规范变量的定义; 支持关闭FS的相关统计，便于valgrind/asan定位内存的相关问题

2023-07-28 07:43:22 +00:00
parent fa9583e353
commit 7cdcc95f79
4 changed files with 393 additions and 330 deletions
--- a/bin/main.conf
+++ b/bin/main.conf
@@ -25,28 +25,28 @@ TCP_MIN_BYTES=5
 UDP_MIN_PKTS=3
 UDP_MIN_BYTES=5
-[SECURITY_HITS]
+[SECURITY_HITS_METRICS]
-CYCLE=1000
+CYCLE_INTERVAL_MS=1000
 TELEGRAF_PORT=8400
 TELEGRAF_IP="127.0.0.1"
 APP_NAME="security_rule_hits"
-[STATISTIC]
+[NETWORK_METRICS]
-CYCLE=5
+CYCLE_INTERVAL_MS=5000
 TELEGRAF_PORT=8100
 TELEGRAF_IP="127.0.0.1"
 OUTPUT_PATH="log/master.metrics"
 APP_NAME="network_activity"
-[APP_METRIC]
+[APPLICATION_METRICS]
-CYCLE=1000
+CYCLE_INTERVAL_MS=1000
 TELEGRAF_PORT=8100
 TELEGRAF_IP="127.0.0.1"
 APP_NAME="app_metric"
-[FIELD_STAT]
+[MASTER_STATUS]
-CYCLE=30
+CYCLE_INTERVAL_MS=30000
-TELEGRAF_PORT=8125
+TELEGRAF_PORT=8200
 TELEGRAF_IP="127.0.0.1"
 OUTPUT_PATH="log/master.status"
 APP_NAME="tsg_master"
--- a/src/tsg_entry.h
+++ b/src/tsg_entry.h
@@ -98,78 +98,6 @@ struct app_id_dict
 	struct deny_user_region deny_app_para;
 };
 typedef enum tsg_statis_field_id
 {
 	STATIS_SESSIONS = 0,
 	STATIS_ACTIVE_SESSIONS,
 	STATIS_CLOSE_SESSIONS,
 	STATIS_IN_BYTES,
 	STATIS_OUT_BYTES,
 	STATIS_IN_PACKETS,
 	STATIS_OUT_PACKETS,
 	STATIC_ASYMMETRIC_C2S_FLOWS,
 	STATIC_ASYMMETRIC_S2C_FLOWS,
 	STATIS_MAX
 } tsg_statis_field_id_t;
 enum security_metric_columns
 {
 	COLUMN_HIT_COUNT = 0,
 	COLUMN_IN_BYTES,
 	COLUMN_OUT_BYTES,
 	COLUMN_IN_PKTS,
 	COLUMN_OUT_PKTS,
 	COLUMN_MAX
 };
 enum app_metric_columns
 {
 	TRAFFIC_APP_SESSIONS = 0,
 	TRAFFIC_APP_IN_BYTES,
 	TRAFFIC_APP_OUT_BYTES,
 	TRAFFIC_APP_IN_PKTS,
 	TRAFFIC_APP_OUT_PKTS,
 	TRAFFIC_APP_C2S_PKTS,
 	TRAFFIC_APP_S2C_PKTS,
 	TRAFFIC_APP_C2S_BYTES,
 	TRAFFIC_APP_S2C_BYTES,
 	TRAFFIC_APP_C2S_FRAGMENTS,
 	TRAFFIC_APP_S2C_FRAGMENTS,
 	TRAFFIC_APP_C2S_LOST_BYTES,
 	TRAFFIC_APP_S2C_LOST_BYTES,
 	TRAFFIC_APP_C2S_ORDER_PKTS,
 	TRAFFIC_APP_S2C_ORDER_PKTS,
 	TRAFFIC_APP_C2S_RETRANSMITTED_PKTS,
 	TRAFFIC_APP_S2C_RETRANSMITTED_PKTS,
 	TRAFFIC_APP_C2S_RETRANSMITTED_BYTES,
 	TRAFFIC_APP_S2C_RETRANSMITTED_BYTES,
 	TRAFFIC_APP_MAX
 };
 struct tsg_statistic
 {
 	int vsystem_id;
 	int cycle;
 	int thread_alive;
 	pthread_t stat_thread_id;
 	long long statistic_opt[_OPT_TYPE_MAX];
 	int static_table_id;
 	int static_column_id[STATIS_MAX];
 	struct fieldstat_instance *statistic_handle;
 	int metric_cycle;
 	int metric_table_id;
 	unsigned int security_column_ids[COLUMN_MAX];
 	struct fieldstat_dynamic_instance *security_metric_handle;
 	int app_metric_cycle;
 	int app_metric_table_id;
 	unsigned int app_column_ids[TRAFFIC_APP_MAX];
 	struct fieldstat_dynamic_instance *app_metric_handle;
 };
 int tsg_metric_init(const char *conffile, void *logger);
 void tsg_metric_destroy(void);
--- a/src/tsg_stat.cpp
+++ b/src/tsg_stat.cpp
@@ -90,31 +90,51 @@ struct runtime_stat_para g_rt_stat_para={0};
 static void stat_update(int column_id, long long increase)
 {
-	fieldstat_value_incrby(g_rt_stat_para.fs_instance, column_id, increase);
+	if(g_rt_stat_para.fs_instance!=NULL)
 	{
 		fieldstat_value_incrby(g_rt_stat_para.fs_instance, column_id, increase);
 	}
 }
 void tsg_stat_abort_rule_update(enum RULE_TYPE column_idx, long long increase)
 {
-	stat_update(g_rt_stat_para.rule.abort_column_id[column_idx], increase);
+	if(g_rt_stat_para.fs_instance!=NULL)
 	{
 		stat_update(g_rt_stat_para.rule.abort_column_id[column_idx], increase);
 	}
 }
 void tsg_stat_send_rule_update(enum RULE_TYPE column_idx, long long increase)
 {
-	stat_update(g_rt_stat_para.rule.send_column_id[column_idx], increase);
+	if(g_rt_stat_para.fs_instance!=NULL)
 	{
 		stat_update(g_rt_stat_para.rule.send_column_id[column_idx], increase);
 	}
 }
 void tsg_stat_sendlog_update(int row_idx, enum LOG_STATUS column_idx, long long increase)
 {
-	stat_update(g_rt_stat_para.sendlog.column_id[row_idx][column_idx], increase);
+	if(g_rt_stat_para.fs_instance!=NULL)
 	{
 		stat_update(g_rt_stat_para.sendlog.column_id[row_idx][column_idx], increase);
 	}
 }
 void tsg_stat_log_handle_update(enum LOG_HANDLE column_idx, long long increase)
 {
-	stat_update(g_rt_stat_para.tld.column_id[column_idx], increase);
+	if(g_rt_stat_para.fs_instance!=NULL)
 	{
 		stat_update(g_rt_stat_para.tld.column_id[column_idx], increase);
 	}
 }
 void tsg_stat_flow_update(enum STAT_STATUS status, enum FLOW_STAT column_idx, long long increase)
 {
 	if(g_rt_stat_para.fs_instance==NULL)
 	{
 		return ;
 	}
 	switch(status)
 	{
 		case	STAT_STATUS_FAIL:
@@ -130,6 +150,11 @@ void tsg_stat_flow_update(enum STAT_STATUS status, enum FLOW_STAT column_idx, lo
 void tsg_stat_sync_ctrl_update(enum STAT_STATUS status, enum CTRL_SYNC column_idx, long long increase)
 {
 	if(g_rt_stat_para.fs_instance==NULL)
 	{
 		return ;
 	}
 	switch(status)
 	{
 		case	STAT_STATUS_FAIL:
@@ -145,21 +170,35 @@ void tsg_stat_sync_ctrl_update(enum STAT_STATUS status, enum CTRL_SYNC column_id
 void tsg_stat_sync_exdata_add_update(enum SYNC_EXDATA_ROW row_idx, long long increase)
 {
-	stat_update(g_rt_stat_para.exdata.column_id[row_idx][OP_EXDATA_ADD], increase);
+	if(g_rt_stat_para.fs_instance!=NULL)
 	{
 		stat_update(g_rt_stat_para.exdata.column_id[row_idx][OP_EXDATA_ADD], increase);
 	}
 }
 void tsg_stat_sync_exdata_del_update(enum SYNC_EXDATA_ROW row_idx, long long increase)
 {
-	stat_update(g_rt_stat_para.exdata.column_id[row_idx][OP_EXDATA_DEL], increase);
+	if(g_rt_stat_para.fs_instance!=NULL)
 	{
 		stat_update(g_rt_stat_para.exdata.column_id[row_idx][OP_EXDATA_DEL], increase);
 	}
 }
 void tsg_stat_sync_application_update(enum SYNC_APP column_idx, long long increase)
 {
-	stat_update(g_rt_stat_para.app.column_id[column_idx], increase);
+	if(g_rt_stat_para.fs_instance!=NULL)
 	{
 		stat_update(g_rt_stat_para.app.column_id[column_idx], increase);
 	}
 }
 void tsg_stat_ctrl_service_activing_update(enum STAT_STATUS status, enum CTRL_SERVICE column_idx, long long increase)
 {
 	if(g_rt_stat_para.fs_instance==NULL)
 	{
 		return ;
 	}
 	switch(status)
 	{
 		case	STAT_STATUS_FAIL:
@@ -175,6 +214,11 @@ void tsg_stat_ctrl_service_activing_update(enum STAT_STATUS status, enum CTRL_SE
 void tsg_stat_ctrl_service_updating_update(enum STAT_STATUS status, enum CTRL_SERVICE column_idx, long long increase)
 {
 	if(g_rt_stat_para.fs_instance==NULL)
 	{
 		return ;
 	}
 	switch(status)
 	{
 		case	STAT_STATUS_FAIL:
@@ -190,23 +234,29 @@ void tsg_stat_ctrl_service_updating_update(enum STAT_STATUS status, enum CTRL_SE
 int tsg_stat_create(const char *conffile)
 {
-	int cycle=0,vsystem_id=0;
+	int cycle_interval_ms=0,vsystem_id=0;
 	unsigned short fs_server_port=0;
 	char instance_name[128]={0};
 	char fs_server_ip[32]={0};
 	char fs_output_path[128]={0};
-	MESA_load_profile_int_def(conffile, "FIELD_STAT", "CYCLE", &cycle, 30000);
+	MESA_load_profile_int_def(conffile, "MASTER_STATUS", "CYCLE_INTERVAL_MS", &cycle_interval_ms, 30000);
-	MESA_load_profile_short_nodef(conffile, "FIELD_STAT","TELEGRAF_PORT", (short *)&(fs_server_port));
+	if(cycle_interval_ms<=0)
-	MESA_load_profile_string_nodef(conffile,"FIELD_STAT","TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip));
+	{
-	MESA_load_profile_string_def(conffile,"FIELD_STAT","OUTPUT_PATH",fs_output_path, sizeof(fs_output_path), "master.status");
+		return 0;
-	MESA_load_profile_string_def(conffile,"FIELD_STAT","INSTANCE_NAME", instance_name, sizeof(instance_name), "tsg_master");
+	}
 	MESA_load_profile_int_def(conffile, "TSG_LOG", "VSYSTEM_ID", &vsystem_id, 1);
 	MESA_load_profile_short_nodef(conffile, "MASTER_STATUS","TELEGRAF_PORT", (short *)&(fs_server_port));
 	MESA_load_profile_string_nodef(conffile,"MASTER_STATUS","TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip));
 	MESA_load_profile_string_def(conffile,"MASTER_STATUS","OUTPUT_PATH",fs_output_path, sizeof(fs_output_path), "master.status");
 	MESA_load_profile_string_def(conffile,"MASTER_STATUS","INSTANCE_NAME", instance_name, sizeof(instance_name), "tsg_master");
 	//memset(&(g_rt_stat_para), 0, sizeof(struct runtime_stat_para));
 	g_rt_stat_para.fs_instance=fieldstat_instance_new(instance_name);
-	fieldstat_set_output_interval(g_rt_stat_para.fs_instance, cycle);
+	fieldstat_set_output_interval(g_rt_stat_para.fs_instance, cycle_interval_ms);
 	fieldstat_enable_prometheus_output(g_rt_stat_para.fs_instance);
 	fieldstat_set_local_output(g_rt_stat_para.fs_instance, fs_output_path, "default");
@@ -220,6 +270,11 @@ int tsg_stat_create(const char *conffile)
 int tsg_stat_init(void)
 {
 	if(g_rt_stat_para.fs_instance==NULL)
 	{
 		return 0;
 	}
 	enum field_type exdata_column_type[OP_EXDATA_MAX]={FIELD_TYPE_GAUGE, FIELD_TYPE_GAUGE};
 	const char *exdata_column_name[OP_EXDATA_MAX]={"add", "del"};
 	g_rt_stat_para.exdata.table_id=fieldstat_register_table(g_rt_stat_para.fs_instance, "sync_exdata", exdata_column_name, exdata_column_type, OP_EXDATA_MAX);
@@ -281,6 +336,11 @@ int tsg_stat_init(void)
 int tsg_stat_sendlog_row_init(const char *row_name)
 {
 	if(g_rt_stat_para.fs_instance==NULL)
 	{
 		return 0;
 	}
 	int row_idx=g_rt_stat_para.sendlog.max_row_idx;
 	if(row_idx==0)
 	{
@@ -301,6 +361,9 @@ int tsg_stat_sendlog_row_init(const char *row_name)
 void tsg_stat_start(void)
 {
-	fieldstat_instance_start(g_rt_stat_para.fs_instance);
+	if(g_rt_stat_para.fs_instance!=NULL)
 	{
 		fieldstat_instance_start(g_rt_stat_para.fs_instance);
 	}
 }
--- a/src/tsg_statistic.cpp
+++ b/src/tsg_statistic.cpp
@@ -12,7 +12,104 @@
 #include "tsg_statistic.h"
 #include "tsg_send_log_internal.h"
-struct tsg_statistic g_tsg_statis_para;
+enum NETWORK_TAGS
 {
 	NETWORK_TAG_VSYS_ID=0,
 	NETWORK_TAG_MAX
 };
 enum NETWORK_METRICS
 {
 	NETWORK_SESSIONS=0,
 	NETWORK_ACTIVE_SESSIONS,
 	NETWORK_CLOSE_SESSIONS,
 	NETWORK_IN_BYTES,
 	NETWORK_OUT_BYTES,
 	NETWORK_IN_PACKETS,
 	NETWORK_OUT_PACKETS,
 	NETWORK_ASYM_C2S_FLOWS,
 	NETWORK_ASYM_S2C_FLOWS,
 	NETWORK_METRIC_MAX
 };
 enum SECURYTY_METRICS_COLUMS
 {
 	SECURITY_COLUMN_HIT_COUNT=0,
 	SECURITY_COLUMN_IN_BYTES,
 	SECURITY_COLUMN_OUT_BYTES,
 	SECURITY_COLUMN_IN_PKTS,
 	SECURITY_COLUMN_OUT_PKTS,
 	SECURITY_COLUMN_MAX
 };
 enum APPLICATION_TAGS
 {
 	APPLICATION_TAG_VSYS_ID=0,
 	APPLICATION_TAG_PROTOCOL_LABEL,
 	APPLICATION_TAG_FULL_PATH,
 	APPLICATION_MAX
 };
 enum APPLICATION_METRICS
 {
 	APPLICATION_SESSIONS=0,
 	APPLICATION_IN_BYTES,
 	APPLICATION_OUT_BYTES,
 	APPLICATION_IN_PKTS,
 	APPLICATION_OUT_PKTS,
 	APPLICATION_C2S_PKTS,
 	APPLICATION_S2C_PKTS,
 	APPLICATION_C2S_BYTES,
 	APPLICATION_S2C_BYTES,
 	APPLICATION_C2S_FRAGMENTS,
 	APPLICATION_S2C_FRAGMENTS,
 	APPLICATION_C2S_LOST_BYTES,
 	APPLICATION_S2C_LOST_BYTES,
 	APPLICATION_C2S_ORDER_PKTS,
 	APPLICATION_S2C_ORDER_PKTS,
 	APPLICATION_C2S_RETRANSMITTED_PKTS,
 	APPLICATION_S2C_RETRANSMITTED_PKTS,
 	APPLICATION_C2S_RETRANSMITTED_BYTES,
 	APPLICATION_S2C_RETRANSMITTED_BYTES,
 	APPLICATION_METRICS_MAX
 };
 struct network_metrics
 {
 	int thread_alive;
 	int cycle_interval_ms;
 	pthread_t stat_thread_id;
 	long long statistic_opt[_OPT_TYPE_MAX];
 	int metrics_table_id;
 	int metrics_column_id[NETWORK_METRIC_MAX];
 	struct fieldstat_instance *metrics_handle;
 };
 struct security_metrics
 {
 	int cycle_interval_ms;
 	int metrics_table_id;
 	unsigned int metrics_column_id[SECURITY_COLUMN_MAX];
 	struct fieldstat_dynamic_instance *metrics_handle;
 };
 struct application_metrics
 {
 	int cycle_interval_ms;
 	int metrics_table_id;
 	unsigned int metrics_column_id[APPLICATION_METRICS_MAX];
 	struct fieldstat_dynamic_instance *metrics_handle;
 };
 struct tsg_statistic_metrics
 {
 	int vsystem_id;
 	struct network_metrics fs_network;
 	struct security_metrics fs_security;
 	struct application_metrics fs_application;
 };
 struct tsg_statistic_metrics g_tsg_statis_para;
 enum security_metric_tags
 {
@@ -22,20 +119,6 @@ enum security_metric_tags
 	SECURITY_TAG_MAX
 };
 enum traffic_metric_tags
 {
 	TRAFFIC_TAG_VSYS_ID = 0,
 	TRAFFIC_TAG_MAX
 };
 enum app_metric_tags
 {
 	APP_TAG_VSYS_ID = 0,
 	APP_TAG_PROTOCOL_LABEL,
 	APP_TAG_APP_FULL_PATH,
 	APP_TAG_MAX
 };
 int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_seq)
 {
 	switch(type)
@@ -45,7 +128,7 @@ int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_s
 		case	OPT_TYPE_PINNING_YES:
 		case	OPT_TYPE_PINNING_NOT:
 		case	OPT_TYPE_PINNING_MAYBE:
-		atomic_add(&(g_tsg_statis_para.statistic_opt[type]), value);
+		atomic_add(&(g_tsg_statis_para.fs_network.statistic_opt[type]), value);
 		break;
 	default:
 		break;
@@ -56,7 +139,7 @@ int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_s
 int tsg_set_intercept_flow(struct maat_rule *p_result, struct traffic_info *traffic_info, int thread_seq)
 {
-	if (p_result == NULL || traffic_info == NULL || thread_seq < 0 || thread_seq >= get_thread_count() || p_result->service_id != TSG_SERVICE_INTERCEPT)
+	if (p_result == NULL || traffic_info == NULL || thread_seq < 0 || g_tsg_statis_para.fs_security.metrics_handle==NULL || p_result->service_id != TSG_SERVICE_INTERCEPT)
 	{
 		return -1;
 	}
@@ -66,29 +149,30 @@ int tsg_set_intercept_flow(struct maat_rule *p_result, struct traffic_info *traf
 	security_tags[SECURITY_TAG_ACTION].value_int = p_result->action;
 	security_tags[SECURITY_TAG_VSYS_ID].value_int = p_result->vsys_id;
-	long long column[COLUMN_MAX];
+	long long column[SECURITY_COLUMN_MAX];
-	size_t n_column_num=COLUMN_MAX;
+	size_t n_column_num=SECURITY_COLUMN_MAX;
-	column[COLUMN_HIT_COUNT]=traffic_info->con_num;
+	column[SECURITY_COLUMN_HIT_COUNT]=traffic_info->con_num;
-	column[COLUMN_IN_BYTES]=traffic_info->in_bytes;
+	column[SECURITY_COLUMN_IN_BYTES]=traffic_info->in_bytes;
-	column[COLUMN_OUT_BYTES]=traffic_info->out_bytes;
+	column[SECURITY_COLUMN_OUT_BYTES]=traffic_info->out_bytes;
-	column[COLUMN_IN_PKTS]=traffic_info->in_packets;
+	column[SECURITY_COLUMN_IN_PKTS]=traffic_info->in_packets;
-	column[COLUMN_OUT_PKTS]=traffic_info->out_packets;
+	column[SECURITY_COLUMN_OUT_PKTS]=traffic_info->out_packets;
-	fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, "security_rule_hits", column, n_column_num, security_tags, SECURITY_TAG_MAX, thread_seq);
+	fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.fs_security.metrics_handle, 
 														g_tsg_statis_para.fs_security.metrics_table_id,
 														"security_rule_hits",
 														column,
 														n_column_num,
 														security_tags,
 														SECURITY_TAG_MAX,
 														thread_seq
 													);
 #if 0
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_HIT_COUNT], "security_rule_hits", traffic_info->con_num, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_IN_BYTES], "security_rule_hits", traffic_info->in_bytes, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_OUT_BYTES], "security_rule_hits", traffic_info->out_bytes, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_IN_PKTS], "security_rule_hits", traffic_info->in_packets, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_OUT_PKTS], "security_rule_hits", traffic_info->out_packets, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq);
 #endif
 	return 0;
 }
 int tsg_set_policy_flow(const struct streaminfo *a_stream, struct maat_rule *p_result, int thread_seq)
 {
-	if (a_stream == NULL || p_result == NULL || thread_seq < 0 || thread_seq >= get_thread_count())
+	if (a_stream == NULL || p_result == NULL || thread_seq < 0 || g_tsg_statis_para.fs_security.metrics_handle==NULL)
 	{
 		return -1;
 	}
@@ -98,48 +182,35 @@ int tsg_set_policy_flow(const struct streaminfo *a_stream, struct maat_rule *p_r
 	security_tags[SECURITY_TAG_ACTION].value_int = p_result->action;
 	security_tags[SECURITY_TAG_VSYS_ID].value_int = p_result->vsys_id;
-	long long column[COLUMN_MAX];
+	long long column[SECURITY_COLUMN_MAX];
-	size_t n_column_num=COLUMN_MAX;
+	size_t n_column_num=SECURITY_COLUMN_MAX;
-	column[COLUMN_HIT_COUNT]=1;
+	column[SECURITY_COLUMN_HIT_COUNT]=1;
 	int value_len = sizeof(unsigned long long);
-	MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_BYTE_RAW, (void *)&(column[COLUMN_IN_BYTES]), &value_len);
+	MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_BYTE_RAW, (void *)&(column[SECURITY_COLUMN_IN_BYTES]), &value_len);
-	MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_PKT, (void *)&(column[COLUMN_IN_PKTS]), &value_len);
+	MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_PKT, (void *)&(column[SECURITY_COLUMN_IN_PKTS]), &value_len);
-	MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_BYTE_RAW, (void *)&(column[COLUMN_OUT_BYTES]), &value_len);
+	MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_BYTE_RAW, (void *)&(column[SECURITY_COLUMN_OUT_BYTES]), &value_len);
-	MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_PKT, (void *)&(column[COLUMN_OUT_PKTS]), &value_len);
+	MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_PKT, (void *)&(column[SECURITY_COLUMN_OUT_PKTS]), &value_len);
-	fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, "security_rule_hits", column, n_column_num, security_tags, SECURITY_TAG_MAX, thread_seq);
+	fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.fs_security.metrics_handle, 
 														g_tsg_statis_para.fs_security.metrics_table_id,
 														"security_rule_hits",
 														column,
 														n_column_num,
 														security_tags,
 														SECURITY_TAG_MAX,
 														thread_seq
 													 );
 #if 0
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_HIT_COUNT], "security_rule_hits", 1, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq);
 	unsigned long long value = 0;
 	value=0;
 	MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_BYTE_RAW, (void *)&value, &value_len);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_IN_BYTES], "security_rule_hits", value, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq);
 	value=0;
 	MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_PKT, (void *)&value, &value_len);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_IN_PKTS], "security_rule_hits", value, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq);
 	value=0;
 	MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_BYTE_RAW, (void *)&value, &value_len);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_OUT_BYTES], "security_rule_hits", value, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq);
 	value=0;
 	MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_PKT, (void *)&value, &value_len);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_OUT_PKTS], "security_rule_hits", value, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq);
 #endif
 	return 0;
 }
 static void *tsg_statistic_thread(void *arg)
 {
-	pthread_detach(pthread_self());
+	fieldstat_instance_start(g_tsg_statis_para.fs_network.metrics_handle);
 	fieldstat_instance_start(g_tsg_statis_para.statistic_handle);
-	while(g_tsg_statis_para.thread_alive)
+	while(g_tsg_statis_para.fs_network.thread_alive)
 	{
 		long long value=0;
 		long long total_value=0;
@@ -161,7 +232,7 @@ static void *tsg_statistic_thread(void *arg)
 		value=0;
 		sapp_get_platform_opt(SPO_UDP_STREAM_CONCURRENT, (void *)&value, &value_len);
 		total_value+=value;
-		fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_ACTIVE_SESSIONS], total_value);
+		fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_ACTIVE_SESSIONS], total_value);
 		value=0;
 		total_value=0;
@@ -170,7 +241,7 @@ static void *tsg_statistic_thread(void *arg)
 		value=0;
 		sapp_get_platform_opt(SPO_UDP_STREAM_CLOSE, (void *)&value, &value_len);
 		total_value+=value;
-		fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_CLOSE_SESSIONS], total_value);
+		fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_CLOSE_SESSIONS], total_value);
 		value=0;
 		total_value=0;
@@ -179,23 +250,23 @@ static void *tsg_statistic_thread(void *arg)
 		value = 0;
 		sapp_get_platform_opt(SPO_UDP_STREAM_NEW, (void *)&value, &value_len);
 		total_value+=value;
-		fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_SESSIONS], total_value);
+		fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_SESSIONS], total_value);
 		value=0;
 		sapp_get_platform_opt(SPO_TOTAL_INBOUND_BYTE, (void *)&value, &value_len);
-		fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IN_BYTES], value);
+		fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_IN_BYTES], value);
 		value = 0;
 		sapp_get_platform_opt(SPO_TOTAL_INBOUND_PKT, (void *)&value, &value_len);
-		fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IN_PACKETS], value);
+		fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_IN_PACKETS], value);
 		value = 0;
 		sapp_get_platform_opt(SPO_TOTAL_OUTBOUND_BYTE, (void *)&value, &value_len);
-		fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_OUT_BYTES], value);
+		fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_OUT_BYTES], value);
 		value = 0;
 		sapp_get_platform_opt(SPO_TOTAL_OUTBOUND_PKT, (void *)&value, &value_len);
-		fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_OUT_PACKETS], value);
+		fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_OUT_PACKETS], value);
 		value = 0;
 		total_value = 0;
@@ -204,7 +275,7 @@ static void *tsg_statistic_thread(void *arg)
 		value = 0;
 		sapp_get_platform_opt(SPO_UDP_STREAM_C2S, (void *)&value, &value_len);
 		total_value += value;
-		fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIC_ASYMMETRIC_C2S_FLOWS], total_value);
+		fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_ASYM_C2S_FLOWS], total_value);
 		value = 0;
 		total_value = 0;
@@ -213,117 +284,68 @@ static void *tsg_statistic_thread(void *arg)
 		value = 0;
 		sapp_get_platform_opt(SPO_UDP_STREAM_S2C, (void *)&value, &value_len);
 		total_value += value;
-		fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIC_ASYMMETRIC_S2C_FLOWS], total_value);
+		fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_ASYM_S2C_FLOWS], total_value);
-		fieldstat_passive_output(g_tsg_statis_para.statistic_handle);
+		fieldstat_passive_output(g_tsg_statis_para.fs_network.metrics_handle);
-		sleep(g_tsg_statis_para.cycle);
+		usleep(g_tsg_statis_para.fs_network.cycle_interval_ms*1000);
 	}
 	pthread_exit(NULL);
 	return NULL;
 }
 int tsg_set_application_metrics(const struct streaminfo *a_stream, const char *l4_protocol, const char *app_full_path, struct traffic_packet_info *app_statis, int thread_seq)
 {
-	if (a_stream == NULL || l4_protocol == NULL || app_full_path == NULL || app_statis == NULL)
+	if (a_stream == NULL || l4_protocol == NULL || app_full_path == NULL || app_statis == NULL || g_tsg_statis_para.fs_application.metrics_handle==NULL)
 	{
 			return -1;
 	}
-	struct fieldstat_tag app_tags[APP_TAG_MAX] = {{"vsys_id", 0, -1}, {"protocol_label", 2, 0}, {"app_full_path", 2, 0}};
+	struct fieldstat_tag app_tags[APPLICATION_MAX] = {{"vsys_id", 0, -1}, {"protocol_label", 2, 0}, {"app_full_path", 2, 0}};
-	app_tags[APP_TAG_VSYS_ID].value_int = g_tsg_statis_para.vsystem_id;
+	app_tags[APPLICATION_TAG_VSYS_ID].value_int = g_tsg_statis_para.vsystem_id;
-	app_tags[APP_TAG_PROTOCOL_LABEL].value_str = l4_protocol;
+	app_tags[APPLICATION_TAG_PROTOCOL_LABEL].value_str = l4_protocol;
-	app_tags[APP_TAG_APP_FULL_PATH].value_str = app_full_path;
+	app_tags[APPLICATION_TAG_FULL_PATH].value_str = app_full_path;
-	long long column[TRAFFIC_APP_MAX];
+	long long column[APPLICATION_METRICS_MAX];
-	size_t n_column_num=TRAFFIC_APP_MAX;
+	size_t n_column_num=APPLICATION_METRICS_MAX;
-	column[TRAFFIC_APP_SESSIONS]=app_statis->sessions;
+	column[APPLICATION_SESSIONS]=app_statis->sessions;
-	column[TRAFFIC_APP_IN_BYTES]=app_statis->in_bytes;
+	column[APPLICATION_IN_BYTES]=app_statis->in_bytes;
-	column[TRAFFIC_APP_OUT_BYTES]=app_statis->out_bytes;
+	column[APPLICATION_OUT_BYTES]=app_statis->out_bytes;
-	column[TRAFFIC_APP_IN_PKTS]=app_statis->in_pkts;
+	column[APPLICATION_IN_PKTS]=app_statis->in_pkts;
-	column[TRAFFIC_APP_OUT_PKTS]=app_statis->out_pkts;
+	column[APPLICATION_OUT_PKTS]=app_statis->out_pkts;
-	column[TRAFFIC_APP_C2S_PKTS]=app_statis->c2s_pkts;
+	column[APPLICATION_C2S_PKTS]=app_statis->c2s_pkts;
-	column[TRAFFIC_APP_S2C_PKTS]=app_statis->s2c_pkts;
+	column[APPLICATION_S2C_PKTS]=app_statis->s2c_pkts;
-	column[TRAFFIC_APP_C2S_BYTES]=app_statis->c2s_bytes;
+	column[APPLICATION_C2S_BYTES]=app_statis->c2s_bytes;
-	column[TRAFFIC_APP_S2C_BYTES]=app_statis->s2c_bytes;
+	column[APPLICATION_S2C_BYTES]=app_statis->s2c_bytes;
-	column[TRAFFIC_APP_C2S_FRAGMENTS]=app_statis->c2s_fragments;
+	column[APPLICATION_C2S_FRAGMENTS]=app_statis->c2s_fragments;
-	column[TRAFFIC_APP_S2C_FRAGMENTS]=app_statis->s2c_fragments;
+	column[APPLICATION_S2C_FRAGMENTS]=app_statis->s2c_fragments;
-	column[TRAFFIC_APP_C2S_LOST_BYTES]=app_statis->c2s_tcp_lost_bytes;
+	column[APPLICATION_C2S_LOST_BYTES]=app_statis->c2s_tcp_lost_bytes;
-	column[TRAFFIC_APP_S2C_LOST_BYTES]=app_statis->s2c_tcp_lost_bytes;
+	column[APPLICATION_S2C_LOST_BYTES]=app_statis->s2c_tcp_lost_bytes;
-	column[TRAFFIC_APP_C2S_ORDER_PKTS]=app_statis->c2s_tcp_ooorder_pkts;
+	column[APPLICATION_C2S_ORDER_PKTS]=app_statis->c2s_tcp_ooorder_pkts;
-	column[TRAFFIC_APP_S2C_ORDER_PKTS]=app_statis->s2c_tcp_ooorder_pkts;
+	column[APPLICATION_S2C_ORDER_PKTS]=app_statis->s2c_tcp_ooorder_pkts;
-	column[TRAFFIC_APP_C2S_RETRANSMITTED_PKTS]=app_statis->c2s_tcp_retransmitted_pkts;
+	column[APPLICATION_C2S_RETRANSMITTED_PKTS]=app_statis->c2s_tcp_retransmitted_pkts;
-	column[TRAFFIC_APP_S2C_RETRANSMITTED_PKTS]=app_statis->s2c_tcp_retransmitted_pkts;
+	column[APPLICATION_S2C_RETRANSMITTED_PKTS]=app_statis->s2c_tcp_retransmitted_pkts;
-	column[TRAFFIC_APP_C2S_RETRANSMITTED_BYTES]=app_statis->c2s_tcp_retransmitted_bytes;
+	column[APPLICATION_C2S_RETRANSMITTED_BYTES]=app_statis->c2s_tcp_retransmitted_bytes;
-	column[TRAFFIC_APP_S2C_RETRANSMITTED_BYTES]=app_statis->s2c_tcp_retransmitted_bytes;
+	column[APPLICATION_S2C_RETRANSMITTED_BYTES]=app_statis->s2c_tcp_retransmitted_bytes;
-	fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, "traffic_application_protocol_stat", column, n_column_num, app_tags, APP_TAG_MAX, thread_seq);
+	fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.fs_application.metrics_handle, 
 														g_tsg_statis_para.fs_application.metrics_table_id,
 														"traffic_application_protocol_stat",
 														column,
 														n_column_num,
 														app_tags,
 														APPLICATION_MAX,
 														thread_seq
 													);
 #if 0
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_SESSIONS], "traffic_application_protocol_stat",
 												app_statis->sessions, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_IN_BYTES], "traffic_application_protocol_stat",
 												app_statis->in_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_IN_PKTS], "traffic_application_protocol_stat",
 												app_statis->in_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_OUT_BYTES], "traffic_application_protocol_stat",
 												app_statis->out_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_OUT_PKTS], "traffic_application_protocol_stat",
 												app_statis->out_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_PKTS], "traffic_application_protocol_stat",
 												app_statis->c2s_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_PKTS], "traffic_application_protocol_stat",
 												app_statis->s2c_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_BYTES], "traffic_application_protocol_stat",
 												app_statis->c2s_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_BYTES], "traffic_application_protocol_stat",
 												app_statis->s2c_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_FRAGMENTS], "traffic_application_protocol_stat",
 												app_statis->c2s_fragments, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_FRAGMENTS], "traffic_application_protocol_stat",
 												app_statis->s2c_fragments, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_LOST_BYTES], "traffic_application_protocol_stat",
 												app_statis->c2s_tcp_lost_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_LOST_BYTES], "traffic_application_protocol_stat",
 												app_statis->s2c_tcp_lost_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_ORDER_PKTS], "traffic_application_protocol_stat",
 												app_statis->c2s_tcp_ooorder_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_ORDER_PKTS], "traffic_application_protocol_stat",
 												app_statis->s2c_tcp_ooorder_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_RETRANSMITTED_PKTS], "traffic_application_protocol_stat",
 												app_statis->c2s_tcp_retransmitted_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_RETRANSMITTED_PKTS], "traffic_application_protocol_stat",
 												app_statis->s2c_tcp_retransmitted_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_RETRANSMITTED_BYTES], "traffic_application_protocol_stat",
 												app_statis->c2s_tcp_retransmitted_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 	fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_RETRANSMITTED_BYTES], "traffic_application_protocol_stat",
 												app_statis->s2c_tcp_retransmitted_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq);
 #endif
 	return 0;
 }
 int tsg_security_metric_init(const char *conffile, void *logger)
 {
-	if (conffile == NULL || logger == NULL)
+	if(conffile == NULL || logger == NULL)
 	{
 			return -1;
 	}
@@ -333,46 +355,52 @@ int tsg_security_metric_init(const char *conffile, void *logger)
 	char app_name[128]={0};
 	int thread_num = get_thread_count();
-	MESA_load_profile_short_nodef(conffile, "SECURITY_HITS", "TELEGRAF_PORT", (short *)&(fs_server_port));
+	MESA_load_profile_short_nodef(conffile, "SECURITY_HITS_METRICS", "TELEGRAF_PORT", (short *)&(fs_server_port));
-	MESA_load_profile_string_nodef(conffile,"SECURITY_HITS", "TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip));
+	MESA_load_profile_string_nodef(conffile,"SECURITY_HITS_METRICS", "TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip));
-	MESA_load_profile_string_def(conffile,"SECURITY_HITS", "APP_NAME", app_name, sizeof(app_name), "metric");
+	MESA_load_profile_string_def(conffile,"SECURITY_HITS_METRICS", "APP_NAME", app_name, sizeof(app_name), "metric");
-	MESA_load_profile_int_def(conffile, "SECURITY_HITS", "CYCLE", &g_tsg_statis_para.metric_cycle, 1000);
+	MESA_load_profile_int_def(conffile, "SECURITY_HITS_METRICS", "CYCLE_INTERVAL_MS", &g_tsg_statis_para.fs_security.cycle_interval_ms, 1000);
-	if(g_tsg_statis_para.metric_cycle<=0)
+	if(g_tsg_statis_para.fs_security.cycle_interval_ms<=0)
 	{
-		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "SECURITY_HITS g_tsg_statis_para.metric_cycle error");
+		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "Disabale secutiry metrics");
 		return 0;
 	}
 	g_tsg_statis_para.fs_security.metrics_handle = fieldstat_dynamic_instance_new(app_name, thread_num);
 	if (g_tsg_statis_para.fs_security.metrics_handle == NULL)
 	{
 		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "SECURITY_HITS_METRICS g_tsg_statis_para.fs_security.metrics_handle error");
 		return -1;
 	}
-	g_tsg_statis_para.security_metric_handle = fieldstat_dynamic_instance_new(app_name, thread_num);
+	fieldstat_dynamic_set_output_interval(g_tsg_statis_para.fs_security.metrics_handle, g_tsg_statis_para.fs_security.cycle_interval_ms);
 	if (g_tsg_statis_para.security_metric_handle == NULL)
 	{
 		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "SECURITY_HITS g_tsg_statis_para.security_metric_handle error");
 		return -1;
 	}
 	fieldstat_dynamic_set_output_interval(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_cycle);
 	if (fs_server_port > 0 && strlen(fs_server_ip) > 0)
 	{
-		fieldstat_dynamic_set_line_protocol_server(g_tsg_statis_para.security_metric_handle, fs_server_ip, fs_server_port);
+		fieldstat_dynamic_set_line_protocol_server(g_tsg_statis_para.fs_security.metrics_handle, fs_server_ip, fs_server_port);
 	}
-	enum field_type security_metric_type[COLUMN_MAX] = {FIELD_TYPE_COUNTER};
+	enum field_type security_metric_type[SECURITY_COLUMN_MAX] = {FIELD_TYPE_COUNTER};
-	const char *security_metric_field[COLUMN_MAX] = {"hit_count", "in_bytes", "out_bytes", "in_pkts", "out_pkts"};
+	const char *security_metric_field[SECURITY_COLUMN_MAX] = {"hit_count", "in_bytes", "out_bytes", "in_pkts", "out_pkts"};
-	g_tsg_statis_para.metric_table_id = fieldstat_register_dynamic_table(g_tsg_statis_para.security_metric_handle, "security_rule_hits", security_metric_field, security_metric_type, (size_t)COLUMN_MAX, g_tsg_statis_para.security_column_ids);
+	g_tsg_statis_para.fs_security.metrics_table_id = fieldstat_register_dynamic_table(g_tsg_statis_para.fs_security.metrics_handle,
-	if(g_tsg_statis_para.metric_table_id<0)
+																						"security_rule_hits",
 																						security_metric_field,
 																						security_metric_type,
 																						SECURITY_COLUMN_MAX,
 																						g_tsg_statis_para.fs_security.metrics_column_id
 																					);
 	if(g_tsg_statis_para.fs_security.metrics_table_id<0)
 	{
-		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "SECURITY_HITS g_tsg_statis_para.metric_table_id error");
+		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "SECURITY_HITS_METRICS g_tsg_statis_para.metric_table_id error");
 		return -1;
 	}
-	fieldstat_dynamic_instance_start(g_tsg_statis_para.security_metric_handle);
+	fieldstat_dynamic_instance_start(g_tsg_statis_para.fs_security.metrics_handle);
 	return 0;
 }
-int tsg_traffic_metric_init(const char *conffile, void *logger)
+int tsg_application_metric_init(const char *conffile, void *logger)
 {
-	if (conffile == NULL || logger == NULL)
+	if(conffile == NULL || logger == NULL)
 	{
 			return -1;
 	}
@@ -382,113 +410,157 @@ int tsg_traffic_metric_init(const char *conffile, void *logger)
 	char app_name[128] = {0};
 	int thread_num = get_thread_count();
-	MESA_load_profile_short_nodef(conffile, "APP_METRIC", "TELEGRAF_PORT", (short *)&(fs_server_port));
+	MESA_load_profile_short_nodef(conffile, "APPLICATION_METRICS", "TELEGRAF_PORT", (short *)&(fs_server_port));
-	MESA_load_profile_string_nodef(conffile, "APP_METRIC", "TELEGRAF_IP", fs_server_ip, sizeof(fs_server_ip));
+	MESA_load_profile_string_nodef(conffile, "APPLICATION_METRICS", "TELEGRAF_IP", fs_server_ip, sizeof(fs_server_ip));
-	MESA_load_profile_string_def(conffile, "APP_METRIC", "APP_NAME", app_name, sizeof(app_name), "app_metric");
+	MESA_load_profile_string_def(conffile, "APPLICATION_METRICS", "APP_NAME", app_name, sizeof(app_name), "app_metric");
-	MESA_load_profile_int_def(conffile, "APP_METRIC", "CYCLE", &g_tsg_statis_para.app_metric_cycle, 1000);
+	MESA_load_profile_int_def(conffile, "APPLICATION_METRICS", "CYCLE_INTERVAL_MS", &g_tsg_statis_para.fs_application.cycle_interval_ms, 1000);
-	if (g_tsg_statis_para.app_metric_cycle <= 0)
+	if (g_tsg_statis_para.fs_application.cycle_interval_ms <= 0)
 	{
-			MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "APP_METRIC g_tsg_statis_para.app_metric_cycle error");
+			MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "Disabale application metrics");
-			return -1;
+			return 0;
 	}
-	g_tsg_statis_para.app_metric_handle = fieldstat_dynamic_instance_new(app_name, thread_num);
+	g_tsg_statis_para.fs_application.metrics_handle = fieldstat_dynamic_instance_new(app_name, thread_num);
-	if(g_tsg_statis_para.app_metric_handle == NULL)
+	if(g_tsg_statis_para.fs_application.metrics_handle == NULL)
 	{
-		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "APP_METRIC g_tsg_statis_para.app_metric_handle error");
+		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "APPLICATION_METRICS g_tsg_statis_para.fs_application.metrics_handle error");
 		return -1;
 	}
-	fieldstat_dynamic_set_output_interval(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_cycle);
+	fieldstat_dynamic_set_output_interval(g_tsg_statis_para.fs_application.metrics_handle, g_tsg_statis_para.fs_application.cycle_interval_ms);
 	if (fs_server_port > 0 && strlen(fs_server_ip) > 0)
 	{
-		fieldstat_dynamic_set_line_protocol_server(g_tsg_statis_para.app_metric_handle, fs_server_ip, fs_server_port);
+		fieldstat_dynamic_set_line_protocol_server(g_tsg_statis_para.fs_application.metrics_handle, fs_server_ip, fs_server_port);
 	}
-	enum field_type app_metric_type[TRAFFIC_APP_MAX] = {FIELD_TYPE_COUNTER};
+	enum field_type app_metric_type[APPLICATION_METRICS_MAX] = {FIELD_TYPE_COUNTER};
-	const char *app_metric_field[TRAFFIC_APP_MAX] = {"sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "c2s_pkts", "s2c_pkts", "c2s_bytes", "s2c_bytes", "c2s_fragments", "s2c_fragments",
+	const char *app_metric_field[APPLICATION_METRICS_MAX] = {"sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "c2s_pkts", "s2c_pkts", "c2s_bytes", "s2c_bytes", "c2s_fragments", "s2c_fragments",
 													 "c2s_tcp_lost_bytes", "s2c_tcp_lost_bytes", "c2s_tcp_ooorder_pkts", "s2c_tcp_ooorder_pkts", "c2s_tcp_retransmitted_pkts", "s2c_tcp_retransmitted_pkts",
 													 "c2s_tcp_retransmitted_bytes", "s2c_tcp_retransmitted_bytes"};
-	g_tsg_statis_para.app_metric_table_id = fieldstat_register_dynamic_table(g_tsg_statis_para.app_metric_handle, "traffic_application_protocol_stat", app_metric_field, app_metric_type, (size_t)TRAFFIC_APP_MAX, g_tsg_statis_para.app_column_ids);
+	g_tsg_statis_para.fs_application.metrics_table_id = fieldstat_register_dynamic_table(g_tsg_statis_para.fs_application.metrics_handle, 
-	if (g_tsg_statis_para.app_metric_table_id < 0)
+																							"traffic_application_protocol_stat",
 																							app_metric_field,
 																							app_metric_type,
 																							APPLICATION_METRICS_MAX,
 																							g_tsg_statis_para.fs_application.metrics_column_id
 																						);
 	if (g_tsg_statis_para.fs_application.metrics_table_id < 0)
 	{
 		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "APP_METRIC g_tsg_statis_para.app_metric_table_id error");
 		return -1;
 	}
-	fieldstat_dynamic_instance_start(g_tsg_statis_para.app_metric_handle);
+	fieldstat_dynamic_instance_start(g_tsg_statis_para.fs_application.metrics_handle);
 	return 0;
 }
-int tsg_metric_init(const char *conffile, void *logger)
+int tsg_network_traffic_metrics_init(const char *conffile, void *logger)
 {
 	if(conffile == NULL || logger == NULL)
 	{
 			return -1;
 	}
 	unsigned short fs_server_port = 0;
 	char app_name[128]={0};
 	char fs_server_ip[MAX_IPV4_LEN]={0};
 	char fs_output_path[128]={0};
-	memset(&g_tsg_statis_para, 0, sizeof(g_tsg_statis_para));
+	MESA_load_profile_int_def(conffile, "NETWORK_METRICS", "CYCLE_INTERVAL_MS", &g_tsg_statis_para.fs_network.cycle_interval_ms, 5000);
-
+	if(g_tsg_statis_para.fs_network.cycle_interval_ms<=0)
 	MESA_load_profile_int_def(conffile, "STATISTIC", "CYCLE", &g_tsg_statis_para.cycle, 1);
 	if(g_tsg_statis_para.cycle<=0)
 	{
 		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "Disabale traffic statistic");
 		return 0;
 	}
-	MESA_load_profile_short_nodef(conffile, "STATISTIC", "TELEGRAF_PORT", (short *)&(fs_server_port));
+	MESA_load_profile_short_nodef(conffile, "NETWORK_METRICS", "TELEGRAF_PORT", (short *)&(fs_server_port));
-	MESA_load_profile_string_nodef(conffile,"STATISTIC", "TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip));
+	MESA_load_profile_string_nodef(conffile,"NETWORK_METRICS", "TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip));
-	MESA_load_profile_string_def(conffile,"STATISTIC", "OUTPUT_PATH",fs_output_path, sizeof(fs_output_path), "statistic.log");
+	MESA_load_profile_string_def(conffile,"NETWORK_METRICS", "OUTPUT_PATH",fs_output_path, sizeof(fs_output_path), "statistic.log");
-	MESA_load_profile_string_def(conffile, "STATISTIC", "APP_NAME", app_name, sizeof(app_name), "network_activity");
+	MESA_load_profile_string_def(conffile, "NETWORK_METRICS", "APP_NAME", app_name, sizeof(app_name), "network_activity");
 	MESA_load_profile_int_def(conffile, "TSG_LOG", "VSYSTEM_ID", &(g_tsg_statis_para.vsystem_id), 1);
-	g_tsg_statis_para.statistic_handle = fieldstat_instance_new(app_name);
+	g_tsg_statis_para.fs_network.metrics_handle=fieldstat_instance_new(app_name);
-	g_tsg_statis_para.thread_alive=1;
+	g_tsg_statis_para.fs_network.thread_alive=1;
-	fieldstat_disable_background_thread(g_tsg_statis_para.statistic_handle);
+	fieldstat_disable_background_thread(g_tsg_statis_para.fs_network.metrics_handle);
-	fieldstat_set_output_interval(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.cycle * 1000);
+	fieldstat_set_output_interval(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.cycle_interval_ms);
-	fieldstat_set_local_output(g_tsg_statis_para.statistic_handle, fs_output_path, "default");
+	fieldstat_set_local_output(g_tsg_statis_para.fs_network.metrics_handle, fs_output_path, "default");
 	if (fs_server_port > 0 && strlen(fs_server_ip) > 0)
 	{
-		fieldstat_set_line_protocol_server(g_tsg_statis_para.statistic_handle, fs_server_ip, fs_server_port);
+		fieldstat_set_line_protocol_server(g_tsg_statis_para.fs_network.metrics_handle, fs_server_ip, fs_server_port);
 	}
-	const char *static_column_name[STATIS_MAX] = {"sessions", "active_sessions", "closed_sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "asymmetric_c2s_flows", "asymmetric_s2c_flows"};
+	const char *network_column_name[NETWORK_METRIC_MAX] = {"sessions", "active_sessions", "closed_sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "asymmetric_c2s_flows", "asymmetric_s2c_flows"};
-	enum field_type static_column_type[STATIS_MAX] = {FIELD_TYPE_COUNTER};
+	enum field_type network_column_type[NETWORK_METRIC_MAX]={FIELD_TYPE_COUNTER};
-	static_column_type[STATIS_ACTIVE_SESSIONS] = FIELD_TYPE_GAUGE;
+	network_column_type[NETWORK_ACTIVE_SESSIONS]=FIELD_TYPE_GAUGE;
-	struct fieldstat_tag traffic_tags[TRAFFIC_TAG_MAX] = {{"vsys_id", 0, -1}};
+	struct fieldstat_tag traffic_tags[NETWORK_TAG_MAX]={{"vsys_id", 0, -1}};
-	traffic_tags[TRAFFIC_TAG_VSYS_ID].value_int = g_tsg_statis_para.vsystem_id;
+	traffic_tags[NETWORK_TAG_VSYS_ID].value_int = g_tsg_statis_para.vsystem_id;
-	g_tsg_statis_para.static_table_id = fieldstat_register_table(g_tsg_statis_para.statistic_handle, app_name, static_column_name, static_column_type, (size_t)(STATIS_MAX));
+	g_tsg_statis_para.fs_network.metrics_table_id = fieldstat_register_table(g_tsg_statis_para.fs_network.metrics_handle, app_name, network_column_name, network_column_type, (size_t)(NETWORK_METRIC_MAX));
-	fieldstat_register_table_row(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_table_id, (const char *)"traffic_general_stat", traffic_tags, (size_t)TRAFFIC_TAG_MAX, g_tsg_statis_para.static_column_id);
+	fieldstat_register_table_row(g_tsg_statis_para.fs_network.metrics_handle, 
 									g_tsg_statis_para.fs_network.metrics_table_id,
 									(const char *)"traffic_general_stat",
 									traffic_tags,
 									NETWORK_TAG_MAX, 
 									g_tsg_statis_para.fs_network.metrics_column_id
 								);
-	int ret = tsg_security_metric_init(conffile, logger);
+	pthread_create(&g_tsg_statis_para.fs_network.stat_thread_id, NULL, tsg_statistic_thread, NULL);
 	return 0;
 }
 int tsg_metric_init(const char *conffile, void *logger)
 {
 	memset(&g_tsg_statis_para, 0, sizeof(g_tsg_statis_para));
 	MESA_load_profile_int_def(conffile, "TSG_LOG", "VSYSTEM_ID", &(g_tsg_statis_para.vsystem_id), 1);
 	int ret=tsg_network_traffic_metrics_init(conffile, logger);
 	if(ret<0)
 	{
 		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "tsg_network_traffic_metrics_init failed ...");
 		return -1;
 	}
 	ret=tsg_security_metric_init(conffile, logger);
 	if(ret<0)
 	{
 		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "tsg_security_metric_init failed ...");
 		return -1;
 	}
-	ret = tsg_traffic_metric_init(conffile, logger);
+	ret=tsg_application_metric_init(conffile, logger);
-	if (ret < 0)
+	if(ret<0)
 	{
-		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "tsg_traffic_metric_init failed ...");
+		MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "tsg_application_metric_init failed ...");
 		return -1;
 	}
 	pthread_create(&g_tsg_statis_para.stat_thread_id, NULL, tsg_statistic_thread, NULL);
 	return 0;
 }
 void tsg_metric_destroy(void)
 {
-	g_tsg_statis_para.thread_alive = 0;
+	if(g_tsg_statis_para.fs_network.metrics_handle!=NULL)
-	sleep(g_tsg_statis_para.cycle+1);
+	{
-	fieldstat_instance_free(g_tsg_statis_para.statistic_handle);
+		g_tsg_statis_para.fs_network.thread_alive = 0;
 		usleep((g_tsg_statis_para.fs_network.cycle_interval_ms+1000)*1000);
 		pthread_join(g_tsg_statis_para.fs_network.stat_thread_id, NULL);
 		fieldstat_instance_free(g_tsg_statis_para.fs_network.metrics_handle);
 	}
 	if(g_tsg_statis_para.fs_security.metrics_handle!=NULL)
 	{
 		fieldstat_dynamic_instance_free(g_tsg_statis_para.fs_security.metrics_handle);
 	}
 	if(g_tsg_statis_para.fs_application.metrics_handle!=NULL)
 	{
 		fieldstat_dynamic_instance_free(g_tsg_statis_para.fs_application.metrics_handle);
 	}
 	return;
 }