haobang-security-dm/syslog-consumer/target/classes/com/common/util/AlgorithmResultParser.class

Êþº¾4'
µ
¬


¬	¬
 !
"#$
%
&'
&(
¬)
*
+
¬,
-
./
0
12
34
¬5
67
89
:
;
<=
>?
@A
BCÈ
DE
¬F
GH
I
J
K
L
MN
OP
Q
RS
TU
VW
XY
Z
¬[\]^_
3`
3ab
3c
d
¬e
f
3ghi
jk
lm
n
o
pqrst
uvw
3xyz{|}~€�‚ƒ„…†‡ˆ‰Š‹Œ�Ž��‘’“”•–—˜™š›œ�žŸ ¡¢£¤¥¦§¨©ª«	¬¬
.®	®¯
3°
3±²
¡
¡³´
¡(
.µ¶·
¸¹
¸º
¸»¼
½¾¿À
®ÁÂÃÄÅÆlogLorg/slf4j/Logger;DATE_FORMATTERS%[Ljava/time/format/DateTimeFormatter;<init>()VCodeLineNumberTableLocalVariableTablethis'Lcom/common/util/AlgorithmResultParser;buildNewLogsFromExample()Ljava/util/List;exampleJsonLjava/lang/String;	Signature8()Ljava/util/List<Lcom/common/entity/SyslogNormalData;>;parseJsonToLogs$(Ljava/lang/String;)Ljava/util/List;jsonObj!Lcom/alibaba/fastjson/JSONObject;logData$Lcom/common/entity/SyslogNormalData;iI	jsonArray Lcom/alibaba/fastjson/JSONArray;eLjava/lang/Exception;jsonStrlogsLjava/util/List;LocalVariableTypeTable6Ljava/util/List<Lcom/common/entity/SyslogNormalData;>;
StackMapTableÇÈ¼É J(Ljava/lang/String;)Ljava/util/List<Lcom/common/entity/SyslogNormalData;>;convertJsonObjectG(Lcom/alibaba/fastjson/JSONObject;)Lcom/common/entity/SyslogNormalData;logTimeLjava/time/LocalDateTime;now
accessTimeoriginFieldÊ$ËextractAdditionalInfo9(Lcom/common/entity/SyslogNormalData;Ljava/lang/String;)VfileInfoparts[Ljava/lang/String;maliciousRequestídetermineFileType&(Ljava/lang/String;)Ljava/lang/String;fileName
parseDateTime-(Ljava/lang/String;)Ljava/time/LocalDateTime;	formatter$Ljava/time/format/DateTimeFormatter;dateParttimeStr¹¿	getStringG(Lcom/alibaba/fastjson/JSONObject;Ljava/lang/String;)Ljava/lang/String;keyY(Lcom/alibaba/fastjson/JSONObject;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;valuedefaultValuegetLongU(Lcom/alibaba/fastjson/JSONObject;Ljava/lang/String;Ljava/lang/Long;)Ljava/lang/Long;Ljava/lang/Long;Ì
getInteger[(Lcom/alibaba/fastjson/JSONObject;Ljava/lang/String;Ljava/lang/Integer;)Ljava/lang/Integer;Ljava/lang/Integer;Í<clinit>
SourceFileAlgorithmResultParser.javaRuntimeVisibleAnnotations*Lorg/springframework/stereotype/Component;º» [
    {
        "_index": "es:skyeye-weblog-2025.09.30",
        "access_time": "2025-09-30 12:05:00",
        "dip": "10.20.30.51",
        "dname": "ç½‘é¡µæœ¨é©¬æµ�é‡�",
        "dtype": "ç–‘ä¼¼æœ¨é©¬æ´»åŠ¨",
        "host": "",
        "log_id": "hidden-002",
        "origin_field": "åŒ¹é…�åˆ°æ–‡ä»¶å��: shell.php:.jpg ä¸Ž åŒ¹é…�åˆ°æ�¶æ„�è¯·æ±‚: exec=dir",
        "reason": "æº�IP 203.0.113.51 è®¿é—® ç›®çš„IP 10.20.30.51 å¼‚å¸¸ï¼Œå…¥åº¦=0, å‡ºåº¦=0, ç‹¬ç«‹è®¿å®¢=1ï¼ŒåŒ¹é…�åˆ°æ–‡ä»¶å��: shell.php:.jpgï¼ŒåŒ¹é…�åˆ°æ�¶æ„�è¯·æ±‚: exec=dir",
        "referer": "",
        "sip": "203.0.113.51",
        "status_code": 200,
        "url": "/admin/shell.php:.jpg"
    }
]ÇÈjava/util/ArrayListÎÏÐÈÑÒÓÔßàÇÕÖ¶·æˆ�åŠŸè§£æž� {} æ�¡æ—¥å¿—æ•°æ�®Í×ØÙÚÛjava/lang/Exceptionè§£æž�JSONå¤±è´¥: {}ÜÝÞß"com/common/entity/SyslogNormalDatalog_idàáâãÝûþäåæåûüçåËãèéêëêaccess_timeÉìíóôîêsipïådipðåñåòåurlóåhostôårefererõåstatus_codeÌ×ö÷øGETùåúûüûýûþûdtypeÿådnameååreasonåorigin_fieldåhttpåalgorithm_detectionåéê_indexè½¬æ�¢JSONå¯¹è±¡å¤±è´¥: {}ÞÛ
æ–‡ä»¶å��:	ä¸Ž
Ýåðñå
Ýshellç–‘ä¼¼Webshellåç½‘é¡µå�Žé—¨å
æ�¶æ„�è¯·æ±‚:åååexec=cmd=system(å‘½ä»¤æ‰§è¡Œå.php.php:php.jspjsp.asp.aspxasp.jpg.jpegimage.png.gif.bmp.exe
executable.dlllibrary.bat.cmdbatch.sh.pypython.js
javascript.html.htmhtml.csscss.xmlxml.jsonjson.txttext.pdfpdf.doc.docxdocument.xls.xlsxspreadsheet.zip.rar.7z.tar.gzarchiveunknown¸¹TöÒjava/lang/StringBuilder	T00:00:003æ— æ³•è§£æž�æ—¶é—´å—ç¬¦ä¸²: {}, ä½¿ç”¨å½“å‰�æ—¶é—´ÛÊûñ !%com/common/util/AlgorithmResultParser"#$"java/time/format/DateTimeFormatteryyyy-MM-dd HH:mm:ss%&yyyy/MM/dd HH:mm:ssyyyy-MM-dd HH:mm:ss.SSSyyyy-MM-dd'T'HH:mm:ssyyyy-MM-dd'T'HH:mm:ss.SSSjava/lang/Objectjava/util/Listcom/alibaba/fastjson/JSONArrayjava/lang/Stringcom/alibaba/fastjson/JSONObjectjava/time/LocalDateTimejava/lang/Longjava/lang/Integercom/alibaba/fastjson/JSON
parseArray4(Ljava/lang/String;)Lcom/alibaba/fastjson/JSONArray;size()I
getJSONObject$(I)Lcom/alibaba/fastjson/JSONObject;add(Ljava/lang/Object;)ZvalueOf(I)Ljava/lang/Integer;org/slf4j/Loggerinfo'(Ljava/lang/String;Ljava/lang/Object;)V
getMessage()Ljava/lang/String;error9(Ljava/lang/String;Ljava/lang/Object;Ljava/lang/Object;)Vjava/util/UUID
randomUUID()Ljava/util/UUID;toStringsetId(Ljava/lang/String;)V
setSyslogUuidsetLogId()Ljava/time/LocalDateTime;setCreatedAt(Ljava/time/LocalDateTime;)VsetEventDateisEmpty()Z
setLogTimesetSrcIp	setDestIpsetSrcIpStrsetDestIpStr
setHttpUrlsetHttpHostsetHttpReferer(J)Ljava/lang/Long;setHttpStatusCode(Ljava/lang/Long;)V
setHttpMethodsetAttackResult(Ljava/lang/Integer;)VsetEventCategorysetEventType
setEventLevel