-generator.jar new file mode 100644 index 0000000..8e6f26c Binary files /dev/null and b/24.07/e2e-mockdata-generator/e2e-mockdata-generator.jar differ