DLA SQL分析函数:SQL语句审计与分析的利器
1. 简介
Data Lake Analytics(https://www.aliyun.com/product/datalakeanalytics)最新release一组SQL内置函数,用来进行SQL语句的分析、信息提取,方便用户对SQL语句进行语法层面的审计、分析,可以应用于很多安全、数据库日志分析等场景。参考DLA(Data Lake Analytics)之前的文档,只要您的SQL语句文本保存在DLA支持的数据源系统中,就能使用DLA的SQL分析函数,方便、快捷的进行SQL语句的审计和分析,或者基于此构建相关应用程序和系统。
前提条件,您的SQL语句文本已经作为一个字符串、文本字段存储在DLA支持的数据源中,或者在统一格式的日志文件中,日志文件放到OSS中(应用自己上传、开源日志工具上传、日志服务投递(https://help.aliyun.com/document_detail/107980.html)、Datahub投递等),然后采用DLA进行SQL分析。
2. SQL分析函数详解
所有提供的SQL分析函数都是scalar标量函数。SQL分析函数支持多种SQL方言,默认SQL方言是mysql。
| SQL方言 |
|---|
| mysql |
| postgresql |
| oracle |
| db2 |
| sqlserver |
| hive |
| odps |
支持的函数列表:
| Name | Description |
|---|---|
| sql_export_columns | 提取SQL语句中所有出现的列 |
| sql_export_functions | 提取SQL语句中所有出现的函数 |
| sql_export_predicate_columns | 提取SQL语句中所有出现的谓词条件表达式涉及的列 |
| sql_export_predicates | 提取SQL语句中所有出现的谓词条件表达式 |
| sql_export_select_list_columns | 提取SQL语句中SELECT子句表达式中出现的列(包括子查询) |
| sql_export_tables | 提取SQL语句中所有出现的表 |
| sql_format | 对SQL语句进行格式化 |
| sql_params | 提取SQL语句中所有的literal值 |
| sql_pattern | 提取SQL语句参数化后的SQL pattern,literal用?代替 |
| sql_pattern_hash | 提取sqlText的SQL语句参数化后的SQL pattern,并生成hash值 |
| sql_syntax_check | 对sqlText进行语法检查 |
2.1 sql_export_columns
函数调用形式:
- sql_export_columns(sqlText)
- sql_export_columns(sqlText, dbType)
- sql_export_columns(sqlText, dbType, throwError)
参数说明:
| 参数名 | 类型 | 说明 |
|---|---|---|
| sqlText | VARCHAR | 必选 |
| dbType | VARCHAR | 可选。SQL方言,默认为mysql |
| throwError | BOOLEAN | 可选。true时,遇到非法SQL抛出异常;false时,遇到非法SQL不抛出异常,返回null |
返回值:
| 类型 | 说明 |
|---|---|
| VARCHAR | sqlText的SQL语句中所有出现的列,用逗号分隔,列所属的表会进行关联推导,如果没有找到明确的表,则为UNKNOWN |
示例:
SELECT sql_export_columns(a.sql_text)
FROM (
SELECT 'SELECT s_acctbal,
s_name,
n_name,
p_partkey,
p_mfgr,
s_address,
s_phone,
s_comment
FROM part,
supplier,
partsupp,
nation,
region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE ''%NICKEL''
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST''
AND ps_supplycost IN
(
SELECT min(ps_supplycost)
FROM partsupp,
supplier,
nation,
region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST'' )
ORDER BY s_acctbal DESC,
n_name,
s_name,
p_partkey
LIMIT 100;' AS sql_text
) a;
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| sql_export_columns(a.sql_text) |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| UNKNOWN.s_acctbal,UNKNOWN.s_name,UNKNOWN.n_name,UNKNOWN.p_partkey,UNKNOWN.p_mfgr,UNKNOWN.s_address,UNKNOWN.s_phone,UNKNOWN.s_comment,UNKNOWN.ps_partkey,UNKNOWN.s_suppkey,UNKNOWN.ps_suppkey,UNKNOWN.p_size,UNKNOWN.p_type,UNKNOWN.s_nationkey,UNKNOWN.n_nationkey,UNKNOWN.n_regionkey,UNKNOWN.r_regionkey,UNKNOWN.r_name,UNKNOWN.ps_supplycost |
+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
2.2 sql_export_functions
函数调用形式:
- sql_export_functions(sqlText)
- sql_export_functions(sqlText, dbType)
- sql_export_functions(sqlText, dbType, throwError)
参数说明:
| 参数名 | 类型 | 说明 |
|---|---|---|
| sqlText | VARCHAR | 必选 |
| dbType | VARCHAR | 可选。SQL方言,默认为mysql |
| throwError | BOOLEAN | 可选。true时,遇到非法SQL抛出异常;false时,遇到非法SQL不抛出异常,返回null |
返回值:
| 类型 | 说明 |
|---|---|
| VARCHAR | sqlText的SQL语句中所有出现的函数名,用逗号分隔,列所属的表会进行关联推导,如果没有找到明确的表,则为UNKNOWN |
示例:
SELECT sql_export_functions(a.sql_text)
FROM (
SELECT 'SELECT s_acctbal,
s_name,
n_name,
p_partkey,
p_mfgr,
s_address,
s_phone,
s_comment
FROM part,
supplier,
partsupp,
nation,
region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE ''%NICKEL''
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST''
AND ps_supplycost IN
(
SELECT min(ps_supplycost)
FROM partsupp,
supplier,
nation,
region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST'' )
ORDER BY s_acctbal DESC,
n_name,
s_name,
p_partkey
LIMIT 100;' AS sql_text
) a;
+----------------------------------+
| sql_export_functions(a.sql_text) |
+----------------------------------+
| min |
+----------------------------------+
2.3 sql_export_predicate_columns
函数调用形式:
- sql_export_predicate_columns(sqlText)
- sql_export_predicate_columns(sqlText, dbType)
- sql_export_predicate_columns(sqlText, dbType, throwError)
参数说明:
| 参数名 | 类型 | 说明 |
|---|---|---|
| sqlText | VARCHAR | 必选 |
| dbType | VARCHAR | 可选。SQL方言,默认为mysql |
| throwError | BOOLEAN | 可选。true时,遇到非法SQL抛出异常;false时,遇到非法SQL不抛出异常,返回null |
返回值:
| 类型 | 说明 |
|---|---|
| VARCHAR | sqlText的SQL语句中出现在谓词条件表达式中的列名,用逗号分隔,列所属的表会进行关联推导,如果没有找到明确的表,则为UNKNOWN |
示例:
SELECT sql_export_predicate_columns(a.sql_text)
FROM (
SELECT 'SELECT s_acctbal,
s_name,
n_name,
p_partkey,
p_mfgr,
s_address,
s_phone,
s_comment
FROM part,
supplier,
partsupp,
nation,
region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE ''%NICKEL''
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST''
AND ps_supplycost IN
(
SELECT min(ps_supplycost)
FROM partsupp,
supplier,
nation,
region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST'' )
ORDER BY s_acctbal DESC,
n_name,
s_name,
p_partkey
LIMIT 100;' AS sql_text
) a;
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| sql_export_predicate_columns(a.sql_text) |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| UNKNOWN.p_partkey,UNKNOWN.ps_partkey,UNKNOWN.s_suppkey,UNKNOWN.ps_suppkey,UNKNOWN.p_size,UNKNOWN.p_type,UNKNOWN.s_nationkey,UNKNOWN.n_nationkey,UNKNOWN.n_regionkey,UNKNOWN.r_regionkey,UNKNOWN.r_name,UNKNOWN.ps_supplycost |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
2.4 sql_export_predicates
函数调用形式:
- sql_export_predicates(sqlText)
- sql_export_predicates(sqlText, dbType)
- sql_export_predicates(sqlText, dbType, compactValues)
- sql_export_predicates(sqlText, dbType, compactValues, throwError)
参数说明:
| 参数名 | 类型 | 说明 |
|---|---|---|
| sqlText | VARCHAR | 必选 |
| dbType | VARCHAR | 可选。SQL方言,默认为mysql |
| compactValues | BOOLEAN | 可选。true时,谓词条件中值以数组的形式出现在返回值中 |
| throwError | BOOLEAN | 可选。true时,遇到非法SQL抛出异常;false时,遇到非法SQL不抛出异常,返回null |
返回值:
| 类型 | 说明 |
|---|---|
| VARCHAR | sqlText的SQL语句中所有出现的谓词条件表达式元素数组,用逗号分隔,列所属的表会进行关联推导,如果没有找到明确的表,则为UNKNOWN |
示例:
SELECT sql_export_predicates(a.sql_text, 'mysql', true)
FROM (
SELECT 'SELECT s_acctbal,
s_name,
n_name,
p_partkey,
p_mfgr,
s_address,
s_phone,
s_comment
FROM part,
supplier,
partsupp,
nation,
region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE ''%NICKEL''
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST''
AND ps_supplycost IN
(
SELECT min(ps_supplycost)
FROM partsupp,
supplier,
nation,
region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST'' )
ORDER BY s_acctbal DESC,
n_name,
s_name,
p_partkey
LIMIT 100;' AS sql_text
) a;
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| sql_export_predicates(a.sql_text) |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| [["UNKNOWN","p_partkey","=",null],["UNKNOWN","ps_partkey","=",null],["UNKNOWN","s_suppkey","=",null],["UNKNOWN","ps_suppkey","=",null],["UNKNOWN","p_size","=",35],["UNKNOWN","p_type","LIKE","%NICKEL"],["UNKNOWN","s_nationkey","=",null],["UNKNOWN","n_nationkey","=",null],["UNKNOWN","n_regionkey","=",null],["UNKNOWN","r_regionkey","=",null],["UNKNOWN","r_name","=",["MIDDLE EAST","MIDDLE EAST"]],["UNKNOWN","ps_supplycost","IN",null]] |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
2.5 sql_export_select_list_columns
函数调用形式:
- sql_export_select_list_columns(sqlText)
- sql_export_select_list_columns(sqlText, dbType)
- sql_export_select_list_columns(sqlText, dbType, throwError)
参数说明:
| 参数名 | 类型 | 说明 |
|---|---|---|
| sqlText | VARCHAR | 必选 |
| dbType | VARCHAR | 可选。SQL方言,默认为mysql |
| throwError | BOOLEAN | 可选。true时,遇到非法SQL抛出异常;false时,遇到非法SQL不抛出异常,返回null |
返回值:
| 类型 | 说明 |
|---|---|
| VARCHAR | sqlText的SQL语句中SELECT子句返回列中出现的列名列表(包括子查询),用逗号分隔,列所属的表会进行关联推导,如果没有找到明确的表,则为UNKNOWN |
示例:
SELECT sql_export_select_list_columns(a.sql_text)
FROM (
SELECT 'SELECT s_acctbal,
s_name,
n_name,
p_partkey,
p_mfgr,
s_address,
s_phone,
s_comment
FROM part,
supplier,
partsupp,
nation,
region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE ''%NICKEL''
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST''
AND ps_supplycost IN
(
SELECT min(ps_supplycost)
FROM partsupp,
supplier,
nation,
region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST'' )
ORDER BY s_acctbal DESC,
n_name,
s_name,
p_partkey
LIMIT 100;' AS sql_text
) a;
+------------------------------------------------------------------------------------------------------------------------------------------------------------+
| sql_export_select_list_columns(a.sql_text) |
+------------------------------------------------------------------------------------------------------------------------------------------------------------+
| UNKNOWN.s_acctbal,UNKNOWN.s_name,UNKNOWN.n_name,UNKNOWN.p_partkey,UNKNOWN.p_mfgr,UNKNOWN.s_address,UNKNOWN.s_phone,UNKNOWN.s_comment,UNKNOWN.ps_supplycost |
+------------------------------------------------------------------------------------------------------------------------------------------------------------+
2.6 sql_export_tables
函数调用形式:
- sql_export_tables(sqlText)
- sql_export_tables(sqlText, dbType)
- sql_export_tables(sqlText, dbType, throwError)
参数说明:
| 参数名 | 类型 | 说明 |
|---|---|---|
| sqlText | VARCHAR | 必选 |
| dbType | VARCHAR | 可选。SQL方言,默认为mysql |
| throwError | BOOLEAN | 可选。true时,遇到非法SQL抛出异常;false时,遇到非法SQL不抛出异常,返回null |
返回值:
| 类型 | 说明 |
|---|---|
| VARCHAR | sqlText的SQL语句中所有出现的表名,用逗号分隔 |
示例:
SELECT sql_export_tables(a.sql_text)
FROM (
SELECT 'SELECT s_acctbal,
s_name,
n_name,
p_partkey,
p_mfgr,
s_address,
s_phone,
s_comment
FROM part,
supplier,
partsupp,
nation,
region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE ''%NICKEL''
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST''
AND ps_supplycost IN
(
SELECT min(ps_supplycost)
FROM partsupp,
supplier,
nation,
region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST'' )
ORDER BY s_acctbal DESC,
n_name,
s_name,
p_partkey
LIMIT 100;' AS sql_text
) a;
+--------------------------------------+
| sql_export_tables(a.sql_text) |
+--------------------------------------+
| part,supplier,partsupp,nation,region |
+--------------------------------------+
2.7 sql_format
函数调用形式:
- sql_format(sqlText)
- sql_format(sqlText, dbType)
- sql_format(sqlText, dbType, throwError)
参数说明:
| 参数名 | 类型 | 说明 |
|---|---|---|
| sqlText | VARCHAR | 必选 |
| dbType | VARCHAR | 可选。SQL方言,默认为mysql |
| throwError | BOOLEAN | 可选。true时,遇到非法SQL抛出异常;false时,遇到非法SQL不抛出异常,返回null |
返回值:
| 类型 | 说明 |
|---|---|
| VARCHAR | 格式化sqlText的SQL语句 |
示例:
SELECT sql_format(a.sql_text)
FROM (
SELECT 'SELECT s_acctbal,
s_name,
n_name,
p_partkey,
p_mfgr,
s_address,
s_phone,
s_comment
FROM part,
supplier,
partsupp,
nation,
region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE ''%NICKEL''
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST''
AND ps_supplycost IN
(
SELECT min(ps_supplycost)
FROM partsupp,
supplier,
nation,
region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST'' )
ORDER BY s_acctbal DESC,
n_name,
s_name,
p_partkey
LIMIT 100;' AS sql_text
) a;
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| sql_format(a.sql_text) |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| SELECT s_acctbal, s_name, n_name, p_partkey, p_mfgr
, s_address, s_phone, s_comment
FROM part, supplier, partsupp, nation, region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE '%NICKEL'
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = 'MIDDLE EAST'
AND ps_supplycost IN (
SELECT min(ps_supplycost)
FROM partsupp, supplier, nation, region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = 'MIDDLE EAST'
)
ORDER BY s_acctbal DESC, n_name, s_name, p_partkey
LIMIT 100; |
+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
2.8 sql_params
函数调用形式:
- sql_params(sqlText)
- sql_params(sqlText, dbType)
- sql_params(sqlText, dbType, throwError)
参数说明:
| 参数名 | 类型 | 说明 |
|---|---|---|
| sqlText | VARCHAR | 必选 |
| dbType | VARCHAR | 可选。SQL方言,默认为mysql |
| throwError | BOOLEAN | 可选。true时,遇到非法SQL抛出异常;false时,遇到非法SQL不抛出异常,返回null |
返回值:
| 类型 | 说明 |
|---|---|
| VARCHAR | 提取sqlText的SQL语句中的literal值 |
示例:
SELECT sql_params(a.sql_text)
FROM (
SELECT 'SELECT s_acctbal,
s_name,
n_name,
p_partkey,
p_mfgr,
s_address,
s_phone,
s_comment
FROM part,
supplier,
partsupp,
nation,
region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE ''%NICKEL''
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST''
AND ps_supplycost IN
(
SELECT min(ps_supplycost)
FROM partsupp,
supplier,
nation,
region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST'' )
ORDER BY s_acctbal DESC,
n_name,
s_name,
p_partkey
LIMIT 100;' AS sql_text
) a;
+------------------------------------------------+
| sql_params(a.sql_text) |
+------------------------------------------------+
| [35,"%NICKEL","MIDDLE EAST","MIDDLE EAST",100] |
+------------------------------------------------+
2.10 sql_pattern
函数调用形式:
- sql_pattern(sqlText)
- sql_pattern(sqlText, dbType)
- sql_pattern(sqlText, dbType, throwError)
参数说明:
| 参数名 | 类型 | 说明 |
|---|---|---|
| sqlText | VARCHAR | 必选 |
| dbType | VARCHAR | 可选。SQL方言,默认为mysql |
| throwError | BOOLEAN | 可选。true时,遇到非法SQL抛出异常;false时,遇到非法SQL不抛出异常,返回null |
返回值:
| 类型 | 说明 |
|---|---|
| VARCHAR | 提取sqlText的SQL语句参数化后的SQL pattern, literal值换成? |
示例:
SELECT sql_pattern(a.sql_text)
FROM (
SELECT 'SELECT s_acctbal,
s_name,
n_name,
p_partkey,
p_mfgr,
s_address,
s_phone,
s_comment
FROM part,
supplier,
partsupp,
nation,
region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE ''%NICKEL''
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST''
AND ps_supplycost IN
(
SELECT min(ps_supplycost)
FROM partsupp,
supplier,
nation,
region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST'' )
ORDER BY s_acctbal DESC,
n_name,
s_name,
p_partkey
LIMIT 100;' AS sql_text
) a;
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| sql_pattern(a.sql_text) |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| SELECT s_acctbal, s_name, n_name, p_partkey, p_mfgr
, s_address, s_phone, s_comment
FROM part, supplier, partsupp, nation, region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = ?
AND p_type LIKE ?
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ?
AND ps_supplycost IN (
SELECT min(ps_supplycost)
FROM partsupp, supplier, nation, region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ?
)
ORDER BY s_acctbal DESC, n_name, s_name, p_partkey
LIMIT ?; |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
2.11 sql_pattern_hash
函数调用形式:
- sql_pattern_hash(sqlText)
- sql_pattern_hash(sqlText, dbType)
- sql_pattern_hash(sqlText, dbType, throwError)
参数说明:
| 参数名 | 类型 | 说明 |
|---|---|---|
| sqlText | VARCHAR | 必选 |
| dbType | VARCHAR | 可选。SQL方言,默认为mysql |
| throwError | BOOLEAN | 可选。true时,遇到非法SQL抛出异常;false时,遇到非法SQL不抛出异常,返回null |
返回值:
| 类型 | 说明 |
|---|---|
| VARCHAR | 提取sqlText的SQL语句参数化后的SQL pattern,并生成hash值 |
示例:
SELECT sql_pattern_hash(a.sql_text)
FROM (
SELECT 'SELECT s_acctbal,
s_name,
n_name,
p_partkey,
p_mfgr,
s_address,
s_phone,
s_comment
FROM part,
supplier,
partsupp,
nation,
region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE ''%NICKEL''
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST''
AND ps_supplycost IN
(
SELECT min(ps_supplycost)
FROM partsupp,
supplier,
nation,
region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST'' )
ORDER BY s_acctbal DESC,
n_name,
s_name,
p_partkey
LIMIT 100;' AS sql_text
) a;
+------------------------------+
| sql_pattern_hash(a.sql_text) |
+------------------------------+
| 925870115679910184 |
+------------------------------+
2.12 sql_syntax_check
函数调用形式:
- sql_syntax_check(sqlText)
- sql_syntax_check(sqlText, dbType)
- sql_syntax_check(sqlText, dbType, throwError)
参数说明:
| 参数名 | 类型 | 说明 |
|---|---|---|
| sqlText | VARCHAR | 必选 |
| dbType | VARCHAR | 可选。SQL方言,默认为mysql |
| throwError | BOOLEAN | 可选。true时,遇到非法SQL抛出异常;false时,遇到非法SQL不抛出异常,返回null |
返回值:
| 类型 | 说明 |
|---|---|
| BOOLEAN | 对sqlText进行语法检查,1表示正确,0表示错误 |
示例:
SELECT sql_syntax_check(a.sql_text)
FROM (
SELECT 'SELECT s_acctbal,
s_name,
n_name,
p_partkey,
p_mfgr,
s_address,
s_phone,
s_comment
FROM part,
supplier,
partsupp,
nation,
region
WHERE p_partkey = ps_partkey
AND s_suppkey = ps_suppkey
AND p_size = 35
AND p_type LIKE ''%NICKEL''
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST''
AND ps_supplycost IN
(
SELECT min(ps_supplycost)
FROM partsupp,
supplier,
nation,
region
WHERE s_suppkey = ps_suppkey
AND s_nationkey = n_nationkey
AND n_regionkey = r_regionkey
AND r_name = ''MIDDLE EAST'' )
ORDER BY s_acctbal DESC,
n_name,
s_name,
p_partkey
LIMIT 100;' AS sql_text
) a;
+------------------------------+
| sql_syntax_check(a.sql_text) |
+------------------------------+
| 1 |
+------------------------------+
本文作者:julian.zhou
本文为云栖社区原创内容,未经允许不得转载。
DLA SQL分析函数:SQL语句审计与分析的利器的更多相关文章
- DRDS SQL 审计与分析——全面洞察 SQL 之利器
背景 数据库存储着系统的核心数据,其安全方面的问题在传统环境中已经成为泄漏和被篡改的重要根源.而在云端,数据库所面临的威胁被进一步的放大.因此,对云数据库的操作行为尤其是全量 SQL 执行记录的审计日 ...
- 在Hdsi2.0 SQL的注入部分抓包分析语句
在Hdsi2.0 SQL的注入部分抓包分析语句 恢复cmd ;insert tb1 exec master..xp_cmdshell''net user ''-- ;exec master.dbo.s ...
- 戈多编程-小谈sql语句的优化分析
在sqlserver大数据查询中,避免不了查询效率减慢,暂且抛弃硬件原因和版本原因,仅从sql语句角度分析. 一. sql 语句性能不达标,主要原因有一下几点: 1. 未建索引,检索导致全表扫描 2. ...
- 解决死锁之路3 - 常见 SQL 语句的加锁分析 (转)
出处:https://www.aneasystone.com/archives/2017/12/solving-dead-locks-three.html 这篇博客将对一些常见的 SQL 语句进行加锁 ...
- oracle PL/SQL管理命令语句
一.ORACLE的启动和关闭 1.在单机环境下 要想启动或关闭ORACLE系统必须首先切换到ORACLE用户,如下 su - oracle a.启动ORACLE系统 oracle>svrmgrl ...
- SQL中的Null深入研究分析
SQL中的Null深入研究分析 虽然熟练掌握SQL的人对于Null不会有什么疑问,但总结得很全的文章还是很难找,看到一篇英文版的, 感觉还不错. Tony Hoare 在1965年发明了 null 引 ...
- 对SQL Server SQL语句进行优化的10个原则
1.使用索引来更快地遍历表. 缺省情况下建立的索引是非群集索引,但有时它并不是最佳的.在非群集索引下,数据在物理上随机存放在数据页上.合理的索引设计要建立在对各种查询的分析和预测上.一般来说:①.有大 ...
- SQL 2008执行语句遇到内存不足(1)——error 701
原文:SQL 2008执行语句遇到内存不足(1)--error 701 转自:http://blogs.msdn.com/b/apgcdsd/archive/2011/01/17/sql-2008-e ...
- 【MS SQL】通过执行计划来分析SQL性能
原文:[MS SQL]通过执行计划来分析SQL性能 如何知道一句SQL语句的执行效率呢,只知道下面3种: 1.通过SQL语句执行时磁盘的活动量(IO)信息来分析:SET STATISTICS IO O ...
随机推荐
- Luogu P1311 选择客栈(前缀和)
P1311 选择客栈 题意 题目描述 丽江河边有\(n\)家很有特色的客栈,客栈按照其位置顺序从\(1\)到\(n\)编号.每家客栈都按照某一种色调进行装饰(总共\(k\)种,用整数\(0\)~\(k ...
- Luogu P1278 单词游戏(dfs)
P1278 单词游戏 题意 题目描述 \(Io\)和\(Ao\)在玩一个单词游戏. 他们轮流说出一个仅包含元音字母的单词,并且后一个单词的第一个字母必须与前一个单词的最后一个字母一致. 游戏可以从任何 ...
- 20190719-FirstZero
这也许也是一个成就吧? First Zero 考试 第一次 爆0 好了好了. T1 你永远不知道你在想什么. 我仿佛想出一个$\Theta(NM\log^2 N)$的$dfs$??? 蒟蒻原地爆炸 T ...
- [jnhs]id字段修改错误导致hibernate hql查询整表只返回第一条数据
调试发现,查询到的就是一条数据 hql语句执行结果 Hibernate: select ballmodel0_.ball_id as ball_id1_1_, ballmodel0_.color as ...
- IO多路复用,协程
https://www.cnblogs.com/wangjun187197/p/9642429.html Python之路--协程/IO多路复用 I/O复用模型 此模型用到select和poll函数, ...
- CentOS 6.8 Java 环境搭建
1.搜索 Java 1.7 64 2.下载 文件 3.Xshell 安装lrzsz 4.选择路径 5.使用 rz 命令选择上传 6.打开 /etc/profile vim /etc/profile ...
- Leetcode637.Average of Levels in Binary Tree二叉树的层平均值
给定一个非空二叉树, 返回一个由每层节点平均值组成的数组. class Solution { public: vector<double> averageOfLevels(TreeNode ...
- Git pull 强制覆盖本地文件 - CSDN博客
Git pull 强制覆盖本地文件 原创 2015年11月16日 22:07:56 标签: git git fetch --all git reset --hard origin/master git ...
- RSA 2019安全大会:企业资产管理成行业新风向标,云上安全占优势
美国时间3月4-8日,国际知名信息安全峰会RSA Conference在美国旧金山开幕,云安全及云可以为企业提供更可靠的资产管理方式成为大会热点. 此次峰会共吸引全球700多家机构参展,其中近42%为 ...
- 初次接触python的re模块
刷CF的时候,看到一个简单的题目,可以用来练练正则表达式 于是乎找到了re.sub的用法,说明如下 re.sub: (pattern, repl, string, count=0, │ f ...