| | 177 | |
| | 178 | |
| | 179 | = ICAS = |
| | 180 | == Map == |
| | 181 | |
| | 182 | {{{ |
| | 183 | public static class ICAS_M extends MapReduceBase implements |
| | 184 | Mapper<LongWritable, Text, Text, Text> { |
| | 185 | |
| | 186 | String getip(String str) { |
| | 187 | String[] ret = str.split(":"); |
| | 188 | return ret[0]; |
| | 189 | } |
| | 190 | |
| | 191 | public void map(LongWritable key, Text value, |
| | 192 | OutputCollector<Text, Text> output, Reporter reporter) |
| | 193 | throws IOException { |
| | 194 | // [3] sig [4]class [5]y [6]m [7]d [8]h [9]M [10]s [11]s [12]d [13]t |
| | 195 | |
| | 196 | String line = value.toString(); |
| | 197 | String[] str = line.split(";"); |
| | 198 | String source_ip = getip(str[11]); |
| | 199 | String dest_ip = getip(str[12]); |
| | 200 | String fkey = dest_ip ; |
| | 201 | |
| | 202 | String date = str[5] + "/" + str[6] + "/" + str[7] + "_" + str[8] |
| | 203 | + ":" + str[9] + ":" + str[10]; |
| | 204 | // source @ date @ sig @ class @ type |
| | 205 | String fvalue = source_ip + "@" + date + "@" + str[3] +"@" +str[4] |
| | 206 | + "@"+ str[13]; |
| | 207 | output.collect(new Text(fkey), new Text(fvalue)); |
| | 208 | } |
| | 209 | } |
| | 210 | |
| | 211 | |
| | 212 | }}} |
| | 213 | |
| | 214 | == Reduce == |
| | 215 | |
| | 216 | {{{ |
| | 217 | public static class ICAS_R extends TableReduce<Text, Text> { |
| | 218 | |
| | 219 | public void reduce(Text key, Iterator<Text> values, |
| | 220 | OutputCollector<ImmutableBytesWritable, BatchUpdate> output, |
| | 221 | Reporter reporter) throws IOException { |
| | 222 | HTable table = new HTable("ICAS"); |
| | 223 | String source_ip; |
| | 224 | String date; |
| | 225 | String sig_class; |
| | 226 | String type; |
| | 227 | String signature; |
| | 228 | |
| | 229 | String rawstr = new String(values.next().getBytes()); |
| | 230 | String[] str = rawstr.split("@"); |
| | 231 | source_ip = str[0]; |
| | 232 | date = str[1]; |
| | 233 | signature = str[2]; |
| | 234 | sig_class = str[3]; |
| | 235 | type = str[4]; |
| | 236 | // values.next().getByte() can get value and transfer to byte form, |
| | 237 | while (values.hasNext()) { |
| | 238 | // source_ip + "@" + date + "@" + sig + "@" + class + "@" + type; |
| | 239 | rawstr = new String(values.next().getBytes()); |
| | 240 | str = rawstr.split("@"); |
| | 241 | source_ip = source_ip + " ; " + str[0]; |
| | 242 | date = date + " ; " + str[1]; |
| | 243 | signature = signature + ";" + str[2]; |
| | 244 | } |
| | 245 | reporter.setStatus("amp emitting cell for row'" + key.toString() |
| | 246 | + "'"); |
| | 247 | BatchUpdate map = new BatchUpdate(key.toString()); |
| | 248 | // map.setTimestamp(timestamp); |
| | 249 | map.put("infor:source_ip", Bytes.toBytes(source_ip)); |
| | 250 | map.put("infor:signature", Bytes.toBytes(signature)); |
| | 251 | map.put("infor:date", Bytes.toBytes(date)); |
| | 252 | map.put("infor:class", Bytes.toBytes(sig_class)); |
| | 253 | map.put("infor:type", Bytes.toBytes(type)); |
| | 254 | table.commit(map); |
| | 255 | // ImmutableBytesWritable Hkey = new ImmutableBytesWritable(Bytes |
| | 256 | // .toBytes(key.toString())); |
| | 257 | // output.collect(Hkey, map); |
| | 258 | |
| | 259 | } |
| | 260 | } |
| | 261 | }}} |
