def main(): stats_dict = {} stats_dict['total_users'] = 0. stats_dict['total_sessions'] = 0. stats_dict['total_queries'] = 0. stats_dict['total_autorecurring'] = 0. stats_dict['queries_per_user'] = 0. stats_dict['queries_per_session'] = 0. stats_dict['sessions_per_user'] = 0. stats_dict['autorecurring_per_user'] = 0. stats_dict['sum_repeat_delta'] = 0. stats_dict['average_repeat_delta'] = 0. stats_dict['earliest_query'] = 1e15 stats_dict['latest_query'] = 0. stats_dict['time_span'] = 0. stats_dict['unique_queries'] = {} stats_dict['total_unique_queries'] = 0. iter = 0 for users in get_user_sessions(limit=800*BYTES_IN_MB): update_basic_stats(stats_dict, users) print "Processed " + str(iter) + "-th batch of users." iter += 1 print_basic_stats(stats_dict)
def load_main(): user_id = 1 session_id = 1 query_id = 1 for users in get_user_sessions(limit=800*BYTES_IN_MB): for user in users: print "loaded user" insert_user(user_id, user.name) for (local_sid, session) in user.sessions.iteritems(): insert_session(session_id, user_id) for query in session.queries: insert_query(query_id, query.text, query.time, False, user_id, session_id=session_id) query_id += 1 session_id += 1 for query in user.autorecurring_queries: insert_query(query_id, query.text, query.time, True, user_id) query_id += 1 user_id += 1
def load_main(): db = connect_db() user_id = 1 session_id = 1 query_id = 1 for users in get_user_sessions(limit=800*BYTES_IN_MB): for user in users: insert_user(db, user_id, user.name) for (local_sid, session) in user.sessions.iteritems(): insert_session(db, session_id, user_id) for query in session.queries: insert_storm_query(db, query_id, query.text, "storm", query.time, query.range, False, user_id, session_id=session_id) query_id += 1 session_id += 1 for query in user.autorecurring_queries: insert_storm_query(db, query_id, query.text, query.time, query.range, True, user_id) query_id += 1 user_id += 1 db.close()
def load_main(database, filename="", directory=""): user_id = 1 session_id = 1 query_id = 1 for users in get_user_sessions(filename=filename, directory=directory): for user in users: print "Loaded user" insert_user(database, user_id, user.name, user.case) for (local_sid, session) in user.sessions.iteritems(): insert_session(database, session_id, user_id) for query in session.queries: insert_query(database, query_id, query.text, query.time, False, user_id, query.searchtype, query.earliest_event, query.latest_event, query.range, query.is_realtime, query.splunk_search_id, query.runtime, query.splunk_savedsearch_name, session_id=session_id) query_id += 1 session_id += 1 for query in user.autorecurring_queries: insert_query(database, query_id, query.text, query.time, True, user_id, query.searchtype, query.earliest_event, query.latest_event, query.range, query.is_realtime, query.splunk_search_id, query.runtime, query.splunk_savedsearch_name) query_id += 1 user_id += 1
def print_sessions_from_file(filename, version=None): for users in get_user_sessions(filename=filename): for user in users: for id, session in user.sessions.iteritems(): print id, session
def print_sessions_from_directory(directory, version=None): for users in get_user_sessions(directory=directory): for user in users: for id, session in user.sessions.iteritems(): print user.name, id, session