diff --git a/src/main/java/cn/mesalab/config/ApplicationConfig.java b/src/main/java/cn/mesalab/config/ApplicationConfig.java index f492223..361bd51 100644 --- a/src/main/java/cn/mesalab/config/ApplicationConfig.java +++ b/src/main/java/cn/mesalab/config/ApplicationConfig.java @@ -31,6 +31,7 @@ public class ApplicationConfig { public static final String DRUID_ATTACKTYPE_UDP_FLOOD = ConfigUtils.getStringProperty("druid.attacktype.udpflood"); public static final String DRUID_ATTACKTYPE_ICMP_FLOOD = ConfigUtils.getStringProperty("druid.attacktype.icmpflood"); public static final String DRUID_ATTACKTYPE_DNS_AMPL = ConfigUtils.getStringProperty("druid.attacktype.dnsamplification"); + public static final String DRUID_ATTACKTYPE_NTP_FLOOD = ConfigUtils.getStringProperty("druid.attacktype.ntpflood"); public static final String DRUID_SERVERIP_COLUMN_NAME = ConfigUtils.getStringProperty("druid.columnname.serverip"); public static final String DRUID_VSYSID_COLUMN_NAME = ConfigUtils.getStringProperty("druid.columnname.vsysid"); public static final String DRUID_ATTACKTYPE_COLUMN_NAME = ConfigUtils.getStringProperty("druid.columnname.attacktype"); diff --git a/src/main/java/cn/mesalab/service/BaselineGeneration.java b/src/main/java/cn/mesalab/service/BaselineGeneration.java index 1bd0e4d..cce45d7 100644 --- a/src/main/java/cn/mesalab/service/BaselineGeneration.java +++ b/src/main/java/cn/mesalab/service/BaselineGeneration.java @@ -23,7 +23,8 @@ public class BaselineGeneration { ApplicationConfig.DRUID_ATTACKTYPE_TCP_SYN_FLOOD, ApplicationConfig.DRUID_ATTACKTYPE_ICMP_FLOOD, ApplicationConfig.DRUID_ATTACKTYPE_UDP_FLOOD, - ApplicationConfig.DRUID_ATTACKTYPE_DNS_AMPL + ApplicationConfig.DRUID_ATTACKTYPE_DNS_AMPL, + ApplicationConfig.DRUID_ATTACKTYPE_NTP_FLOOD ); private static final Integer BASELINE_POINT_NUM = ApplicationConfig.BASELINE_RANGE_DAYS * 24 * (60/ApplicationConfig.HISTORICAL_GRAD); diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index e730145..7f4a036 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,15 +1,12 @@ ############## 数据库配置 ############### ########################################## #Druid配置 -#druid.url=jdbc:avatica:remote:url=http://10.111.200.180:8089/druid/v2/sql/avatica/ -# test -druid.url=jdbc:avatica:remote:url=http://192.168.44.12:8082/druid/v2/sql/avatica/ +druid.url=jdbc:avatica:remote:url=http://192.168.44.12:8089/druid/v2/sql/avatica/ druid.driver=org.apache.calcite.avatica.remote.Driver -druid.table=traffic_top_destination_ip_metrics_log +druid.table=dos_sketch_top_server_ip #HBase配置 hbase.table=dos:ddos_traffic_baselines -#hbase.zookeeper.quorum=10.111.200.165,10.111.200.166,10.111.200.167,10.111.200.168,10.111.200.169 hbase.zookeeper.quorum=192.168.44.12 hbase.zookeeper.client.port=2181 @@ -20,14 +17,15 @@ hbase.zookeeper.client.port=2181 # 0:读取默认范围天数read.historical.days; # 1:指定时间范围 read.druid.time.limit.type=1 -read.druid.min.time=1663430400000 -read.druid.max.time=1663603200000 +read.druid.min.time=1711522800000 +read.druid.max.time=1711526400000 #Druid字段映射 druid.attacktype.tcpsynflood=TCP SYN Flood druid.attacktype.udpflood=UDP Flood druid.attacktype.icmpflood=ICMP Flood druid.attacktype.dnsamplification=DNS Flood +druid.attacktype.ntpflood=NTP Flood druid.columnname.serverip=destination_ip druid.columnname.vsysid=vsys_id druid.columnname.attacktype=attack_type @@ -43,7 +41,7 @@ hbase.baseline.zero.replace.value.suffix=default_value #数据情况 #读取历史N天数据,最小值为3天(需要判断周期性) -read.historical.days=3 +read.historical.days=30 #历史数据汇聚粒度为10分钟 historical.grad=10 # 数据库Time格式 @@ -77,9 +75,9 @@ monitor.frequency.bin.num=100 ########################################## ################ 并发参数 ################# ########################################## -all.partition.num=10 -core.pool.size=10 -max.pool.size=10 +all.partition.num=1 +core.pool.size=1 +max.pool.size=1 #druid分区字段partition_num的最大值为9999 druid.statement.query.timeout=36000 druid.partition.num.max=10000