| | 1 | = Using the Database = |
|---|
| | 2 | |
|---|
| | 3 | The database used by the [http://datapository.net Datapository] anomaly detection testbed is the open source [http://www.postgresql.org/ PostgreSQL] database. While most of the functionality of the testbed is done through a [http://www.ruby-lang.org/en/ Ruby] interface to the database, hiding many of the database details from the user, knowing how to use [http://www.postgresql.org/ PostgreSQL] is extremely helpful for generating your own scripts and synthetic attacks. It is strongly suggested that you read and consult the [http://www.postgresql.org/docs/7.2/static/index.html PostgreSQL documentation] for help writing your own queries to the database, increasing the functionality of the testbed. |
|---|
| | 4 | |
|---|
| | 5 | As mentioned, the majority of the testbed framework is build around [http://www.ruby-lang.org/en/ Ruby] and is described in our [wiki:RubyUsage Ruby testbed usage] guide. However in this section of the wiki we will focus on getting you familiar with using the actual database. |
|---|
| | 6 | |
|---|
| | 7 | == Logging in to the Database == |
|---|
| | 8 | |
|---|
| | 9 | To login to the database and run queries from a command line, the ''psql'' command is used from a [http://datapository.net Datapository] shell. When using the ''psql'' command you will also specify the database name which contains the network traffic and associated metadata for your project. The database should be setup according to the main page Database Information section. To login to the database ''dp'', the following command would be issued which will give you the psql prompt: |
|---|
| | 10 | {{{ |
|---|
| | 11 | $ psql dp |
|---|
| | 12 | Welcome to psql 8.1.8, the PostgreSQL interactive terminal. |
|---|
| | 13 | |
|---|
| | 14 | Type: \copyright for distribution terms |
|---|
| | 15 | \h for help with SQL commands |
|---|
| | 16 | \? for help with psql commands |
|---|
| | 17 | \g or terminate with semicolon to execute query |
|---|
| | 18 | \q to quit |
|---|
| | 19 | |
|---|
| | 20 | dp=> |
|---|
| | 21 | }}} |
|---|
| | 22 | |
|---|
| | 23 | == Using the Database == |
|---|
| | 24 | |
|---|
| | 25 | Once you are logged in to the database, it can then be used to examine tables, constraints, rules, etc. Using the database directly most helpful when designing and testing new queries for the framework and synthetic attacks. When the queries or attacks are stable, they can then be pushed in to ruby scripts for further usage with the rest of the framework. |
|---|
| | 26 | |
|---|
| | 27 | You can examine tables (which should match our documentation): |
|---|
| | 28 | {{{ |
|---|
| | 29 | dp=> \d metrics |
|---|
| | 30 | Table "public.metrics" |
|---|
| | 31 | Column | Type | Modifiers |
|---|
| | 32 | --------+---------+----------- |
|---|
| | 33 | metric | integer | not null |
|---|
| | 34 | name | text | |
|---|
| | 35 | Indexes: |
|---|
| | 36 | "metrics_pk" PRIMARY KEY, btree (metric) |
|---|
| | 37 | }}} |
|---|
| | 38 | |
|---|
| | 39 | Or peak in to their current data: |
|---|
| | 40 | {{{ |
|---|
| | 41 | dp=> select * from metrics; |
|---|
| | 42 | metric | name |
|---|
| | 43 | --------+------------ |
|---|
| | 44 | 0 | addr_src |
|---|
| | 45 | 1 | addr_dst |
|---|
| | 46 | 2 | ports_src |
|---|
| | 47 | 3 | ports_dst |
|---|
| | 48 | 4 | degree_in |
|---|
| | 49 | 5 | degree_out |
|---|
| | 50 | 6 | fsd |
|---|
| | 51 | 7 | volume |
|---|
| | 52 | (8 rows) |
|---|
| | 53 | }}} |
|---|
| | 54 | |
|---|
| | 55 | == Finding Help With PostgreSQL == |
|---|
| | 56 | |
|---|
| | 57 | Finding help with PostgreSQL is easy and can be done in many different forms: |
|---|
| | 58 | |
|---|
| | 59 | * [http://www.postgresql.org/docs/7.2/static/index.html Online PostgreSQL documentation] |
|---|
| | 60 | |
|---|
| | 61 | * [http://www.postgresql.org/community/lists/ PostgreSQL mailing lists] |
|---|
| | 62 | |
|---|
| | 63 | * [http://www.postgresql.org/community/irc IRC: #postgresql on irc.freenode.net] |
|---|
