1
1
package com .akto .threat .backend .service ;
2
2
3
+ import com .akto .dao .context .Context ;
4
+ import com .akto .log .LoggerMaker ;
3
5
import com .akto .proto .generated .threat_detection .service .dashboard_service .v1 .ListThreatApiRequest ;
4
6
import com .akto .proto .generated .threat_detection .service .dashboard_service .v1 .ListThreatApiResponse ;
5
7
import com .akto .proto .generated .threat_detection .service .dashboard_service .v1 .ThreatCategoryWiseCountRequest ;
10
12
import com .mongodb .client .MongoClient ;
11
13
import com .mongodb .client .MongoCollection ;
12
14
import com .mongodb .client .MongoCursor ;
15
+
13
16
import java .util .ArrayList ;
14
17
import java .util .List ;
15
18
import java .util .Map ;
19
+
16
20
import org .bson .Document ;
17
21
18
22
public class ThreatApiService {
19
23
20
24
private final MongoClient mongoClient ;
25
+ private static final LoggerMaker loggerMaker = new LoggerMaker (ThreatApiService .class );
21
26
22
27
public ThreatApiService (MongoClient mongoClient ) {
23
28
this .mongoClient = mongoClient ;
24
29
}
25
30
26
31
public ListThreatApiResponse listThreatApis (String accountId , ListThreatApiRequest request ) {
32
+
33
+ loggerMaker .info ("listThreatApis start ts " + Context .now ());
34
+
27
35
int skip = request .hasSkip () ? request .getSkip () : 0 ;
28
36
int limit = request .getLimit ();
29
37
Map <String , Integer > sort = request .getSortMap ();
@@ -106,44 +114,48 @@ public ListThreatApiResponse listThreatApis(String accountId, ListThreatApiReque
106
114
e .printStackTrace ();
107
115
}
108
116
117
+ loggerMaker .info ("listThreatApis end ts " + Context .now ());
109
118
return ListThreatApiResponse .newBuilder ().addAllApis (apis ).setTotal (total ).build ();
110
119
}
111
120
112
121
public ThreatCategoryWiseCountResponse getSubCategoryWiseCount (
113
- String accountId , ThreatCategoryWiseCountRequest req ) {
122
+ String accountId , ThreatCategoryWiseCountRequest req ) {
123
+
124
+ loggerMaker .info ("getSubCategoryWiseCount start ts " + Context .now ());
125
+
114
126
MongoCollection <Document > coll =
115
127
this .mongoClient
116
128
.getDatabase (accountId )
117
129
.getCollection (MongoDBCollection .ThreatDetection .MALICIOUS_EVENTS , Document .class );
118
130
119
131
List <Document > pipeline = new ArrayList <>();
132
+
133
+ // 1. Match on time range
120
134
if (req .getStartTs () != 0 || req .getEndTs () != 0 ) {
121
- Document matchFilter = new Document ("$match" ,
122
- new Document ( "detectedAt" , new Document ("$gte" , req . getStartTs ()). append ( "$lte" , req . getEndTs ()))
123
- );
124
- pipeline . add ( matchFilter );
135
+ pipeline . add ( new Document ("$match" ,
136
+ new Document ("detectedAt" ,
137
+ new Document ( "$gte" , req . getStartTs ())
138
+ . append ( "$lte" , req . getEndTs ()))));
125
139
}
126
- pipeline .add (
127
- new Document ("$sort" , new Document ("category" , 1 ).append ("detectedAt" , -1 ))); // sort
128
- pipeline .add (
129
- new Document (
130
- "$group" ,
131
- new Document (
132
- "_id" ,
133
- new Document ("category" , "$category" ).append ("subCategory" , "$subCategory" ))
134
- .append ("count" , new Document ("$sum" , 1 ))));
135
140
136
- pipeline .add (
137
- new Document (
138
- "$sort" ,
139
- new Document ("category" , -1 ).append ("subCategory" , -1 ).append ("count" , -1 ))); // sort
141
+ // 3. Group by category and subCategory
142
+ pipeline .add (new Document ("$group" ,
143
+ new Document ("_id" ,
144
+ new Document ("category" , "$category" )
145
+ .append ("subCategory" , "$subCategory" ))
146
+ .append ("count" , new Document ("$sum" , 1 ))));
147
+
148
+ // 4. Sort by count descending
149
+ pipeline .add (new Document ("$sort" , new Document ("count" , -1 )));
140
150
141
151
List <ThreatCategoryWiseCountResponse .SubCategoryCount > categoryWiseCounts = new ArrayList <>();
142
152
143
- try (MongoCursor <Document > cursor = coll .aggregate (pipeline ).cursor ()) {
153
+ // 5. Execute aggregation with controlled batch size
154
+ try (MongoCursor <Document > cursor = coll .aggregate (pipeline ).batchSize (1000 ).cursor ()) {
144
155
while (cursor .hasNext ()) {
145
156
Document doc = cursor .next ();
146
157
Document agg = (Document ) doc .get ("_id" );
158
+
147
159
categoryWiseCounts .add (
148
160
ThreatCategoryWiseCountResponse .SubCategoryCount .newBuilder ()
149
161
.setCategory (agg .getString ("category" ))
@@ -153,13 +165,18 @@ public ThreatCategoryWiseCountResponse getSubCategoryWiseCount(
153
165
}
154
166
}
155
167
168
+ loggerMaker .info ("getSubCategoryWiseCount end ts " + Context .now ());
169
+
156
170
return ThreatCategoryWiseCountResponse .newBuilder ()
157
171
.addAllCategoryWiseCounts (categoryWiseCounts )
158
172
.build ();
159
173
}
160
174
161
175
public ThreatSeverityWiseCountResponse getSeverityWiseCount (
162
176
String accountId , ThreatSeverityWiseCountRequest req ) {
177
+
178
+ loggerMaker .info ("getSeverityWiseCount start ts " + Context .now ());
179
+
163
180
MongoCollection <Document > coll =
164
181
this .mongoClient
165
182
.getDatabase (accountId )
@@ -199,6 +216,8 @@ public ThreatSeverityWiseCountResponse getSeverityWiseCount(
199
216
}
200
217
}
201
218
219
+ loggerMaker .info ("getSeverityWiseCount end ts " + Context .now ());
220
+
202
221
return ThreatSeverityWiseCountResponse .newBuilder ()
203
222
.addAllCategoryWiseCounts (categoryWiseCounts )
204
223
.build ();
0 commit comments