haobang-security-dm/syslog-consumer/target/classes/com/common/mapper/SyslogNormalAlarmMapper.class

Êþº¾4#!"
insertDynamic(Ljava/util/Map;)I	Signature8(Ljava/util/Map<Ljava/lang/String;Ljava/lang/Object;>;)I"RuntimeVisibleParameterAnnotations%Lorg/apache/ibatis/annotations/Param;valuedataMapinsertByEntity((Lcom/common/entity/SyslogNormalAlarm;)IbatchInsert(Ljava/util/List;)IJ(Ljava/util/List<Ljava/util/Map<Ljava/lang/String;Ljava/lang/Object;>;>;)IdataListcount24HoursGroupedDataD(Ljava/time/LocalDateTime;Ljava/time/LocalDateTime;)Ljava/lang/Long;RuntimeVisibleAnnotations&Lorg/apache/ibatis/annotations/Select;ZSELECT count(1) as group_count from ( select  to_char(log_time, 'YYYYMMDD') || '_' || dest_ip || '_' || origin_event_name FROM syslog_normal_alarm WHERE log_time >= #{startTime} AND log_time < #{endTime} AND event_level >= 1 AND src_ip NOT IN ('127.0.0.1', '127.0.0.2') GROUP BY to_char(log_time, 'YYYYMMDD'),src_ip, dest_ip, origin_event_name  )	startTimeendTimeselect24HoursGroupedDataByPageF(Ljava/time/LocalDateTime;Ljava/time/LocalDateTime;II)Ljava/util/List;m(Ljava/time/LocalDateTime;Ljava/time/LocalDateTime;II)Ljava/util/List<Lcom/common/entity/GroupedSyslogData;>;ÃSELECT to_char(log_time, 'YYYYMMDD') as log_date, ARRAY_AGG(DISTINCT  host(src_ip)::text)  as  attack_ips, origin_event_name, MAX(attack_result) as attack_result, MIN(log_time) as min_log_time, MAX(log_time) as max_log_time, COUNT(1) as log_count, ARRAY_AGG(DISTINCT  host(dest_ip)::text) as victim_ips, ARRAY_AGG(DISTINCT http_url) as victim_web_urls, ARRAY_AGG(DISTINCT device_id) as device_ids, ARRAY_AGG(DISTINCT id) as origin_log_ids, MAX(event_level) as max_event_level, MIN(origin_event_type)  AS first_event_type, MAX(origin_event_type) as event_type, MIN(event_type) as min_event_type, ARRAY_AGG(DISTINCT src_port::int4) as attack_ports, ARRAY_AGG(DISTINCT dest_port::int4) as victim_ports, ARRAY_AGG(DISTINCT http_resp_codes::text) as http_status_codes, ARRAY_AGG(DISTINCT payload::BYTEA) as payload_samples, ARRAY_AGG(DISTINCT http_req_header) as httpReqHeaders, ARRAY_AGG(DISTINCT http_req_body) as httpReqBodys, ARRAY_AGG(DISTINCT http_resp_header) as httpRespHeaders, ARRAY_AGG(DISTINCT http_resp_body) as httpRespBodys, MODE() WITHIN GROUP (ORDER BY dest_domain) as dns_info, STRING_AGG(DISTINCT COALESCE(host(dest_ip)::text, ''), ',') as victim_ips_str FROM syslog_normal_alarm  WHERE log_time >= #{startTime} AND log_time < #{endTime} AND event_level >= 1 AND src_ip NOT IN ('127.0.0.1', '127.0.0.2') GROUP BY to_char(log_time, 'YYYYMMDD'), src_ip, dest_ip, origin_event_name  ORDER BY log_date, dest_ip, origin_event_name  LIMIT #{pageSize} OFFSET #{offset}offsetpageSize
SourceFileSyslogNormalAlarmMapper.java&Lorg/apache/ibatis/annotations/Mapper;)com/common/mapper/SyslogNormalAlarmMapperjava/lang/Object	s
1、新增功能探针联动处置、心跳在线检测 2026-05-28 14:30:06 +08:00			`Êþº¾4#!"`
			insertDynamic(Ljava/util/Map;)I Signature8(Ljava/util/Map<Ljava/lang/String;Ljava/lang/Object;>;)I"RuntimeVisibleParameterAnnotations%Lorg/apache/ibatis/annotations/Param;valuedataMapinsertByEntity((Lcom/common/entity/SyslogNormalAlarm;)IbatchInsert(Ljava/util/List;)IJ(Ljava/util/List<Ljava/util/Map<Ljava/lang/String;Ljava/lang/Object;>;>;)IdataListcount24HoursGroupedDataD(Ljava/time/LocalDateTime;Ljava/time/LocalDateTime;)Ljava/lang/Long;RuntimeVisibleAnnotations&Lorg/apache/ibatis/annotations/Select;ZSELECT count(1) as group_count from ( select to_char(log_time, 'YYYYMMDD') \|\| '_' \|\| dest_ip \|\| '_' \|\| origin_event_name FROM syslog_normal_alarm WHERE log_time >= #{startTime} AND log_time < #{endTime} AND event_level >= 1 AND src_ip NOT IN ('127.0.0.1', '127.0.0.2') GROUP BY to_char(log_time, 'YYYYMMDD'),src_ip, dest_ip, origin_event_name ) startTimeendTimeselect24HoursGroupedDataByPageF(Ljava/time/LocalDateTime;Ljava/time/LocalDateTime;II)Ljava/util/List;m(Ljava/time/LocalDateTime;Ljava/time/LocalDateTime;II)Ljava/util/List<Lcom/common/entity/GroupedSyslogData;>;ÃSELECT to_char(log_time, 'YYYYMMDD') as log_date, ARRAY_AGG(DISTINCT host(src_ip)::text) as attack_ips, origin_event_name, MAX(attack_result) as attack_result, MIN(log_time) as min_log_time, MAX(log_time) as max_log_time, COUNT(1) as log_count, ARRAY_AGG(DISTINCT host(dest_ip)::text) as victim_ips, ARRAY_AGG(DISTINCT http_url) as victim_web_urls, ARRAY_AGG(DISTINCT device_id) as device_ids, ARRAY_AGG(DISTINCT id) as origin_log_ids, MAX(event_level) as max_event_level, MIN(origin_event_type) AS first_event_type, MAX(origin_event_type) as event_type, MIN(event_type) as min_event_type, ARRAY_AGG(DISTINCT src_port::int4) as attack_ports, ARRAY_AGG(DISTINCT dest_port::int4) as victim_ports, ARRAY_AGG(DISTINCT http_resp_codes::text) as http_status_codes, ARRAY_AGG(DISTINCT payload::BYTEA) as payload_samples, ARRAY_AGG(DISTINCT http_req_header) as httpReqHeaders, ARRAY_AGG(DISTINCT http_req_body) as httpReqBodys, ARRAY_AGG(DISTINCT http_resp_header) as httpRespHeaders, ARRAY_AGG(DISTINCT http_resp_body) as httpRespBodys, MODE() WITHIN GROUP (ORDER BY dest_domain) as dns_info, STRING_AGG(DISTINCT COALESCE(host(dest_ip)::text, ''), ',') as victim_ips_str FROM syslog_normal_alarm WHERE log_time >= #{startTime} AND log_time < #{endTime} AND event_level >= 1 AND src_ip NOT IN ('127.0.0.1', '127.0.0.2') GROUP BY to_char(log_time, 'YYYYMMDD'), src_ip, dest_ip, origin_event_name ORDER BY log_date, dest_ip, origin_event_name LIMIT #{pageSize} OFFSET #{offset}offsetpageSize
			`SourceFileSyslogNormalAlarmMapper.java&Lorg/apache/ibatis/annotations/Mapper;)com/common/mapper/SyslogNormalAlarmMapperjava/lang/Object s`