problem description
there is a requirement to get the accessed domain name / IP from the log and want to match the type and Chinese name of the website in filter.
the type and Chinese name of the website are stored in a database file, just like a dictionary, the fields that add the type and name of the site are left blank.
for example, if the domain name of the visited website collected from the log is: www.baidu.com, you can set the matching website database in filter, and the matching result is: website type: search category, site name: Baidu search, then add the field of "site type: search category, site name: Baidu search" in the field.
this requirement is very similar to GeoIP. Matching longitude, latitude, region, and other information from an IP address is also based on a database file.