def get_instance_top_session(tenant_id, instance_id, curr_type):
"""统计最近流量SESSION-TOP 10"""
conn = MongoHelper(FLOWDB_CONN).getconn()
db = conn["flowdb"]
now_time = int(time.time() * 1000)
if curr_type == "minute":
last_time = now_time - 10 * 60 * 1000
elif curr_type == "hour":
last_time = now_time - 10 * 60 * 60 * 1000
elif curr_type == "day":
last_time = now_time - 10 * 24 * 60 * 60 * 1000
else:
last_time = now_time
result = db.flow.aggregate([{"$match": {"tenant_id": tenant_id,
"instance_id": instance_id,
"timestap": {"$gte": last_time}}},
{"$group": {"_id": {"ipsource": "$ipsource", "ipdestination": "$ipdestination",
"srcport_or_icmptype": "$srcport_or_icmptype",
"dstport_or_icmpcode": "$dstport_or_icmpcode",
"ipprotocol": "$ipprotocol"},
"count": {"$sum": "$size"}}},
{"$sort": {"count": -1}},
{"$limit": 10}])
conn.close()
return list(result)
def get_cloud_top_tenant(curr_type):
"""统计云平台所有租户流量top 10"""
conn = MongoHelper(FLOWDB_CONN).getconn()
db = conn["flowdb"]
now_time = int(time.time() * 1000)
if curr_type == "minute":
last_time = now_time - 10 * 60 * 1000
elif curr_type == "hour":
last_time = now_time - 10 * 60 * 60 * 1000
elif curr_type == "day":
last_time = now_time - 10 * 24 * 60 * 60 * 1000
else:
last_time = now_time
result = db.flow.aggregate([{"$match": {"timestap": {"$gte": last_time}}},
{"$group": {"_id": {"tenant_id": "$tenant_id", "tenant_name": "$tenant_name"},
"count": {"$sum": "$size"}}},
{"$sort": {"count": -1}},
{"$limit": 10}])
conn.close()
return list(result)
def get_instance_top_src_ip(tenant_id, instance_id, curr_type):
"""统计虚拟机源IP--TOP 10"""
conn = MongoHelper(FLOWDB_CONN).getconn()
db = conn["flowdb"]
now_time = int(time.time() * 1000)
if curr_type == "minute":
last_time = now_time - 10 * 60 * 1000
elif curr_type == "hour":
last_time = now_time - 10 * 60 * 60 * 1000
elif curr_type == "day":
last_time = now_time - 10 * 24 * 60 * 60 * 1000
else:
last_time = now_time
result = db.flow.aggregate([{"$match": {"tenant_id": tenant_id,
"instance_id": instance_id,
"timestap": {"$gte": last_time}}},
{"$group": {"_id": "$ipsource", "count": {"$sum": 1}}},
{"$sort": {"count": -1}},
{"$limit": 10}])
conn.close()
return list(result)
def get_tenant_top_protocol_port(tenant_id, curr_type):
"""统计租户最近流量中PORT-TOP 10"""
conn = MongoHelper(FLOWDB_CONN).getconn()
db = conn["flowdb"]
now_time = int(time.time() * 1000)
if curr_type == "minute":
last_time = now_time - 10 * 60 * 1000
elif curr_type == "hour":
last_time = now_time - 10 * 60 * 60 * 1000
elif curr_type == "day":
last_time = now_time - 10 * 24 * 60 * 60 * 1000
else:
last_time = now_time
result = db.flow.aggregate([{"$match": {"tenant_id": tenant_id,
"timestap": {"$gte": last_time}}},
{"$group": {"_id": {"ipprotocol": "$ipprotocol",
"dstport_or_icmpcode": "$dstport_or_icmpcode"},
"count": {"$sum": 1}}},
{"$sort": {"count": -1}},
{"$limit": 10}])
conn.close()
return list(result)