diff --git a/src/main/java/com/zdjizhi/etl/DosDetection.java b/src/main/java/com/zdjizhi/etl/DosDetection.java
index 9c66bcf..6e958e1 100644
--- a/src/main/java/com/zdjizhi/etl/DosDetection.java
+++ b/src/main/java/com/zdjizhi/etl/DosDetection.java
@@ -1,5 +1,6 @@
 package com.zdjizhi.etl;
 
+import cn.hutool.core.math.MathUtil;
 import cn.hutool.log.Log;
 import cn.hutool.log.LogFactory;
 import com.zdjizhi.common.*;
@@ -121,21 +122,40 @@ public class DosDetection extends BroadcastProcessFunction<DosSketchLog,Map<Stri
 
     private DosEventLog getDosEventLogByStaticThreshold(DosSketchLog value, DosDetectionThreshold threshold) throws CloneNotSupportedException {
         long base = threshold.getSessionsPerSec();
-        long diff = value.getSketch_sessions() - base;
-        long profileId = threshold.getProfileId();
-        DosEventLog result = getDosEventLog(value, base, diff, profileId, STATIC_CONDITION_TYPE, SESSIONS_TAG);
-        if (result == null) {
-            base = threshold.getPacketsPerSec();
-            diff = value.getSketch_packets() - base;
+        long diffSession = value.getSketch_sessions() - base;
+        long diffPkt = value.getSketch_packets() - base;
+        long diffByte = value.getSketch_bytes() - base;
+        long profileId = 0;
+        DosEventLog result =null;
+//        long max =(value.getSketch_sessions()>value.getSketch_packets()?value.getSketch_sessions():value.getSketch_packets())>value.getSketch_bytes()?(value.getSketch_sessions()>value.getSketch_packets()?value.getSketch_sessions():value.getSketch_packets()):value.getSketch_bytes();
+        if (diffSession>diffPkt && diffSession> diffByte){
             profileId = threshold.getProfileId();
-            result = getDosEventLog(value, base, diff,profileId, STATIC_CONDITION_TYPE, PACKETS_TAG);
-            if (result == null) {
-                base = threshold.getBitsPerSec();
-                diff = value.getSketch_bytes() - base;
-                profileId=threshold.getProfileId();
-                result = getDosEventLog(value, base, diff, profileId, STATIC_CONDITION_TYPE, BITS_TAG);
-            }
+            result= getDosEventLog(value, base, diffSession, profileId, STATIC_CONDITION_TYPE, SESSIONS_TAG);
+        }else if (diffPkt>diffSession && diffPkt>diffByte){
+            profileId = threshold.getProfileId();
+            result = getDosEventLog(value, base, diffPkt,profileId, STATIC_CONDITION_TYPE, PACKETS_TAG);
+        }else if (diffByte>diffPkt&&diffByte>diffSession){
+            profileId = threshold.getProfileId();
+            result = getDosEventLog(value, base, diffByte, profileId, STATIC_CONDITION_TYPE, BITS_TAG);
         }
+
+
+//        long base = threshold.getSessionsPerSec();
+//        long diff = value.getSketch_sessions() - base;
+//        long profileId = threshold.getProfileId();
+//        DosEventLog result = getDosEventLog(value, base, diff, profileId, STATIC_CONDITION_TYPE, SESSIONS_TAG);
+//        if (result == null) {
+//            base = threshold.getPacketsPerSec();
+//            diff = value.getSketch_packets() - base;
+//            profileId = threshold.getProfileId();
+//            result = getDosEventLog(value, base, diff,profileId, STATIC_CONDITION_TYPE, PACKETS_TAG);
+//            if (result == null) {
+//                base = threshold.getBitsPerSec();
+//                diff = value.getSketch_bytes() - base;
+//                profileId=threshold.getProfileId();
+//                result = getDosEventLog(value, base, diff, profileId, STATIC_CONDITION_TYPE, BITS_TAG);
+//            }
+//        }
         /*
         ArrayList<DosEventLog> dosEventLogs = new ArrayList<>();
         if (result != null){
@@ -190,7 +210,8 @@ public class DosDetection extends BroadcastProcessFunction<DosSketchLog,Map<Stri
         dosEventLog.setProfile_id(profileId);
         dosEventLog.setAttack_type(value.getAttack_type());
         dosEventLog.setSeverity(severity.severity);
-        dosEventLog.setConditions(getConditions(PERCENT_INSTANCE.format(percent), base, value.getSketch_sessions(), type, tag));
+//        dosEventLog.setConditions(getConditions(PERCENT_INSTANCE.format(percent), base, value.getSketch_sessions(), type, tag));
+        dosEventLog.setConditions(getConditions(percent, base, value.getSketch_sessions(), type, tag,dosEventLog));
         dosEventLog.setDestination_ip(value.getDestination_ip());
         dosEventLog.setDestination_country(IpUtils.ipLookup.countryLookup(value.getDestination_ip()));
         String ipList = value.getSource_ip();
@@ -227,15 +248,27 @@ public class DosDetection extends BroadcastProcessFunction<DosSketchLog,Map<Stri
         return base;
     }
 
-    private String getConditions(String percent, long base, long sessions, int type, String tag) {
+    private String getConditions(double percent, long base, long sessions, int type, String tag,DosEventLog dosEventLog) {
+        int condition =0;
+        if ("Minor".equals(dosEventLog.getSeverity())){
+            condition=50;
+        }else if ("Warning".equals(dosEventLog.getSeverity())){
+            condition=100;
+        }else if ("Major".equals(dosEventLog.getSeverity())){
+            condition=250;
+        }else if ("Severe".equals(dosEventLog.getSeverity())){
+            condition=500;
+        }else if ("Critical".equals(dosEventLog.getSeverity())){
+            condition =800;
+        }
         switch (type) {
             case STATIC_CONDITION_TYPE:
                 return "Rate > " +
                         base + " " +
-                        tag + "/s";
+                        tag + "/s" + "(>"+condition+"%)";
             case BASELINE_CONDITION_TYPE:
                 return tag + " > " +
-                        percent + " of baseline";
+                        PERCENT_INSTANCE.format(percent) + " of baseline";
             case SENSITIVITY_CONDITION_TYPE:
                 return String.valueOf(sessions) + " " +
                         tag + "/s Unusually high " +