带条件导出数据，QGW日志：
[2022-10-11 08:57:08+0000] [INFO] [Thread:http-nio-8183-exec-8] com.mesalab.qgw.dialect.ClickHouseDialect.executeHttpPost(ClickHouseDialect.java:1176) [] - DB engine is :clickHouse,execute http query is :http://10.224.11.244:8124/?user=tsg_query&password=XXX&database=tsg_galaxy_v3&query_id=7ab3c3b3d58e004968928ada5765a2e8. body sql is:SELECT toDateTime(common_recv_time) AS common_recv_time, common_log_id, common_subscriber_id, common_imei, common_imsi, common_phone_number, common_client_ip, common_internal_ip, common_client_port, common_l4_protocol, common_address_type, common_server_ip, common_server_port, common_external_ip, common_direction, common_sled_ip, common_client_location, common_client_asn, common_server_location, common_server_asn, common_sessions, common_c2s_pkt_num, common_s2c_pkt_num, common_c2s_byte_num, common_s2c_byte_num, common_schema_type, common_device_id, common_data_center, common_device_group, common_app_behavior, common_app_label, common_tunnels, common_protocol_label, common_userdefine_app_name, common_app_identify_info, common_l7_protocol, common_service_category, toDateTime(common_start_time) AS common_start_time, toDateTime(common_end_time) AS common_end_time, common_establish_latency_ms, common_con_duration_ms, common_stream_dir, common_stream_trace_id, common_c2s_ipfrag_num, common_s2c_ipfrag_num, common_c2s_tcp_lostlen, common_s2c_tcp_lostlen, common_c2s_tcp_unorder_num, common_s2c_tcp_unorder_num, common_c2s_pkt_retrans, common_s2c_pkt_retrans, common_c2s_byte_retrans, common_s2c_byte_retrans, common_tcp_client_isn, common_tcp_server_isn, toDateTime(common_processing_time) AS common_processing_time, toDateTime(common_ingestion_time) AS common_ingestion_time, http_url, http_host, http_domain, http_request_line, http_response_line, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_cookie, http_referer, http_user_agent, http_set_cookie, http_version, http_response_latency_ms, http_session_duration_ms, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_to, mail_cc, mail_bcc, mail_subject, mail_attachment_name, mail_eml_file, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_response_latency_ms, ssl_sni, ssl_san, ssl_cn, ssl_pinningst, ssl_intercept_state, ssl_server_side_latency, ssl_client_side_latency, ssl_server_side_version, ssl_client_side_version, ssl_cert_verify, ssl_error, ssl_con_latency_ms, ssl_ja3_hash, ssl_cert_issuer, ssl_cert_subject, quic_version, quic_sni, quic_user_agent, ftp_account, ftp_url, ftp_content, ftp_link_type, app_extra_info, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, stratum_cryptocurrency, stratum_mining_pools, stratum_mining_program, rdp_cookie, rdp_security_protocol, rdp_client_channels, rdp_keyboard_layout, rdp_client_version, rdp_client_name, rdp_client_product_id, rdp_desktop_width, rdp_desktop_height, rdp_requested_color_depth, rdp_certificate_type, rdp_certificate_count, rdp_certificate_permanent, rdp_encryption_level, rdp_encryption_method FROM tsg_galaxy_v3.session_record AS session_record WHERE common_log_id IN (SELECT common_log_id FROM tsg_galaxy_v3.session_record_common_client_ip AS session_record_common_client_ip WHERE common_recv_time >= toUnixTimestamp( '2022-10-10 22:55:00') AND common_recv_time < toUnixTimestamp( '2022-10-11 20:59:59') AND (common_client_ip = '196.188.136.150') ORDER BY toDateTime(common_recv_time) DESC LIMIT 100000) AND (common_recv_time >= toUnixTimestamp( '2022-10-10 22:55:00') AND common_recv_time < toUnixTimestamp( '2022-10-11 20:59:59') AND (common_client_ip = '196.188.136.150')) ORDER BY common_recv_time DESC LIMIT 0, 100000
[2022-10-11 08:58:08+0000] [ERROR] [Thread:http-nio-8183-exec-8] com.mesalab.qgw.service.impl.HttpClientService.httpPost(HttpClientService.java:330) [] - IOException: Read timed out
[2022-10-11 08:58:08+0000] [ERROR] [Thread:http-nio-8183-exec-8] com.mesalab.qgw.controller.AuditLogAspect.doAfterThrowingAdvice(AuditLogAspect.java:77) [] - Audit Log [error]:{"annotation":"ApiController.post","queryKey":"","cacheKey":"4ac4ae6e95a7279c08dde204d5156b88","remoteAddr":"10.224.11.11","clientIp":"10.224.11.11","exeTime":0,"dbType":"clickHouse","param":"[ApiParam(query= select   FROM_UNIXTIME(common_recv_time) as common_recv_time,common_log_id,common_subscriber_id,common_imei,common_imsi,common_phone_number,common_client_ip,common_internal_ip,common_client_port,common_l4_protocol,common_address_type,common_server_ip,common_server_port,common_external_ip,common_direction,common_sled_ip,common_client_location,common_client_asn,common_server_location,common_server_asn,common_sessions,common_c2s_pkt_num,common_s2c_pkt_num,common_c2s_byte_num,common_s2c_byte_num,common_schema_type,common_device_id,common_data_center,common_device_group,common_app_behavior,common_app_label,common_tunnels,common_protocol_label,common_userdefine_app_name,common_app_identify_info,common_l7_protocol,common_service_category, FROM_UNIXTIME(common_start_time) as common_start_time, FROM_UNIXTIME(common_end_time) as common_end_time,common_establish_latency_ms,common_con_duration_ms,common_stream_dir,common_stream_trace_id,common_c2s_ipfrag_num,common_s2c_ipfrag_num,common_c2s_tcp_lostlen,common_s2c_tcp_lostlen,common_c2s_tcp_unorder_num,common_s2c_tcp_unorder_num,common_c2s_pkt_retrans,common_s2c_pkt_retrans,common_c2s_byte_retrans,common_s2c_byte_retrans,common_tcp_client_isn,common_tcp_server_isn, FROM_UNIXTIME(common_processing_time) as common_processing_time, FROM_UNIXTIME(common_ingestion_time) as common_ingestion_time,http_url,http_host,http_domain,http_request_line,http_response_line,http_request_content_length,http_request_content_type,http_response_content_length,http_response_content_type,http_cookie,http_referer,http_user_agent,http_set_cookie,http_version,http_response_latency_ms,http_session_duration_ms,mail_protocol_type,mail_account,mail_from_cmd,mail_to_cmd,mail_from,mail_to,mail_cc,mail_bcc,mail_subject,mail_attachment_name,mail_eml_file,dns_message_id,dns_qr,dns_opcode,dns_aa,dns_tc,dns_rd,dns_ra,dns_rcode,dns_qdcount,dns_ancount,dns_nscount,dns_arcount,dns_qname,dns_qtype,dns_qclass,dns_cname,dns_sub,dns_response_latency_ms,ssl_sni,ssl_san,ssl_cn,ssl_pinningst,ssl_intercept_state,ssl_server_side_latency,ssl_client_side_latency,ssl_server_side_version,ssl_client_side_version,ssl_cert_verify,ssl_error,ssl_con_latency_ms,ssl_ja3_hash,ssl_cert_issuer,ssl_cert_subject,quic_version,quic_sni,quic_user_agent,ftp_account,ftp_url,ftp_content,ftp_link_type,app_extra_info,sip_call_id,sip_originator_description,sip_responder_description,sip_user_agent,sip_server,sip_originator_sdp_connect_ip,sip_originator_sdp_media_port,sip_originator_sdp_media_type,sip_originator_sdp_content,sip_responder_sdp_connect_ip,sip_responder_sdp_media_port,sip_responder_sdp_media_type,sip_responder_sdp_content,sip_duration_s,sip_bye,rtp_payload_type_c2s,rtp_payload_type_s2c,rtp_pcap_path,ssh_version,ssh_auth_success,ssh_client_version,ssh_server_version,ssh_cipher_alg,ssh_mac_alg,ssh_compression_alg,ssh_kex_alg,ssh_host_key_alg,ssh_host_key,ssh_hassh,stratum_cryptocurrency,stratum_mining_pools,stratum_mining_program,rdp_cookie,rdp_security_protocol,rdp_client_channels,rdp_keyboard_layout,rdp_client_version,rdp_client_name,rdp_client_product_id,rdp_desktop_width,rdp_desktop_height,rdp_requested_color_depth,rdp_certificate_type,rdp_certificate_count,rdp_certificate_permanent,rdp_encryption_level,rdp_encryption_method  from session_record where  common_recv_time  >= UNIX_TIMESTAMP('2022-10-10 22:55:00') and common_recv_time <  UNIX_TIMESTAMP('2022-10-11 20:59:59')   and ( common_client_ip='196.188.136.150' ) order by common_recv_time desc  limit 0 , 100000 , option=real-time, sampled=null, format=json, schema=null, tableName=session_record, dbType=clickHouse, queryId=null, dialectDBType=mysql, reportId=null, resultId=null, sql=SELECT FROM_UNIXTIME(common_recv_time) AS common_recv_time, common_log_id, common_subscriber_id, common_imei, common_imsi, common_phone_number, common_client_ip, common_internal_ip, common_client_port, common_l4_protocol, common_address_type, common_server_ip, common_server_port, common_external_ip, common_direction, common_sled_ip, common_client_location, common_client_asn, common_server_location, common_server_asn, common_sessions, common_c2s_pkt_num, common_s2c_pkt_num, common_c2s_byte_num, common_s2c_byte_num, common_schema_type, common_device_id, common_data_center, common_device_group, common_app_behavior, common_app_label, common_tunnels, common_protocol_label, common_userdefine_app_name, common_app_identify_info, common_l7_protocol, common_service_category, FROM_UNIXTIME(common_start_time) AS common_start_time, FROM_UNIXTIME(common_end_time) AS common_end_time, common_establish_latency_ms, common_con_duration_ms, common_stream_dir, common_stream_trace_id, common_c2s_ipfrag_num, common_s2c_ipfrag_num, common_c2s_tcp_lostlen, common_s2c_tcp_lostlen, common_c2s_tcp_unorder_num, common_s2c_tcp_unorder_num, common_c2s_pkt_retrans, common_s2c_pkt_retrans, common_c2s_byte_retrans, common_s2c_byte_retrans, common_tcp_client_isn, common_tcp_server_isn, FROM_UNIXTIME(common_processing_time) AS common_processing_time, FROM_UNIXTIME(common_ingestion_time) AS common_ingestion_time, http_url, http_host, http_domain, http_request_line, http_response_line, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_cookie, http_referer, http_user_agent, http_set_cookie, http_version, http_response_latency_ms, http_session_duration_ms, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_to, mail_cc, mail_bcc, mail_subject, mail_attachment_name, mail_eml_file, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_response_latency_ms, ssl_sni, ssl_san, ssl_cn, ssl_pinningst, ssl_intercept_state, ssl_server_side_latency, ssl_client_side_latency, ssl_server_side_version, ssl_client_side_version, ssl_cert_verify, ssl_error, ssl_con_latency_ms, ssl_ja3_hash, ssl_cert_issuer, ssl_cert_subject, quic_version, quic_sni, quic_user_agent, ftp_account, ftp_url, ftp_content, ftp_link_type, app_extra_info, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, stratum_cryptocurrency, stratum_mining_pools, stratum_mining_program, rdp_cookie, rdp_security_protocol, rdp_client_channels, rdp_keyboard_layout, rdp_client_version, rdp_client_name, rdp_client_product_id, rdp_desktop_width, rdp_desktop_height, rdp_requested_color_depth, rdp_certificate_type, rdp_certificate_count, rdp_certificate_permanent, rdp_encryption_level, rdp_encryption_method FROM session_record WHERE common_recv_time >= UNIX_TIMESTAMP('2022-10-10 22:55:00') AND common_recv_time < UNIX_TIMESTAMP('2022-10-11 20:59:59') AND (common_client_ip = '196.188.136.150') ORDER BY common_recv_time DESC LIMIT 0, 100000, engineQuerySource=null, dbQuerySource=SQLQuerySource(sqlBody=SELECT FROM_UNIXTIME(common_recv_time) AS common_recv_time, common_log_id, common_subscriber_id, common_imei, common_imsi, common_phone_number, common_client_ip, common_internal_ip, common_client_port, common_l4_protocol, common_address_type, common_server_ip, common_server_port, common_external_ip, common_direction, common_sled_ip, common_client_location, common_client_asn, common_server_location, common_server_asn, common_sessions, common_c2s_pkt_num, common_s2c_pkt_num, common_c2s_byte_num, common_s2c_byte_num, common_schema_type, common_device_id, common_data_center, common_device_group, common_app_behavior, common_app_label, common_tunnels, common_protocol_label, common_userdefine_app_name, common_app_identify_info, common_l7_protocol, common_service_category, FROM_UNIXTIME(common_start_time) AS common_start_time, FROM_UNIXTIME(common_end_time) AS common_end_time, common_establish_latency_ms, common_con_duration_ms, common_stream_dir, common_stream_trace_id, common_c2s_ipfrag_num, common_s2c_ipfrag_num, common_c2s_tcp_lostlen, common_s2c_tcp_lostlen, common_c2s_tcp_unorder_num, common_s2c_tcp_unorder_num, common_c2s_pkt_retrans, common_s2c_pkt_retrans, common_c2s_byte_retrans, common_s2c_byte_retrans, common_tcp_client_isn, common_tcp_server_isn, FROM_UNIXTIME(common_processing_time) AS common_processing_time, FROM_UNIXTIME(common_ingestion_time) AS common_ingestion_time, http_url, http_host, http_domain, http_request_line, http_response_line, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_cookie, http_referer, http_user_agent, http_set_cookie, http_version, http_response_latency_ms, http_session_duration_ms, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_to, mail_cc, mail_bcc, mail_subject, mail_attachment_name, mail_eml_file, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_response_latency_ms, ssl_sni, ssl_san, ssl_cn, ssl_pinningst, ssl_intercept_state, ssl_server_side_latency, ssl_client_side_latency, ssl_server_side_version, ssl_client_side_version, ssl_cert_verify, ssl_error, ssl_con_latency_ms, ssl_ja3_hash, ssl_cert_issuer, ssl_cert_subject, quic_version, quic_sni, quic_user_agent, ftp_account, ftp_url, ftp_content, ftp_link_type, app_extra_info, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, stratum_cryptocurrency, stratum_mining_pools, stratum_mining_program, rdp_cookie, rdp_security_protocol, rdp_client_channels, rdp_keyboard_layout, rdp_client_version, rdp_client_name, rdp_client_product_id, rdp_desktop_width, rdp_desktop_height, rdp_requested_color_depth, rdp_certificate_type, rdp_certificate_count, rdp_certificate_permanent, rdp_encryption_level, rdp_encryption_method FROM session_record WHERE common_recv_time >= UNIX_TIMESTAMP('2022-10-10 22:55:00') AND common_recv_time < UNIX_TIMESTAMP('2022-10-11 20:59:59') AND (common_client_ip = '196.188.136.150') ORDER BY common_recv_time DESC LIMIT 0, 100000, tableName=session_record, partitionKey=common_recv_time, fromItem=session_record, selectItems=FROM_UNIXTIME(common_recv_time) AS common_recv_time,common_log_id,common_subscriber_id,common_imei,common_imsi,common_phone_number,common_client_ip,common_internal_ip,common_client_port,common_l4_protocol,common_address_type,common_server_ip,common_server_port,common_external_ip,common_direction,common_sled_ip,common_client_location,common_client_asn,common_server_location,common_server_asn,common_sessions,common_c2s_pkt_num,common_s2c_pkt_num,common_c2s_byte_num,common_s2c_byte_num,common_schema_type,common_device_id,common_data_center,common_device_group,common_app_behavior,common_app_label,common_tunnels,common_protocol_label,common_userdefine_app_name,common_app_identify_info,common_l7_protocol,common_service_category,FROM_UNIXTIME(common_start_time) AS common_start_time,FROM_UNIXTIME(common_end_time) AS common_end_time,common_establish_latency_ms,common_con_duration_ms,common_stream_dir,common_stream_trace_id,common_c2s_ipfrag_num,common_s2c_ipfrag_num,common_c2s_tcp_lostlen,common_s2c_tcp_lostlen,common_c2s_tcp_unorder_num,common_s2c_tcp_unorder_num,common_c2s_pkt_retrans,common_s2c_pkt_retrans,common_c2s_byte_retrans,common_s2c_byte_retrans,common_tcp_client_isn,common_tcp_server_isn,FROM_UNIXTIME(common_processing_time) AS common_processing_time,FROM_UNIXTIME(common_ingestion_time) AS common_ingestion_time,http_url,http_host,http_domain,http_request_line,http_response_line,http_request_content_length,http_request_content_type,http_response_content_length,http_response_content_type,http_cookie,http_referer,http_user_agent,http_set_cookie,http_version,http_response_latency_ms,http_session_duration_ms,mail_protocol_type,mail_account,mail_from_cmd,mail_to_cmd,mail_from,mail_to,mail_cc,mail_bcc,mail_subject,mail_attachment_name,mail_eml_file,dns_message_id,dns_qr,dns_opcode,dns_aa,dns_tc,dns_rd,dns_ra,dns_rcode,dns_qdcount,dns_ancount,dns_nscount,dns_arcount,dns_qname,dns_qtype,dns_qclass,dns_cname,dns_sub,dns_response_latency_ms,ssl_sni,ssl_san,ssl_cn,ssl_pinningst,ssl_intercept_state,ssl_server_side_latency,ssl_client_side_latency,ssl_server_side_version,ssl_client_side_version,ssl_cert_verify,ssl_error,ssl_con_latency_ms,ssl_ja3_hash,ssl_cert_issuer,ssl_cert_subject,quic_version,quic_sni,quic_user_agent,ftp_account,ftp_url,ftp_content,ftp_link_type,app_extra_info,sip_call_id,sip_originator_description,sip_responder_description,sip_user_agent,sip_server,sip_originator_sdp_connect_ip,sip_originator_sdp_media_port,sip_originator_sdp_media_type,sip_originator_sdp_content,sip_responder_sdp_connect_ip,sip_responder_sdp_media_port,sip_responder_sdp_media_type,sip_responder_sdp_content,sip_duration_s,sip_bye,rtp_payload_type_c2s,rtp_payload_type_s2c,rtp_pcap_path,ssh_version,ssh_auth_success,ssh_client_version,ssh_server_version,ssh_cipher_alg,ssh_mac_alg,ssh_compression_alg,ssh_kex_alg,ssh_host_key_alg,ssh_host_key,ssh_hassh,stratum_cryptocurrency,stratum_mining_pools,stratum_mining_program,rdp_cookie,rdp_security_protocol,rdp_client_channels,rdp_keyboard_layout,rdp_client_version,rdp_client_name,rdp_client_product_id,rdp_desktop_width,rdp_desktop_height,rdp_requested_color_depth,rdp_certificate_type,rdp_certificate_count,rdp_certificate_permanent,rdp_encryption_level,rdp_encryption_method, expr=common_recv_time >= UNIX_TIMESTAMP('2022-10-10 22:55:00') AND common_recv_time < UNIX_TIMESTAMP('2022-10-11 20:59:59') AND (common_client_ip = '196.188.136.150'), orderBy=common_recv_time DESC, limit=0,100000, subSelect=null, whereExpression=common_recv_time >= UNIX_TIMESTAMP('2022-10-10 22:55:00') AND common_recv_time < UNIX_TIMESTAMP('2022-10-11 20:59:59') AND (common_client_ip = '196.188.136.150'), groupByElement=null, listOrderElement=[common_recv_time DESC], aliasFields={ftp_content=ftp_content, common_userdefine_app_name=common_userdefine_app_name, rdp_client_name=rdp_client_name, common_log_id=common_log_id, common_schema_type=common_schema_type, common_client_location=common_client_location, ssh_hassh=ssh_hassh, mail_account=mail_account, sip_originator_description=sip_originator_description, common_imsi=common_imsi, http_response_content_length=http_response_content_length, dns_sub=dns_sub, common_server_location=common_server_location, mail_to_cmd=mail_to_cmd, common_app_behavior=common_app_behavior, common_tunnels=common_tunnels, ssl_server_side_version=ssl_server_side_version, common_client_ip=common_client_ip, common_l7_protocol=common_l7_protocol, ftp_url=ftp_url, common_app_identify_info=common_app_identify_info, rdp_certificate_type=rdp_certificate_type, common_address_type=common_address_type, stratum_cryptocurrency=stratum_cryptocurrency, dns_aa=dns_aa, sip_originator_sdp_content=sip_originator_sdp_content, dns_qr=dns_qr, common_s2c_pkt_retrans=common_s2c_pkt_retrans, http_request_line=http_request_line, rdp_security_protocol=rdp_security_protocol, http_response_content_type=http_response_content_type, dns_ancount=dns_ancount, mail_subject=mail_subject, ssh_cipher_alg=ssh_cipher_alg, common_phone_number=common_phone_number, http_url=http_url, ssl_server_side_latency=ssl_server_side_latency, sip_originator_sdp_connect_ip=sip_originator_sdp_connect_ip, http_response_line=http_response_line, http_referer=http_referer, sip_originator_sdp_media_type=sip_originator_sdp_media_type, ssh_mac_alg=ssh_mac_alg, ssl_pinningst=ssl_pinningst, sip_call_id=sip_call_id, rdp_desktop_width=rdp_desktop_width, common_tcp_client_isn=common_tcp_client_isn, common_con_duration_ms=common_con_duration_ms, rdp_client_product_id=rdp_client_product_id, common_device_group=common_device_group, common_sessions=common_sessions, ssh_host_key=ssh_host_key, common_c2s_pkt_num=common_c2s_pkt_num, common_c2s_tcp_unorder_num=common_c2s_tcp_unorder_num, http_domain=http_domain, ssl_cert_subject=ssl_cert_subject, common_recv_time=FROM_UNIXTIME(common_recv_time), mail_eml_file=mail_eml_file, ssl_client_side_latency=ssl_client_side_latency, common_s2c_pkt_num=common_s2c_pkt_num, common_c2s_byte_num=common_c2s_byte_num, common_c2s_tcp_lostlen=common_c2s_tcp_lostlen, ssl_con_latency_ms=ssl_con_latency_ms, rtp_payload_type_c2s=rtp_payload_type_c2s, rtp_payload_type_s2c=rtp_payload_type_s2c, http_host=http_host, sip_server=sip_server, http_user_agent=http_user_agent, dns_nscount=dns_nscount, sip_duration_s=sip_duration_s, sip_user_agent=sip_user_agent, stratum_mining_pools=stratum_mining_pools, common_start_time=FROM_UNIXTIME(common_start_time), common_client_asn=common_client_asn, dns_opcode=dns_opcode, dns_qclass=dns_qclass, common_s2c_tcp_unorder_num=common_s2c_tcp_unorder_num, rdp_certificate_count=rdp_certificate_count, common_internal_ip=common_internal_ip, sip_responder_sdp_media_type=sip_responder_sdp_media_type, sip_responder_sdp_content=sip_responder_sdp_content, common_sled_ip=common_sled_ip, mail_attachment_name=mail_attachment_name, sip_responder_sdp_connect_ip=sip_responder_sdp_connect_ip, common_server_port=common_server_port, mail_cc=mail_cc, rdp_requested_color_depth=rdp_requested_color_depth, common_protocol_label=common_protocol_label, http_request_content_type=http_request_content_type, ssl_sni=ssl_sni, dns_cname=dns_cname, ssh_kex_alg=ssh_kex_alg, rdp_certificate_permanent=rdp_certificate_permanent, sip_originator_sdp_media_port=sip_originator_sdp_media_port, common_client_port=common_client_port, common_device_id=common_device_id, rdp_client_version=rdp_client_version, common_subscriber_id=common_subscriber_id, mail_to=mail_to, common_external_ip=common_external_ip, common_stream_trace_id=common_stream_trace_id, quic_sni=quic_sni, common_l4_protocol=common_l4_protocol, ssh_compression_alg=ssh_compression_alg, common_c2s_byte_retrans=common_c2s_byte_retrans, dns_qname=dns_qname, sip_responder_description=sip_responder_description, common_c2s_pkt_retrans=common_c2s_pkt_retrans, common_s2c_ipfrag_num=common_s2c_ipfrag_num, http_cookie=http_cookie, ssl_cert_verify=ssl_cert_verify, mail_protocol_type=mail_protocol_type, ssh_server_version=ssh_server_version, common_service_category=common_service_category, rtp_pcap_path=rtp_pcap_path, common_server_asn=common_server_asn, http_version=http_version, ssh_version=ssh_version, common_data_center=common_data_center, mail_from=mail_from, http_response_latency_ms=http_response_latency_ms, dns_tc=dns_tc, http_session_duration_ms=http_session_duration_ms, sip_responder_sdp_media_port=sip_responder_sdp_media_port, common_processing_time=FROM_UNIXTIME(common_processing_time), mail_from_cmd=mail_from_cmd, ssl_ja3_hash=ssl_ja3_hash, dns_rcode=dns_rcode, stratum_mining_program=stratum_mining_program, http_set_cookie=http_set_cookie, common_app_label=common_app_label, ssl_cn=ssl_cn, ssh_auth_success=ssh_auth_success, common_stream_dir=common_stream_dir, dns_response_latency_ms=dns_response_latency_ms, rdp_encryption_method=rdp_encryption_method, common_server_ip=common_server_ip, common_s2c_byte_num=common_s2c_byte_num, ssh_client_version=ssh_client_version, common_s2c_tcp_lostlen=common_s2c_tcp_lostlen, common_ingestion_time=FROM_UNIXTIME(common_ingestion_time), common_s2c_byte_retrans=common_s2c_byte_retrans, common_tcp_server_isn=common_tcp_server_isn, dns_qdcount=dns_qdcount, http_request_content_length=http_request_content_length, common_direction=common_direction, app_extra_info=app_extra_info, common_imei=common_imei, mail_bcc=mail_bcc, quic_version=quic_version, common_c2s_ipfrag_num=common_c2s_ipfrag_num, dns_rd=dns_rd, dns_qtype=dns_qtype, rdp_client_channels=rdp_client_channels, ssh_host_key_alg=ssh_host_key_alg, ssl_san=ssl_san, rdp_cookie=rdp_cookie, quic_user_agent=quic_user_agent, ftp_account=ftp_account, rdp_keyboard_layout=rdp_keyboard_layout, common_end_time=FROM_UNIXTIME(common_end_time), dns_ra=dns_ra, rdp_desktop_height=rdp_desktop_height, common_establish_latency_ms=common_establish_latency_ms, ftp_link_type=ftp_link_type, ssl_error=ssl_error, rdp_encryption_level=rdp_encryption_level, dns_arcount=dns_arcount, ssl_intercept_state=ssl_intercept_state, ssl_cert_issuer=ssl_cert_issuer, sip_bye=sip_bye, dns_message_id=dns_message_id, ssl_client_side_version=ssl_client_side_version}, udfSet=[], groupDimension=null, subSqlQuerySources=[], isEnableLimit=true))]","url":null,"method":"POST","classMethod":null}
[2022-10-11 08:58:08+0000] [ERROR] [Thread:http-nio-8183-exec-8] com.mesalab.qgw.controller.GlobalExceptionHandler.handleBusinessException(GlobalExceptionHandler.java:52) [] - queryKey:6ec0d00693dbf9671785049ff13c2fe9.message:SQL Execution Error: Read timed out  .stackTrace:com.mesalab.qgw.dialect.ClickHouseDialect.build(ClickHouseDialect.java:1008)


不带条件导出数据，QGW日志：
[2022-10-11 09:20:20+0000] [INFO] [Thread:http-nio-8183-exec-7] com.mesalab.qgw.dialect.ClickHouseDialect.executeHttpPost(ClickHouseDialect.java:1176) [] - DB engine is :clickHouse,execute http query is :http://10.224.11.244:8124/?user=tsg_query&password=XXX&database=tsg_galaxy_v3&query_id=da2ec90c04e27d2b4cba224cf6da1efd. body sql is:SELECT toDateTime(common_recv_time) AS common_recv_time, common_log_id, common_policy_id, common_subscriber_id, common_imei, common_imsi, common_phone_number, common_client_ip, common_internal_ip, common_client_port, common_l4_protocol, common_address_type, common_server_ip, common_server_port, common_external_ip, common_action, common_direction, common_sled_ip, common_client_location, common_client_asn, common_server_location, common_server_asn, common_sessions, common_c2s_pkt_num, common_s2c_pkt_num, common_c2s_byte_num, common_s2c_byte_num, common_schema_type, common_device_id, common_data_center, common_device_group, common_app_behavior, common_app_label, common_tunnels, common_userdefine_app_name, common_app_identify_info, common_l7_protocol, common_service_category, toDateTime(common_start_time) AS common_start_time, toDateTime(common_end_time) AS common_end_time, common_establish_latency_ms, common_con_duration_ms, common_stream_dir, common_stream_error, common_stream_trace_id, common_packet_capture_file, common_tcp_client_isn, common_tcp_server_isn, toDateTime(common_processing_time) AS common_processing_time, toDateTime(common_ingestion_time) AS common_ingestion_time, common_mirrored_pkts, common_mirrored_bytes, http_url, http_host, http_domain, http_request_content_length, http_request_content_type, http_response_content_length, http_response_content_type, http_request_body, http_response_body, http_cookie, http_referer, http_user_agent, http_set_cookie, http_version, http_response_latency_ms, http_action_file_size, http_session_duration_ms, mail_protocol_type, mail_account, mail_from_cmd, mail_to_cmd, mail_from, mail_to, mail_cc, mail_bcc, mail_subject, mail_attachment_name, mail_eml_file, dns_message_id, dns_qr, dns_opcode, dns_aa, dns_tc, dns_rd, dns_ra, dns_rcode, dns_qdcount, dns_ancount, dns_nscount, dns_arcount, dns_qname, dns_qtype, dns_qclass, dns_cname, dns_sub, dns_rr, ssl_sni, ssl_san, ssl_cn, ssl_pinningst, ssl_intercept_state, ssl_passthrough_reason, ssl_server_side_latency, ssl_client_side_latency, ssl_server_side_version, ssl_client_side_version, ssl_cert_verify, ssl_error, ssl_con_latency_ms, ssl_ja3_hash, ssl_cert_issuer, ssl_cert_subject, quic_version, quic_sni, quic_user_agent, ftp_account, ftp_url, ftp_content, ftp_link_type, app_extra_info, sip_call_id, sip_originator_description, sip_responder_description, sip_user_agent, sip_server, sip_originator_sdp_connect_ip, sip_originator_sdp_media_port, sip_originator_sdp_media_type, sip_originator_sdp_content, sip_responder_sdp_connect_ip, sip_responder_sdp_media_port, sip_responder_sdp_media_type, sip_responder_sdp_content, sip_duration_s, sip_bye, rtp_payload_type_c2s, rtp_payload_type_s2c, rtp_pcap_path, ssh_version, ssh_auth_success, ssh_client_version, ssh_server_version, ssh_cipher_alg, ssh_mac_alg, ssh_compression_alg, ssh_kex_alg, ssh_host_key_alg, ssh_host_key, ssh_hassh, stratum_cryptocurrency, stratum_mining_pools, stratum_mining_program, rdp_cookie, rdp_security_protocol, rdp_client_channels, rdp_keyboard_layout, rdp_client_version, rdp_client_name, rdp_client_product_id, rdp_desktop_width, rdp_desktop_height, rdp_requested_color_depth, rdp_certificate_type, rdp_certificate_count, rdp_certificate_permanent, rdp_encryption_level, rdp_encryption_method FROM tsg_galaxy_v3.security_event AS security_event WHERE toDateTime(common_recv_time) IN (SELECT toDateTime(common_recv_time) FROM tsg_galaxy_v3.security_event AS security_event WHERE common_recv_time >= toUnixTimestamp( '2022-10-11 09:02:57') AND common_recv_time < toUnixTimestamp( '2022-10-11 09:17:57') ORDER BY toDateTime(common_recv_time) DESC LIMIT 100000) AND common_recv_time >= toUnixTimestamp( '2022-10-11 09:02:57') AND common_recv_time < toUnixTimestamp( '2022-10-11 09:17:57') ORDER BY common_recv_time DESC LIMIT 0, 100000
[2022-10-11 09:20:34+0000] [INFO] [Thread:http-nio-8183-exec-7] com.mesalab.qgw.controller.AuditLogAspect.doAfterReturning(AuditLogAspect.java:105) [] - Audit Log [completed]:{"annotation":"ApiController.post","queryKey":"71f52808e7f2cf2f461dfbef574e8e19","cacheKey":"b22dd3ca139423f6c7f96389744870f6","remoteAddr":"10.224.11.11","clientIp":"10.224.11.11","exeTime":13746,"dbType":"clickHouse","param":null,"url":null,"method":"POST","classMethod":null}