add file

README.md

@@ -0,0 +1,4 @@
+## Generate Baselines (for Dos Detection)
+
+### 主要功能
+根据功能端提供的一元组Top日志，对服务端IP会话数生成动态基线，并保存至Hbase。

src/main/resources/application.properties

@@ -17,7 +17,7 @@ hbase.zookeeper.client.port=2181
 #读取druid时间范围方式，
 # 0：读取默认范围天数read.historical.days；
 # 1：指定时间范围
-read.druid.time.limit.type=1
+read.druid.time.limit.type=0
 read.druid.min.time=1627747200000
 read.druid.max.time=1630425600000
 
@@ -25,7 +25,7 @@ read.druid.max.time=1630425600000
 druid.attacktype.tcpsynflood=TCP SYN Flood
 druid.attacktype.udpflood=UDP Flood
 druid.attacktype.icmpflood=ICMP Flood
-druid.attacktype.dnsamplification=DNS Amplification
+druid.attacktype.dnsamplification=DNS Flood
 druid.columnname.serverip=destination_ip
 druid.columnname.attacktype=attack_type
 druid.columnname.recvtime=__time
@@ -69,8 +69,8 @@ monitor.frequency.bin.num=100
 ################ 并发参数 #################
 ##########################################
 all.partition.num=100
-max.pool.size=1
+core.pool.size=10
-core.pool.size=3
+max.pool.size=10
 #druid分区字段partition_num的最大值为9999
 druid.statement.query.timeout=36000
 druid.partition.num.max=10000

src/main/resources/log4j.properties

@@ -5,7 +5,7 @@ log4j.logger.org.apache.http.wire=OFF
 #Log4j
 log4j.rootLogger=debug,console,file
 log4j.appender.console=org.apache.log4j.ConsoleAppender
-log4j.appender.console.Threshold=info
+log4j.appender.console.Threshold=debug
 log4j.appender.console.layout=org.apache.log4j.PatternLayout
 log4j.appender.console.layout.ConversionPattern=[%d{yyyy-MM-dd HH\:mm\:ss}] [%-5p] [Thread\:%t] %l %x - <%m>%n