nanChen/ai-security-xdr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a168f746534bb0478fcb99773a4b8f2612111c40
ai-security-xdr/haobang-security-dm/syslog-consumer/target/test-classes/SyslogParserDemo.class
T

16 lines
4.6 KiB
Plaintext
Raw Normal View History

1、新增功能探针联动处置、心跳在线检测
2026-05-28 14:30:06 +08:00
Êþº¾4~
&ABCDEFGHIJKL MNO
PQ
RST
AU
V
WX
YZ[ M\]^
_`abcd
&e
fghi<init>()VCodeLineNumberTableLocalVariableTablethisLSyslogParserDemo;main([Ljava/lang/String;)Vmsg!Lcom/common/entity/SyslogMessage;eLjava/lang/Exception;logLjava/lang/String;args[Ljava/lang/String; rfc5424Logs rfc3164Logs mixedLogs
StackMapTable7B[
SourceFileSyslogParserDemo.java '(java/lang/Stringq<4>2025-09-14T16:27:09+08:00 hcss-ecs-9dc5 HFish[2946163]: {"title":"HFish Threat Alert","client":"内置节点"}U<34>1 2023-10-27T14:30:15.123Z web-server-01 myapp 1234 ID47 - This is a test message{<165>1 2023-10-27T15:45:30.000+08:00 firewall01 sshd 5678 - [event source="auth" result="failure"] Failed password for useru<14>1 2023-10-27T16:20:45.789Z db-server-01 postgres 9012 DB01 [metrics query_time="150ms" rows=100] SELECT completed}<14>1 2025-09-24T11:52:26Z 5f46d3be75e1 supermario 128 honeypot_event - {"source":"honeypot1","id":"f6a13c35-bf9d-4da6-a181-50ce23e7ef6a","start_time":"2023-09-03T11:07:02.50167643Z","time":"2023-09-03T11:16:18.883885281Z","risk_level":4,"connection":"b18f3fbe-3fbf-4495-815f-ff26f6fb0bdf","file_info":null,"extra":{"payload":{"format":"line","name":{"cn":"攻击载è·","en":"payload"},"value":""},"uid":{"format":"line","name":{"cn":"","en":""},"uid":"b4cbc73c-25d0-4429-ae1b-a856cdf1a651","value":""}},"type":"WEB_ATTACK_SCANNER","agent_sn":"caa7da42-0cca-4cb1-b501-1f1eb2b588d5","agent_name":" 教育局蜜ç½æŽ¢é’ˆ","honeypot_id":"11a9ac6bdf38ae2aaa49ec4f1b4a921bff71952cb9f175bdd8ee1f0497057bc6","honeypot_name":"茂å市中å°å­¦ç®¡ç†å¹³å°ç®¡ç†åŽå°","src_ip":"117.50.189.7","src_port":58512,"src_mac":"","dest_ip":"192.168.222.2","dest_port":9200,"proxy_ip":null,"node":"WRx3"}<4>2025-09-14T16:27:09+08:00 hcss-ecs-9dc5 HFish[2946163]: {"title":"HFish Threat Alert","client":"内置节点","client_ip":"192.168.11.133","attack_type":"attack","scan_type":"","scan_port":"","class":"端å£ç›‘å¬","type":"TCP","name":"TCP端å£ç›‘å¬","account":"","src_ip":"36.154.189.226","src_port":"29604","dst_ip":"192.168.11.133","dst_port":"445","geo":"中国-江è‹","time":"2025-09-14 16:27:09","threat_name":"","threat_level":"other","info":"36.154.189.226:29604 already connected.","labels":"","labels_cn":"","AuthInfo":null}9<15>Oct 9 21:15:55 LAPTOP-ARDUR3N0 alan: honeypot_event><34>Oct 27 14:30:15 web01 sshd[1234]: Failed password for rootK<13>Oct 27 15:45:30 firewall01 %ASA-6-302013: Built outbound TCP connection<<7>Oct 27 16:20:45 appserver kernel: USB device disconnectedj kl=== RFC 5424 æ ¼å¼è§£æž ===m nop qrjava/lang/StringBuilder原始日志: st uv解æžç»“æžœ: sw---java/lang/Exception xl解æžå¤±è´¥: 错误: yv
=== RFC 3164 æ ¼å¼è§£æž ===!
=== æ··åˆæ ¼å¼è‡ªåŠ¨æ£€æµ‹ ===@<34>1 2023-10-27T14:30:15.123Z web01 myapp 1234 - - Test RFC5424.<13>Oct 27 15:45:30 web02 kernel: Test RFC3164检测到格å¼: z{| }vSyslogParserDemojava/lang/Objectjava/lang/SystemoutLjava/io/PrintStream;java/io/PrintStreamprintln(Ljava/lang/String;)Vcom/common/util/SyslogParserparse5(Ljava/lang/String;)Lcom/common/entity/SyslogMessage;append-(Ljava/lang/String;)Ljava/lang/StringBuilder;toString()Ljava/lang/String;-(Ljava/lang/Object;)Ljava/lang/StringBuilder;err
getMessagegetClass()Ljava/lang/Class;java/lang/Class
Reference in New Issue Copy Permalink