11858 lines
391 KiB
JSON
11858 lines
391 KiB
JSON
{
|
||
"info": {
|
||
"_postman_id": "4a92abcb-8edf-485a-9067-69ef14ec0741",
|
||
"name": "Galaxy-troubleshooting-api-24.01",
|
||
"description": "# galaxy-troubleshooting-api\n\n使用Postman组件,基于Rest API接口对TSG OLAP 进行功能验证。包括组件健康检查,功能集成测试及故障诊断。\n\n## Release 24.01 (31 JAN 2024)\n\n###### New Features\n\n- 依据OLAP API 组织接口\n- 接口进行重构,不再兼容23.10及之前版本\n \n\n## Release 23.10 (30 OCT 2023)\n\n###### Update\n\n- 会话日志增加毫米级时间戳字段common_start_timestamp_ms, common_end_timestamp_ms\n- 会话日志增加操作系统指纹common_client_os_name,common_server_os_name\n \n\n## Release 23.09 (30 SEP 2023)\n\n###### Update\n\n- metrics 修改表名由statistics_object改为object_statistics\n- Flags统计增加Bidirectional标识\n- Closed Session Records 增加http_status_code, ssl_esni_flag, ssl_ech_flag\n- 删除Kafka Topics 目录\n \n\n## Release 23.08 (21 AUG 2023)\n\n###### New Features\n\n- Metrics增加Statistics Policy 相关接口\n- Metrics增加Statistics Object 相关接口\n- Metrics增加Statistics rule 命中计数接口\n \n\n###### Update\n\n- 会话日志查询,增加重命名字段common_out_link_id、common_in_link_id\n \n\n## Release 23.07 (21 JUL 2023)\n\n###### Update\n\n- 修复Network Throughput Active Sessions计算错误,不除时间粒度\n \n\n## Release 23.06 (21 JUN 2023)\n\n###### Update\n\n- 优化Limit返回值\n \n\n## Release 23.05 (28 MAY 2023)\n\n###### New Features\n\n- 增加Service chaining统计接口\n- QGW增加嵌套子查询接口,用于验证高级搜索\n \n\n###### Update\n\n- Main Dashboard统计接口重构,更改统计源\n- Live Traffic Chart 接口重构,更改统计源\n- 原代理日志拆分为Intercept和Manipulation\n- 相关Metrics的Schema更改为重构后的数据源\n \n\n## Release 23.04 (28 APR 2023)\n\n###### New Features\n\n- 增加数据写入延迟接口Session Insert Latency Distribution\n- 增加数据写入Kafka延迟接口 Session Ingestion Latency Distribution\n \n\n###### Update\n\n- 重构 Security Policy Hits Metrics 统计\n- 重构 Traffic Shaping Metrics 统计\n \n\n## Release 23.03 (28 MAR 2023)\n\n###### New Features\n\n- 目录整体重构,重新梳理功能,便于Newman CLI运行\n- ClickHouse目录下增加慢查询故障诊断语句\n- 参数与API接口统一改为英文,避免中文编码执行异常\n- 加密环境变量密码、token等敏感信息\n- 定义全局动态变量:时间范围、随机IP、随机域名等\n \n\n###### Update\n\n- Flags 添加C2S与S2C标志位标签\n \n\n## Release 23.02 (28 FEB 2023)\n\n###### New Features\n\n- 增加Traffic Shaping 相关统计接口\n \n\n###### Update\n\n- 会话日志增加列common_shaping_rule_ids\n- 会话与安全事件日志增加列common_server_domain\n- 会话与安全事件日志增加列common_flags_identify_info\n \n\n## Release 23.01 (31 JAN 2023)\n\n###### Update\n\n- 会话与安全事件日志增加列common_server_fqdn\n- 会话与安全事件日志增加列common_app_full_path\n \n\n## Release 22.12 (30 DEC 2022)\n\n###### New Features\n\n- 新增Dashboards-增加App推荐\n- 新增系统报告-会话日志Flags统计\n- 新增系统报告-会话日志Flags占比\n \n\n###### Update\n\n- 会话与安全事件日志增加common_flags列\n- 自定义IP映射-增加对ASN函数\n \n\n## Release 22.1 (30 NOV 2022)\n\n###### New Features\n\n###### Update\n\n- 会话与安全事件日志增加ssl_ja3s_hash列\n \n\n## Release 22.10 (30 OCT 2022)\n\n###### New Features\n\n- 06其它-功能验证-Traffic Summary增加Throughput接口\n \n ###### Update\n \n- 更新原有查询,将VSYS ID作为默认查询条件\n \n\n## Release 22.09 (30 SEP 2022)\n\n###### Update\n\n- 会话与安全事件日志增加common_tunnel_endpoint_a_desc, common_tunnel_endpoint_b_desc,dtls_sni 列\n \n\n## Release 22.08 (31 AUG 2022)\n\n###### New Features\n\n- 其它-查询网关-Live Charts 总带宽流量校验\n- 增加检查数据流-SQL执行计划\n- 增加检查数据流-SQL查看表结构\n- 增加检查数据推荐-推荐IMSI到TEID关系\n- 增加检查数据推荐-推荐IMEI到TEID关系\n- 增加检查数据推荐-推荐Phone Number到TEID关系\n- 增加检查数据推荐-推荐apn到TEID关系\n- 增加检查数据推荐-实时查询任务-提交查询任务(实时统计)\n- 增加检查数据推荐-实时查询任务-获取任务结果(实时统计)\n- 增加检查数据推荐-知识库列表\n- 增加预处理检查-检测预处理延迟\n- 增加预处理检查-已关闭会话日志延迟分布\n \n ###### Update\n \n\n## Release 22.07 (30 JUL 2022)\n\n###### New Features\n\n- 增加检查数据推荐-Top Server IP流量概况评估\n- 增加检查数据推荐-Top SNI 流量概况评估\n \n ###### Update\n \n\n## Release 22.06 (30 JUE 2022)\n\n###### New Features\n\n- 检查数据流-增加存储配额一致性检查\n \n ###### Update\n \n- 系统报告检查-增加与CM默认VSYSID=1参数\n \n\n## Release 22.05 (31 MAY 2022)\n\n###### New Features\n\n###### Update\n\n- 检查日志-会话日志/安全事件日志增加RDP类型校验\n \n\n## Release 22.04 (29 APR 2022)\n\n###### New Features\n\n###### Update\n\n- 预处理检查-是否有数据验证,改为通过console后台打印日志\n- Dashboards Top部分功能增加device_group, data_center维度校验\n \n\n## Release 22.03 (8 APR 2022)\n\n###### New Features\n\n- 增加数据预处理检查,为每类日志增加多个测试用例,区分功能或无数据问题\n \n ###### Update\n \n- 其它-评估日志预处理,增加ETL处理时延和写入Kafka时延指标\n- 检查日志模块对会话,安全和代理事件日志基于具体字段查询\n \n\n###### Delete\n\n- 删除检查数据流,关于Topic的测试用例\n \n\n## Release 22.02 (8 MAR 2022)\n\n###### New Features\n\n- 检查数据流-元数据检查 增加schema评价文件事件日志\n \n\n## Release 22.01 (27 JAN 2022)\n\n###### New Features\n\n- 检查数据流-TopN计算 增加Application接口验证\n \n\n###### Update\n\n- 重新梳理分类,删除无用接口\n- 重新排列分类,将系统自检放到首位\n \n\n## Release 21.12 (1 Dec 2021)\n\n###### New Features\n\n- 新增数据推荐查询-实时查询任务\n- 新增数据推荐查询-推荐Subscriber ID 到IP关系\n- 新增数据推荐查询-推荐APP活跃客户端IP\n- 新增数据推荐查询-推荐TopN Server IP\n- 新增数据推荐查询-推荐TopN SNI\n- 新增常用快捷功能-查询网关,增加优化查询测试集\n - Top 查询优化\n - Calcite 缓存查询\n - 自定义时间函数补全功能\n\n###### Update\n\n- Dashboard 查询,代理策略命中动作增加Edit Element 统计\n \n\n## Release 21.11 (5 Nov 2021)\n\n###### New Features\n\n- Delete\n- Update\n- 修改报告查询接口(由查询mariadb方式变更为API接口)\n- 修改规范“数据推荐查询”所有接口的命名\n \n\n## Release 21.10 (28 OCT 2021)\n\n###### New Features\n\n- 新增HOS健康状态检测接口\n- Delete\n- 删除原ClickHouse/Druid/ArangoDB 状态检查接口\n \n\n## Release 21.09 (23 SEP 2021)\n\n###### New Features\n\n- Update\n- 删除分布式调度任务,5分钟TOPN校验,交由FLink统计\n- 原始日志表名进行重命名,相关查询接口更新\n- 修正DNS分析的SQL数据集\n \n\n## Release 21.08 (15 AUG 2021)\n\n###### New Features\n\n- 新增“Dashboard查询-DoS Threat Map”功能列表,显示DoS检测地图接口\n- 新增“原始日志查询-DoS事件日志”,显示DoS攻击检测日志\n- 新增“原始日志查询-DoS事件日志-Summary”,显示DoS攻击趋势统计\n- 新增“原始日志查询-DoS事件日志-Destination IP Traffic Trend”,显示受害者IP历史流量趋势\n- Update\n- 迁移“Dashboard查询”liveCharts接口,放到“Live Charts”目录中统一管理。\n- 对DNS分析,增加一些查询样例\n \n\n## Release 21.07 (5 JUL 2021)\n\n###### New Features\n\n- 增加”常用快捷功能-基数统计“,用于分析日志分布情况\n- 增加”常用快捷功能-DNS放大攻击“,查询特征数据集\n- 增加”通用检查-对象存储-获取某个文件“,用于文件获取验证\n \n\n###### Update\n\n- 为所有接口增加Tests脚本,对接口进行批量验证测试\n- 修正部分接口查询异常\n \n\n## Release 21.06 (7 JUN 2021)\n\n###### New Features\n\n- Environments 增加环境变量domain、client_ip、server_ip、l7_protocol和PT1M_TIME\n- 常用快捷功能增加某域名下钻、某IP下钻、协议下钻和DNS分析功能\n \n\n###### Update\n\n- 原始日志查询,基于Druid近1小时日志变化粒度从5分钟改为1分钟。包含通联、策略和代理日志。\n \n\n## Release 21.05 (6 MAY 2021)\n\n###### New Features\n\n- 新增“GTP-C日志”功能,辅助故障诊断\n- 新增“事务日志”功能,辅助故障诊断\n- 新增“活跃会话日志”功能,辅助故障诊断\n- 新增“07.常用快捷功能-评估写入日志量”,查看当前系统的吞吐\n \n\n###### Update\n\n- 修改\"01.通用检查-数据存储检查\",增加事务、活跃及GTP-C 检测\n \n\n## Release 21.04 (3 APR 2021)\n\n###### New Features\n\n- 增加“VoIP日志”功能,辅助故障诊断\n- 增加“元数据检查”分类目录\n- 增加“HOS对象存储”目录,用于定位对象存储\n \n\n###### Update\n\n- 修改“SQL语法检查”为“SQL语法验证”,支持SQL语句的静态分析和数据库语义验证\n- 迁移功能项位置,方便问题定位\n \n\n###### Delete\n\n- 删除“系统检查-查询引擎SQL测试集\\[过时\\]”功能,由“故障诊断-sql性能测试”替代。\n \n\n## Release 21.03 (2 MAR 2021)\n\n###### New Features\n\n- 增加故障诊断-元数据功能,可分析日志字段是否与schema一致\n- 增加故障诊断-sql性能测试,可对查询引擎进行功能性验证和POC性能测试\n \n\n###### Update\n\n- 对查询引擎SQL测试集标记过时\n \n\n## Release 21.02 (1 FEB 2021)\n\n###### Update\n\n- 改善内部测试集,应对新的功能修改\n \n\n## Release 20.11.rc3 (11 DEC 2020)\n\n###### New Features\n\n- 增加常用快捷功能- 安装证书独立客户端IP数据趋势\n- 增加常用快捷功能-访问速度最慢TOP20 域名\n- 增加常用快捷功能-报告预置Metrics\n- 增加原始日志查询-安全策略-动作命中计数\n- 增加原始日志查询-代理策略-动作命中计数\n- 增加原始日志查询-通联-流量计数(now)\n \n\n###### Update\n\n- 改善Dashboard查询-基础统计-新建、活跃(计数)-now\n- 改善Dashboard查询-新建、活跃(趋势)\n- 目录增加编号,便于管理\n- 修改分布式调度任务-5分钟TOPN-hot表验证表名\n- 部分Action为post 改为 get,便于导出命令行",
|
||
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
|
||
"_exporter_id": "8105037"
|
||
},
|
||
"item": [
|
||
{
|
||
"name": "Query",
|
||
"item": [
|
||
{
|
||
"name": "Raw Logs",
|
||
"item": [
|
||
{
|
||
"name": "Session Records",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"SELECT FROM_UNIXTIME(recv_time) as recv_time, log_id, decoded_as, session_id, start_timestamp_ms, end_timestamp_ms, duration_ms, tcp_handshake_latency_ms, ingestion_time, processing_time, insert_time, device_id, out_link_id, in_link_id, device_tag, data_center, device_group, sled_ip, address_type, vsys_id, t_vsys_id, flags, flags_identify_info, security_rule_list, security_action, monitor_rule_list, sc_rule_list, sc_rsp_raw, sc_rsp_decrypted, shaping_rule_list, proxy_rule_list, proxy_action, proxy_pinning_status, proxy_intercept_status, proxy_passthrough_reason, proxy_client_side_latency_ms, proxy_server_side_latency_ms, proxy_client_side_version, proxy_server_side_version, proxy_cert_verify, proxy_intercept_error, monitor_mirrored_pkts, monitor_mirrored_bytes, client_ip, client_port, client_os_desc, client_geolocation, client_asn, subscriber_id, imei, imsi, phone_number, apn, server_ip, server_port, server_os_desc, server_geolocation, server_asn, server_fqdn, server_domain, app_transition, app, app_debug_info, app_content, fqdn_category_list, decoded_path,ip_protocol, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_rr, dns_response_latency_ms, http_url, http_host, http_request_line, http_response_line, http_request_body, http_response_body, http_proxy_flag, http_sequence, http_cookie, http_referer, http_user_agent, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_set_cookie, http_version, http_status_code, http_response_latency_ms, http_session_duration_ms, http_action_file_size, ssl_version, ssl_sni, ssl_san, ssl_cn, ssl_handshake_latency_ms, ssl_ja3_hash, ssl_ja3s_hash, ssl_cert_issuer, ssl_cert_subject, ssl_esni_flag, ssl_ech_flag, dtls_cookie, dtls_version, dtls_sni, dtls_san, dtls_cn, dtls_handshake_latency_ms, dtls_ja3_fingerprint, dtls_ja3_hash, dtls_cert_issuer, dtls_cert_subject, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_password, mail_to, mail_cc, mail_bcc, mail_subject, mail_subject_charset, mail_attachment_name, mail_attachment_name_charset, mail_eml_file, ftp_account, ftp_url, ftp_link_type, quic_version, quic_sni, quic_user_agent, rdp_cookie, rdp_security_protocol, rdp_client_channels, rdp_keyboard_layout, rdp_client_version, rdp_client_name, rdp_client_product_id, rdp_desktop_width, rdp_desktop_height, rdp_requested_color_depth, rdp_certificate_type, rdp_certificate_count, rdp_certificate_permanent, rdp_encryption_level, rdp_encryption_method, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, rtp_originator_dir, stratum_cryptocurrency, stratum_mining_pools, stratum_mining_program, stratum_mining_subscribe, sent_pkts, received_pkts, sent_bytes, received_bytes, tcp_c2s_ip_fragments, tcp_s2c_ip_fragments, tcp_c2s_lost_bytes, tcp_s2c_lost_bytes, tcp_c2s_o3_pkts, tcp_s2c_o3_pkts, tcp_c2s_rtx_pkts, tcp_s2c_rtx_pkts, tcp_c2s_rtx_bytes, tcp_s2c_rtx_bytes, tcp_rtt_ms, tcp_client_isn, tcp_server_isn, packet_capture_file, in_src_mac, out_src_mac, in_dest_mac, out_dest_mac, tunnels, dup_traffic_flag, tunnel_endpoint_a_desc, tunnel_endpoint_b_desc FROM session_record AS session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Total count of Session Record",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select count(*) as events from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4)\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Session Insert Latency Distribution",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select min(duration) min_sec,median(duration) as median_sec,round(avg(duration),2) as avg_sec,round(QUANTILE(duration,0.8),2) as p80_sec,round(QUANTILE(duration,0.95),2) as p95_sec,round(QUANTILE(duration,0.99),2) as p99_sec,max(duration) as MAX from ( select (insert_time - ingestion_time) as duration FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') )\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Session Duration Distribution",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select min(duration) min_sec, median(duration) as median_sec, round(avg(duration),2) as avg_sec,round(QUANTILE(duration,0.8),2) as P80_sec, round(QUANTILE(duration,0.95),2) as P95_sec, round(QUANTILE(duration,0.99),2) as P99_sec, max(duration) as max_sec from ( select (toUnixTimestamp64Milli(end_timestamp_ms)-toUnixTimestamp64Milli(start_timestamp_ms))/1000 as duration FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') )\" , \"exec_mode\":\"oneshot\",\"output_mode\":\"json\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Security Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"SELECT recv_time, log_id, decoded_as, session_id, start_timestamp_ms, end_timestamp_ms, duration_ms, tcp_handshake_latency_ms, ingestion_time, processing_time, insert_time, device_id, out_link_id, in_link_id, device_tag, data_center, device_group, sled_ip, address_type, vsys_id, t_vsys_id, flags, flags_identify_info, security_rule_list, security_action, monitor_rule_list, shaping_rule_list, proxy_rule_list, sc_rule_list, sc_rsp_raw, sc_rsp_decrypted, proxy_action, proxy_pinning_status, proxy_intercept_status, proxy_passthrough_reason, proxy_client_side_latency_ms, proxy_server_side_latency_ms, proxy_client_side_version, proxy_server_side_version, proxy_cert_verify, proxy_intercept_error, monitor_mirrored_pkts, monitor_mirrored_bytes, client_ip, client_port, client_os_desc, client_geolocation, client_asn, subscriber_id, imei, imsi, phone_number, apn, server_ip, server_port, server_os_desc, server_geolocation, server_asn, server_fqdn, server_domain, app_transition, app, app_debug_info, app_content, fqdn_category_list, decoded_path, ip_protocol,dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_rr, dns_response_latency_ms, http_url, http_host, http_request_line, http_response_line, http_request_body, http_response_body, http_proxy_flag, http_sequence, http_cookie, http_referer, http_user_agent, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_set_cookie, http_version, http_status_code, http_response_latency_ms, http_session_duration_ms, http_action_file_size, ssl_version, ssl_sni, ssl_san, ssl_cn, ssl_handshake_latency_ms, ssl_ja3_hash, ssl_ja3s_hash, ssl_cert_issuer, ssl_cert_subject, ssl_esni_flag, ssl_ech_flag, dtls_cookie, dtls_version, dtls_sni, dtls_san, dtls_cn, dtls_handshake_latency_ms, dtls_ja3_fingerprint, dtls_ja3_hash, dtls_cert_issuer, dtls_cert_subject, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_password, mail_to, mail_cc, mail_bcc, mail_subject, mail_subject_charset, mail_attachment_name, mail_attachment_name_charset, mail_eml_file, ftp_account, ftp_url, ftp_link_type, quic_version, quic_sni, quic_user_agent, rdp_cookie, rdp_security_protocol, rdp_client_channels, rdp_keyboard_layout, rdp_client_version, rdp_client_name, rdp_client_product_id, rdp_desktop_width, rdp_desktop_height, rdp_requested_color_depth, rdp_certificate_type, rdp_certificate_count, rdp_certificate_permanent, rdp_encryption_level, rdp_encryption_method, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, rtp_originator_dir, stratum_cryptocurrency, stratum_mining_pools, stratum_mining_program, stratum_mining_subscribe, sent_pkts, received_pkts, sent_bytes, received_bytes, tcp_c2s_ip_fragments, tcp_s2c_ip_fragments, tcp_c2s_lost_bytes, tcp_s2c_lost_bytes, tcp_c2s_o3_pkts, tcp_s2c_o3_pkts, tcp_c2s_rtx_pkts, tcp_s2c_rtx_pkts, tcp_c2s_rtx_bytes, tcp_s2c_rtx_bytes, tcp_rtt_ms, tcp_client_isn, tcp_server_isn, packet_capture_file, in_src_mac, out_src_mac, in_dest_mac, out_dest_mac, tunnels, dup_traffic_flag, tunnel_endpoint_a_desc, tunnel_endpoint_b_desc FROM security_event AS security_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Security Policy Rule Hits by Action",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select security_action as action, count(*) as hits, sum(sent_bytes ) as bytes_sent, sum(received_bytes ) as bytes_received, sum(sent_bytes+received_bytes ) as bytes,sum(sent_pkts ) as packets_sent, sum(received_pkts ) as packets_received, sum(sent_pkts+received_pkts ) as packets from security_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4) group by security_action\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Security Hit Distribution of Summary by Action",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')) as stat_time, 'shunt' as type, sum(hit_count) as events from security_rule_hits where __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and action=128 and vsys_id in (1,2,3,4) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')),'shunt' union all select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')) as stat_time, 'allow' as type, sum(hit_count) as events from security_rule_hits where __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and action=96 and vsys_id in (1,2,3,4) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')),'allow' union all select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')) as stat_time, 'deny' as type, sum(hit_count) as events from security_rule_hits where __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and action=16 and vsys_id in (1,2,3,4) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')),'deny' union all select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')) as stat_time, 'monitor' as type, sum(hit_count) as events from security_rule_hits where __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and action=1 and vsys_id in (1,2,3,4) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')),'monitor' union all select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')) as stat_time, 'intercept' as type, sum(hit_count) as events from security_rule_hits where __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and action=2 and vsys_id in (1,2,3,4) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT1M')), 'intercept'\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Security Hit Distribution of Logs by Action",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time,'PT5M','zero')) as stat_time, security_action as type, count(*) as events from security_event where recv_time > FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and vsys_id in (1,2,3,4) group by stat_time, security_action order by stat_time asc\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Total Security Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select count(*) as events from security_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5)\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Monitor Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"SELECT recv_time, log_id, decoded_as, session_id, start_timestamp_ms, end_timestamp_ms, duration_ms, tcp_handshake_latency_ms, ingestion_time, processing_time, insert_time, device_id, out_link_id, in_link_id, device_tag, data_center, device_group, sled_ip, address_type, vsys_id, t_vsys_id, flags, flags_identify_info, security_rule_list, security_action, monitor_rule_list, shaping_rule_list, proxy_rule_list, sc_rule_list, sc_rsp_raw, sc_rsp_decrypted, proxy_action, proxy_pinning_status, proxy_intercept_status, proxy_passthrough_reason, proxy_client_side_latency_ms, proxy_server_side_latency_ms, proxy_client_side_version, proxy_server_side_version, proxy_cert_verify, proxy_intercept_error, monitor_mirrored_pkts, monitor_mirrored_bytes, client_ip, client_port, client_os_desc, client_geolocation, client_asn, subscriber_id, imei, imsi, phone_number, apn, server_ip, server_port, server_os_desc, server_geolocation, server_asn, server_fqdn, server_domain, app_transition, app, app_debug_info, app_content, fqdn_category_list, decoded_path,ip_protocol, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_rr, dns_response_latency_ms, http_url, http_host, http_request_line, http_response_line, http_request_body, http_response_body, http_proxy_flag, http_sequence, http_cookie, http_referer, http_user_agent, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_set_cookie, http_version, http_status_code, http_response_latency_ms, http_session_duration_ms, http_action_file_size, ssl_version, ssl_sni, ssl_san, ssl_cn, ssl_handshake_latency_ms, ssl_ja3_hash, ssl_ja3s_hash, ssl_cert_issuer, ssl_cert_subject, ssl_esni_flag, ssl_ech_flag, dtls_cookie, dtls_version, dtls_sni, dtls_san, dtls_cn, dtls_handshake_latency_ms, dtls_ja3_fingerprint, dtls_ja3_hash, dtls_cert_issuer, dtls_cert_subject, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_password, mail_to, mail_cc, mail_bcc, mail_subject, mail_subject_charset, mail_attachment_name, mail_attachment_name_charset, mail_eml_file, ftp_account, ftp_url, ftp_link_type, quic_version, quic_sni, quic_user_agent, rdp_cookie, rdp_security_protocol, rdp_client_channels, rdp_keyboard_layout, rdp_client_version, rdp_client_name, rdp_client_product_id, rdp_desktop_width, rdp_desktop_height, rdp_requested_color_depth, rdp_certificate_type, rdp_certificate_count, rdp_certificate_permanent, rdp_encryption_level, rdp_encryption_method, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, rtp_originator_dir, stratum_cryptocurrency, stratum_mining_pools, stratum_mining_program, stratum_mining_subscribe, sent_pkts, received_pkts, sent_bytes, received_bytes, tcp_c2s_ip_fragments, tcp_s2c_ip_fragments, tcp_c2s_lost_bytes, tcp_s2c_lost_bytes, tcp_c2s_o3_pkts, tcp_s2c_o3_pkts, tcp_c2s_rtx_pkts, tcp_s2c_rtx_pkts, tcp_c2s_rtx_bytes, tcp_s2c_rtx_bytes, tcp_rtt_ms, tcp_client_isn, tcp_server_isn, packet_capture_file, in_src_mac, out_src_mac, in_dest_mac, out_dest_mac, tunnels, dup_traffic_flag, tunnel_endpoint_a_desc, tunnel_endpoint_b_desc FROM security_event AS monitor_event WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Transaction Records",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"SELECT recv_time, log_id, decoded_as, session_id, ingestion_time, processing_time, insert_time, address_type, vsys_id, client_ip, client_port, server_ip, server_port, sent_pkts, received_pkts, sent_bytes, received_bytes, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_rr, dns_response_latency_ms, http_url, http_host, http_request_line, http_response_line, http_request_body, http_response_body, http_proxy_flag, http_sequence, http_cookie, http_referer, http_user_agent, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_set_cookie, http_version, http_status_code, http_response_latency_ms, http_session_duration_ms, http_action_file_size, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_password, mail_to, mail_cc, mail_bcc, mail_subject, mail_subject_charset, mail_attachment_name, mail_attachment_name_charset, mail_eml_file, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye FROM transaction_record AS transaction_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "VoIP Records",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select recv_time, log_id, decoded_as, session_id, start_timestamp_ms, end_timestamp_ms, duration_ms, tcp_handshake_latency_ms, ingestion_time, processing_time, insert_time, device_id, out_link_id, in_link_id, device_tag, data_center, device_group, sled_ip, address_type, vsys_id, t_vsys_id, flags, flags_identify_info, security_rule_list, security_action, monitor_rule_list, shaping_rule_list, proxy_rule_list, sc_rule_list, sc_rsp_raw, sc_rsp_decrypted, proxy_action, proxy_pinning_status, proxy_intercept_status, proxy_passthrough_reason, proxy_client_side_latency_ms, proxy_server_side_latency_ms, proxy_client_side_version, proxy_server_side_version, proxy_cert_verify, proxy_intercept_error, monitor_mirrored_pkts, monitor_mirrored_bytes, client_ip, client_port, client_os_desc, client_geolocation, client_asn, subscriber_id, imei, imsi, phone_number, apn, server_ip, server_port, server_os_desc, server_geolocation, server_asn, server_fqdn, server_domain, app_transition, app, app_debug_info, app_content, fqdn_category_list, decoded_path, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, rtp_originator_dir, sent_pkts, received_pkts, sent_bytes, received_bytes, tcp_c2s_ip_fragments, tcp_s2c_ip_fragments, tcp_c2s_lost_bytes, tcp_s2c_lost_bytes, tcp_c2s_o3_pkts, tcp_s2c_o3_pkts, tcp_c2s_rtx_pkts, tcp_s2c_rtx_pkts, tcp_c2s_rtx_bytes, tcp_s2c_rtx_bytes, tcp_rtt_ms, tcp_client_isn, tcp_server_isn, packet_capture_file, in_src_mac, out_src_mac, in_dest_mac, out_dest_mac, tunnels, dup_traffic_flag, tunnel_endpoint_a_desc, tunnel_endpoint_b_desc FROM voip_record AS voip_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "DoS Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select vsys_id, recv_time, log_id, profile_id, start_time, end_time, attack_type, severity, conditions, destination_ip, destination_country, source_ip_list, source_country_list, session_rate, packet_rate, bit_rate FROM dos_event AS dos_event WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "First and Last Insert",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select * from (select 'Session Records' as type, from_unixtime(min(recv_time) ) as first_time, from_unixtime(max(recv_time) ) as last_time from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') union all select 'Transaction Records' as type, from_unixtime(min(recv_time) ) as first_time, from_unixtime(max(recv_time) ) as last_time from transaction_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') union all select 'Security Event' as type, from_unixtime(min(recv_time) ) as first_time, from_unixtime(max(recv_time) ) as last_time from security_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') union all select 'Proxy Event' as type, from_unixtime(min(recv_time) ) as first_time, from_unixtime(max(recv_time) ) as last_time from proxy_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') union all select 'Monitor Events' as type, from_unixtime(min(recv_time) ) as first_time, from_unixtime(max(recv_time) ) as last_time from monitor_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') ) order by type\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "ETL and Insert Latency",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select 'Session Record' as type, round(count(*)/300,0) as \\\"logs/sec\\\", round(avg(processing_time-ingestion_time),2) as \\\"avg_etl_latency(s)\\\", round(avg(insert_time-ingestion_time),2) as \\\"avg_insert_latency(s)\\\" from session_record crl where recv_time >= UNIX_TIMESTAMP({{Last 5 Minutes Start}}) and recv_time < UNIX_TIMESTAMP({{now}}) union all select 'Transaction Record' as type, round(count(*)/300,0) as \\\"logs/sec\\\", round(avg(processing_time-ingestion_time),2) as \\\"etl_latency(s)\\\", round(avg(insert_time-ingestion_time),2) as \\\"avg_insert_latency(s)\\\" from transaction_record crl where recv_time >= UNIX_TIMESTAMP({{Last 5 Minutes Start}}) and recv_time < UNIX_TIMESTAMP({{now}}) union all select 'Security Event' as type, round(count(*)/300,0) as \\\"logs/sec\\\", round(avg(processing_time-ingestion_time),2) as \\\"avg_etl_latency(s)\\\", round(avg(insert_time-ingestion_time),2) as \\\"avg_insert_latency(s)\\\" from security_event crl where recv_time >= UNIX_TIMESTAMP({{Last 5 Minutes Start}}) and recv_time < UNIX_TIMESTAMP({{now}})\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Current Traffic Metrics by Session Records",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sum(received_bytes)* 8 / 300 as trafficReceivedBits, sum(sent_bytes)* 8 / 300 as trafficSentBits, sum(received_bytes + sent_bytes)* 8 / 300 as trafficTotalBits, sum(received_pkts)/ 300 as trafficReceivedPackets, sum(sent_pkts)/ 300 as trafficSentPackets, sum(received_pkts + sent_pkts)/ 300 as trafficTotalPackets, count(1)/ 300 as sessions from session_record where recv_time >= UNIX_TIMESTAMP(now())-300 and vsys_id in (1,2,3,4,5,6,7,8)\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Traffic Distribution of Logs by Schema Type",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time,'PT5M','zero')) as stat_time, decoded_as as type, count(1) as sessions, sum(sent_bytes + received_bytes) as bytes, sum(sent_pkts + received_pkts) as packets from session_record where recv_time > FROM_UNIXTIME(UNIX_TIMESTAMP(now())-3600) and vsys_id in (1,2,3,4) group by stat_time, decoded_as order by stat_time asc\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Proxy Intercept Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(recv_time) as recv_time, vsys_id,* from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5) and notEmpty(proxy_rule_list) order by recv_time desc limit 0 , 20\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Proxy Manipulation Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(recv_time) as recv_time, vsys_id,* from proxy_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5) order by recv_time desc limit 0 , 20\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Proxy Policy Rule Hits by Action",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select proxy_action , count(*) as hits from proxy_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5) group by proxy_action\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Total Proxy Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select count(*) as hit_count from proxy_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5)\" ,\n \"exec_mode\":\"oneshot\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Metric Logs",
|
||
"item": [
|
||
{
|
||
"name": "General and Rule Metric",
|
||
"item": [
|
||
{
|
||
"name": "Current Network Throughput",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sum(sum_in_bytes)*8/15 as avg_in_bits_per_sec, sum(sum_out_bytes)*8/15 as avg_out_bits_per_sec, sum(sum_in_bytes+sum_out_bytes)*8/15 as avg_bits_per_sec, sum(sum_in_bytes)/15 as avg_in_bytes_per_sec, sum(sum_out_bytes)/15 as avg_out_bytes_per_sec, sum(sum_in_bytes+sum_out_bytes)/15 as avg_bytes_per_sec, sum(sum_in_pkts)/15 as avg_in_pkts_per_sec, sum(sum_out_pkts)/15 as avg_out_pkts_per_sec, sum(sum_in_pkts+sum_out_pkts)/15 as avg_pkts_per_sec, sum(sum_sessions)/15 as avg_sessions_per_sec, sum(max_active_sessions) as active_sessions from ( select device_id, vsys_id, sum(in_bytes) as sum_in_bytes, sum(out_bytes) as sum_out_bytes, sum(in_pkts) as sum_in_pkts, sum(out_pkts) as sum_out_pkts, sum(sessions) as sum_sessions, max(active_sessions) as max_active_sessions from traffic_general_stat where __time>=FROM_UNIXTIME(UNIX_TIMESTAMP(now())-30) and __time<FROM_UNIXTIME(UNIX_TIMESTAMP(now())-15) and vsys_id in (1) group by device_id, vsys_id )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Network Throughput in bps",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" ",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , avg(sum_in_bytes)*8/30 as avg_in_bits_per_sec, avg(sum_out_bytes)*8/30 as avg_out_bits_per_sec, avg(sum_bytes)*8/30 as avg_bits_per_sec, max(sum_in_bytes)*8/30 as max_in_bits_per_sec, max(sum_out_bytes)*8/30 as max_out_bits_per_sec, max(sum_bytes)*8/30 as max_bits_per_sec, min(sum_in_bytes)*8/30 as min_in_bits_per_sec, min(sum_out_bytes)*8/30 as min_out_bits_per_sec, min(sum_bytes)*8/30 as min_bits_per_sec from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT5S') as stat_time, sum(in_bytes) as sum_in_bytes, sum(out_bytes) as sum_out_bytes, sum(in_bytes + out_bytes) as sum_bytes from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT5S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 10000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Network Throughput in Bps",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , avg(sum_in_bytes)/30 as avg_in_bytes_per_sec, avg(sum_out_bytes)/30 as avg_out_bytes_per_sec, avg(sum_bytes)/30 as avg_bytes_per_sec, max(sum_in_bytes)/30 as max_in_bytes_per_sec, max(sum_out_bytes)/30 as max_out_bytes_per_sec, max(sum_bytes)/30 as max_bytes_per_sec, min(sum_in_bytes)/30 as min_in_bytes_per_sec, min(sum_out_bytes)/30 as min_out_bytes_per_sec, min(sum_bytes)/30 as min_bytes_per_sec from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT5S') as stat_time, sum(in_bytes) as sum_in_bytes, sum(out_bytes) as sum_out_bytes, sum(in_bytes + out_bytes) as sum_bytes from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT5S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 10000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Network Throughput in pkts/s",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" ",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , avg(sum_in_pkts)/30 as avg_in_pkts_per_sec, avg(sum_out_pkts)/30 as avg_out_pkts_per_sec, avg(sum_pkts)/30 as avg_pkts_per_sec, max(sum_in_pkts)/30 as max_in_pkts_per_sec, max(sum_out_pkts)/30 as max_out_pkts_per_sec, max(sum_pkts)/30 as max_pkts_per_sec, min(sum_in_pkts)/30 as min_in_pkts_per_sec, min(sum_out_pkts)/30 as min_out_pkts_per_sec, min(sum_pkts)/30 as min_pkts_per_sec from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT5S') as stat_time, sum(in_pkts) as sum_in_pkts, sum(out_pkts) as sum_out_pkts, sum(in_pkts + out_pkts) as sum_pkts from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT5S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Network Throughput in sessions/s",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" ",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , avg(sum_sessions)/30 as avg_sessions_per_sec, max(sum_sessions)/30 as max_sessions_per_sec, min(sum_sessions)/30 as min_sessions_per_sec from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT5S') as stat_time, sum(sessions) as sum_sessions from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT5S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Network Throughput Active Sessions",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" ",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time, avg(sum_active_sessions) as avg_active_sessions, max(sum_active_sessions) as max_active_sessions, min(sum_active_sessions) as min_active_sessions from ( select stat_time, sum(max_active_sessions) sum_active_sessions from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT5S') as stat_time, device_id, vsys_id, max(active_sessions) as max_active_sessions from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT5S'), device_id, vsys_id ) group by stat_time ) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Total Security Policy Rule Hits by Action",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" ",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"SELECT (CASE WHEN action = 1 THEN 'Monitor' WHEN action = 2 THEN 'Intercept' WHEN action = 16 THEN 'Deny' WHEN action = 48 THEN 'Manipulation' WHEN action = 96 THEN 'Allow' WHEN action = 128 THEN 'Shunt' ELSE concat(action) END) as action, SUM(hit_count) as hit_count, SUM(in_bytes + out_bytes) as bytes, SUM(in_pkts + out_pkts) as packets from security_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) GROUP BY action order by action\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Security Policy Rule Hits Trend by Action",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" ",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT30S','zero')) as stat_time, (CASE WHEN action = 1 THEN 'Monitor' WHEN action = 2 THEN 'Intercept' WHEN action = 16 THEN 'Deny' WHEN action = 48 THEN 'Manipulation' WHEN action = 96 THEN 'Allow' WHEN action = 128 THEN 'Shunt' ELSE concat(action) END) as action, sum(hit_count) as hit_count, sum(in_bytes + out_bytes) as bytes, SUM(in_pkts + out_pkts) as packets from security_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT30S','zero')) , action order by stat_time limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Security Policy Rule Hits",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" ",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select rule_id, action, sum(hit_count) as hits from security_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by rule_id, action order by hits desc limit 100\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Total Proxy Manipulate Rule Hits by Action",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select sub_action, sum(hit_count) as hits from proxy_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and action = 48 group by sub_action order by sub_action\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Proxy Manipulate Rule Hits Trend by Action",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT300S','zero')) as stat_time, sub_action, sum(hit_count) as hits from proxy_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and action = 48 group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT300S','zero')) , sub_action order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Proxy Policy Hits",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select rule_id, sub_action, sum(hit_count) as hits from proxy_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and vsys_id in (1,2,3,4,5) and action = 48 group by rule_id, sub_action order by hits desc limit 100\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Proxy SSL Intercept Pinning",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT300S','zero')) as stat_time, (CASE WHEN pinning_status = 0 THEN 'not_pinning_num' WHEN pinning_status = 1 THEN 'pinning_num' WHEN pinning_status = 2 THEN 'maybe_pinning_num' ELSE concat(pinning_status) END) as type, SUM(hit_count) as hits from proxy_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and action = 2 group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT300S','zero')) , (CASE WHEN pinning_status = 0 THEN 'not_pinning_num' WHEN pinning_status = 1 THEN 'pinning_num' WHEN pinning_status = 2 THEN 'maybe_pinning_num' ELSE concat(pinning_status) END) order by stat_time asc limit 100\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Application and Protocol",
|
||
"item": [
|
||
{
|
||
"name": "application-and-protocol-summary",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"name\": \"application-and-protocol-summary\",\n \"granularity\": \"PT5M\",\n \"filter\": \"vsys_id in (1)\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"exec_mode\" : \"oneshot\"\n \n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"dsl"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "application-and-protocol-tree-composition",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"name\": \"application-and-protocol-tree-composition\",\n \"filter\": \"vsys_id in (1,2,3,4,5)\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"exec_mode\" : \"oneshot\"\n \n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"dsl"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "application-and-protocol-tree-throughput",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"name\": \"application-and-protocol-tree-throughput\",\n \"granularity\":\"PT15s\",\n \"filter\": \"vsys_id in (1,2,3,4,5) AND (protocol_stack_id = 'ETHERNET' OR (protocol_stack_id LIKE 'ETHERNET.%' AND NOT CONTAINS_STRING(REPLACE(protocol_stack_id, 'ETHERNET.', ''), '.')))\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"exec_mode\" : \"oneshot\"\n \n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"dsl"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "application-and-protocol-top-apps",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"name\": \"application-and-protocol-top-apps\",\n \"filter\": \"vsys_id in (1,2,3,4,5)\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"exec_mode\" : \"oneshot\"\n \n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"dsl"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "application-and-protocol-app-related-internal-ips",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"name\": \"application-and-protocol-app-related-internal-ips\",\n \"filter\": \"vsys_id in (1,2,3,4,5) and app in ('http')\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"exec_mode\" : \"oneshot\",\n \"limit\" : 10\n \n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"dsl"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "application-and-protocol-app-throughput",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"name\": \"application-and-protocol-app-throughput\",\n \"granularity\": \"PT30S\",\n \"filter\": \"vsys_id in (1,2,3,4,5) and app_name in ('http')\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"exec_mode\" : \"oneshot\"\n \n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"dsl"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "application-and-protocol-app-summary",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"name\": \"application-and-protocol-app-summary\",\n \"filter\": \"vsys_id in (1,2,3,4,5) and app_name in ('http')\",\n \"intervals\": [\"{{start_time}}/{{end_time}}\"],\n \"exec_mode\" : \"oneshot\"\n \n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"dsl"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Top Metric",
|
||
"item": [
|
||
{
|
||
"name": "Top Client IPs in Sessions",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" ",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select client_ip as client_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_client_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) and metric = 'sessions' group by client_ip order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Client IPs in Packets",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select client_ip as client_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets,sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_client_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric='packets' group by client_ip order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Client IPs in Bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select client_ip as client_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_client_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'bytes' group by client_ip order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server IPs in Sessions",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select server_ip as server_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'sessions' group by server_ip order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server IPs in Packets",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select server_ip as server_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'packets' group by server_ip order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server IPs in Bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select server_ip as server_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'bytes' group by server_ip order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Internal IPs in Sessions",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select internal_ip as internal_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_internal_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'sessions' group by internal_ip order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Internal IPs in Packets",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select internal_ip as internal_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_internal_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'packets' group by internal_ip order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Internal IPs in Bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select internal_ip as internal_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_internal_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'bytes' group by internal_ip order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top External IPs in Sessions",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select external_ip as external_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_external_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'sessions' group by external_ip order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top External IPs in Packets",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select external_ip as external_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_external_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'packets' group by external_ip order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top External IPs in Bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select external_ip as external_ip, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_external_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'bytes' group by external_ip order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server Domains in Sessions",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select domain, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_domains where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'sessions' group by domain order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server Domains in Packets",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select domain, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_domains where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'packets' group by domain order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server Domains in Bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select domain, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_domains where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'bytes' group by domain order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server FQDNs in Sessions",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select fqdn, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_fqdns where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'sessions' group by fqdn order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server FQDNs in Packets",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select fqdn, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_fqdns where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'packets' group by fqdn order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server FQDNs in Bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select fqdn, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_server_fqdns where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'bytes' group by fqdn order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Subscriber IDs in Sessions",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select subscriber_id, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_subscribers where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'sessions' group by subscriber_id order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Subscriber IDs in Packets",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select subscriber_id, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_subscribers where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'packets' group by subscriber_id order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Subscriber IDs in Bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select subscriber_id, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from top_subscribers where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and metric = 'bytes' group by subscriber_id order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Apps in Packets",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select app_name, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from application_protocol_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and app_name IS NOT NUll group by app_name order by packets desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Apps in Bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select app_name, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from application_protocol_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and app_name IS NOT NUll group by app_name order by bytes desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Apps in Sessions",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select app_name, sum(sessions) as sessions, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(in_bytes + out_bytes) as bytes, sum(in_pkts) as in_packets , sum(out_pkts) as out_packets, sum(in_pkts + out_pkts) as packets from application_protocol_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and app_name IS NOT NUll group by app_name order by sessions desc limit 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Traffic Shaping",
|
||
"item": [
|
||
{
|
||
"name": "Shaping Profiles Metrics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select profile_id, sum(in_bytes+out_bytes) as bytes, sum(in_pkts+out_pkts) as packets, sum(in_drop_pkts+out_drop_pkts) as drops, max(in_max_latency_us+out_max_latency_us) as max_latency_us, avg(in_queue_len+out_queue_len) as avg_q, max(in_queue_len+out_queue_len) as max_q from traffic_shaping_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by profile_id\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Shaping Rule Summary",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select rule_id,DATE_FORMAT(max(__time) ,'%Y-%m-%d %H:%i:%s') as last_used,DATE_FORMAT(min(__time) ,'%Y-%m-%d %H:%i:%s') as first_used, sum(in_bytes+out_bytes) as total_bytes from traffic_shaping_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5) and rule_id in (1,2,103,273) group by rule_id\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Shaping Profile Summary",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select profile_id, DATE_FORMAT(max(__time) ,'%Y-%m-%d %H:%i:%s') as last_used, DATE_FORMAT(min(__time) ,'%Y-%m-%d %H:%i:%s') as first_used, sum(in_drop_pkts+out_drop_pkts) as drops from traffic_shaping_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5) and profile_id in (1,2,103,273) group by profile_id\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Shaping Profile Metrics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sum(bytes)*8/10 as bps, sum(packets)/10 as pps, max(max_latency_us) as max_latency_us, avg(avg_q) as avg_q, max(max_q) as max_q from ( select device_id, vsys_id, sum(in_bytes+out_bytes) as bytes, sum(in_pkts+out_pkts) as packets, max(in_max_latency_us+out_max_latency_us) as max_latency_us, avg(in_queue_len+out_queue_len) as avg_q, max(in_queue_len+out_queue_len) as max_q from traffic_shaping_rule_hits where __time >= FROM_UNIXTIME(UNIX_TIMESTAMP(now())-10) and vsys_id in (1,2,3,4,5) and profile_id =1 group by device_id, vsys_id )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Shaping Rule/Profile Throughput",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1s', 'zero')) as stat_time, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes from traffic_shaping_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and profile_id=273 group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1s', 'zero')) order by stat_time asc limit 100\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Service Chaining",
|
||
"item": [
|
||
{
|
||
"name": "Chaining Rule or Function Throuphput Trend",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1s', 'zero')) as stat_time, sum(sent_bytes) as sent_bytes, sum(recv_bytes) as received_bytes from service_chaining_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and ( rule_id in (1,2,3,4,5) or sff_profile_id in (1,2,3,4,5) or sf_profile_id in (1,2,3,4,5)) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT1s', 'zero')) order by stat_time asc limit 100\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Chaining Rule Metrics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select rule_id, sum(sent_bytes) as sent_bytes, sum(recv_bytes) as received_bytes, sum(sent_pkts) as sent_packets, sum(recv_pkts) as received_packets from service_chaining_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rule_id in (1,2,3,4,5) group by rule_id\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Function Forwarder Metrics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sff_profile_id, sum(sent_bytes) as sent_bytes, sum(recv_bytes) as received_bytes, sum(sent_pkts) as sent_packets, sum(recv_pkts) as received_packets from service_chaining_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and sff_profile_id in (1,2,3,4,5) group by sff_profile_id\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Function Profile Metrics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sf_profile_id, sum(sent_bytes) as sent_bytes, sum(recv_bytes) as received_bytes, sum(sent_pkts) as sent_packets, sum(recv_pkts) as received_packets from service_chaining_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and sf_profile_id in (1,2,3,4,5) group by sf_profile_id\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Function Profile Status",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"SELECT sf_profile_id, sf_status, CASE WHEN last_active_time = 0 THEN '' ELSE FROM_UNIXTIME(last_active_time) END AS last_active_time, CASE WHEN last_inactive_time = 0 THEN '' ELSE FROM_UNIXTIME(last_inactive_time) END AS last_inactive_time FROM ( SELECT sf_profile_id, LATEST(sf_status) as sf_status, MAX(CASE WHEN sf_status = 1 THEN UNIX_TIMESTAMP(__time) ELSE 0 END) as last_active_time, MAX(CASE WHEN sf_status = 0 THEN UNIX_TIMESTAMP(__time) ELSE 0 END) as last_inactive_time from service_function_status where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and sf_profile_id in (1,2,3,4,5) group by sf_profile_id)\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Object Statistics",
|
||
"item": [
|
||
{
|
||
"name": "Top 30 Objects by Bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select object_id, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes, sum(new_in_sessions) as new_in_sessions, sum(new_out_sessions) as new_out_sessions, sum(sessions) as sessions from object_statistics where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by object_id order by bytes desc limit 30\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Parent Level Object Stat",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes, sum(new_in_sessions) as new_in_sessions, sum(new_out_sessions) as new_out_sessions, sum(sessions) as sessions from object_statistics where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and object_id > 0\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top 30 Items by Bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select item_id, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes, sum(new_in_sessions) as new_in_sessions, sum(new_out_sessions) as new_out_sessions, sum(sessions) as sessions from object_statistics where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by item_id order by bytes desc limit 30\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Object Traffic Stat Trend",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , sum(in_bytes) as in_bytes, avg(in_bytes)* 8 / 30 as avg_in_bits_per_sec, sum(out_bytes) as out_bytes, avg(out_bytes)* 8 / 30 as avg_out_bits_per_sec, sum(bytes) as bytes, avg(bytes)* 8 / 30 as avg_bits_per_sec, sum(new_in_sessions) as new_in_sessions, avg(new_in_sessions)/ 30 as avg_new_in_sessions_per_sec, sum(new_out_sessions) as new_out_sessions, avg(new_out_sessions)/ 30 as avg_new_out_sessions_per_sec, sum(sessions) as sessions, avg(sessions)/ 30 as avg_sessions_per_sec from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT5S') as stat_time, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes, sum(new_in_sessions) as new_in_sessions, sum(new_out_sessions) as new_out_sessions, sum(sessions) as sessions from object_statistics where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) and object_id = 1608661 group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT5S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Item Traffic Stat Trend",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , sum(in_bytes) as in_bytes, avg(in_bytes)* 8 / 30 as avg_in_bits_per_sec, sum(out_bytes) as out_bytes, avg(out_bytes)* 8 / 30 as avg_out_bits_per_sec, sum(bytes) as bytes, avg(bytes)* 8 / 30 as avg_bits_per_sec, sum(new_in_sessions) as new_in_sessions, avg(new_in_sessions)/ 30 as avg_new_in_sessions_per_sec, sum(new_out_sessions) as new_out_sessions, avg(new_out_sessions)/ 30 as avg_new_out_sessions_per_sec, sum(sessions) as sessions, avg(sessions)/ 30 as avg_sessions_per_sec from (select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT5S') as stat_time, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes, sum(new_in_sessions) as new_in_sessions, sum(new_out_sessions) as new_out_sessions, sum(sessions) as sessions from object_statistics where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and item_id = 1 group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT5S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Statistics Rule",
|
||
"item": [
|
||
{
|
||
"name": "Incoming Bytes, Outgoing Bytes and Bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT15S') as stat_time, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) and version=1 group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT15S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Average Incoming bits/s, Average Outgoing bits/s and Average bits/s",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time, avg(in_bytes)*8/30 as avg_in_bits_per_sec, avg(out_bytes)*8/30 as avg_out_bits_per_sec, avg(bytes)*8/30 as avg_bits_per_sec from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT15S') as stat_time, sum(in_bytes) as in_bytes, sum(out_bytes) as out_bytes, sum(bytes) as bytes from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT15S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Unique Client IPs and Unique Server IPs",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time, APPROX_COUNT_DISTINCT_HLLD(client_ip_sketch) as unique_client_ips, APPROX_COUNT_DISTINCT_HLLD(server_ip_sketch) as unique_server_ips from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT15S') as stat_time, HLLD(client_ip_sketch) as client_ip_sketch, HLLD(server_ip_sketch) as server_ip_sketch from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT15S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "95th TCP Latency (ms) and 99th TCP Latency (ms)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time, QUANTILE_HDR(latency_ms_sketch,0.95) as p95th_tcp_latency_ms, QUANTILE_HDR(latency_ms_sketch,0.99) as p99th_tcp_latency_ms from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT15S') as stat_time, HDR_HISTOGRAM(latency_ms_sketch) as latency_ms_sketch from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT15S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Histogram TCP Latency (ms)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select PERCENTILES_HDR(latency_ms_sketch) as histogram_tcp_latency_ms,HDR_GET_QUANTILES(HDR_HISTOGRAM(latency_ms_sketch), 0.5,0.95,0.99) as tcp_latency_quantiles from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and rule_id=397097 and chart_id=8267\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Bytes and Sessions Distributed by Application",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select application, sum(bytes) as bytes, sum(sessions) as sessions from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by application order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Bytes and Sessions Distributed by Server IP",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select server_ip, sum(bytes) as bytes, sum(sessions) as sessions from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by server_ip order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Bytes and Sessions Distributed by FQDN Category",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select fqdn_category, sum(bytes) as bytes, sum(sessions) as sessions from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by fqdn_category order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Multi-value Raw Column Distribution of FQDN Category",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select MV_TO_STRING(fqdn_category,',') , sum(bytes) as bytes, sum(sessions) as sessions from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and fqdn_category is not null group by MV_TO_STRING(fqdn_category,',') order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Multi-value Distribution of FQDN Category",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select fqdn_category , sum(bytes) as bytes, sum(sessions) as sessions from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) and fqdn_category is not null group by fqdn_category order by bytes desc limit 1024\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "New Unestablished Sessions Distributed by Client IP and Server IP",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select client_ip, server_ip, sum(new_unestablished_sessions) as new_unestablished_sessions from statistics_rule where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) group by client_ip, server_ip order by new_unestablished_sessions desc limit 100\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Statistics Rule Hits Throughput",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) as stat_time , avg(sum_in_bytes)*8/30 as avg_in_bits_per_sec, avg(sum_out_bytes)*8/30 as avg_out_bits_per_sec, avg(sum_bytes)*8/30 as avg_bits_per_sec, sum(sum_in_bytes) as total_in_bytes, sum(sum_out_bytes) as total_out_bytes, sum(sum_bytes) as total_bytes from ( select TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT5S') as stat_time, sum(in_bytes) as sum_in_bytes, sum(out_bytes) as sum_out_bytes, sum(in_bytes + out_bytes) as sum_bytes from statistics_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT5S')) group by FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(stat_time, 'PT30S', 'zero')) order by stat_time asc limit 1000\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "DoS Threat Map",
|
||
"item": [
|
||
{
|
||
"name": "dos-threat-map-top-source-countries",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\":\"select arrayJoin(splitByString(',',source_country_list)) as source_country, count(*) as count from dos_event where start_time >= UNIX_TIMESTAMP('{{start_time}}') and start_time <UNIX_TIMESTAMP('{{end_time}}') and notEmpty(source_country_list) and vsys_id in (1,2,3,4) group by arrayJoin(splitByString(',',source_country_list)) order by count desc limit 10\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "dos-threat-map-top-destination-countries",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select destination_country, count(*) as count from dos_event where start_time >= UNIX_TIMESTAMP('{{start_time}}') and start_time <UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4) group by destination_country order by count desc limit 10\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "dos-threat-map-top-victims",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select destination_ip, count(*) as count from dos_event where start_time >= UNIX_TIMESTAMP('{{start_time}}') and start_time <UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4) group by destination_ip order by count desc limit 10\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "dos-threat-map-attack-type",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select attack_type, count(*) as count from dos_event where start_time >= UNIX_TIMESTAMP('{{start_time}}') and start_time <UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4) group by attack_type order by attack_type\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "dos-threat-map-severity",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select severity, count(*) as count from dos_event where start_time >= UNIX_TIMESTAMP('{{start_time}}')and start_time <UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4) group by severity order by severity\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "dos-threat-map-destination-ip-distribution",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select destination_ip, IP_TO_GEO(destination_ip) as destination_geo, any(destination_country) as destination_country, groupUniqArray(arrayJoin(splitByString(',',source_country_list))) as source_coutries, max(bit_rate) as max_bit_rate, max(packet_rate) as max_packet_rate, max(session_rate) as max_session_rate,min(start_time) as first_active_time, max(end_time) as last_active_time, MAX_DURATION(end_time, 600) as max_duration, groupUniqArray(attack_type) as attack_type, count(*) as count from dos_event where start_time >= UNIX_TIMESTAMP('{{start_time}}') and start_time <UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4) group by destination_ip order by count desc limit 100\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "dos-threat-map-attack-connection",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select start_time, destination_ip, IP_TO_GEO(destination_ip) as destination_geo, destination_country, source_country_list, attack_type, severity,bit_rate, packet_rate, session_rate from dos_event where start_time >= UNIX_TIMESTAMP('{{start_time}}') and start_time <UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4) order by start_time asc limit 100\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Field Discovery",
|
||
"item": [
|
||
{
|
||
"name": "field-discovery-session-record",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" postman.setEnvironmentVariable(\"fd_job_id\", JSON.parse(responseBody).job.job_id);",
|
||
"",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"name\": \"field_discovery\",\n \"data_source\": \"session_record\",\n \"filter\": \"recv_time >=UNIX_TIMESTAMP('{{start_time}}') and recv_time <=UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5,6,7,8)\",\n \"custom.field_discovery.metric\": \"sessions\",\n \"custom.field_discovery.metric.fn\": \"sum\",\n \"custom.field_discovery.fields\": [\n \"log_id\",\n \"security_action\",\n \"app\",\n \"client_ip\",\n \"server_ip\",\n \"client_port\",\n \"server_port\",\n \"decoded_as\",\n \"server_domain\"\n ]\n \n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"dsl"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "field-discovery-session-record-result",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" postman.clearEnvironmentVariable(\"fd_job_id\");",
|
||
"",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/job/{{fd_job_id}}/result",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"job",
|
||
"{{fd_job_id}}",
|
||
"result"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "field-discovery-statistics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" postman.setEnvironmentVariable(\"fd_statistics_job_id\", JSON.parse(responseBody).job.job_id);",
|
||
"",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" :\"select client_ip,count(*) as count from session_record where recv_time >=UNIX_TIMESTAMP('{{start_time}}') and recv_time <=UNIX_TIMESTAMP('{{end_time}}') and vsys_id in (1,2,3,4,5) group by client_ip order by count asc limit 10\"\n \n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "field-discovery-statistics-result",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" postman.clearEnvironmentVariable(\"fd_job_id\");",
|
||
"",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/job/{{fd_statistics_job_id}}/result",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"job",
|
||
"{{fd_statistics_job_id}}",
|
||
"result"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "IP Learning",
|
||
"item": [
|
||
{
|
||
"name": "ip-learning-fqdn-relate-ip",
|
||
"event": [
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [
|
||
{
|
||
"key": "Authorization",
|
||
"value": "bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjEuNTkzNTIwMTQyMTI4MTA3OGUrNiwiZXhwIjoxNTk2MTEyMTQyLCJpc3MiOiJhcmFuZ29kYiIsInByZWZlcnJlZF91c2VybmFtZSI6InJvb3QifQ==.6KZ2P32UymePwXgB3QudnufM2ZgnKepGzuYYkQHNF0A=",
|
||
"type": "text",
|
||
"disabled": true
|
||
}
|
||
],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\r\n \"name\": \"ip-learning-fqdn-relate-ip\",\r\n \"filter\": \"VSYS_ID in (1,2,3,4,5,6,7,8) AND PROTOCOL in ('SSL', 'HTTP','DNS') AND DEPTH = 1 and UNIQ_CIP > 1 AND FQDN_NAME in ('google.com', 'baidu.com') \",\r\n \"intervals\": [\"2023-01-01 00:00:00/2024-01-02 00:00:00\"],\r\n \"exec_mode\":\"oneshot\",\r\n \"limit\": \"100\"\r\n }",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/dsl",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"dsl"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
],
|
||
"event": [
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"type": "text/javascript",
|
||
"exec": [
|
||
""
|
||
]
|
||
}
|
||
},
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"type": "text/javascript",
|
||
"exec": [
|
||
""
|
||
]
|
||
}
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "First and Last Found of Metric Sources",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select 'General Metrics' as type, min(__time) as first_time, max(__time) as last_time from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'Security Policy Rule Hits' as type, min(__time) as first_time, max(__time) as last_time from security_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'Proxy Policy Rule Hits' as type, min(__time) as first_time, max(__time) as last_time from proxy_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'Traffic Shaping Rule Hits' as type, min(__time) as first_time, max(__time) as last_time from traffic_shaping_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'Service Chaining Rule Hits' as type, min(__time) as first_time, max(__time) as last_time from service_chaining_rule_hits where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'Internal IPs' as type, min(__time) as first_time, max(__time) as last_time from top_internal_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'External IPs' as type, min(__time) as first_time, max(__time) as last_time from top_external_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'Subscriber IDs' as type, min(__time) as first_time, max(__time) as last_time from top_subscribers where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'Client IPs' as type, min(__time) as first_time, max(__time) as last_time from top_client_ips union all select 'Server IPs' as type, min(__time) as first_time, max(__time) as last_time from top_server_ips where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'Server Domains' as type, min(__time) as first_time, max(__time) as last_time from top_server_domains where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'Server FQDNs' as type, min(__time) as first_time, max(__time) as last_time from top_server_fqdns where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'Application Protocol Stat' as type, min(__time) as first_time, max(__time) as last_time from application_protocol_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1,2,3,4,5,6,7,8) union all select 'Storage Quota' as type, min(__time) as first_time, max(__time) as last_time from sys_storage_log where __time >= '{{start_time}}' and __time < '{{end_time}}'\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
],
|
||
"event": [
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"type": "text/javascript",
|
||
"exec": [
|
||
""
|
||
]
|
||
}
|
||
},
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"type": "text/javascript",
|
||
"exec": [
|
||
""
|
||
]
|
||
}
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Create SQL Query",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" // Set an environment variable",
|
||
" postman.setEnvironmentVariable(\"normal_job_id\", JSON.parse(responseBody).job.job_id);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"SELECT recv_time, log_id, decoded_as, session_id, start_timestamp_ms, end_timestamp_ms, duration_ms, tcp_handshake_latency_ms, ingestion_time, processing_time, insert_time, device_id, out_link_id, in_link_id, device_tag, data_center, device_group, sled_ip, address_type, vsys_id, t_vsys_id, flags, flags_identify_info, security_rule_list, security_action, monitor_rule_list, sc_rule_list, sc_rsp_raw, sc_rsp_decrypted, shaping_rule_list, proxy_rule_list, proxy_action, proxy_pinning_status, proxy_intercept_status, proxy_passthrough_reason, proxy_client_side_latency_ms, proxy_server_side_latency_ms, proxy_client_side_version, proxy_server_side_version, proxy_cert_verify, proxy_intercept_error, monitor_mirrored_pkts, monitor_mirrored_pkts, client_ip, client_port, client_os_desc, client_geolocation, client_asn, subscriber_id, imei, imsi, phone_number, apn, server_ip, server_port, server_os_desc, server_geolocation, server_asn, server_fqdn, server_domain, app_transition, app, app_debug_info, app_content, fqdn_category_list, decoded_path, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_rr, dns_response_latency_ms, http_url, http_host, http_request_line, http_response_line, http_request_body, http_response_body, http_proxy_flag, http_sequence, http_cookie, http_referer, http_user_agent, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_set_cookie, http_version, http_status_code, http_response_latency_ms, http_session_duration_ms, http_action_file_size, ssl_version, ssl_sni, ssl_san, ssl_cn, ssl_handshake_latency_ms, ssl_ja3_hash, ssl_ja3s_hash, ssl_cert_issuer, ssl_cert_subject, ssl_esni_flag, ssl_ech_flag, dtls_cookie, dtls_version, dtls_sni, dtls_san, dtls_cn, dtls_handshake_latency_ms, dtls_ja3_fingerprint, dtls_ja3_hash, dtls_cert_issuer, dtls_cert_subject, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_password, mail_to, mail_cc, mail_bcc, mail_subject, mail_subject_charset, mail_attachment_name, mail_attachment_name_charset, mail_eml_file, ftp_account, ftp_url, ftp_link_type, quic_version, quic_sni, quic_user_agent, rdp_cookie, rdp_security_protocol, rdp_client_channels, rdp_keyboard_layout, rdp_client_version, rdp_client_name, rdp_client_product_id, rdp_desktop_width, rdp_desktop_height, rdp_requested_color_depth, rdp_certificate_type, rdp_certificate_count, rdp_certificate_permanent, rdp_encryption_level, rdp_encryption_method, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, rtp_originator_dir, stratum_cryptocurrency, stratum_mining_pools, stratum_mining_program, stratum_mining_subscribe, sent_pkts, received_pkts, sent_bytes, received_bytes, tcp_c2s_ip_fragments, tcp_s2c_ip_fragments, tcp_c2s_lost_bytes, tcp_s2c_lost_bytes, tcp_c2s_o3_pkts, tcp_s2c_o3_pkts, tcp_c2s_rtx_pkts, tcp_s2c_rtx_pkts, tcp_c2s_rtx_bytes, tcp_s2c_rtx_bytes, tcp_rtt_ms, tcp_client_isn, tcp_server_isn, packet_capture_file, in_src_mac, out_src_mac, in_dest_mac, out_dest_mac, tunnels, dup_traffic_flag, tunnel_endpoint_a_desc, tunnel_endpoint_b_desc FROM session_record AS session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') and arrayJoin(monitor_rule_list) = 60563 AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Create SQL Explain Query",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200); ",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"explain select min(duration) min, median(duration) as median,avg(duration) as avg, round(QUANTILE(duration,0.8),2) as p80, round(QUANTILE(duration,0.95),2) as p95, round(QUANTILE(duration,0.99),2) as p99, max(duration) as max from ( select (processing_time-recv_time) as duration FROM session_record WHERE recv_time >= UNIX_TIMESTAMP(now())-86400 and recv_time<UNIX_TIMESTAMP(now()) )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\": \"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Create SQL Describe Query",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200); ",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"describe session_record\" ,\n \"output_mode\":\"json\",\n \"exec_mode\": \"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Create SQL Dry Run Query",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200); ",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time,'PT30S')) as stat_time, round(sum(sent_bytes)*8/30/1000/1000,2) as Bytes_Sent_Mbps, round(sum(received_bytes)*8/30/1000/1000,2) as Bytes_Received_Mbps, round(sum(sent_bytes + received_bytes)*8/30/1000/1000,2) as Mbps, round(sum(sent_pkts + received_pkts)/30/1000,2) as Kpps, round(count(1)/30/1000,2) as \\\"Ksessions/s\\\" from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') group by stat_time order by stat_time asc\" ,\n \"output_mode\":\"json\",\n \"is_dry_run\": 1,\n \"exec_mode\": \"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Create Blocking SQL Query",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" // Set an environment variable",
|
||
" postman.setEnvironmentVariable(\"blocking_job_id\", JSON.parse(responseBody).job.job_id);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"SELECT recv_time, log_id, decoded_as, session_id, start_timestamp_ms, end_timestamp_ms, duration_ms, tcp_handshake_latency_ms, ingestion_time, processing_time, insert_time, device_id, out_link_id, in_link_id, device_tag, data_center, device_group, sled_ip, address_type, vsys_id, t_vsys_id, flags, flags_identify_info, security_rule_list, security_action, monitor_rule_list, sc_rule_list, sc_rsp_raw, sc_rsp_decrypted, shaping_rule_list, proxy_rule_list, proxy_action, proxy_pinning_status, proxy_intercept_status, proxy_passthrough_reason, proxy_client_side_latency_ms, proxy_server_side_latency_ms, proxy_client_side_version, proxy_server_side_version, proxy_cert_verify, proxy_intercept_error, monitor_mirrored_pkts, monitor_mirrored_bytes,ip_protocol, client_ip, client_port, client_os_desc, client_geolocation, client_asn, subscriber_id, imei, imsi, phone_number, apn, server_ip, server_port, server_os_desc, server_geolocation, server_asn, server_fqdn, server_domain, app_transition, app, app_debug_info, app_content, fqdn_category_list, decoded_path, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_rr, dns_response_latency_ms, http_url, http_host, http_request_line, http_response_line, http_request_body, http_response_body, http_proxy_flag, http_sequence, http_cookie, http_referer, http_user_agent, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_set_cookie, http_version, http_status_code, http_response_latency_ms, http_session_duration_ms, http_action_file_size, ssl_version, ssl_sni, ssl_san, ssl_cn, ssl_handshake_latency_ms, ssl_ja3_hash, ssl_ja3s_hash, ssl_cert_issuer, ssl_cert_subject, ssl_esni_flag, ssl_ech_flag, dtls_cookie, dtls_version, dtls_sni, dtls_san, dtls_cn, dtls_handshake_latency_ms, dtls_ja3_fingerprint, dtls_ja3_hash, dtls_cert_issuer, dtls_cert_subject, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_password, mail_to, mail_cc, mail_bcc, mail_subject, mail_subject_charset, mail_attachment_name, mail_attachment_name_charset, mail_eml_file, ftp_account, ftp_url, ftp_link_type, quic_version, quic_sni, quic_user_agent, rdp_cookie, rdp_security_protocol, rdp_client_channels, rdp_keyboard_layout, rdp_client_version, rdp_client_name, rdp_client_product_id, rdp_desktop_width, rdp_desktop_height, rdp_requested_color_depth, rdp_certificate_type, rdp_certificate_count, rdp_certificate_permanent, rdp_encryption_level, rdp_encryption_method, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, rtp_originator_dir, stratum_cryptocurrency, stratum_mining_pools, stratum_mining_program, stratum_mining_subscribe, sent_pkts, received_pkts, sent_bytes, received_bytes, tcp_c2s_ip_fragments, tcp_s2c_ip_fragments, tcp_c2s_lost_bytes, tcp_s2c_lost_bytes, tcp_c2s_o3_pkts, tcp_s2c_o3_pkts, tcp_c2s_rtx_pkts, tcp_s2c_rtx_pkts, tcp_c2s_rtx_bytes, tcp_s2c_rtx_bytes, tcp_rtt_ms, tcp_client_isn, tcp_server_isn, packet_capture_file, in_src_mac, out_src_mac, in_dest_mac, out_dest_mac, tunnels, dup_traffic_flag, tunnel_endpoint_a_desc, tunnel_endpoint_b_desc FROM session_record AS session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time < UNIX_TIMESTAMP('{{end_time}}') AND vsys_id IN (1) ORDER BY recv_time DESC LIMIT 20\" ,\n \"exec_mode\":\"blocking\",\n \"output_mode\":\"json\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Create Saved SQL Query",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" // Set an environment variable",
|
||
" postman.setEnvironmentVariable(\"saved_query_job_id\", JSON.parse(responseBody).job.job_id);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select uniq(client_ip) as \\\"Client IPs\\\", uniq(server_ip) as \\\"Server IPs\\\",uniq(server_domain) as \\\"Domains\\\",uniq(http_host) as \\\"Hosts\\\", uniq(ssl_sni) as \\\"SNIs\\\" from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}')\" ,\n \"output_mode\":\"json\",\n \"is_saved_query\":1\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Poll Job Status",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/job/{{normal_job_id}}?is_saved_query=0",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"job",
|
||
"{{normal_job_id}}"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "is_saved_query",
|
||
"value": "0"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Poll All Job Status",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/job?job_ids={{normal_job_id}}&is_saved_query=0",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"job"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "job_ids",
|
||
"value": "{{normal_job_id}}"
|
||
},
|
||
{
|
||
"key": "is_saved_query",
|
||
"value": "0"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Get Job Result",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/job/{{normal_job_id}}/result?is_saved_query=0",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"job",
|
||
"{{normal_job_id}}",
|
||
"result"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "is_saved_query",
|
||
"value": "0"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Get All Job Results",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" postman.clearEnvironmentVariable(\"normal_job_id\");",
|
||
" postman.clearEnvironmentVariable(\"blocking_job_id\");",
|
||
"",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/job/result?job_ids={{normal_job_id}},{{blocking_job_id}}&is_saved_query=0",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"job",
|
||
"result"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "job_ids",
|
||
"value": "{{normal_job_id}},{{blocking_job_id}}"
|
||
},
|
||
{
|
||
"key": "is_saved_query",
|
||
"value": "0"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Get All Saved Job Results",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" ",
|
||
"",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/job/result?job_ids={{saved_query_job_id}}&is_saved_query=1",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"job",
|
||
"result"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "job_ids",
|
||
"value": "{{saved_query_job_id}}"
|
||
},
|
||
{
|
||
"key": "is_saved_query",
|
||
"value": "1"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Delete a Job",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
" postman.clearEnvironmentVariable(\"saved_query_job_id\");",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "DELETE",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/job/{{saved_query_job_id}}?is_saved_query=1",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"job",
|
||
"{{saved_query_job_id}}"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "is_saved_query",
|
||
"value": "1"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Dataset",
|
||
"item": [
|
||
{
|
||
"name": "QGW Rule-based Query Optimization",
|
||
"item": [
|
||
{
|
||
"name": "TopK Query with RBO",
|
||
"item": [
|
||
{
|
||
"name": "Standard Group By (Optimized)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"SELECT server_ip ,count(*) AS count, median(sent_bytes) as median_byte_num,min(sent_bytes) as min_byte_num,sum(sent_bytes+received_bytes) as bytes FROM tsg_galaxy_v3.session_record AS session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') GROUP BY server_ip ORDER BY count DESC LIMIT 100\",\n \"exec_mode\": \"oneshot\",\n \"is_dry_run\": 0\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Sub Query (Optimized)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select server_ip , count, num from ( SELECT server_ip , count(*) AS count, median(sent_bytes) as num FROM tsg_galaxy_v3.session_record AS session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') GROUP BY server_ip ORDER BY count DESC LIMIT 100) order by num desc\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Aggregate Function not Alias(Optimized)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"SELECT server_ip ,count(*) as count, median(sent_bytes) FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') GROUP BY server_ip ORDER BY count DESC LIMIT 100\",\n \"exec_mode\": \"oneshot\",\n \"is_dry_run\": 1\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Sub Query Not Order by(Not Optimized)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select server_ip , count, num from ( SELECT server_ip , count(*) AS count, median(sent_bytes) as num FROM tsg_galaxy_v3.session_record AS session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') GROUP BY server_ip) order by num desc limit 100\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Order by with Aggregate Function(Not Optimized)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"SELECT server_ip ,count(*) AS count, median(sent_bytes) as num FROM tsg_galaxy_v3.session_record AS session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') GROUP BY server_ip ORDER BY sum(sent_bytes) DESC LIMIT 100\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Not Support Function(Not Optimized)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"SELECT server_ip ,count(*) AS count, uniq(client_ip) as client_ips FROM tsg_galaxy_v3.session_record AS session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') GROUP BY server_ip ORDER BY count DESC LIMIT 100\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Not Order By(Not Optimized)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"SELECT server_ip ,count(*) AS count, median(sent_bytes) as num FROM tsg_galaxy_v3.session_record AS session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') GROUP BY server_ip LIMIT 100\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Federation Query by Calcite",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select * from (select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time,'PT1h','zero')) as stat_time from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') group by stat_time limit 10000) limit 10\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "TIME FLOOR WITH FILL(UDF)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(recv_time,'PT30m','zero')) as stat_time, count(*) as count from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') group by stat_time limit 10000\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "IP Lookup(UDF) with Fedreation",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select * from (select server_ip, IP_TO_GEO(server_ip) as geo,IP_TO_COUNTRY(server_ip) as country, IP_TO_CITY(server_ip) as city,IP_TO_ASN(server_ip) as as_number ,IP_TO_ASN_ORG(server_ip) as as_name from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') limit 100) limit 10\",\n \"exec_mode\": \"oneshot\" \n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Benchmark",
|
||
"item": [
|
||
{
|
||
"name": "Top frequent elements in Long(Bit)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select item, sum(count) as count from ( select arrayJoin(items) as item, count from ( select bitmaskToArray(flags) as items, count(*) as count from session_record as sr where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') group by flags )) group by item order by count desc\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top frequent elements in Flags(with Label)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select flag, sum(sessions) as sessions from ( select arrayJoin(array( if(bitAnd(flags, 1)= 1, 'Asymmetric', ''), if(bitAnd(flags, 2)= 2, 'Bulky', ''), if(bitAnd(flags, 4)= 4, 'CBR Streaming', ''), if(bitAnd(flags, 8)= 8, 'Client is Local', ''), if(bitAnd(flags, 16)= 16, 'Server is Local', ''), if(bitAnd(flags, 32)= 32, 'Download', ''), if(bitAnd(flags, 64)= 64, 'Interactive', ''), if(bitAnd(flags, 128)= 128, 'Inbound', ''), if(bitAnd(flags, 256)= 256, 'Outbound', ''), if(bitAnd(flags, 512)= 512, 'Pseudo Unidirectional', ''), if(bitAnd(flags, 1024)= 1024, 'Streaming', ''), if(bitAnd(flags, 2048)= 2048, 'Unidirectional', ''), if(bitAnd(flags, 4096)= 4096, 'Random looking', ''), if(bitAnd(flags, 8192)= 8192, 'C2S', ''), if(bitAnd(flags, 16384)= 16384, 'S2C', ''), if(bitAnd(flags, 32768)= 32768, 'Bidirectional', ''), if(flags=0, 'N/A', '') )) as flag , bytes, packets, sessions from ( select flags, count(*) as sessions, sum(sent_bytes + received_bytes) as bytes, sum(sent_pkts + received_pkts) as packets from session_record as sr where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') group by flags ) ) where notEmpty(flag) group by flag order by sessions desc\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top frequent elements in String(Array)",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select item, sum(count) as count from ( select arrayJoin(items) as item, count from ( select splitByString('.',decoded_path) as items, count(*) as count from session_record as sr where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and notEmpty(decoded_path) group by decoded_path )) group by item order by count desc limit 10\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top frequent elements in Array use subquery",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select item, sum(count) as count,sum(bytes) from ( select arrayJoin(items) as item, count, bytes from ( select monitor_rule_list as items, count(*) as count,sum(sent_bytes+received_bytes) as bytes from session_record as sr where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and notEmpty(monitor_rule_list) group by monitor_rule_list )) group by item order by count desc limit 20\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top frequent elements in Array",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select arrayJoin(monitor_rule_list) as item, count(*) as count,sum(sent_bytes+received_bytes) as bytes from session_record as sr where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and notEmpty(monitor_rule_list) group by arrayJoin(monitor_rule_list) order by count desc limit 20\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Nested Json Parser by App ID",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select app_debug_info, JSONExtract(app_debug_info, 'Tuple(UNKNOWN Nested(app_name String, app_id UInt32),THIRD Nested(app_name String, app_id UInt32),USER_DEFINE Nested(app_name String, app_id UInt32) )') as parsed_json, tupleElement(tupleElement(parsed_json,'THIRD'),'app_name') THIRD_app_name, tupleElement(tupleElement(parsed_json,'USER_DEFINE'),'app_name') USER_DEFINE_app_name from session_record sr where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and notEmpty(app_debug_info) and has(THIRD_app_name,'ssl') group by app_debug_info\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Log Summary",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select round(tcp_logs / logs,4) as \\\"TCP Percentage\\\", round(udp_logs / logs,4) as \\\"UDP Percentage\\\", round(out_bytes / bytes,4) as \\\"Outgoing Percentage\\\", round(in_bytes / bytes,4) as \\\"Incoming Percentage\\\", formatReadableQuantity(tcp_logs) as \\\"TCP Logs\\\", formatReadableQuantity(udp_logs) as \\\"UDP Logs\\\", formatReadableQuantity(logs) as \\\"Logs\\\", formatReadableSize(out_bytes) as \\\"Outgoing Bytes\\\", formatReadableSize(in_bytes) as \\\"Incoming Bytes\\\", formatReadableSize(bytes) as \\\"Bytes\\\" from ( select sum(if(ip_protocol='tcp', 1, 0)) as tcp_logs, sum(if(ip_protocol='udp', 1, 0)) as udp_logs, sum(if(bitAnd(flags, 8) = 8, sent_bytes, received_bytes))as out_bytes, sum(if(bitAnd(flags, 8) = 8, received_bytes, sent_bytes)) as in_bytes, count(*) as logs, sum(sent_bytes + received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Decoded AS",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select round(base_logs / total_logs, 4) as \\\"BASE Percentage\\\", round(http_logs / total_logs, 4) as \\\"HTTP Percentage\\\", round(ssl_logs / total_logs, 4) as \\\"SSL Percentage\\\", round(dns_logs / total_logs, 4) as \\\"DNS Percentage\\\", round(mail_logs / total_logs, 4) as \\\"MAIL Percentage\\\", round(rtp_logs / total_logs, 4) as \\\"RTP Percentage\\\", round(sip_logs / total_logs, 4) as \\\"SIP Percentage\\\", round(ftp_logs / total_logs, 4) as \\\"FTP Percentage\\\", base_logs as \\\"BASE Logs\\\", http_logs as \\\"HTTP Logs\\\", ssl_logs as \\\"SSL Logs\\\", dns_logs as \\\"DNS Logs\\\", mail_logs as \\\"MAIL Logs\\\", rtp_logs as \\\"RTP Logs\\\", sip_logs as \\\"SIP Logs\\\", ftp_logs as \\\"FTP Logs\\\", total_logs as \\\"Total Logs\\\" from ( select sum(if(decoded_as='BASE', 1, 0)) as base_logs, sum(if(decoded_as='HTTP', 1, 0)) as http_logs, sum(if(decoded_as='SSL', 1, 0)) as ssl_logs, sum(if(decoded_as='DNS', 1, 0)) as dns_logs, sum(if(decoded_as='MAIL', 1, 0)) as mail_logs, sum(if(decoded_as='RTP', 1, 0)) as rtp_logs, sum(if(decoded_as='SIP', 1, 0)) as sip_logs, sum(if(decoded_as='FTP', 1, 0)) as ftp_logs, count(*) as total_logs from session_record as sub_connection where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Endpoints",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select uniq(client_ip) as \\\"Client IPs\\\", uniq(server_ip) as \\\"Server IPs\\\", uniq(server_domain) as \\\"Domains\\\", uniq(http_host) as \\\"Hosts\\\", uniq(ssl_sni) as \\\"SNIs\\\" , uniq(client_ip, server_ip) as \\\"Client and Server IPs\\\" from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}')\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Endpoints of TCP",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select uniq(client_ip) as \\\"Client IPs\\\", uniq(server_ip) as \\\"Server IPs\\\", uniq(server_domain) as \\\"Domains\\\", uniq(http_host) as \\\"Hosts\\\", uniq(ssl_sni) as \\\"SNIs\\\" , uniq(client_ip, server_ip) as \\\"Client and Server IPs\\\" from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and ip_protocol ='tcp'\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Endpoints of UDP",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select uniq(client_ip) as \\\"Client IPs\\\", uniq(server_ip) as \\\"Server IPs\\\", uniq(server_domain) as \\\"Domains\\\", uniq(http_host) as \\\"Hosts\\\", uniq(ssl_sni) as \\\"SNIs\\\" , uniq(client_ip, server_ip) as \\\"Client and Server IPs\\\" from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and ip_protocol ='udp'\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "TCP percentile distribution bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select round(QUANTILE(bytes,0.9999),2) as p9999, round(QUANTILE(bytes,0.999),2) as p999, round(QUANTILE(bytes,0.996),2) as p996, round(QUANTILE(bytes,0.995),2) as p995, round(QUANTILE(bytes,0.99),2) as p99, round(QUANTILE(bytes,0.98),2) as p98, round(QUANTILE(bytes,0.96),2) as p96, round(QUANTILE(bytes,0.95),2) as p95, round(QUANTILE(bytes,0.92),2) as p92, round(QUANTILE(bytes,0.90),2) as p90, round(QUANTILE(bytes,0.89),2) as p89, round(QUANTILE(bytes,0.88),2) as p88, round(median(bytes),2) as p50 from ( select server_ip, sum(sent_bytes+received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) group by server_ip )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "TCP percentile distribution sessions",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select round(QUANTILE(sessions,0.9999),2) as p9999, round(QUANTILE(sessions,0.999),2) as p999, round(QUANTILE(sessions,0.996),2) as p996, round(QUANTILE(sessions,0.995),2) as p995, round(QUANTILE(sessions,0.99),2) as p99, round(QUANTILE(sessions,0.98),2) as p98, round(QUANTILE(sessions,0.96),2) as p96, round(QUANTILE(sessions,0.95),2) as p95, round(QUANTILE(sessions,0.92),2) as p92, round(QUANTILE(sessions,0.90),2) as p90, round(QUANTILE(sessions,0.89),2) as p89, round(QUANTILE(sessions,0.88),2) as p88, round(median(sessions),2) as p50 from ( select server_ip, count(1) as sessions from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) group by server_ip )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "UDP(53,443) percentile distribution bytes",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select round(QUANTILE(bytes,0.9999),2) as p9999, round(QUANTILE(bytes,0.999),2) as p999, round(QUANTILE(bytes,0.996),2) as p996, round(QUANTILE(bytes,0.995),2) as p995, round(QUANTILE(bytes,0.99),2) as p99, round(QUANTILE(bytes,0.98),2) as p98, round(QUANTILE(bytes,0.96),2) as p96, round(QUANTILE(bytes,0.95),2) as p95, round(QUANTILE(bytes,0.92),2) as p92, round(QUANTILE(bytes,0.90),2) as p90, round(QUANTILE(bytes,0.89),2) as p89, round(QUANTILE(bytes,0.88),2) as p88, round(median(bytes),2) as p50 from ( select server_ip, sum(sent_bytes+received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and ip_protocol in ('udp') and server_port in (53,443) group by server_ip )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "UDP(53,443) Percentile distribution sessions",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select round(QUANTILE(sessions,0.9999),2) as p9999, round(QUANTILE(sessions,0.999),2) as p999, round(QUANTILE(sessions,0.996),2) as p996, round(QUANTILE(sessions,0.995),2) as p995, round(QUANTILE(sessions,0.99),2) as p99, round(QUANTILE(sessions,0.98),2) as p98, round(QUANTILE(sessions,0.96),2) as p96, round(QUANTILE(sessions,0.95),2) as p95, round(QUANTILE(sessions,0.92),2) as p92, round(QUANTILE(sessions,0.90),2) as p90, round(QUANTILE(sessions,0.89),2) as p89, round(QUANTILE(sessions,0.88),2) as p88, round(median(sessions),2) as p50 from ( select server_ip, count(*) as sessions from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and ip_protocol in ('udp') and server_port in (53,443) group by server_ip )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "TCP percentile distribution of server ip relate uniq CIP",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select round(QUANTILE(client_ips,0.9999),2) as p9999, round(QUANTILE(client_ips,0.999),2) as p999, round(QUANTILE(client_ips,0.996),2) as p996, round(QUANTILE(client_ips,0.995),2) as p995, round(QUANTILE(client_ips,0.99),2) as p99, round(QUANTILE(client_ips,0.98),2) as p98, round(QUANTILE(client_ips,0.96),2) as p96, round(QUANTILE(client_ips,0.95),2) as p95, round(QUANTILE(client_ips,0.92),2) as p92, round(QUANTILE(client_ips,0.90),2) as p90, round(QUANTILE(client_ips,0.89),2) as p89, round(QUANTILE(client_ips,0.88),2) as p88, round(median(client_ips),2) as p50 from ( select server_ip, uniq(client_ip) as client_ips from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) group by server_ip )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "UDP percentile distribution of server ip relate uniq CIP",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select round(QUANTILE(client_ips,0.9999),2) as p9999, round(QUANTILE(client_ips,0.999),2) as p999, round(QUANTILE(client_ips,0.996),2) as p996, round(QUANTILE(client_ips,0.995),2) as p995, round(QUANTILE(client_ips,0.99),2) as p99, round(QUANTILE(client_ips,0.98),2) as p98, round(QUANTILE(client_ips,0.96),2) as p96, round(QUANTILE(client_ips,0.95),2) as p95, round(QUANTILE(client_ips,0.92),2) as p92, round(QUANTILE(client_ips,0.90),2) as p90, round(QUANTILE(client_ips,0.89),2) as p89, round(QUANTILE(client_ips,0.88),2) as p88, round(median(client_ips),2) as p50 from ( select server_ip, uniq(client_ip) as client_ips from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('udp')) group by server_ip )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "TCP session percent of top 100 server ip",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sum(sessions) sessions, count(*) as server_ips, ( select count(*) from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) ) as total_sessions, round(sessions / total_sessions, 6) as percent_sessions_to_total from ( SELECT server_ip, count(*) AS sessions FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) GROUP BY server_ip order by sessions desc limit 100 )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "UDP session percent of top 100 server ip",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sum(sessions) sessions, count(*) as server_ips, ( select count(*) from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('udp')) ) as total_sessions, round(sessions / total_sessions, 6) as percent_sessions_to_total from ( SELECT server_ip, count(*) AS sessions FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('udp')) GROUP BY server_ip order by sessions desc limit 100 )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "TCP byte percent of top 100 server ip",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sum(bytes) as bytes, count(*) as server_ips, ( select sum(sent_bytes+received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) ) as total_bytes, round(bytes / total_bytes, 6) as percent_bytes_to_total from ( SELECT server_ip, sum(sent_bytes+received_bytes) as bytes FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) GROUP BY server_ip order by bytes desc limit 100 )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "UDP byte percent of top 100 server ip",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sum(bytes) as bytes, count(*) as server_ips, ( select sum(sent_bytes+received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('udp')) ) as total_bytes, round(bytes / total_bytes, 6) as percent_bytes_to_total from ( SELECT server_ip, sum(sent_bytes+received_bytes) as bytes FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('udp')) GROUP BY server_ip order by bytes desc limit 100 )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "TCP client ip and traffic percent of top 100 server ip",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select uniq(client_ip) as client_ips, count(*) as sessions, ( select uniq(client_ip) as total_client_ips from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) ) as total_client_ips, round(client_ips / total_client_ips,6) as percent_client_ips_to_total, ( select count(*) as total_sessions from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) ) as total_sessions, round(sessions / total_sessions,6) as percent_sessions_to_total, sum(sent_bytes+received_bytes) as bytes, ( select sum(sent_bytes+received_bytes) as total_bytes from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) ) as total_bytes, round(bytes / total_bytes,6) as percent_bytes_to_total FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) and server_ip in ( SELECT server_ip FROM session_record as cc WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('tcp')) GROUP BY server_ip order by uniq(server_ip) desc limit 10 )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "UDP client ip and traffic percent of top 100 server ip",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select uniq(client_ip) as client_ips, count(*) as sessions, ( select uniq(client_ip) as total_client_ips from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('udp')) ) as total_client_ips, round(client_ips / total_client_ips,6) as percent_client_ips_to_total, ( select count(*) as total_sessions from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('udp')) ) as total_sessions, round(sessions / total_sessions,6) as percent_sessions_to_total, sum(sent_bytes+received_bytes) as bytes, ( select sum(sent_bytes+received_bytes) as total_bytes from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('udp')) ) as total_bytes, round(bytes / total_bytes,6) as percent_bytes_to_total FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('udp')) and server_ip in ( SELECT server_ip FROM session_record as cc WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') AND (ip_protocol IN ('udp')) GROUP BY server_ip order by uniq(server_ip) desc limit 10 )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Session percent of top 100 SNI",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sum(sessions) sessions, count(*) as ssl_snis, ( select count(*) from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and notEmpty(ssl_sni) ) as total_sessions, round(sessions / total_sessions, 6) as percent_sessions_to_total from ( SELECT ssl_sni, count(*) AS sessions FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and notEmpty(ssl_sni) GROUP BY ssl_sni order by sessions desc limit 100 )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Byte percent of top 100 SNI",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select sum(bytes) as bytes, count(*) as ssl_snis, ( select sum(sent_bytes+received_bytes) as bytes from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and notEmpty(ssl_sni) ) as total_bytes, round(bytes / total_bytes, 6) as percent_bytes_to_total from ( SELECT ssl_sni, sum(sent_bytes+received_bytes) as bytes FROM session_record WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and notEmpty(ssl_sni) GROUP BY ssl_sni order by bytes desc limit 100 )\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top 10 client ip with Others",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"SELECT client_ip, sum(sent_bytes + received_bytes) as bytes from session_record sr1 where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') group by client_ip order by bytes desc limit 10 union all select null, sum(sent_bytes + received_bytes) as bytes from session_record sr2 where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and sr2.client_ip not in (select client_ip from session_record sr where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') group by client_ip order by sum(sent_bytes + received_bytes) desc limit 10)\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "APP Bitrate per server ip",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"SELECT app, round(median(traffic_bytes) * 8 / 1000 / 1000 / 300,2) AS \\\"Medain Mbits/s\\\", round(avg(traffic_bytes) * 8 / 1000 / 1000 / 300,2) AS \\\"AVG Mbits / s\\\", round(QUANTILE(traffic_bytes, 0.95) * 8 / 1000 / 1000 / 300,2) as \\\"P95 Mbits / s\\\" FROM ( SELECT app, toDateTime(intDiv(toUInt32(toDateTime(toDateTime(recv_time))),300) * 300) as stat_time, round(sum(sent_bytes + received_bytes)/ uniq(server_ip),2) as traffic_bytes FROM session_record as ss WHERE recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') GROUP BY stat_time, app ) group by app order by \\\"AVG Mbits / s\\\" desc\",\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "HTTP URL length distribution",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select round(max(url_length),2) as max, round(QUANTILE(url_length,0.9999),2) as p9999, round(QUANTILE(url_length,0.99),2) as p99, round(QUANTILE(url_length,0.95),2) as p95, round(QUANTILE(url_length,0.90),2) as p90, round(median(url_length),2) as p50 from (select length(http_url) as url_length from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and decoded_as='HTTP')\",\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "DNS RR length distribution",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select round(max(rr_length),2) as max, round(QUANTILE(rr_length,0.9999),2) as p9999, round(QUANTILE(rr_length,0.99),2) as p99, round(QUANTILE(rr_length,0.95),2) as p95, round(QUANTILE(rr_length,0.90),2) as p90, round(median(rr_length),2) as p50 from (select length(dns_rr) as rr_length from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and decoded_as='DNS')\",\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "SSL SAN length distribution",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select round(max(san_length),2) as max, round(QUANTILE(san_length,0.9999),2) as p9999, round(QUANTILE(san_length,0.99),2) as p99, round(QUANTILE(san_length,0.95),2) as p95, round(QUANTILE(san_length,0.90),2) as p90, round(median(san_length),2) as p50 from (select length(ssl_san) as san_length from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and decoded_as='SSL')\",\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Averages usage analysis",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select FROM_UNIXTIME(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT30m')) as stat_time, sum(in_bytes + out_bytes)*8/1800/1000/1000 as normal_rate_mbps, sum(in_bytes + out_bytes)/count(distinct(TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time), 'PT15s')))*8/15/1000/1000 as usage_rate_mbps from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) group by TIME_FLOOR_WITH_FILL(UNIX_TIMESTAMP(__time),'PT30m') order by stat_time asc \",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
},
|
||
"description": "平均速率的两种计算方式。例如计算5分钟的平均速率:\n\n- sum(bytes)/5分钟:若5分钟内仅有30秒产生流量,产生结果将不准确\n- sum(bytes)/活跃时间 : 其中活跃时间=count(distinct(统计时间))\\* 预聚合粒度\n - 统计时间:time_floor(时间字段,'PT15S')\n - 预聚合粒度: 存储到时序数据库的统计粒度"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top 100 slowest domains",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select server_domain as domain, round(avg(tcp_rtt_ms),0) avg_rtt_latency_ms from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') and notEmpty(server_domain) group by server_domain order by avg_rtt_latency_ms desc limit 100\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
},
|
||
"description": "平均速率的两种计算方式。例如计算5分钟的平均速率:\n\n- sum(bytes)/5分钟:若5分钟内仅有30秒产生流量,产生结果将不准确\n- sum(bytes)/活跃时间 : 其中活跃时间=count(distinct(统计时间))\\* 预聚合粒度\n - 统计时间:time_floor(时间字段,'PT15S')\n - 预聚合粒度: 存储到时序数据库的统计粒度"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Duplicate logs assessment",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\": \"select 'Session Records' as type, count(*) as num from (select log_id,count(*) as num from session_record where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') group by log_id having num >1) union all select 'Proxy Events' as type, count(*) as num from (select log_id,count(*) as num from proxy_event where recv_time >= UNIX_TIMESTAMP('{{start_time}}') and recv_time <UNIX_TIMESTAMP('{{end_time}}') group by log_id having num >1)\",\n \"exec_mode\": \"oneshot\"\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
},
|
||
"description": "平均速率的两种计算方式。例如计算5分钟的平均速率:\n\n- sum(bytes)/5分钟:若5分钟内仅有30秒产生流量,产生结果将不准确\n- sum(bytes)/活跃时间 : 其中活跃时间=count(distinct(统计时间))\\* 预聚合粒度\n - 统计时间:time_floor(时间字段,'PT15S')\n - 预聚合粒度: 存储到时序数据库的统计粒度"
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "List Datasets",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/dataset?identifier_names=current-network-throughput-trend,network-throughput-trend",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"dataset"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "identifier_names",
|
||
"value": "current-network-throughput-trend,network-throughput-trend"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Get Datasets by Identifier Name",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"disableBodyPruning": true
|
||
},
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"body": {
|
||
"mode": "urlencoded",
|
||
"urlencoded": []
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/dataset/current-network-throughput-trend",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"dataset",
|
||
"current-network-throughput-trend"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Preview Dataset query result",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"disableBodyPruning": true
|
||
},
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"body": {
|
||
"mode": "urlencoded",
|
||
"urlencoded": []
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/dataset/current-network-throughput-trend/result_preview",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"dataset",
|
||
"current-network-throughput-trend",
|
||
"result_preview"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Dataset Global Variable",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"disableBodyPruning": true
|
||
},
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"body": {
|
||
"mode": "urlencoded",
|
||
"urlencoded": []
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/dataset/global_variable",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"dataset",
|
||
"global_variable"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Database",
|
||
"item": [
|
||
{
|
||
"name": "Schema",
|
||
"item": [
|
||
{
|
||
"name": "Raw Logs",
|
||
"item": [
|
||
{
|
||
"name": "Session Records",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"disableBodyPruning": true
|
||
},
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"body": {
|
||
"mode": "urlencoded",
|
||
"urlencoded": []
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/session_record/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"session_record",
|
||
"schema"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Security Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/security_event/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"security_event",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Monitor Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/monitor_event/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"monitor_event",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Transaction Records",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/transaction_record/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"transaction_record",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Proxy Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/proxy_event/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"proxy_event",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "proxy_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "VoIP Records",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/voip_record/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"voip_record",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "DoS Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/dos_event/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"dos_event",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Assessment Events",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/assessment_event/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"assessment_event",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Metric Logs",
|
||
"item": [
|
||
{
|
||
"name": "Traffic General Metrics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/traffic_general_stat/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"traffic_general_stat",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Application Protocol Stat",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/application_protocol_stat/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"application_protocol_stat",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Security Policy Rule Hits",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/security_rule_hits/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"security_rule_hits",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Monitor Policy Rule Hits",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/monitor_rule_hits/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"monitor_rule_hits",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Proxy Policy Rule Hits",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/proxy_rule_hits/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"proxy_rule_hits",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Traffic Shaping Rule Hits",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/traffic_shaping_rule_hits/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"traffic_shaping_rule_hits",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Service Chaining Rule Hits",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/service_chaining_rule_hits/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"service_chaining_rule_hits",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Service Function Status",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/service_function_status/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"service_function_status",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Statistics Rule Hits",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/statistics_rule_hits/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"statistics_rule_hits",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Statistics Rule Metrics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/statistics_rule/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"statistics_rule",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Object Statistics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/object_statistics/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"object_statistics",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Client IPs",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/top_client_ips/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"top_client_ips",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server IPs",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/top_server_ips/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"top_server_ips",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Internal IPs",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/top_internal_ips/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"top_internal_ips",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top External IPs",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/top_external_ips/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"top_external_ips",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Subscribers",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/top_subscribers/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"top_subscribers",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server Domains",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/top_server_domains/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"top_server_domains",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top Server FQDNs",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/table/top_server_fqdns/schema",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"table",
|
||
"top_server_fqdns",
|
||
"schema"
|
||
]
|
||
},
|
||
"description": "security_event_log"
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "ClickHouse Tables",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/tsg_galaxy_v3/table",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"tsg_galaxy_v3",
|
||
"table"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Apache Druid Tables",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}//v1/database/druid/table",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"",
|
||
"v1",
|
||
"database",
|
||
"druid",
|
||
"table"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Storage Quota",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/storage/quota",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"storage",
|
||
"quota"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Storage Daily Usage",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"disableBodyPruning": true
|
||
},
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"body": {
|
||
"mode": "urlencoded",
|
||
"urlencoded": []
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/database/storage/quota/daily_usage?start_time=2023-12-01 00:00:00&end_time=2023-12-31 00:00:00",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"database",
|
||
"storage",
|
||
"quota",
|
||
"daily_usage"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "start_time",
|
||
"value": "2023-12-01 00:00:00"
|
||
},
|
||
{
|
||
"key": "end_time",
|
||
"value": "2023-12-31 00:00:00"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Util",
|
||
"item": [
|
||
{
|
||
"name": "ClickHouse",
|
||
"item": [
|
||
{
|
||
"name": "ClickHouse Endpoints",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201; "
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{clickhouse_ip}}:{{clickhouse_port}}?database={{clickhouse_database}}&user={{clickhouse_user}}&password={{clickhouse_password}}&query=SELECT DISTINCT concat(host_address,':','8123') as endpoint FROM system.clusters FORMAT JSONEachRow;",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{clickhouse_ip}}"
|
||
],
|
||
"port": "{{clickhouse_port}}",
|
||
"query": [
|
||
{
|
||
"key": "database",
|
||
"value": "{{clickhouse_database}}"
|
||
},
|
||
{
|
||
"key": "user",
|
||
"value": "{{clickhouse_user}}"
|
||
},
|
||
{
|
||
"key": "password",
|
||
"value": "{{clickhouse_password}}"
|
||
},
|
||
{
|
||
"key": "query",
|
||
"value": "SELECT DISTINCT concat(host_address,':','8123') as endpoint FROM system.clusters FORMAT JSONEachRow;"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Total Space",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{clickhouse_ip}}:{{clickhouse_port}}?database={{clickhouse_database}}&user={{clickhouse_user}}&password={{clickhouse_password}}&query=SELECT SUM(`total_space`)/1024/1024/1024/1024 as TB FROM system.disks_cluster format JSONEachRow",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{clickhouse_ip}}"
|
||
],
|
||
"port": "{{clickhouse_port}}",
|
||
"query": [
|
||
{
|
||
"key": "database",
|
||
"value": "{{clickhouse_database}}"
|
||
},
|
||
{
|
||
"key": "user",
|
||
"value": "{{clickhouse_user}}"
|
||
},
|
||
{
|
||
"key": "password",
|
||
"value": "{{clickhouse_password}}"
|
||
},
|
||
{
|
||
"key": "query",
|
||
"value": "SELECT SUM(`total_space`)/1024/1024/1024/1024 as TB FROM system.disks_cluster format JSONEachRow"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "ClickHouse Tables",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"tests[\"Successful POST request\"] = responseCode.code === 200 || responseCode.code === 201;"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{clickhouse_ip}}:{{clickhouse_port}}?database={{clickhouse_database}}&user={{clickhouse_user}}&password={{clickhouse_password}}&query=SELECT DISTINCT(name) FROM system.tables_cluster WHERE database = 'tsg_galaxy_v3' AND engine in ('MergeTree','ReplicatedMergeTree') FORMAT JSONEachRow;",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{clickhouse_ip}}"
|
||
],
|
||
"port": "{{clickhouse_port}}",
|
||
"query": [
|
||
{
|
||
"key": "database",
|
||
"value": "{{clickhouse_database}}"
|
||
},
|
||
{
|
||
"key": "user",
|
||
"value": "{{clickhouse_user}}"
|
||
},
|
||
{
|
||
"key": "password",
|
||
"value": "{{clickhouse_password}}"
|
||
},
|
||
{
|
||
"key": "query",
|
||
"value": "SELECT DISTINCT(name) FROM system.tables_cluster WHERE database = 'tsg_galaxy_v3' AND engine in ('MergeTree','ReplicatedMergeTree') FORMAT JSONEachRow;"
|
||
}
|
||
]
|
||
},
|
||
"description": "根据不同的ip查询所有clickhouse的表"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "View which settings have been changed from the default",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{clickhouse_ip}}:{{clickhouse_port}}?database={{clickhouse_database}}&user={{clickhouse_user}}&password={{clickhouse_password}}&query=SELECT\n name,\n value\nFROM system.settings\nWHERE changed FORMAT JSONEachRow",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{clickhouse_ip}}"
|
||
],
|
||
"port": "{{clickhouse_port}}",
|
||
"query": [
|
||
{
|
||
"key": "database",
|
||
"value": "{{clickhouse_database}}"
|
||
},
|
||
{
|
||
"key": "user",
|
||
"value": "{{clickhouse_user}}"
|
||
},
|
||
{
|
||
"key": "password",
|
||
"value": "{{clickhouse_password}}"
|
||
},
|
||
{
|
||
"key": "option",
|
||
"value": "long-term",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "resultId",
|
||
"value": "129494",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "query",
|
||
"value": "SELECT\n name,\n value\nFROM system.settings\nWHERE changed FORMAT JSONEachRow"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Show disk storage, number of parts",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{clickhouse_ip}}:{{clickhouse_port}}?database={{clickhouse_database}}&user={{clickhouse_user}}&password={{clickhouse_password}}&query=SELECT\n database,\n table,\n partition,\n count() AS parts,\n formatReadableSize(sum(bytes_on_disk)) AS bytes_on_disk, \n formatReadableQuantity(sum(rows)) AS rows,\n sum(marks) AS marks\nFROM system.parts_cluster pc \nWHERE (database != 'system') AND active\nGROUP BY\n database,\n table,\n partition\nORDER BY database ASC FORMAT JSONEachRow",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{clickhouse_ip}}"
|
||
],
|
||
"port": "{{clickhouse_port}}",
|
||
"query": [
|
||
{
|
||
"key": "database",
|
||
"value": "{{clickhouse_database}}"
|
||
},
|
||
{
|
||
"key": "user",
|
||
"value": "{{clickhouse_user}}"
|
||
},
|
||
{
|
||
"key": "password",
|
||
"value": "{{clickhouse_password}}"
|
||
},
|
||
{
|
||
"key": "option",
|
||
"value": "long-term",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "resultId",
|
||
"value": "129494",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "query",
|
||
"value": "SELECT\n database,\n table,\n partition,\n count() AS parts,\n formatReadableSize(sum(bytes_on_disk)) AS bytes_on_disk, \n formatReadableQuantity(sum(rows)) AS rows,\n sum(marks) AS marks\nFROM system.parts_cluster pc \nWHERE (database != 'system') AND active\nGROUP BY\n database,\n table,\n partition\nORDER BY database ASC FORMAT JSONEachRow"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Get the size of all your tables",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{clickhouse_ip}}:{{clickhouse_port}}?database={{clickhouse_database}}&user={{clickhouse_user}}&password={{clickhouse_password}}&query=\nSELECT \n\ttable,\n formatReadableSize(sum(bytes)) as size\n FROM system.parts_cluster pc\n WHERE active\nGROUP BY table FORMAT JSONEachRow",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{clickhouse_ip}}"
|
||
],
|
||
"port": "{{clickhouse_port}}",
|
||
"query": [
|
||
{
|
||
"key": "database",
|
||
"value": "{{clickhouse_database}}"
|
||
},
|
||
{
|
||
"key": "user",
|
||
"value": "{{clickhouse_user}}"
|
||
},
|
||
{
|
||
"key": "password",
|
||
"value": "{{clickhouse_password}}"
|
||
},
|
||
{
|
||
"key": "option",
|
||
"value": "long-term",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "resultId",
|
||
"value": "129494",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "query",
|
||
"value": "\nSELECT \n\ttable,\n formatReadableSize(sum(bytes)) as size\n FROM system.parts_cluster pc\n WHERE active\nGROUP BY table FORMAT JSONEachRow"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Row count and average day size of your table",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{clickhouse_ip}}:{{clickhouse_port}}?database={{clickhouse_database}}&user={{clickhouse_user}}&password={{clickhouse_password}}&query=\nSELECT\n table, formatReadableSize(size) AS size,\n rows,\n days,\n formatReadableSize(avgDaySize) AS avgDaySize\nFROM\n(\n SELECT\n table,\n sum(bytes) AS size,\n sum(rows) AS rows,\n min(min_date) AS min_date,\n max(max_date) AS max_date,\n max_date - min_date AS days,\n size / (max_date - min_date) AS avgDaySize\n FROM system.parts_cluster pc\n WHERE active\n GROUP BY table\n ORDER BY rows DESC\n) FORMAT JSONEachRow",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{clickhouse_ip}}"
|
||
],
|
||
"port": "{{clickhouse_port}}",
|
||
"query": [
|
||
{
|
||
"key": "database",
|
||
"value": "{{clickhouse_database}}"
|
||
},
|
||
{
|
||
"key": "user",
|
||
"value": "{{clickhouse_user}}"
|
||
},
|
||
{
|
||
"key": "password",
|
||
"value": "{{clickhouse_password}}"
|
||
},
|
||
{
|
||
"key": "option",
|
||
"value": "long-term",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "resultId",
|
||
"value": "129494",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "query",
|
||
"value": "\nSELECT\n table, formatReadableSize(size) AS size,\n rows,\n days,\n formatReadableSize(avgDaySize) AS avgDaySize\nFROM\n(\n SELECT\n table,\n sum(bytes) AS size,\n sum(rows) AS rows,\n min(min_date) AS min_date,\n max(max_date) AS max_date,\n max_date - min_date AS days,\n size / (max_date - min_date) AS avgDaySize\n FROM system.parts_cluster pc\n WHERE active\n GROUP BY table\n ORDER BY rows DESC\n) FORMAT JSONEachRow"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Compression columns percentage",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{clickhouse_ip}}:{{clickhouse_port}}?database={{clickhouse_database}}&user={{clickhouse_user}}&password={{clickhouse_password}}&query=SELECT\n parts.*,\n columns.compressed_size,\n columns.uncompressed_size,\n columns.compression_ratio,\n columns.compression_percentage\nFROM\n(\n SELECT\n table,\n formatReadableSize(sum(data_uncompressed_bytes)) AS uncompressed_size,\n formatReadableSize(sum(data_compressed_bytes)) AS compressed_size,\n round(sum(data_compressed_bytes) / sum(data_uncompressed_bytes), 3) AS compression_ratio,\n round(100 - ((sum(data_compressed_bytes) * 100) / sum(data_uncompressed_bytes)), 3) AS compression_percentage\n FROM system.columns_cluster cc\n GROUP BY table\n) AS columns\nRIGHT JOIN\n(\n SELECT\n table,\n sum(rows) AS rows,\n max(modification_time) AS latest_modification,\n formatReadableSize(sum(bytes)) AS disk_size,\n formatReadableSize(sum(primary_key_bytes_in_memory)) AS primary_keys_size,\n any(engine) AS engine,\n sum(bytes) AS bytes_size\n FROM system.parts_cluster pc\n WHERE active\n GROUP BY\n database,\n table\n) AS parts ON columns.table = parts.table\nORDER BY parts.bytes_size DESC FORMAT JSONEachRow",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{clickhouse_ip}}"
|
||
],
|
||
"port": "{{clickhouse_port}}",
|
||
"query": [
|
||
{
|
||
"key": "database",
|
||
"value": "{{clickhouse_database}}"
|
||
},
|
||
{
|
||
"key": "user",
|
||
"value": "{{clickhouse_user}}"
|
||
},
|
||
{
|
||
"key": "password",
|
||
"value": "{{clickhouse_password}}"
|
||
},
|
||
{
|
||
"key": "option",
|
||
"value": "long-term",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "resultId",
|
||
"value": "129494",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "query",
|
||
"value": "SELECT\n parts.*,\n columns.compressed_size,\n columns.uncompressed_size,\n columns.compression_ratio,\n columns.compression_percentage\nFROM\n(\n SELECT\n table,\n formatReadableSize(sum(data_uncompressed_bytes)) AS uncompressed_size,\n formatReadableSize(sum(data_compressed_bytes)) AS compressed_size,\n round(sum(data_compressed_bytes) / sum(data_uncompressed_bytes), 3) AS compression_ratio,\n round(100 - ((sum(data_compressed_bytes) * 100) / sum(data_uncompressed_bytes)), 3) AS compression_percentage\n FROM system.columns_cluster cc\n GROUP BY table\n) AS columns\nRIGHT JOIN\n(\n SELECT\n table,\n sum(rows) AS rows,\n max(modification_time) AS latest_modification,\n formatReadableSize(sum(bytes)) AS disk_size,\n formatReadableSize(sum(primary_key_bytes_in_memory)) AS primary_keys_size,\n any(engine) AS engine,\n sum(bytes) AS bytes_size\n FROM system.parts_cluster pc\n WHERE active\n GROUP BY\n database,\n table\n) AS parts ON columns.table = parts.table\nORDER BY parts.bytes_size DESC FORMAT JSONEachRow"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Find queries that are stuck",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{clickhouse_ip}}:{{clickhouse_port}}?database={{clickhouse_database}}&user={{clickhouse_user}}&password={{clickhouse_password}}&query=SELECT elapsed, initial_user, client_name, hostname(), query_id, query FROM system.processes AS pc ORDER BY elapsed DESC format JSONEachRow",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{clickhouse_ip}}"
|
||
],
|
||
"port": "{{clickhouse_port}}",
|
||
"query": [
|
||
{
|
||
"key": "database",
|
||
"value": "{{clickhouse_database}}"
|
||
},
|
||
{
|
||
"key": "user",
|
||
"value": "{{clickhouse_user}}"
|
||
},
|
||
{
|
||
"key": "password",
|
||
"value": "{{clickhouse_password}}"
|
||
},
|
||
{
|
||
"key": "option",
|
||
"value": "long-term",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "resultId",
|
||
"value": "129494",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "query",
|
||
"value": "SELECT elapsed, initial_user, client_name, hostname(), query_id, query FROM system.processes AS pc ORDER BY elapsed DESC format JSONEachRow"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Errors in SQL Queries",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"SELECT initial_query_id, type as error_type, query_start_time, intDiv(query_duration_ms,1000) as query_duration_s , query , exception, initial_user , http_user_agent , initial_address FROM system.query_log_cluster where type IN ('ExceptionBeforeStart', 'ExceptionWhileProcessing') and initial_query_id = query_id and event_time > (now()-86400) and event_time < now() order by event_time desc limit 100\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Historical Slow Queries",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select databases, initial_query_id , query, event_time, intDiv(query_duration_ms,1000) as query_duration_s, read_rows , read_bytes , initial_user, http_user_agent, initial_address from system.query_log_cluster where query_kind = 'Select' and query_start_time>(now()-86400) and initial_query_id = query_id and type IN ('QueryFinish') order by query_duration_ms desc limit 100\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Most Frequent Query Columns",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select arrayJoin(columns) as used_columns, count() as columns_num from system.query_log_cluster where query_kind = 'Select' and query_start_time>(now()-86400) and initial_query_id = query_id and type IN ('QueryFinish') group by used_columns order by columns_num desc limit 100\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Aggregate Queries Latency Statistics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select\\n anyLast(query) as sql,\\n intDiv(avg(query_duration_ms),1000) as avg_query_duration_s,\\n intDiv(max(query_duration_ms),1000) as max_query_duration_s,\\n QUANTILE(query_duration_ms, 0.95)/1000 as p95_query_duration_s, \\n max(read_rows) ,\\n anyLast(http_user_agent) as last_http_user_agent,\\n used_aggregate_functions,\\n count() as query_count\\nfrom\\n system.query_log_cluster\\nwhere\\n query_kind = 'Select'\\n and query_start_time>(now()-86400)\\n and initial_query_id = query_id\\n and type IN ('QueryFinish')\\n and empty(used_aggregate_functions ) = 0\\ngroup by\\n toString(used_functions),\\n toString(used_aggregate_functions ),\\n toString(columns)\\norder by\\n avg_query_duration_s desc\\nlimit 100\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Aggregate Queries Resource Usage Statistics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select anyLast(query) as sql, intDiv(avg(query_duration_ms),1000) as avg_query_duration_s, toInt64(avg(memory_usage))/1024/1024 as avg_memory_MB, used_aggregate_functions, avg(ProfileEvents['FileOpen']) as FileOpen, avg(ProfileEvents['DiskReadElapsedMicroseconds'])/1000000 as DiskRead_s,count() as query_count from system.query_log_cluster where query_kind = 'Select' and query_start_time>(now()-86400) and initial_query_id != query_id and type IN ('QueryFinish') and empty(used_aggregate_functions ) = 0 group by toString(used_functions), toString(used_aggregate_functions ), toString(columns) order by avg_memory_MB desc limit 100\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Top 10 Queries using the most CPU and memory",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"SELECT type, event_time, initial_query_id, formatReadableSize(memory_usage) AS memory, \n `ProfileEvents.Values`[indexOf(`ProfileEvents.Names`, 'UserTimeMicroseconds')] AS userCPU,\n `ProfileEvents.Values`[indexOf(`ProfileEvents.Names`, 'SystemTimeMicroseconds')] AS systemCPU, normalizedQueryHash(query) AS normalized_query_hash FROM system.query_log_cluster where query_start_time>(now()-86400) ORDER BY memory_usage DESC LIMIT 10\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Apache Druid",
|
||
"item": [
|
||
{
|
||
"name": "used_size",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\r\n \"query\": \"SELECT SUM(curr_size)/1024/1024/1024 AS curr_size_GB FROM sys.servers WHERE server_type = 'historical'\",\r\n \"context\": {\r\n \"skipEmptyBuckets\": \"false\"\r\n },\r\n \"resultFormat\": \"object\"\r\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{druid_ip}}"
|
||
],
|
||
"port": "{{druid_port}}",
|
||
"path": [
|
||
"druid",
|
||
"v2",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "max_size",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\r\n \"query\": \"SELECT SUM(max_size)/1024/1024/1024 AS max_size_GB FROM sys.servers WHERE server_type = 'historical'\",\r\n \"context\": {\r\n \"skipEmptyBuckets\": \"false\"\r\n },\r\n \"resultFormat\": \"object\"\r\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{druid_ip}}"
|
||
],
|
||
"port": "{{druid_port}}",
|
||
"path": [
|
||
"druid",
|
||
"v2",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Report and Metrics",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\"query\":\"SELECT used_size/1024/1024/1024 as used_size_GB FROM sys_storage_log WHERE log_type = 'Report and Metrics' ORDER BY __time DESC LIMIT 1\",\"context\":{\"skipEmptyBuckets\":\"false\"},\"resultFormat\":\"object\"}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{druid_ip}}"
|
||
],
|
||
"port": "{{druid_port}}",
|
||
"path": [
|
||
"druid",
|
||
"v2",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "The Latest Ingestion Date for Druid",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\"query\":\"SELECT version FROM sys.segments WHERE version LIKE '2%' ORDER BY version DESC LIMIT 1\"}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{druid_ip}}"
|
||
],
|
||
"port": "{{druid_port}}",
|
||
"path": [
|
||
"druid",
|
||
"v2",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "The Earliest Ingestion Date for Druid",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\r\n \"query\": \"SELECT \\\"start\\\" FROM sys.segments order by \\\"start\\\" limit 1\"\r\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{druid_ip}}"
|
||
],
|
||
"port": "{{druid_port}}",
|
||
"path": [
|
||
"druid",
|
||
"v2",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Druid Tables",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\r\n \"query\": \"SELECT datasource FROM sys.tasks group by datasource\",\r\n \"context\": {\r\n \"skipEmptyBuckets\": \"false\"\r\n },\r\n \"resultFormat\": \"object\"\r\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/v2/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{druid_ip}}"
|
||
],
|
||
"port": "{{druid_port}}",
|
||
"path": [
|
||
"druid",
|
||
"v2",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Average usage analysis in druid",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});",
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
},
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"exec": [
|
||
""
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"followOriginalHttpMethod": false,
|
||
"followRedirects": false
|
||
},
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"statement\" : \"select time_floor(__time,'PT30m') as stat_time, sum(in_bytes + out_bytes)*8/1800/1000/1000 as normal_rate_mbps, sum(in_bytes + out_bytes)/count(distinct(time_floor(__time,'PT15S')))*8/15/1000/1000 as usage_rate_mbps from traffic_general_stat where __time >= '{{start_time}}' and __time < '{{end_time}}' and vsys_id in (1) group by time_floor(__time,'PT30m') order by stat_time asc\" ,\n \"output_mode\":\"json\",\n \"exec_mode\":\"oneshot\"\n\n}",
|
||
"options": {
|
||
"raw": {
|
||
"language": "json"
|
||
}
|
||
}
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/query/sql",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"query",
|
||
"sql"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "password-generator",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "POST",
|
||
"header": [
|
||
{
|
||
"warning": "This is a duplicate header and will be overridden by the Content-Type header generated by Postman.",
|
||
"key": "Content-Type",
|
||
"value": "application/json",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"body": {
|
||
"mode": "raw",
|
||
"raw": "{\n \"password\":\"1234\",\n \"salt\":\"galaxy\"\n}"
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/util/password_generator",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"util",
|
||
"password_generator"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "sql-parser",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"protocolProfileBehavior": {
|
||
"disableBodyPruning": true
|
||
},
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"body": {
|
||
"mode": "urlencoded",
|
||
"urlencoded": []
|
||
},
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/util/sql_parser?sql=select * from session_record limit 1",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"util",
|
||
"sql_parser"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "sql",
|
||
"value": "select * from session_record limit 1"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Troubleshooting",
|
||
"item": [
|
||
{
|
||
"name": "component-health-status",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/troubleshooting/component/status",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"troubleshooting",
|
||
"component",
|
||
"status"
|
||
]
|
||
},
|
||
"description": "查询数据引擎引用的数据库健康状态及目前的配置。"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "ttl-consistency-test",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/troubleshooting/sanity?test=ttl_consistency",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"troubleshooting",
|
||
"sanity"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "test",
|
||
"value": "ttl_consistency"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "schema-consistency-test",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/troubleshooting/sanity?test=schema_consistency",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"troubleshooting",
|
||
"sanity"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "test",
|
||
"value": "schema_consistency"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "dataset-verification-test",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/troubleshooting/sanity?test=dataset_verification",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"troubleshooting",
|
||
"sanity"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "test",
|
||
"value": "dataset_verification"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "sql-benchmark-test",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/troubleshooting/benchmark?test=sql_benchmark_dataset&is_saved=0",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"troubleshooting",
|
||
"benchmark"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "test",
|
||
"value": "sql_benchmark_dataset"
|
||
},
|
||
{
|
||
"key": "is_saved",
|
||
"value": "0"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "apache-druid-task-status",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
"",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{druid_ip}}:{{druid_port}}/druid/indexer/v1/supervisor?state=true",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{druid_ip}}"
|
||
],
|
||
"port": "{{druid_port}}",
|
||
"path": [
|
||
"druid",
|
||
"indexer",
|
||
"v1",
|
||
"supervisor"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "state",
|
||
"value": "true"
|
||
}
|
||
]
|
||
},
|
||
"description": "1. 将环境切换至 druid\r\n\r\n2. 执行此接口,如果接口正常返回数据,代表druid服务运行正常"
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "saved-query-scheduler-status",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{report_ip}}:{{report_port}}/monitor",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{report_ip}}"
|
||
],
|
||
"port": "{{report_port}}",
|
||
"path": [
|
||
"monitor"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "hos-status",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [],
|
||
"url": {
|
||
"raw": "http://{{hos_ip}}:{{hos_port}}/admin/verification",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{hos_ip}}"
|
||
],
|
||
"port": "{{hos_port}}",
|
||
"path": [
|
||
"admin",
|
||
"verification"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "HOS",
|
||
"item": [
|
||
{
|
||
"name": "Get File List",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/hos/troubleshooting_file_bucket?prefix=1",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"hos",
|
||
"troubleshooting_file_bucket"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "prefix",
|
||
"value": "1"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Test All Buckets",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Token",
|
||
"type": "text",
|
||
"value": "{{hos_token}}"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{hos_ip}}:{{hos_port}}/hos/",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{hos_ip}}"
|
||
],
|
||
"port": "{{hos_port}}",
|
||
"path": [
|
||
"hos",
|
||
""
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "AccessKey",
|
||
"value": "default",
|
||
"disabled": true
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Test List Objects",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Token",
|
||
"type": "text",
|
||
"value": "{{hos_token}}"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{hos_ip}}:{{hos_port}}/hos/pcap_file_bucket/?max-keys=100",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{hos_ip}}"
|
||
],
|
||
"port": "{{hos_port}}",
|
||
"path": [
|
||
"hos",
|
||
"pcap_file_bucket",
|
||
""
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "AccessKey",
|
||
"value": "default",
|
||
"disabled": true
|
||
},
|
||
{
|
||
"key": "max-keys",
|
||
"value": "100"
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Test Get Object Metadata",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Token",
|
||
"type": "text",
|
||
"value": "{{hos_token}}"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{hos_ip}}:{{hos_port}}/hos/default/galaxy-hos.txt?metadata=",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{hos_ip}}"
|
||
],
|
||
"port": "{{hos_port}}",
|
||
"path": [
|
||
"hos",
|
||
"default",
|
||
"galaxy-hos.txt"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "metadata",
|
||
"value": ""
|
||
},
|
||
{
|
||
"key": "AccessKey",
|
||
"value": "default",
|
||
"disabled": true
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
},
|
||
{
|
||
"name": "Test Get a File",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Token",
|
||
"type": "text",
|
||
"value": "{{hos_token}}"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{hos_ip}}:{{hos_port}}/hos/default/galaxy-hos.txt",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{hos_ip}}"
|
||
],
|
||
"port": "{{hos_port}}",
|
||
"path": [
|
||
"hos",
|
||
"default",
|
||
"galaxy-hos.txt"
|
||
],
|
||
"query": [
|
||
{
|
||
"key": "AccessKey",
|
||
"value": "default",
|
||
"disabled": true
|
||
}
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
},
|
||
{
|
||
"name": "Knowledge Base File",
|
||
"item": [
|
||
{
|
||
"name": "Get List",
|
||
"event": [
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"exec": [
|
||
"pm.test(\"Status code is 200\", function () {",
|
||
" pm.response.to.have.status(200);",
|
||
"});"
|
||
],
|
||
"type": "text/javascript"
|
||
}
|
||
}
|
||
],
|
||
"request": {
|
||
"method": "GET",
|
||
"header": [
|
||
{
|
||
"key": "Content-Type",
|
||
"value": "application/x-www-form-urlencoded",
|
||
"type": "text"
|
||
}
|
||
],
|
||
"url": {
|
||
"raw": "http://{{qgw_ip}}:{{qgw_port}}/v1/knowledge_base",
|
||
"protocol": "http",
|
||
"host": [
|
||
"{{qgw_ip}}"
|
||
],
|
||
"port": "{{qgw_port}}",
|
||
"path": [
|
||
"v1",
|
||
"knowledge_base"
|
||
]
|
||
}
|
||
},
|
||
"response": []
|
||
}
|
||
]
|
||
}
|
||
],
|
||
"event": [
|
||
{
|
||
"listen": "prerequest",
|
||
"script": {
|
||
"type": "text/javascript",
|
||
"exec": [
|
||
"var startDate = new Date(Date.now()-86400000);",
|
||
"var start_time = startDate.getFullYear().toString() + \"-\" +",
|
||
" (startDate.getMonth() + 1).toString().padStart(2, '0') + \"-\" +",
|
||
" startDate.getDate().toString().padStart(2, '0') + \" \" +",
|
||
" startDate.getHours().toString().padStart(2, '0') + \":\" +",
|
||
" startDate.getMinutes().toString().padStart(2, '0') + \":\" +",
|
||
" startDate.getSeconds().toString().padStart(2, '0');",
|
||
"",
|
||
"pm.globals.set(\"start_time\", start_time);",
|
||
"var endDate = new Date(Date.now());",
|
||
"var end_time = endDate.getFullYear().toString() + \"-\" +",
|
||
" (endDate.getMonth() + 1).toString().padStart(2, '0') + \"-\" +",
|
||
" endDate.getDate().toString().padStart(2, '0') + \" \" +",
|
||
" endDate.getHours().toString().padStart(2, '0') + \":\" +",
|
||
" endDate.getMinutes().toString().padStart(2, '0') + \":\" +",
|
||
" endDate.getSeconds().toString().padStart(2, '0'); ",
|
||
"pm.globals.set(\"end_time\", end_time);",
|
||
"pm.globals.set(\"domain\",pm.variables.replaceIn('{{$randomDomainName}}'));",
|
||
"pm.globals.set(\"client_ip\",pm.variables.replaceIn('{{$randomIP}}'));",
|
||
"pm.globals.set(\"server_ip\",pm.variables.replaceIn('{{$randomIP}}'));",
|
||
""
|
||
]
|
||
}
|
||
},
|
||
{
|
||
"listen": "test",
|
||
"script": {
|
||
"type": "text/javascript",
|
||
"exec": [
|
||
""
|
||
]
|
||
}
|
||
}
|
||
]
|
||
} |