Changeset 48 for sample/hadoop-0.16/tw/org/nchc/code

Timestamp:

Sep 3, 2008, 3:01:52 PM (16 years ago)

Author:

waue

Message:

change the database structure

File:

• sample/hadoop-0.16/tw/org/nchc/code/SnortBase.java (modified) (7 diffs)

sample/hadoop-0.16/tw/org/nchc/code/SnortBase.java

@@ -1 @@
-/**
+  /**
  * Program: LogParserGo.java
  * Editor: Waue Chen 
@@ -80 +80 @@
 
   // String ttl, tos, id, iplen, dgmlen;
-  
-  String srcport, dstport,tmp;
+
+  String srcport, dstport, tmp;
+
   public Log(String data) {
 
@@ -98 +99 @@
     this.dstport = this.tmp;
     this.type = arr[13];
-    // this.ttl = arr[14];
-    // this.tos = arr[15];
-    // this.id = arr[16];
-    // this.iplen = arr[17];
-    // this.dgmlen = arr[18];
-    
-  }
+
+  }
+
   long timestamp;
 
-
-  String getIP(String str){
+  String getIP(String str) {
     String res;
     int n = str.indexOf(":");
@@ -136 +132 @@
   public static final String TABLE = "table.name";
 
-  static String tableName = "flex";
+  static String tableName = "NewTable2";
 
   static HTable table = null;
@@ -169 +165 @@
       if (table == null)
         table = new HTable(conf, new Text(tableName));
-
+      // 實驗三
+
+      String property_name = "name=" + log.alert_name + ";priority="
+          + log.priority + ";class=" + log.class_type + ";dst_port="
+          + log.dstport + ";type=" + log.type;
       long lockId = table.startUpdate(new Text(log.destination));
-      table.put(lockId, new Text("id:gid"), log.gid.getBytes());
-      table.put(lockId, new Text("id:sid"), log.sid.getBytes());
-      table.put(lockId, new Text("id:version"), log.version.getBytes());
-      table.put(lockId, new Text("name:name"), log.alert_name.getBytes());
-      table
-          .put(lockId, new Text("name:class"), log.class_type
-              .getBytes());
-      table.put(lockId, new Text("id:priority"), log.priority
-          .getBytes());
-      table.put(lockId, new Text("direction:soure"), log.source.getBytes());
-      table.put(lockId, new Text("direction:srcport"), log.srcport.getBytes());
-      table.put(lockId, new Text("direction:dstport"), log.dstport.getBytes());
-      table.put(lockId, new Text("payload:type"), log.type.getBytes());
-      // table.put(lockId, new Text("payload:ttl"), log.ttl.getBytes());
-      // table.put(lockId, new Text("payload:tos"), log.tos.getBytes());
-      // table.put(lockId, new Text("payload:id"), log.id.getBytes());
-      // table.put(lockId, new Text("payload:iplen"), log.iplen
+      table.put(lockId, new Text("SourceSID:" + log.source + "("
+          + log.sid+")"), property_name.getBytes());
+      // 實驗二
+      // long lockId = table.startUpdate(new
+      // Text(log.destination+":"+log.sid));
+      // String property_name =
+      // "priority="+log.priority+
+      // ";class="+log.class_type+
+      // ";snort_id="+log.sid;
+      // String property_source =
+      // log.source+":"+log.srcport+" => "
+      // +log.destination+":"+log.dstport;
+      // String property_payload = log.type;
+      // table.put(lockId, new Text("name:"+log.alert_name),
+      // property_name.getBytes());
+      // table.put(lockId, new Text("from:"+log.source),
+      // property_source.getBytes());
+      // table.put(lockId, new Text("payload:"+log.type),
+      // property_payload.getBytes());
+      // 實驗一
+      // table.put(lockId, new Text("property:gen_id"),
+      // log.gid.getBytes());
+      // table.put(lockId, new Text("property:name"), log.sid.getBytes());
+      // table.put(lockId, new Text("id:version"),
+      // log.version.getBytes());
+      // table.put(lockId, new Text("name:name"),
+      // log.alert_name.getBytes());
+      // table
+      // .put(lockId, new Text("name:class"), log.class_type
       // .getBytes());
-      // table.put(lockId, new Text("payload:dgmlen"), log.dgmlen
+      // table.put(lockId, new Text("id:priority"), log.priority
       // .getBytes());
+      // table.put(lockId, new Text("direction:soure"),
+      // log.source.getBytes());
+      // table.put(lockId, new Text("direction:destination"),
+      // log.destination.getBytes());
+      // table.put(lockId, new Text("direction:srcport"),
+      // log.srcport.getBytes());
+      // table.put(lockId, new Text("direction:dstport"),
+      // log.dstport.getBytes());
+      // table.put(lockId, new Text("payload:type"), log.type.getBytes());
+
       table.commit(lockId, log.timestamp);
 
@@ -260 +282 @@
           + " table creating ... please wait");
       HTableDescriptor tableDesc = new HTableDescriptor(table);
-      tableDesc.addFamily(new HColumnDescriptor("id:"));
-      tableDesc.addFamily(new HColumnDescriptor("name:"));
-      tableDesc.addFamily(new HColumnDescriptor("direction:"));
-      tableDesc.addFamily(new HColumnDescriptor("payload:"));
+      // 實驗三
+      tableDesc.addFamily(new HColumnDescriptor("SourceSID:"));
+      // 實驗二
+      // tableDesc.addFamily(new HColumnDescriptor("name:"));
+      // tableDesc.addFamily(new HColumnDescriptor("from:"));
+      // tableDesc.addFamily(new HColumnDescriptor("payload:"));
       admin.createTable(tableDesc);
     } else {
@@ -281 +305 @@
      */
     creatTable(tableName);
-
+    Long start_time = (new Date()).getTime();
     runMapReduce(tableName, path);
-
+    Long end_time = (new Date()).getTime();
+    System.out.println(end_time - start_time);
   }