gfwleak/galaxy-platform-galaxy-troubleshooting-api
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add API 21.09

Browse Source
This commit is contained in:
doufenghu
2021-09-17 20:16:57 +08:00
parent b7f5e57655
commit f2ff586831
1 changed files with 1 additions and 373 deletions
Download Patch File Download Diff File Expand all files Collapse all files

374
21.09/Galaxy Trouble Shooting API V21.09.postman_collection.json
View File

@@ -2,7 +2,7 @@
"info": {
"_postman_id": "8304ab2f-208f-4d4f-80b3-237645047bea",
"name": "Galaxy Trouble Shooting API V21.09",
"description": "# galaxy-troubleshooting-api\n\n## Release 21.08 (15 AUG 2021)\n###### New Features\n* 新增“Dashboard查询-DoS Threat Map”功能列表显示DoS检测地图接口\n* 新增“原始日志查询-DoS事件日志”显示DoS攻击检测日志\n* 新增“原始日志查询-DoS事件日志-Summary”显示DoS攻击趋势统计\n* 新增“原始日志查询-DoS事件日志-Destination IP Traffic Trend”显示受害者IP历史流量趋势\n* 新增“基数统计-实体“流量分析\n###### Update \n* 迁移“Dashboard查询”liveCharts接口放到“Live Charts”目录中统一管理。\n* 对DNS分析增加一些查询样例\n\n## Release 21.07 (5 JUL 2021)\n\n###### New Features\n\n* 增加”常用快捷功能-基数统计“,用于分析日志分布情况\n* 增加”常用快捷功能-DNS放大攻击“查询特征数据集\n* 增加”通用检查-对象存储-获取某个文件“,用于文件获取验证\n\n\n###### Update \n* 为所有接口增加Tests脚本对接口进行批量验证测试\n* 修正部分接口查询异常\n\n\n## Release 21.06 (7 JUN 2021)\n\n###### New Features\n* Environments 增加环境变量domain、client_ip、server_ip、l7_protocol和PT1M_TIME\n* 常用快捷功能增加某域名下钻、某IP下钻、协议下钻和DNS分析功能\n\n###### Update \n* 原始日志查询基于Druid近1小时日志变化粒度从5分钟改为1分钟。包含通联、策略和代理日志。\n\n\n## Release 21.05 (6 MAY 2021)\n\n###### New Features\n* 新增“GTP-C日志”功能辅助故障诊断\n* 新增“事务日志”功能,辅助故障诊断\n* 新增“活跃会话日志”功能,辅助故障诊断\n* 新增“07.常用快捷功能-评估写入日志量”,查看当前系统的吞吐\n\n\n###### Update \n* 修改\"01.通用检查-数据存储检查\"增加事务、活跃及GTP-C 检测\n\n\n## Release 21.04 (3 APR 2021)\n\n###### New Features\n* 增加“VoIP日志”功能辅助故障诊断\n* 增加“元数据检查”分类目录\n* 增加“HOS对象存储”目录用于定位对象存储\n\n\n###### Update \n\n* 修改“SQL语法检查”为“SQL语法验证”支持SQL语句的静态分析和数据库语义验证\n* 迁移功能项位置,方便问题定位\n\n###### Delete\n* 删除“系统检查-查询引擎SQL测试集[过时]”功能,由“故障诊断-sql性能测试”替代。\n\n\n## Release 21.03 (2 MAR 2021)\n\n###### New Features\n\n* 增加故障诊断-元数据功能可分析日志字段是否与schema一致\n* 增加故障诊断-sql性能测试可对查询引擎进行功能性验证和POC性能测试 \n\n###### Update \n\n* 对查询引擎SQL测试集标记过时\n\n\n## Release 21.02 (1 FEB 2021)\n\n\n###### Update \n\n* 改善内部测试集,应对新的功能修改\n\n\n\n\n\n\n## Release 20.11.rc3 (11 DEC 2020)\n\n###### New Features\n\n* 增加常用快捷功能- 安装证书独立客户端IP数据趋势\n* 增加常用快捷功能-访问速度最慢TOP20 域名\n* 增加常用快捷功能-报告预置Metrics\n* 增加原始日志查询-安全策略-动作命中计数\n* 增加原始日志查询-代理策略-动作命中计数\n* 增加原始日志查询-通联-流量计数(now)\n\n###### Update \n\n* 改善Dashboard查询-基础统计-新建、活跃(计数)-now\n* 改善Dashboard查询-新建、活跃(趋势)\n* 目录增加编号,便于管理\n* 修改分布式调度任务-5分钟TOPN-hot表验证表名\n* 部分Action为post 改为 get便于导出命令行\n\n\n[帮助文档]: https://docs.geedge.net/pages/viewpage.action?pageId=19896569",
"description": "# galaxy-troubleshooting-api\n\n## Release 21.09 (17 SEP 2021)\n###### New Features\n* \n###### Update \n* 删除分布式调度任务5分钟TOPN校验交由FLink统计\n* 原始日志表名进行重命名,相关查询接口更新\n* 修正DNS分析的SQL数据集\n\n## Release 21.08 (15 AUG 2021)\n###### New Features\n* 新增“Dashboard查询-DoS Threat Map”功能列表显示DoS检测地图接口\n* 新增“原始日志查询-DoS事件日志”显示DoS攻击检测日志\n* 新增“原始日志查询-DoS事件日志-Summary”显示DoS攻击趋势统计\n* 新增“原始日志查询-DoS事件日志-Destination IP Traffic Trend”显示受害者IP历史流量趋势\n* 新增“基数统计-实体“流量分析\n###### Update \n* 迁移“Dashboard查询”liveCharts接口放到“Live Charts”目录中统一管理。\n* 对DNS分析增加一些查询样例\n\n## Release 21.07 (5 JUL 2021)\n\n###### New Features\n\n* 增加”常用快捷功能-基数统计“,用于分析日志分布情况\n* 增加”常用快捷功能-DNS放大攻击“查询特征数据集\n* 增加”通用检查-对象存储-获取某个文件“,用于文件获取验证\n\n\n###### Update \n* 为所有接口增加Tests脚本对接口进行批量验证测试\n* 修正部分接口查询异常\n\n\n## Release 21.06 (7 JUN 2021)\n\n###### New Features\n* Environments 增加环境变量domain、client_ip、server_ip、l7_protocol和PT1M_TIME\n* 常用快捷功能增加某域名下钻、某IP下钻、协议下钻和DNS分析功能\n\n###### Update \n* 原始日志查询基于Druid近1小时日志变化粒度从5分钟改为1分钟。包含通联、策略和代理日志。\n\n\n## Release 21.05 (6 MAY 2021)\n\n###### New Features\n* 新增“GTP-C日志”功能辅助故障诊断\n* 新增“事务日志”功能,辅助故障诊断\n* 新增“活跃会话日志”功能,辅助故障诊断\n* 新增“07.常用快捷功能-评估写入日志量”,查看当前系统的吞吐\n\n\n###### Update \n* 修改\"01.通用检查-数据存储检查\"增加事务、活跃及GTP-C 检测\n\n\n## Release 21.04 (3 APR 2021)\n\n###### New Features\n* 增加“VoIP日志”功能辅助故障诊断\n* 增加“元数据检查”分类目录\n* 增加“HOS对象存储”目录用于定位对象存储\n\n\n###### Update \n\n* 修改“SQL语法检查”为“SQL语法验证”支持SQL语句的静态分析和数据库语义验证\n* 迁移功能项位置,方便问题定位\n\n###### Delete\n* 删除“系统检查-查询引擎SQL测试集[过时]”功能,由“故障诊断-sql性能测试”替代。\n\n\n## Release 21.03 (2 MAR 2021)\n\n###### New Features\n\n* 增加故障诊断-元数据功能可分析日志字段是否与schema一致\n* 增加故障诊断-sql性能测试可对查询引擎进行功能性验证和POC性能测试 \n\n###### Update \n\n* 对查询引擎SQL测试集标记过时\n\n\n## Release 21.02 (1 FEB 2021)\n\n\n###### Update \n\n* 改善内部测试集,应对新的功能修改\n\n\n\n\n\n\n## Release 20.11.rc3 (11 DEC 2020)\n\n###### New Features\n\n* 增加常用快捷功能- 安装证书独立客户端IP数据趋势\n* 增加常用快捷功能-访问速度最慢TOP20 域名\n* 增加常用快捷功能-报告预置Metrics\n* 增加原始日志查询-安全策略-动作命中计数\n* 增加原始日志查询-代理策略-动作命中计数\n* 增加原始日志查询-通联-流量计数(now)\n\n###### Update \n\n* 改善Dashboard查询-基础统计-新建、活跃(计数)-now\n* 改善Dashboard查询-新建、活跃(趋势)\n* 目录增加编号,便于管理\n* 修改分布式调度任务-5分钟TOPN-hot表验证表名\n* 部分Action为post 改为 get便于导出命令行\n\n\n[帮助文档]: https://docs.geedge.net/pages/viewpage.action?pageId=19896569",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
@@ -6592,298 +6592,6 @@
{
"name": "06.分布式调度任务",
"item": [
{
"name": "5分钟TOPN",
"item": [
{
"name": "Traffic-Top-Server-Ip",
"event": [
{
"listen": "test",
"script": {
"exec": [
"tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "raw",
"raw": "{\r\n \"query\": \"(SELECT common_server_ip AS destination, sum( session_num ) AS session_num, sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num,sum( c2s_pkt_num ) AS c2s_pkt_num,sum( s2c_pkt_num ) AS s2c_pkt_num,TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'packets' as order_by FROM server_external_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') and common_l4_protocol in('IPv4_TCP','IPv6_TCP') GROUP BY common_server_ip ORDER BY c2s_pkt_num+s2c_pkt_num DESC LIMIT 1000) UNION ALL (SELECT common_server_ip AS destination, sum( session_num ) AS session_num, sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num,sum( c2s_pkt_num ) AS c2s_pkt_num,sum( s2c_pkt_num ) AS s2c_pkt_num, TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'bytes' as order_by FROM server_external_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') and common_l4_protocol in('IPv4_TCP','IPv6_TCP') GROUP BY common_server_ip ORDER BY c2s_byte_num+s2c_byte_num DESC LIMIT 1000) UNION ALL (SELECT common_server_ip AS destination, sum( session_num ) AS session_num, sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num,sum( c2s_pkt_num ) AS c2s_pkt_num, sum( s2c_pkt_num ) AS s2c_pkt_num, TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'sessions' as order_by FROM server_external_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') and common_l4_protocol in('IPv4_TCP','IPv6_TCP') GROUP BY common_server_ip ORDER BY session_num DESC LIMIT 1000)\",\r\n \"context\": {\r\n \"skipEmptyBuckets\": \"false\",\r\n \"sqlQueryId\": \"1112222\"\r\n },\r\n \"resultFormat\": \"object\"\r\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
"protocol": "http",
"host": [
"{{druid_ip}}"
],
"port": "{{druid_port}}",
"path": [
"druid",
"v2",
"sql"
]
}
},
"response": []
},
{
"name": "Traffic-Top-Client-Ip",
"event": [
{
"listen": "test",
"script": {
"exec": [
"tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "raw",
"raw": "{\r\n\t\t\"query\": \"(SELECT common_client_ip AS source, sum( session_num ) AS session_num,sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num, sum( c2s_pkt_num ) AS c2s_pkt_num,sum( s2c_pkt_num ) AS s2c_pkt_num, TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'packets' as order_by FROM client_internal_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND (common_l4_protocol = 'IPv6_TCP' OR common_l4_protocol = 'IPv4_TCP') GROUP BY common_client_ip ORDER BY c2s_pkt_num+s2c_pkt_num DESC LIMIT 1000) UNION ALL (SELECT common_client_ip AS source, sum( session_num ) AS session_num, sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num, sum( c2s_pkt_num ) AS c2s_pkt_num,sum( s2c_pkt_num ) AS s2c_pkt_num,TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'bytes' as order_by FROM client_internal_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND (common_l4_protocol = 'IPv6_TCP' OR common_l4_protocol = 'IPv4_TCP') GROUP BY common_client_ip ORDER BY c2s_byte_num+s2c_byte_num DESC LIMIT 1000) UNION ALL (SELECT common_client_ip AS source, sum( session_num ) AS session_num,sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num, sum( c2s_pkt_num ) AS c2s_pkt_num, sum( s2c_pkt_num ) AS s2c_pkt_num, TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time, 'sessions' as order_by FROM client_internal_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND (common_l4_protocol = 'IPv6_TCP' OR common_l4_protocol = 'IPv4_TCP') GROUP BY common_client_ip ORDER BY session_num DESC LIMIT 1000)\",\r\n\t\t\"context\": {\r\n\t\t\t\"skipEmptyBuckets\": \"false\"\r\n\t\t},\r\n\t\t\"resultFormat\": \"object\"\r\n\t}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
"protocol": "http",
"host": [
"{{druid_ip}}"
],
"port": "{{druid_port}}",
"path": [
"druid",
"v2",
"sql"
]
}
},
"response": []
},
{
"name": "Traffic-Top-Internal-Host",
"event": [
{
"listen": "test",
"script": {
"exec": [
"tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "raw",
"raw": "{\r\n \"query\": \"(SELECT common_internal_ip AS source, sum( session_num ) AS session_num,sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num, sum( c2s_pkt_num ) AS c2s_pkt_num,sum( s2c_pkt_num ) AS s2c_pkt_num, TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'packets' as order_by FROM client_internal_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND common_internal_ip != '' GROUP BY common_internal_ip ORDER BY c2s_pkt_num+s2c_pkt_num DESC LIMIT 1000) UNION ALL (SELECT common_internal_ip AS source, sum( session_num ) AS session_num, sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num, sum( c2s_pkt_num ) AS c2s_pkt_num,sum( s2c_pkt_num ) AS s2c_pkt_num,TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'bytes' as order_by FROM client_internal_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND common_internal_ip != '' GROUP BY common_internal_ip ORDER BY c2s_byte_num+s2c_byte_num DESC LIMIT 1000) UNION ALL (SELECT common_internal_ip AS source, sum( session_num ) AS session_num,sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num, sum( c2s_pkt_num ) AS c2s_pkt_num, sum( s2c_pkt_num ) AS s2c_pkt_num, TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time, 'sessions' as order_by FROM client_internal_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND common_internal_ip != '' GROUP BY common_internal_ip ORDER BY session_num DESC LIMIT 1000)\",\r\n \"context\": {\r\n \"skipEmptyBuckets\": \"false\"\r\n },\r\n \"resultFormat\": \"object\"\r\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
"protocol": "http",
"host": [
"{{druid_ip}}"
],
"port": "{{druid_port}}",
"path": [
"druid",
"v2",
"sql"
]
}
},
"response": []
},
{
"name": "Traffic-Top-External-Host",
"event": [
{
"listen": "test",
"script": {
"exec": [
"tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "raw",
"raw": "{\r\n \"query\": \"(SELECT common_external_ip AS destination, sum( session_num ) AS session_num, sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num,sum( c2s_pkt_num ) AS c2s_pkt_num,sum( s2c_pkt_num ) AS s2c_pkt_num,TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'packets' as order_by FROM server_external_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND common_external_ip != '' GROUP BY common_external_ip ORDER BY c2s_pkt_num+s2c_pkt_num DESC LIMIT 1000) UNION ALL (SELECT common_external_ip AS destination, sum( session_num ) AS session_num, sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num,sum( c2s_pkt_num ) AS c2s_pkt_num,sum( s2c_pkt_num ) AS s2c_pkt_num, TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'bytes' as order_by FROM server_external_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND common_external_ip != '' GROUP BY common_external_ip ORDER BY c2s_byte_num+s2c_byte_num DESC LIMIT 1000) UNION ALL (SELECT common_external_ip AS destination, sum( session_num ) AS session_num, sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num,sum( c2s_pkt_num ) AS c2s_pkt_num, sum( s2c_pkt_num ) AS s2c_pkt_num, TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'sessions' as order_by FROM server_external_ip_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND common_external_ip != '' GROUP BY common_external_ip ORDER BY session_num DESC LIMIT 1000)\",\r\n \"context\": {\r\n \"sqlTimeZone\": \"Asia/Shanghai\",\r\n \"skipEmptyBuckets\": \"false\"\r\n },\r\n \"resultFormat\": \"object\"\r\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
"protocol": "http",
"host": [
"{{druid_ip}}"
],
"port": "{{druid_port}}",
"path": [
"druid",
"v2",
"sql"
]
}
},
"response": []
},
{
"name": "Traffic-Top-User",
"event": [
{
"listen": "test",
"script": {
"exec": [
"tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "raw",
"raw": "{\r\n \"query\": \"(SELECT common_subscriber_id as subscriber_id, sum( session_num ) AS session_num,sum( c2s_byte_num ) AS c2s_byte_num,sum( s2c_byte_num ) AS s2c_byte_num,sum( c2s_pkt_num ) AS c2s_pkt_num, sum( s2c_pkt_num ) AS s2c_pkt_num, TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'packets' as order_by FROM user_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') GROUP BY common_subscriber_id ORDER BY c2s_pkt_num+s2c_pkt_num DESC LIMIT 1000) UNION ALL (SELECT common_subscriber_id as subscriber_id,sum( session_num ) AS session_num, sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num,sum( c2s_pkt_num ) AS c2s_pkt_num, sum( s2c_pkt_num ) AS s2c_pkt_num, TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'bytes' as order_by FROM user_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') GROUP BY common_subscriber_id ORDER BY c2s_byte_num+s2c_byte_num DESC LIMIT 1000) UNION ALL (SELECT common_subscriber_id as subscriber_id,sum( session_num ) AS session_num, sum( c2s_byte_num ) AS c2s_byte_num, sum( s2c_byte_num ) AS s2c_byte_num, sum( c2s_pkt_num ) AS c2s_pkt_num,sum( s2c_pkt_num ) AS s2c_pkt_num,TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'sessions' as order_by FROM user_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') GROUP BY common_subscriber_id ORDER BY session_num DESC LIMIT 1000)\",\r\n \"context\": {\r\n \"skipEmptyBuckets\": \"false\"\r\n },\r\n \"resultFormat\": \"object\"\r\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
"protocol": "http",
"host": [
"{{druid_ip}}"
],
"port": "{{druid_port}}",
"path": [
"druid",
"v2",
"sql"
]
}
},
"response": []
},
{
"name": "Traffic-Top-Website-Domain",
"event": [
{
"listen": "test",
"script": {
"exec": [
"tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "raw",
"raw": "{\r\n \"query\": \"(SELECT domain,sum( session_num ) AS session_num,sum( c2s_byte_num ) AS c2s_byte_num,sum( s2c_byte_num ) AS s2c_byte_num,sum( c2s_pkt_num ) AS c2s_pkt_num,sum( s2c_pkt_num ) AS s2c_pkt_num,TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'packets' as order_by FROM website_domain_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND domain != '' GROUP BY domain ORDER BY c2s_pkt_num+s2c_pkt_num DESC LIMIT 1000) UNION ALL (SELECT domain,sum( session_num ) AS session_num,sum( c2s_byte_num ) AS c2s_byte_num,sum( s2c_byte_num ) AS s2c_byte_num,sum( c2s_pkt_num ) AS c2s_pkt_num,sum( s2c_pkt_num ) AS s2c_pkt_num,TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'bytes' as order_by FROM website_domain_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND domain != '' GROUP BY domain ORDER BY c2s_byte_num+s2c_byte_num DESC LIMIT 1000) UNION ALL (SELECT domain,sum(session_num) AS session_num, sum(c2s_byte_num) AS c2s_byte_num, sum(s2c_byte_num) AS s2c_byte_num, sum(c2s_pkt_num) AS c2s_pkt_num,sum(s2c_pkt_num) AS s2c_pkt_num, TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time,'sessions' as order_by FROM website_domain_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') AND domain != '' GROUP BY domain ORDER BY session_num DESC LIMIT 1000)\",\r\n \"context\": {\r\n \"skipEmptyBuckets\": \"false\"\r\n },\r\n \"resultFormat\": \"object\"\r\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
"protocol": "http",
"host": [
"{{druid_ip}}"
],
"port": "{{druid_port}}",
"path": [
"druid",
"v2",
"sql"
]
}
},
"response": []
},
{
"name": "Event-Security-Proxy-Top-URLS-By-Hits",
"event": [
{
"listen": "test",
"script": {
"exec": [
"tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "raw",
"raw": "{\r\n \"query\": \"(SELECT url ,sum( session_num ) AS session_num,TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M') as stat_time FROM security_event_urls_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP,'PT5M'),'PT5M',-1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP, 'PT5M') GROUP BY url ORDER BY session_num DESC LIMIT 1000) UNION ALL(SELECT url, sum(session_num) AS session_num, TIME_FLOOR(CURRENT_TIMESTAMP, 'PT5M') as stat_time FROM proxy_event_urls_hot_log WHERE __time >= TIME_SHIFT(TIME_FLOOR(CURRENT_TIMESTAMP, 'PT5M'), 'PT5M', -1) AND __time < TIME_FLOOR(CURRENT_TIMESTAMP, 'PT5M') GROUP BY url ORDER BY session_num DESC LIMIT 1000)\",\r\n \"context\": {\r\n \"skipEmptyBuckets\": \"false\"\r\n },\r\n \"resultFormat\": \"object\"\r\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
"protocol": "http",
"host": [
"{{druid_ip}}"
],
"port": "{{druid_port}}",
"path": [
"druid",
"v2",
"sql"
]
}
},
"response": []
}
]
},
{
"name": "存储配额检查",
"item": [
@@ -7145,86 +6853,6 @@
},
"response": []
},
{
"name": "存储配额-used_size(Hbase)",
"event": [
{
"listen": "test",
"script": {
"exec": [
"pm.test(\"Status code is 200\", function () {",
" pm.response.to.have.status(200);",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "GET",
"header": [],
"url": {
"raw": "http://{{hbase_ip}}:{{hbase_port}}/webhdfs/v1/hbase/hbase-2.2.3/mobdir?op=GETCONTENTSUMMARY",
"protocol": "http",
"host": [
"{{hbase_ip}}"
],
"port": "{{hbase_port}}",
"path": [
"webhdfs",
"v1",
"hbase",
"hbase-2.2.3",
"mobdir"
],
"query": [
{
"key": "op",
"value": "GETCONTENTSUMMARY"
}
]
}
},
"response": []
},
{
"name": "存储配额-max_size(Hbase)",
"event": [
{
"listen": "test",
"script": {
"exec": [
"pm.test(\"Status code is 200\", function () {",
" pm.response.to.have.status(200);",
"});"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "GET",
"header": [],
"url": {
"raw": "http://{{hbase_ip}}:{{hbase_port}}/jmx?qry=Hadoop:service=NameNode,name=NameNodeInfo",
"protocol": "http",
"host": [
"{{hbase_ip}}"
],
"port": "{{hbase_port}}",
"path": [
"jmx"
],
"query": [
{
"key": "qry",
"value": "Hadoop:service=NameNode,name=NameNodeInfo"
}
]
}
},
"response": []
},
{
"name": "查询druid是否有最新数据",
"event": [