diff --git a/backend/routes/analysis.py b/backend/routes/analysis.py index 5f0bf54..f4189d2 100644 --- a/backend/routes/analysis.py +++ b/backend/routes/analysis.py @@ -141,7 +141,6 @@ async def analyze_ip_country(ip: str): AND detected_at >= now() - INTERVAL 24 HOUR GROUP BY country_code ORDER BY count DESC - LIMIT 10 """ asn_result = db.query(asn_countries_query, {"asn_number": asn_number}) @@ -190,7 +189,6 @@ async def analyze_country(days: int = Query(1, ge=1, le=30)): AND country_code != '' AND country_code IS NOT NULL GROUP BY country_code ORDER BY count DESC - LIMIT 10 """ top_result = db.query(top_query, {"days": days}) @@ -227,7 +225,6 @@ async def analyze_country(days: int = Query(1, ge=1, le=30)): AND country_code != '' AND country_code IS NOT NULL GROUP BY country_code ORDER BY count DESC - LIMIT 5 """ baseline_result = db.query(baseline_query) @@ -309,7 +306,6 @@ async def analyze_ja4(ip: str): AND detected_at >= now() - INTERVAL 24 HOUR GROUP BY src_ip ORDER BY count DESC - LIMIT 100 """ subnets_result = db.query(subnets_query, {"ja4": ja4}) @@ -373,7 +369,6 @@ async def analyze_user_agents(ip: str): AND time >= now() - INTERVAL 24 HOUR GROUP BY ua ORDER BY count DESC - LIMIT 500 """ # Total réel des requêtes (pour les pourcentages corrects) diff --git a/backend/routes/entities.py b/backend/routes/entities.py index 865bed9..de07b57 100644 --- a/backend/routes/entities.py +++ b/backend/routes/entities.py @@ -128,7 +128,6 @@ def get_array_values(entity_type: str, entity_value: str, array_field: str, hour ) GROUP BY value ORDER BY count DESC - LIMIT 100 """ result = db.connect().query(query, { @@ -271,7 +270,6 @@ async def get_subnet_investigation( FROM subnet_filter GROUP BY ip ORDER BY total_detections DESC - LIMIT 100 """ # Exécuter la première requête pour obtenir les IPs diff --git a/backend/routes/fingerprints.py b/backend/routes/fingerprints.py index 61cc139..45fb548 100644 --- a/backend/routes/fingerprints.py +++ b/backend/routes/fingerprints.py @@ -436,7 +436,6 @@ async def get_ua_analysis( AND is_ua_rotating = true GROUP BY clean_ip ORDER BY avg_ua_ch_mismatch DESC - LIMIT 100 """ rotating_ips: list = [] try: @@ -548,7 +547,6 @@ async def get_ip_fingerprint_coherence(ip: str): FROM ml_detected_anomalies WHERE src_ip = %(ip)s ORDER BY detected_at DESC - LIMIT 20 """ ml_res = db.query(ml_query, {"ip": ip}) @@ -563,7 +561,7 @@ async def get_ip_fingerprint_coherence(ip: str): WHERE toString(src_ip) = %(ip)s AND hour >= now() - INTERVAL 72 HOUR AND ua != '' - GROUP BY ua ORDER BY cnt DESC LIMIT 10 + GROUP BY ua ORDER BY cnt DESC """ ua_res = db.query(ua_query, {"ip": ip}) top_uas = [{"ua": str(r[0]), "count": int(r[1] or 0), "type": _classify_ua(str(r[0]))} @@ -703,7 +701,6 @@ async def get_legitimate_ja4( AND avg_browser_score > 60 AND rare_count = 0 ORDER BY unique_ips DESC - LIMIT 100 """ result = db.query(query, {"hours": hours, "min_ips": min_ips}) diff --git a/backend/routes/heatmap.py b/backend/routes/heatmap.py index e559607..eeee9c3 100644 --- a/backend/routes/heatmap.py +++ b/backend/routes/heatmap.py @@ -112,7 +112,6 @@ async def get_heatmap_matrix(): WHERE window_start >= now() - INTERVAL 72 HOUR GROUP BY host ORDER BY total_hits DESC - LIMIT 15 """ top_res = db.query(top_sql) top_hosts = [str(r[0]) for r in top_res.result_rows] diff --git a/backend/routes/search.py b/backend/routes/search.py index 23646e2..5723a0d 100644 --- a/backend/routes/search.py +++ b/backend/routes/search.py @@ -32,7 +32,6 @@ async def quick_search(q: str = Query(..., min_length=1, max_length=100)): AND detected_at >= now() - INTERVAL 24 HOUR GROUP BY clean_ip ORDER BY hits DESC - LIMIT 5 """, {"p": pattern}, ) @@ -60,7 +59,6 @@ async def quick_search(q: str = Query(..., min_length=1, max_length=100)): AND detected_at >= now() - INTERVAL 24 HOUR GROUP BY ja4 ORDER BY hits DESC - LIMIT 5 """, {"p": pattern}, ) @@ -86,7 +84,6 @@ async def quick_search(q: str = Query(..., min_length=1, max_length=100)): AND detected_at >= now() - INTERVAL 24 HOUR GROUP BY host ORDER BY hits DESC - LIMIT 5 """, {"p": pattern}, ) @@ -113,7 +110,6 @@ async def quick_search(q: str = Query(..., min_length=1, max_length=100)): AND detected_at >= now() - INTERVAL 24 HOUR GROUP BY asn_org, asn_number ORDER BY hits DESC - LIMIT 5 """, {"p": pattern}, ) diff --git a/backend/routes/tcp_spoofing.py b/backend/routes/tcp_spoofing.py index 90cd196..cdf3ebc 100644 --- a/backend/routes/tcp_spoofing.py +++ b/backend/routes/tcp_spoofing.py @@ -47,7 +47,7 @@ async def get_tcp_spoofing_overview(): SELECT tcp_ttl_raw AS ttl, count() AS cnt, uniq(src_ip) AS ips FROM mabase_prod.agg_host_ip_ja4_1h WHERE window_start >= now() - INTERVAL 24 HOUR AND tcp_ttl_raw > 0 - GROUP BY ttl ORDER BY cnt DESC LIMIT 15 + GROUP BY ttl ORDER BY cnt DESC """ ttl_res = db.query(ttl_sql) @@ -56,7 +56,7 @@ async def get_tcp_spoofing_overview(): SELECT tcp_mss_raw AS mss, count() AS cnt, uniq(src_ip) AS ips FROM mabase_prod.agg_host_ip_ja4_1h WHERE window_start >= now() - INTERVAL 24 HOUR AND tcp_mss_raw > 0 - GROUP BY mss ORDER BY cnt DESC LIMIT 12 + GROUP BY mss ORDER BY cnt DESC """ mss_res = db.query(mss_sql) @@ -65,7 +65,7 @@ async def get_tcp_spoofing_overview(): SELECT tcp_win_raw AS win, count() AS cnt FROM mabase_prod.agg_host_ip_ja4_1h WHERE window_start >= now() - INTERVAL 24 HOUR AND tcp_ttl_raw > 0 - GROUP BY win ORDER BY cnt DESC LIMIT 10 + GROUP BY win ORDER BY cnt DESC """ win_res = db.query(win_sql) diff --git a/backend/routes/variability.py b/backend/routes/variability.py index 09f0d65..e91d938 100644 --- a/backend/routes/variability.py +++ b/backend/routes/variability.py @@ -538,7 +538,6 @@ async def get_variability(attr_type: str, value: str): AND header_user_agent != '' AND header_user_agent IS NOT NULL GROUP BY user_agent ORDER BY count DESC - LIMIT 20 """ ua_result = db.query(ua_query_simple, _ua_params) user_agents = [get_attribute_value(row, 1, 2, 3, 4) for row in ua_result.result_rows] @@ -563,7 +562,6 @@ async def get_variability(attr_type: str, value: str): AND ua != '' GROUP BY user_agent ORDER BY count DESC - LIMIT 20 """ ua_result = db.query(ua_query_simple, _ua_params) user_agents = [get_attribute_value(row, 1, 2, 3, 4) for row in ua_result.result_rows] @@ -580,7 +578,6 @@ async def get_variability(attr_type: str, value: str): WHERE ja4 != '' AND ja4 IS NOT NULL GROUP BY ja4 ORDER BY count DESC - LIMIT 10 """ ja4_result = db.query(ja4_query, {"value": value}) @@ -596,7 +593,6 @@ async def get_variability(attr_type: str, value: str): WHERE country_code != '' AND country_code IS NOT NULL GROUP BY country_code ORDER BY count DESC - LIMIT 10 """ country_result = db.query(country_query, {"value": value}) @@ -613,7 +609,6 @@ async def get_variability(attr_type: str, value: str): WHERE asn_number != '' AND asn_number IS NOT NULL AND asn_number != '0' GROUP BY asn_display, asn_number ORDER BY count DESC - LIMIT 10 """ asn_result = db.query(asn_query, {"value": value}) @@ -636,7 +631,6 @@ async def get_variability(attr_type: str, value: str): WHERE host != '' AND host IS NOT NULL GROUP BY host ORDER BY count DESC - LIMIT 10 """ host_result = db.query(host_query, {"value": value})