postgresql plpythonu例子
以下代码仅作为参考之用
select md5, crc32, record->'UserModerAnalysis'->'base_info'->'file_malware' as file_malware
from reports
CREATE OR REPLACE FUNCTION py_get_file_malware(record TEXT)
RETURNS TEXT
AS $$
# pl/python functioin body
import json
plpy.notice('type of record is', type(record))
# plpy.notice('import json')
# plpy.notice('begin to loads()')
#if 'json' in SD:
# json = SD['json']
#else:
# import json
# SD['json'] = json
obj = json.loads(record)
plpy.notice('UserModerAnalysis = %s'%(str(obj['UserModerAnalysis'])))
try:
file_malware = obj['UserModerAnalysis']['base_info']['file_malware']
except Exception, e:
#plpy.error(record)
plpy.notice('ERROR!')
file_malware = ''
return file_malware
$$ LANGUAGE plpythonu
select md5, crc32, py_get_file_malware(record::TEXT)
from reports
limit 2
-- create table summary
CREATE TABLE summary_file_malware
(
description character varying(10) NOT NULL,
count integer,
CONSTRAINT summary_file_malware_pkey PRIMARY KEY (description)
)
DROP FUNCTION calculate_file_malware()
CREATE OR REPLACE FUNCTION calculate_file_malware()
RETURNS trigger AS $$
plpy.notice('calculate_file_malware invoked')
import json
event = TD['event']
if event == 'INSERT':
plpy.notice('insert triggered')
elif event == 'UPDATE':
plpy.notice('update triggered')
# parse parameter
old_obj = json.loads(TD['old']['record'])
new_obj = json.loads(TD['new']['record'])
plpy.notice('old = %s, new = %s'%(old_obj['UserModerAnalysis']['base_info']['file_malware'],
new_obj['UserModerAnalysis']['base_info']['file_malware']))
# sub old
try:
plpy.notice('begin')
plan = plpy.prepare('SELECT * FROM summary_file_malware WHERE description = $1', ['text'])
old_value = old_obj['UserModerAnalysis']['base_info']['file_malware']
plpy.notice("old_value = " + old_value)
rv = plpy.execute(plan, [old_value], 1)
old_count = int(rv[0]['count'])
plpy.notice('old_count = %s'%(old_count))
plan = plpy.prepare('UPDATE summary_file_malware SET count = $1 WHERE description = $2', ['int', 'text'])
plpy.execute(plan, [old_count - 1, old_value])
except Exception, e:
plpy.notice('exception occured, exception msg = '+str(e))
# add new
try:
plan = plpy.prepare('SELECT * FROM summary_file_malware WHERE description = $1', ['text'])
old_value = new_obj['UserModerAnalysis']['base_info']['file_malware']
rv = plpy.execute(plan, [old_value], 1)
old_count = int(rv[0]['count'])
plpy.notice('old_count = %s'%(old_count))
plan = plpy.prepare('UPDATE summary_file_malware SET count = $1 WHERE description = $2', ['int', 'text'])
plpy.execute(plan, [old_count + 1, old_value])
except Exception, e:
plpy.notice('exception occured, exception msg = '+str(e))
elif event == 'DELETE':
plpy.notice('delete triggered')
elif event == 'TRUNCATE':
plpy.notice('trancate triggered')
else:
plpy.notice('unknow event, event = ', event)
$$ LANGUAGE plpythonu
DROP TRIGGER IF EXISTS calculate on reports;
CREATE TRIGGER calculate AFTER UPDATE OF record
ON reports
FOR EACH ROW
EXECUTE PROCEDURE calculate_file_malware ();
SELECT * FROM summary_file_malware WHERE description ='OK'
INSERT INTO summary_file_malware VALUES('OK', 0)
UPDATE reports SET record = '{"Name": "000BD3A69E56CD5E8D998FEDA8EF3CA6.CCD2FFE1", "UserModerAnalysis": {"base_info": {"file_malware": "YES"}, "file_monitor": [], "virusname": null, "danger_behavior": [], "relation": {"processtree": [{"processid": "608", "process": "000BD3A69E56CD5E8D998FEDA8EF3CA6.CCD2FFE1", "module": "", "parentid": 0, "relationtype": "Root", "id": 1}]}, "other_behavior": [], "network_monitor": [], "process_monitor": [], "reg_monitor": []}, "KernelModelAnalysis": {"MaliciousActives": {"000BD3A69E56CD5E8D998FEDA8EF3CA6.CCD2FFE1": {"MemoryOperations": {}, "FileOperations": {"CREATE_FILE.DROP_PE_TO_SYSTEM_DIR": [{"COMMENT": "Create_File_In_SystemDirectory", "DETAILS": {"file_path": "c:\\windows\\.exe"}, "LEVEL": "LEVEL_3"}]}, "NetworkOperations": {}, "ProcessOperations": {}, "RegistryOperations": {}, "OtherOperations": {}}}, "ProcessFamily": {"000BD3A69E56CD5E8D998FEDA8EF3CA6.CCD2FFE1": {"Parent_Process": "", "Command_Line": "", "Type_Created": "Root"}}, "ProcessActives": {"000BD3A69E56CD5E8D998FEDA8EF3CA6.CCD2FFE1": {"MemoryOperations": {}, "FileOperations": {"DELETE_FILE": [{"COMMENT": "Delete_File_Found", "DETAILS": {"file_path": "C:\\DOCUME~1\\autoer\\LOCALS~1\\Temp\\~DFCCF6.tmp"}, "LEVEL": "LEVEL_2"}], "CREATE_FILE": [{"COMMENT": "Create_File_Found", "DETAILS": {"file_path": "C:\\DOCUME~1\\autoer\\LOCALS~1\\Temp\\~DFCCF6.tmp"}, "LEVEL": "LEVEL_2"}]}, "NetworkOperations": {}, "ProcessOperations": {}, "RegistryOperations": {"SET_KEY_VALUE": [{"COMMENT": "Set_Key_Value_Found", "DETAILS": {"value": "Drive", "type": "REG_SZ", "name": "BaseClass", "key": "HKEY_USERS\\S-1-5-21-1708537768-287218729-1177238915-1003\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\MountPoints2\\{7fb46850-baea-11e1-9890-806d6172696f}"}, "LEVEL": "LEVEL_2"}]}, "OtherOperations": {}}}, "TimeOfReportCreated": "2013-06-03 11:25:25:724 +0800", "Summary": ["CREATE_FILE", "CREATE_FILE.DROP_PE_TO_SYSTEM_DIR", "DELETE_FILE", "SET_KEY_VALUE"], "FileName": "000BD3A69E56CD5E8D998FEDA8EF3CA6.CCD2FFE1"}, "Result": "Success", "Time": "2013-06-03 11:25:25:724 +0800", "DESCRIPTION": "\u64cd\u4f5c\u6210\u529f\u5b8c\u6210\u3002"}' WHERE md5 = '000BD3A69E56CD5E8D998FEDA8EF3CA6' and crc32 = 'CCD2FFE1'
select * from summary_file_malware
postgresql plpythonu例子的更多相关文章
- .NET Core开发日志——Entity Framework与PostgreSQL
Entity Framework在.NET Core中被命名为Entity Framework Core.虽然一般会用于对SQL Server数据库进行数据操作,但其实它还支持其它数据库,这里就以Po ...
- PostGIS(解压版)安装
1.软件下载 postgresql-9.6.1-1-windows-x64-binaries.zip https://www.postgresql.org/download/windows/ post ...
- sqlmap用户手册 | WooYun知识库
sqlmap用户手册 说明:本文为转载,对原文中一些明显的拼写错误进行修正,并标注对自己有用的信息. 原文:http://drops.wooyun.org/tips/143 ============ ...
- sqlmap用户手册
http://192.168.136.131/sqlmap/mysql/get_int.php?id=1 当给sqlmap这么一个url的时候,它会: 1.判断可注入的参数2.判断可以用那种SQL注入 ...
- sqlmap用户手册详解(转)
http://url/sqlmap/mysql/get_int.php?id=1 当给sqlmap这么一个url的时候,它会: 1.判断可注入的参数 2.判断可以用那种SQL注入技术来注入 3.识别出 ...
- OpenLDAP使用疑惑解答及使用Java完成LDAP身份认证
导读 LDAP(轻量级目录访问协议,Lightweight Directory Access Protocol)是实现提供被称为目录服务的信息服务.目录服务是一种特殊的数据库系统,其专门针对读取,浏览 ...
- sqlmap
http://192.168.136.131/sqlmap/mysql/get_int.php?id=1 当给sqlmap这么一个url的时候,它会: 1.判断可注入的参数 2.判断可以用那种SQL注 ...
- 【转】sqlmap用户手册
http://192.168.136.131/sqlmap/mysql/get_int.php?id=1 当给sqlmap这么一个url的时候,它会: 1.判断可注入的参数2.判断可以用那种SQL注入 ...
- sqlmap用户手册 [详细]
当给sqlmap这么一个url的时候,它会: 1.判断可注入的参数 2.判断可以用那种SQL注入技术来注入 3.识别出哪种数据库 4.根据用户选择,读取哪些数据 sqlmap支持五种不同的注入模式: ...
随机推荐
- SQL注入测试平台 SQLol -5.DELETE注入测试
访问首页的delete模块,http://127.0.0.1/sql/delete.php,开始对delete模块进行测试. delete语法: DELETE FROM [users] WHERE [ ...
- tyvj1012 P1012 - 火柴棒等式 ——暴力枚举
题目链接:https://www.tyvj.cn/Problem_Show.aspx?id=1012 可以发现:最大的数字绝对不超过999,只要枚举出0-999所有数字需要的火柴数,然后再枚举C和A, ...
- leetcode 105 Construct Binary Tree from Preorder and Inorder Traversal ----- java
Given preorder and inorder traversal of a tree, construct the binary tree. Note:You may assume that ...
- UVa 489 HangmanJudge --- 水题
UVa 489 题目大意:计算机给定一个单词让你猜,你猜一个字母,若单词中存在你猜测的字母,则会显示出来,否则算出错, 你最多只能出错7次(第6次错还能继续猜,第7次错就算你失败),另注意猜一个已经猜 ...
- 利用mybatis_generator自动生成Dao、Model、Mapping相关文件
技术交流群:233513714 http://blog.csdn.net/wyc_cs/article/details/9023117 http://www.cnblogs.com/smileberr ...
- springMVC源码学习之:springMVC响应请求的几种方法
spring mvc 支持如下的返回方式:ModelAndView, Model, ModelMap, Map,View, String, void. ModelAndView @RequestMap ...
- 【转】iOS10项目打包上传被拒关于隐私权限问题
原文网址:http://blog.csdn.net/yidu_blog/article/details/53064987 今天项目打包提交.收到了苹果的邮件.主要内容: This app attemp ...
- 时事新闻之 谷歌 google 发布Tensor Flow 源代码
TensorFlow: TensorFlow is an open source software library for numerical computation using data flow ...
- Unity3d NGUI的使用(九)(UIScrollView制作滑动列表)
UIScrollView制作滑动列表,可横向,竖直展示一些列表在固定可视范围内 UIScrollVIew只是一个可滑动的UI组件 如果需要制作复杂的可视区域UI需要配合使用UIPanel与UIGrid ...
- SHOW OPEN TABLES – what is in your table cache
One command, which few people realize exists is SHOW OPEN TABLES – it allows you to examine what tab ...