1、完善kafka 接收消息进行sm4 解密
2、新增IP联动封禁相关的API接口,供探针模块进行调用。
This commit is contained in:
+12
-4
@@ -79,9 +79,9 @@ public class LogNormalProcessor {
|
|||||||
@Autowired
|
@Autowired
|
||||||
DmNormalizeRuleMapper dmNormalizeRuleMapper;
|
DmNormalizeRuleMapper dmNormalizeRuleMapper;
|
||||||
|
|
||||||
private static List<Map<String, Object>> dmNormalizeRuleList;
|
private List<Map<String, Object>> dmNormalizeRuleList;
|
||||||
private static List<Map<String, Object>> dmColumnList;
|
private List<Map<String, Object>> dmColumnList;
|
||||||
private static LinkedHashMap<String, Object> OrginalColumnMap ;
|
private LinkedHashMap<String, Object> OrginalColumnMap ;
|
||||||
|
|
||||||
public LogNormalProcessor( String LogMsg, String syslogUUID,String syslogTopic) {
|
public LogNormalProcessor( String LogMsg, String syslogUUID,String syslogTopic) {
|
||||||
|
|
||||||
@@ -489,7 +489,15 @@ public class LogNormalProcessor {
|
|||||||
{
|
{
|
||||||
Map<String, Object > columnMap= new HashMap<>();
|
Map<String, Object > columnMap= new HashMap<>();
|
||||||
for (Map<String, Object> map : normalColumnList) {
|
for (Map<String, Object> map : normalColumnList) {
|
||||||
columnMap.put(map.get("dest_field").toString(),map.get("dest_field_value"));
|
|
||||||
|
Object destFieldValue = map.get("dest_field_value");
|
||||||
|
// 判断 dest_field_value 是否为 String 且包含 "\u0000"
|
||||||
|
if (destFieldValue instanceof String && ((String) destFieldValue).contains("\u0000")) {
|
||||||
|
// 替换掉所有 "\u0000" 字符
|
||||||
|
destFieldValue = ((String) destFieldValue).replace("\u0000", "");
|
||||||
|
}
|
||||||
|
columnMap.put(map.get("dest_field").toString(), destFieldValue);
|
||||||
|
//columnMap.put(map.get("dest_field").toString(),map.get("dest_field_value"));
|
||||||
}
|
}
|
||||||
return columnMap;
|
return columnMap;
|
||||||
}
|
}
|
||||||
|
|||||||
+16
-4
@@ -26,6 +26,9 @@ import java.util.concurrent.atomic.AtomicInteger;
|
|||||||
import java.time.LocalDate;
|
import java.time.LocalDate;
|
||||||
import java.time.LocalDate;
|
import java.time.LocalDate;
|
||||||
import java.time.format.DateTimeFormatter;
|
import java.time.format.DateTimeFormatter;
|
||||||
|
|
||||||
|
import com.common.util.Sm4Util;
|
||||||
|
import com.config.AppConfig;
|
||||||
@Slf4j
|
@Slf4j
|
||||||
@Component
|
@Component
|
||||||
public class SysLogProcessor {
|
public class SysLogProcessor {
|
||||||
@@ -40,10 +43,14 @@ public class SysLogProcessor {
|
|||||||
@Value("${app.processor.process-timeout-ms:30000}")
|
@Value("${app.processor.process-timeout-ms:30000}")
|
||||||
private long processTimeoutMs;
|
private long processTimeoutMs;
|
||||||
|
|
||||||
|
private static String strhexKey=AppConfig.getSM4Key();
|
||||||
private final AtomicInteger totalProcessed = new AtomicInteger(0);
|
private final AtomicInteger totalProcessed = new AtomicInteger(0);
|
||||||
private final AtomicInteger currentBatchCount = new AtomicInteger(0);
|
private final AtomicInteger currentBatchCount = new AtomicInteger(0);
|
||||||
// 初始化 InfluxDB 客户端
|
// 初始化 InfluxDB 客户端
|
||||||
private final com.influx.InfluxDBClient influxClient = new InfluxDBClient();
|
private final com.influx.InfluxDBClient influxClient = new InfluxDBClient();
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 方案一:直接多线程并行处理(推荐)
|
* 方案一:直接多线程并行处理(推荐)
|
||||||
* 单线程消费,每条消息独立提交给线程池处理
|
* 单线程消费,每条消息独立提交给线程池处理
|
||||||
@@ -80,7 +87,7 @@ public class SysLogProcessor {
|
|||||||
CompletableFuture<Void> future = CompletableFuture.runAsync(() -> {
|
CompletableFuture<Void> future = CompletableFuture.runAsync(() -> {
|
||||||
try {
|
try {
|
||||||
// 异步处理单条消息
|
// 异步处理单条消息
|
||||||
log.info("收到syslogmessage:"+ record.value());
|
log.info("收到syslogmessage:"+ Sm4Util.decryptCbc(record.value(), strhexKey));
|
||||||
processSingleMessageAsync(record);
|
processSingleMessageAsync(record);
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
log.error("处理消息失败, topic: {}, partition: {}, offset: {}",
|
log.error("处理消息失败, topic: {}, partition: {}, offset: {}",
|
||||||
@@ -251,8 +258,13 @@ public class SysLogProcessor {
|
|||||||
// 模拟业务处理
|
// 模拟业务处理
|
||||||
//processBusinessLogic(message);
|
//processBusinessLogic(message);
|
||||||
|
|
||||||
|
//Message进行SM4解密
|
||||||
|
String Sm4message=Sm4Util.decryptCbc(record.value(), strhexKey);
|
||||||
|
System.out.println("Sm4message:"+Sm4message);
|
||||||
|
|
||||||
|
|
||||||
String sysLogUUID =getSysLogUUID();
|
String sysLogUUID =getSysLogUUID();
|
||||||
String strDeviceInfo= SyslogParser.substringBeforeFirstChar(record.value(),']');
|
String strDeviceInfo= SyslogParser.substringBeforeFirstChar(Sm4message,']');
|
||||||
Map<String,String> mapdev =SyslogParser.parseKeyValuePairs(strDeviceInfo);
|
Map<String,String> mapdev =SyslogParser.parseKeyValuePairs(strDeviceInfo);
|
||||||
|
|
||||||
// 初始化 InfluxDB 客户端
|
// 初始化 InfluxDB 客户端
|
||||||
@@ -261,7 +273,7 @@ public class SysLogProcessor {
|
|||||||
.addTag("device_collect_id", mapdev.get("device_collect_id")) // 添加探针ID标签
|
.addTag("device_collect_id", mapdev.get("device_collect_id")) // 添加探针ID标签
|
||||||
.addTag("uuid", sysLogUUID) //syslog uuid
|
.addTag("uuid", sysLogUUID) //syslog uuid
|
||||||
.addTag("topic", AppConfig.getTopic()) //kafka topic
|
.addTag("topic", AppConfig.getTopic()) //kafka topic
|
||||||
.addField("message", record.value()) // 添加字段
|
.addField("message", Sm4message) // 添加字段
|
||||||
.addField("receive_time", mapdev.get("receive_time")) // 添加字段
|
.addField("receive_time", mapdev.get("receive_time")) // 添加字段
|
||||||
.addField("uuid", sysLogUUID)
|
.addField("uuid", sysLogUUID)
|
||||||
.time(System.currentTimeMillis(), WritePrecision.MS) ;// 毫秒级时间戳
|
.time(System.currentTimeMillis(), WritePrecision.MS) ;// 毫秒级时间戳
|
||||||
@@ -272,7 +284,7 @@ public class SysLogProcessor {
|
|||||||
//insertSingleRecord( record.value());
|
//insertSingleRecord( record.value());
|
||||||
|
|
||||||
//String syslogMessage= AppConfig.geRunEnvironment().equals("test")? record.value().substring(34) : record.value();
|
//String syslogMessage= AppConfig.geRunEnvironment().equals("test")? record.value().substring(34) : record.value();
|
||||||
String syslogMessage= record.value();
|
String syslogMessage= Sm4message;
|
||||||
//剔除测试环境本机syslog新增的头部信息
|
//剔除测试环境本机syslog新增的头部信息
|
||||||
LogNormalProcessor logNormalProcessor = new LogNormalProcessor(syslogMessage,sysLogUUID,AppConfig.getTopic());
|
LogNormalProcessor logNormalProcessor = new LogNormalProcessor(syslogMessage,sysLogUUID,AppConfig.getTopic());
|
||||||
//LogNormalProcessor logNormalProcessor =new LogNormalProcessor(record.value());
|
//LogNormalProcessor logNormalProcessor =new LogNormalProcessor(record.value());
|
||||||
|
|||||||
+22
-14
@@ -33,11 +33,27 @@ public class ETLOrchestrator {
|
|||||||
private NormalizeRuleHitTimeService normalizeRuleHitTimeService;
|
private NormalizeRuleHitTimeService normalizeRuleHitTimeService;
|
||||||
/**
|
/**
|
||||||
* 定时任务 - 从每小时第1分钟开始,5分钟间隔执行
|
* 定时任务 - 从每小时第1分钟开始,5分钟间隔执行
|
||||||
* 20260317:暂定硬规则关联分析
|
* 20260317:暂停硬规则关联分析,由可配置关联分析规则取代
|
||||||
|
* 泛化规则最新命中时间更新任务保留
|
||||||
*/
|
*/
|
||||||
//@Scheduled(cron = "0 1/5 * * * ?")
|
@Scheduled(cron = "0 1/5 * * * ?")
|
||||||
public void scheduledETL() {
|
public void scheduledETL() {
|
||||||
|
|
||||||
|
//暂停ETL数据降噪任务(关联分析)
|
||||||
|
//RunETL();
|
||||||
|
|
||||||
|
//泛化规则最新命中时间更新任务
|
||||||
|
try {
|
||||||
|
normalizeRuleHitTimeService.updateRuleHitTimeTask();
|
||||||
|
} catch (Exception e) {
|
||||||
|
log.error("泛化规则最新命中时间更新任务执行失败", e);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
//ETL数据降噪任务处理
|
||||||
|
private void RunETL()
|
||||||
|
{
|
||||||
long startTime = System.currentTimeMillis();
|
long startTime = System.currentTimeMillis();
|
||||||
DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss");
|
DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss");
|
||||||
LocalDateTime[] currentWindow=TimeWindowCalculator.getPrevious5MinuteWindow();
|
LocalDateTime[] currentWindow=TimeWindowCalculator.getPrevious5MinuteWindow();
|
||||||
@@ -48,7 +64,7 @@ public class ETLOrchestrator {
|
|||||||
try {
|
try {
|
||||||
//retryHandler.executeWithRetry(() -> dataExtractor.extractAndProcess24HoursGroupedData());
|
//retryHandler.executeWithRetry(() -> dataExtractor.extractAndProcess24HoursGroupedData());
|
||||||
//retryHandler.executeWithRetry(() -> dataExtractor.extractAndProcessQueryHoursGroupedData(strStartTime,strEndTime ));
|
//retryHandler.executeWithRetry(() -> dataExtractor.extractAndProcessQueryHoursGroupedData(strStartTime,strEndTime ));
|
||||||
retryHandler.executeWithRetry(() -> dataExtractor.extractAndProcessQueryHoursAlarm(strStartTime,strEndTime ));
|
//retryHandler.executeWithRetry(() -> dataExtractor.extractAndProcessQueryHoursAlarm(strStartTime,strEndTime ));
|
||||||
long endTime = System.currentTimeMillis();
|
long endTime = System.currentTimeMillis();
|
||||||
long duration = (endTime - startTime) / 1000;
|
long duration = (endTime - startTime) / 1000;
|
||||||
log.info("定时ETL任务执行完成,耗时: {} 秒", duration);
|
log.info("定时ETL任务执行完成,耗时: {} 秒", duration);
|
||||||
@@ -56,14 +72,6 @@ public class ETLOrchestrator {
|
|||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
log.error("定时ETL任务执行失败", e);
|
log.error("定时ETL任务执行失败", e);
|
||||||
}
|
}
|
||||||
|
|
||||||
//泛化规则最新命中时间更新任务
|
|
||||||
try {
|
|
||||||
normalizeRuleHitTimeService.updateRuleHitTimeTask();
|
|
||||||
} catch (Exception e) {
|
|
||||||
log.error("泛化规则最新命中时间更新任务执行失败", e);
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -105,12 +113,12 @@ public class ETLOrchestrator {
|
|||||||
* 每天凌晨3点清理2天前的数据
|
* 每天凌晨3点清理2天前的数据
|
||||||
*/
|
*/
|
||||||
@Scheduled(cron = "0 0 3 * * ?")
|
@Scheduled(cron = "0 0 3 * * ?")
|
||||||
//@Scheduled(cron = "0 * * * * ?")
|
|
||||||
public void cleanupOldLogs() {
|
public void cleanupOldLogs() {
|
||||||
try {
|
try {
|
||||||
LocalDateTime cutoffTime = LocalDateTime.now().minusDays(2);
|
//默认删除7天内接收日志记录
|
||||||
|
LocalDateTime cutoffTime = LocalDateTime.now().minusDays(7);
|
||||||
int deleted = deviceReceiveLogService.deleteOldLogs(cutoffTime);
|
int deleted = deviceReceiveLogService.deleteOldLogs(cutoffTime);
|
||||||
log.info("定时清理任务完成,删除{}条2天前的日志", deleted);
|
log.info("定时清理任务完成,删除{}条7天前的日志", deleted);
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
log.error("定时清理日志失败", e);
|
log.error("定时清理日志失败", e);
|
||||||
}
|
}
|
||||||
|
|||||||
+1
-9
@@ -52,15 +52,7 @@ public class PartitionTableSchedule {
|
|||||||
logger.info("测试任务: 分区表创建完成");
|
logger.info("测试任务: 分区表创建完成");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* 每天检查一次分区表状态(可选)
|
|
||||||
*/
|
|
||||||
@Scheduled(cron = "0 0 2 * * ?")
|
|
||||||
public void checkPartitionTableStatus() {
|
|
||||||
logger.info("开始检查分区表状态...");
|
|
||||||
// 这里可以添加分区表状态检查逻辑
|
|
||||||
logger.info("分区表状态检查完成");
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
+2
-2
@@ -85,9 +85,9 @@ public class DeviceStatsUpdateService {
|
|||||||
" updated_at = NOW() " ;
|
" updated_at = NOW() " ;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 每分钟执行一次统计更新(秒:0,分:*,时:*)
|
* 每5分钟执行一次设备统计更新(秒:0,分:*,时:*)
|
||||||
*/
|
*/
|
||||||
@Scheduled(cron = "0 * * * * ?")
|
@Scheduled(cron = "0 */5 * * * ?")
|
||||||
@Transactional
|
@Transactional
|
||||||
public void updateDeviceStats() {
|
public void updateDeviceStats() {
|
||||||
long startTime = System.currentTimeMillis();
|
long startTime = System.currentTimeMillis();
|
||||||
|
|||||||
@@ -101,5 +101,7 @@ public class AppConfig {
|
|||||||
|
|
||||||
public static String geRunEnvironment() { return config.getString("server.run.environment"); }
|
public static String geRunEnvironment() { return config.getString("server.run.environment"); }
|
||||||
|
|
||||||
|
public static String getSM4Key() {
|
||||||
|
return config.getString("syslog.sm4.generateKey");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
+1
-2
@@ -95,8 +95,7 @@ public class SyslogNonNormalMessageController {
|
|||||||
/**
|
/**
|
||||||
* 删除非标日志
|
* 删除非标日志
|
||||||
*/
|
*/
|
||||||
@DeleteMapping("/delete/{id}")
|
//@DeleteMapping("/delete/{id}")
|
||||||
|
|
||||||
public ResponseEntity<Map<String, Object>> deleteMessage(
|
public ResponseEntity<Map<String, Object>> deleteMessage(
|
||||||
@PathVariable String id) {
|
@PathVariable String id) {
|
||||||
Map<String, Object> result = new HashMap<>();
|
Map<String, Object> result = new HashMap<>();
|
||||||
|
|||||||
@@ -15,7 +15,7 @@ syslog.tcp.port=514
|
|||||||
syslog.udp.port=514
|
syslog.udp.port=514
|
||||||
syslog.max.frame.length=65536
|
syslog.max.frame.length=65536
|
||||||
syslog.buffer.size=1000
|
syslog.buffer.size=1000
|
||||||
|
syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
|
||||||
# InfluxDB 2.7 Configuration
|
# InfluxDB 2.7 Configuration
|
||||||
influxdb.url=http://192.168.222.131:8086
|
influxdb.url=http://192.168.222.131:8086
|
||||||
influxdb.token=3Tvu-IZWtaY03UDkbUDlufD0kxn85keo9LhYQcv2Cxk0LJmXqqHkNVrO664DbaJAYwoGI7UIg904KqZC7Q_ZFA==
|
influxdb.token=3Tvu-IZWtaY03UDkbUDlufD0kxn85keo9LhYQcv2Cxk0LJmXqqHkNVrO664DbaJAYwoGI7UIg904KqZC7Q_ZFA==
|
||||||
@@ -147,3 +147,23 @@ spring.datasource.hikari.schema=public
|
|||||||
analysis.realtime.enabled= true
|
analysis.realtime.enabled= true
|
||||||
# 检查间隔(秒) - 默认10秒
|
# 检查间隔(秒) - 默认10秒
|
||||||
analysis.realtime.check-interval-seconds: 10
|
analysis.realtime.check-interval-seconds: 10
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# ============================================
|
||||||
|
# 探针联动API配置
|
||||||
|
# ============================================
|
||||||
|
# API-KEY认证(32位,建议使用随机生成的密钥)
|
||||||
|
interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
|
||||||
|
# API接口基础URL(供syslog-serve调用)
|
||||||
|
interlocking.api.base-url=http://localhost:8089/xdrservice/interlocking
|
||||||
|
|
||||||
|
# ============================================
|
||||||
|
# 告警健康检查配置
|
||||||
|
# ============================================
|
||||||
|
# 告警表无数据阈值(小时)
|
||||||
|
alarm.health-check.alarm-hours=2
|
||||||
|
# 告警日志表无数据阈值(小时)
|
||||||
|
alarm.health-check.alarm-visit-hours=4
|
||||||
|
# 是否启用定时巡检
|
||||||
|
alarm.health-check.enabled=true
|
||||||
+9
-1
@@ -57,7 +57,7 @@ mybatis-plus.type-handlers-package=com.Modules.etl.handler
|
|||||||
spring.kafka.consumer.bootstrap-servers=10.11.2.142:9092
|
spring.kafka.consumer.bootstrap-servers=10.11.2.142:9092
|
||||||
spring.kafka.consumer.group-id=agent-syslog-group
|
spring.kafka.consumer.group-id=agent-syslog-group
|
||||||
spring.kafka.consumer.auto-offset-reset=latest
|
spring.kafka.consumer.auto-offset-reset=latest
|
||||||
spring.kafka.consumer.enable-auto-commit=true
|
spring.kafka.consumer.enable-auto-commit=false
|
||||||
spring.kafka.consumer.auto-commit-interval=1000
|
spring.kafka.consumer.auto-commit-interval=1000
|
||||||
spring.kafka.consumer.topic=agent-syslog-topic
|
spring.kafka.consumer.topic=agent-syslog-topic
|
||||||
|
|
||||||
@@ -121,6 +121,8 @@ spring.elasticsearch.password=t2NZCiajmdazxBrF
|
|||||||
spring.elasticsearch.connection-timeout=10s
|
spring.elasticsearch.connection-timeout=10s
|
||||||
# Socket 超时时间
|
# Socket 超时时间
|
||||||
spring.elasticsearch.socket-timeout=30s
|
spring.elasticsearch.socket-timeout=30s
|
||||||
|
|
||||||
|
|
||||||
# ETL配置
|
# ETL配置
|
||||||
etl.batch.page-size=1000
|
etl.batch.page-size=1000
|
||||||
etl.batch.insert-batch-size=500
|
etl.batch.insert-batch-size=500
|
||||||
@@ -141,3 +143,9 @@ spring.datasource.hikari.leak-detection-threshold=30000
|
|||||||
spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer
|
spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer
|
||||||
spring.datasource.hikari.auto-commit=false
|
spring.datasource.hikari.auto-commit=false
|
||||||
spring.datasource.hikari.schema=public
|
spring.datasource.hikari.schema=public
|
||||||
|
|
||||||
|
|
||||||
|
# 关联分析规则配置
|
||||||
|
analysis.realtime.enabled= true
|
||||||
|
# 检查间隔(秒) - 默认10秒
|
||||||
|
analysis.realtime.check-interval-seconds: 10
|
||||||
@@ -15,6 +15,7 @@ syslog.tcp.port=514
|
|||||||
syslog.udp.port=514
|
syslog.udp.port=514
|
||||||
syslog.max.frame.length=65536
|
syslog.max.frame.length=65536
|
||||||
syslog.buffer.size=1000
|
syslog.buffer.size=1000
|
||||||
|
syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
|
||||||
|
|
||||||
# InfluxDB 2.7 Configuration
|
# InfluxDB 2.7 Configuration
|
||||||
influxdb.url=http://192.168.4.26:8087
|
influxdb.url=http://192.168.4.26:8087
|
||||||
@@ -149,3 +150,21 @@ spring.datasource.hikari.schema=public
|
|||||||
analysis.realtime.enabled= true
|
analysis.realtime.enabled= true
|
||||||
# 检查间隔(秒) - 默认10秒
|
# 检查间隔(秒) - 默认10秒
|
||||||
analysis.realtime.check-interval-seconds: 10
|
analysis.realtime.check-interval-seconds: 10
|
||||||
|
|
||||||
|
# ============================================
|
||||||
|
# 探针联动API配置
|
||||||
|
# ============================================
|
||||||
|
# API-KEY认证(32位,建议使用随机生成的密钥)
|
||||||
|
interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
|
||||||
|
# API接口基础URL(供syslog-serve调用)
|
||||||
|
interlocking.api.base-url=http://localhost:8089/xdrservice/interlocking
|
||||||
|
|
||||||
|
# ============================================
|
||||||
|
# 告警健康检查配置
|
||||||
|
# ============================================
|
||||||
|
# 告警表无数据阈值(小时)
|
||||||
|
alarm.health-check.alarm-hours=2
|
||||||
|
# 告警日志表无数据阈值(小时)
|
||||||
|
alarm.health-check.alarm-visit-hours=4
|
||||||
|
# 是否启用定时巡检
|
||||||
|
alarm.health-check.enabled=true
|
||||||
@@ -15,6 +15,7 @@ syslog.tcp.port=514
|
|||||||
syslog.udp.port=514
|
syslog.udp.port=514
|
||||||
syslog.max.frame.length=65536
|
syslog.max.frame.length=65536
|
||||||
syslog.buffer.size=1000
|
syslog.buffer.size=1000
|
||||||
|
syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
|
||||||
|
|
||||||
# InfluxDB 2.7 Configuration
|
# InfluxDB 2.7 Configuration
|
||||||
influxdb.url=http://192.168.4.26:8087
|
influxdb.url=http://192.168.4.26:8087
|
||||||
@@ -149,3 +150,21 @@ spring.datasource.hikari.schema=public
|
|||||||
analysis.realtime.enabled= true
|
analysis.realtime.enabled= true
|
||||||
# 检查间隔(秒) - 默认10秒
|
# 检查间隔(秒) - 默认10秒
|
||||||
analysis.realtime.check-interval-seconds: 10
|
analysis.realtime.check-interval-seconds: 10
|
||||||
|
|
||||||
|
# ============================================
|
||||||
|
# 探针联动API配置
|
||||||
|
# ============================================
|
||||||
|
# API-KEY认证(32位,建议使用随机生成的密钥)
|
||||||
|
interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
|
||||||
|
# API接口基础URL(供syslog-serve调用)
|
||||||
|
interlocking.api.base-url=http://localhost:8089/xdrservice/interlocking
|
||||||
|
|
||||||
|
# ============================================
|
||||||
|
# 告警健康检查配置
|
||||||
|
# ============================================
|
||||||
|
# 告警表无数据阈值(小时)
|
||||||
|
alarm.health-check.alarm-hours=2
|
||||||
|
# 告警日志表无数据阈值(小时)
|
||||||
|
alarm.health-check.alarm-visit-hours=4
|
||||||
|
# 是否启用定时巡检
|
||||||
|
alarm.health-check.enabled=true
|
||||||
-1
@@ -44,7 +44,6 @@
|
|||||||
FROM analysis_analysis_rule
|
FROM analysis_analysis_rule
|
||||||
WHERE run_mode = #{runMode}
|
WHERE run_mode = #{runMode}
|
||||||
AND del_flag = '0'
|
AND del_flag = '0'
|
||||||
AND task_status IN ('stopped', 'waiting', 'STOPPED')
|
|
||||||
AND rule_status =1
|
AND rule_status =1
|
||||||
ORDER BY priority DESC, create_time ASC
|
ORDER BY priority DESC, create_time ASC
|
||||||
</select>
|
</select>
|
||||||
|
|||||||
+34
-34
@@ -3,6 +3,7 @@
|
|||||||
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
|
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
|
||||||
<mapper namespace="com.common.mapper.SyslogNormalAlarmMapper">
|
<mapper namespace="com.common.mapper.SyslogNormalAlarmMapper">
|
||||||
|
|
||||||
|
|
||||||
<insert id="insertDynamic" parameterType="map">
|
<insert id="insertDynamic" parameterType="map">
|
||||||
INSERT INTO syslog_normal_alarm
|
INSERT INTO syslog_normal_alarm
|
||||||
<trim prefix="(" suffix=")" suffixOverrides=",">
|
<trim prefix="(" suffix=")" suffixOverrides=",">
|
||||||
@@ -405,7 +406,7 @@
|
|||||||
<if test="dataMap.container_name != null">#{dataMap.container_name},</if>
|
<if test="dataMap.container_name != null">#{dataMap.container_name},</if>
|
||||||
<if test="dataMap.container_id != null">#{dataMap.container_id},</if>
|
<if test="dataMap.container_id != null">#{dataMap.container_id},</if>
|
||||||
<if test="dataMap.http_resp_server != null">#{dataMap.http_resp_server},</if>
|
<if test="dataMap.http_resp_server != null">#{dataMap.http_resp_server},</if>
|
||||||
<if test="dataMap.srcip_id != null">#{dataMap.srcip_id},</if>
|
<if test="dataMap.srcip_id != null">#{dataMap.srcip_id}::int8,</if>
|
||||||
<if test="dataMap.cdnip != null">#{dataMap.cdnip}::inet,</if>
|
<if test="dataMap.cdnip != null">#{dataMap.cdnip}::inet,</if>
|
||||||
<if test="dataMap.natip != null">#{dataMap.natip}::inet,</if>
|
<if test="dataMap.natip != null">#{dataMap.natip}::inet,</if>
|
||||||
<if test="dataMap.mail_sender != null">#{dataMap.mail_sender},</if>
|
<if test="dataMap.mail_sender != null">#{dataMap.mail_sender},</if>
|
||||||
@@ -438,8 +439,8 @@
|
|||||||
<if test="dataMap.print_time != null">#{dataMap.print_time},</if>
|
<if test="dataMap.print_time != null">#{dataMap.print_time},</if>
|
||||||
<if test="dataMap.printer != null">#{dataMap.printer},</if>
|
<if test="dataMap.printer != null">#{dataMap.printer},</if>
|
||||||
<if test="dataMap.printer_type != null">#{dataMap.printer_type},</if>
|
<if test="dataMap.printer_type != null">#{dataMap.printer_type},</if>
|
||||||
<if test="dataMap.print_pages != null">#{dataMap.print_pages},</if>
|
<if test="dataMap.print_pages != null">#{dataMap.print_pages}::int8,</if>
|
||||||
<if test="dataMap.print_copies != null">#{dataMap.print_copies},</if>
|
<if test="dataMap.print_copies != null">#{dataMap.print_copies}::int8,</if>
|
||||||
<if test="dataMap.src_device != null">#{dataMap.src_device},</if>
|
<if test="dataMap.src_device != null">#{dataMap.src_device},</if>
|
||||||
<if test="dataMap.dst_device != null">#{dataMap.dst_device},</if>
|
<if test="dataMap.dst_device != null">#{dataMap.dst_device},</if>
|
||||||
<if test="dataMap.src_file != null">#{dataMap.src_file},</if>
|
<if test="dataMap.src_file != null">#{dataMap.src_file},</if>
|
||||||
@@ -456,7 +457,7 @@
|
|||||||
<if test="dataMap.env != null">#{dataMap.env},</if>
|
<if test="dataMap.env != null">#{dataMap.env},</if>
|
||||||
<if test="dataMap.brute_force_service != null">#{dataMap.brute_force_service},</if>
|
<if test="dataMap.brute_force_service != null">#{dataMap.brute_force_service},</if>
|
||||||
<if test="dataMap.vuirs_name != null">#{dataMap.vuirs_name},</if>
|
<if test="dataMap.vuirs_name != null">#{dataMap.vuirs_name},</if>
|
||||||
<if test="dataMap.http_req_length != null">#{dataMap.http_req_length},</if>
|
<if test="dataMap.http_req_length != null">#{dataMap.http_req_length}::int8,</if>
|
||||||
<if test="dataMap.http_req_content_type != null">#{dataMap.http_req_content_type},</if>
|
<if test="dataMap.http_req_content_type != null">#{dataMap.http_req_content_type},</if>
|
||||||
<if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port}::inet,</if>
|
<if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port}::inet,</if>
|
||||||
<if test="dataMap.tc_labels != null">#{dataMap.tc_labels}::inet,</if>
|
<if test="dataMap.tc_labels != null">#{dataMap.tc_labels}::inet,</if>
|
||||||
@@ -487,25 +488,25 @@
|
|||||||
<if test="dataMap.src_ip_apt != null">#{dataMap.src_ip_apt},</if>
|
<if test="dataMap.src_ip_apt != null">#{dataMap.src_ip_apt},</if>
|
||||||
<if test="dataMap.srcip_name != null">#{dataMap.srcip_name},</if>
|
<if test="dataMap.srcip_name != null">#{dataMap.srcip_name},</if>
|
||||||
<if test="dataMap.tc_client != null">#{dataMap.tc_client},</if>
|
<if test="dataMap.tc_client != null">#{dataMap.tc_client},</if>
|
||||||
<if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id},</if>
|
<if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id}::int8,</if>
|
||||||
<if test="dataMap.dest_ip_intranetip != null">#{dataMap.dest_ip_intranetip},</if>
|
<if test="dataMap.dest_ip_intranetip != null">#{dataMap.dest_ip_intranetip},</if>
|
||||||
<if test="dataMap.dest_ip_ioc != null">#{dataMap.dest_ip_ioc},</if>
|
<if test="dataMap.dest_ip_ioc != null">#{dataMap.dest_ip_ioc},</if>
|
||||||
<if test="dataMap.desip_id != null">#{dataMap.desip_id},</if>
|
<if test="dataMap.desip_id != null">#{dataMap.desip_id}::int8,</if>
|
||||||
<if test="dataMap.desip_name != null">#{dataMap.desip_name},</if>
|
<if test="dataMap.desip_name != null">#{dataMap.desip_name},</if>
|
||||||
<if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip}::inet,</if>
|
<if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip}::inet,</if>
|
||||||
<if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id},</if>
|
<if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id}::int8,</if>
|
||||||
<if test="dataMap.origin_confidence != null">#{dataMap.origin_confidence},</if>
|
<if test="dataMap.origin_confidence != null">#{dataMap.origin_confidence},</if>
|
||||||
<if test="dataMap.origin_malscore != null">#{dataMap.origin_malscore},</if>
|
<if test="dataMap.origin_malscore != null">#{dataMap.origin_malscore},</if>
|
||||||
<if test="dataMap.attacker_icampaign != null">#{dataMap.attacker_icampaign},</if>
|
<if test="dataMap.attacker_icampaign != null">#{dataMap.attacker_icampaign},</if>
|
||||||
<if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id},</if>
|
<if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id}::int8,</if>
|
||||||
<if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id},</if>
|
<if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id}::int8,</if>
|
||||||
<if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id},</if>
|
<if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id}::int8,</if>
|
||||||
<if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id},</if>
|
<if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id}::int8,</if>
|
||||||
<if test="dataMap.logout_time != null">#{dataMap.logout_time},</if>
|
<if test="dataMap.logout_time != null">#{dataMap.logout_time},</if>
|
||||||
<if test="dataMap.http_req_line != null">#{dataMap.http_req_line},</if>
|
<if test="dataMap.http_req_line != null">#{dataMap.http_req_line},</if>
|
||||||
<if test="dataMap.desip_security_scope_id != null">#{dataMap.desip_security_scope_id},</if>
|
<if test="dataMap.desip_security_scope_id != null">#{dataMap.desip_security_scope_id},</if>
|
||||||
<if test="dataMap.srcip_security_scope_id != null">#{dataMap.srcip_security_scope_id},</if>
|
<if test="dataMap.srcip_security_scope_id != null">#{dataMap.srcip_security_scope_id},</if>
|
||||||
<if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length},</if>
|
<if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length}::int8,</if>
|
||||||
<if test="dataMap.tc_attack_type != null">#{dataMap.tc_attack_type},</if>
|
<if test="dataMap.tc_attack_type != null">#{dataMap.tc_attack_type},</if>
|
||||||
<if test="dataMap.tc_realip != null">#{dataMap.tc_realip}::inet,</if>
|
<if test="dataMap.tc_realip != null">#{dataMap.tc_realip}::inet,</if>
|
||||||
<if test="dataMap.attacker_ip_lists != null">#{dataMap.attacker_ip_lists},</if>
|
<if test="dataMap.attacker_ip_lists != null">#{dataMap.attacker_ip_lists},</if>
|
||||||
@@ -529,7 +530,7 @@
|
|||||||
<if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip}::inet,</if>
|
<if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip}::inet,</if>
|
||||||
<if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip}::inet,</if>
|
<if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip}::inet,</if>
|
||||||
<if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip}::inet,</if>
|
<if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip}::inet,</if>
|
||||||
<if test="dataMap.http_status_code != null">#{dataMap.http_status_code},</if>
|
<if test="dataMap.http_status_code != null">#{dataMap.http_status_code}::int8,</if>
|
||||||
<if test="dataMap.device_domian != null">#{dataMap.device_domian},</if>
|
<if test="dataMap.device_domian != null">#{dataMap.device_domian},</if>
|
||||||
<if test="dataMap.src_ip_str != null">#{dataMap.src_ip_str},</if>
|
<if test="dataMap.src_ip_str != null">#{dataMap.src_ip_str},</if>
|
||||||
<if test="dataMap.src_port_str != null">#{dataMap.src_port_str},</if>
|
<if test="dataMap.src_port_str != null">#{dataMap.src_port_str},</if>
|
||||||
@@ -575,12 +576,12 @@
|
|||||||
<if test="dataMap.origin_agent_name != null">#{dataMap.origin_agent_name},</if>
|
<if test="dataMap.origin_agent_name != null">#{dataMap.origin_agent_name},</if>
|
||||||
<if test="dataMap.origin_work_group != null">#{dataMap.origin_work_group},</if>
|
<if test="dataMap.origin_work_group != null">#{dataMap.origin_work_group},</if>
|
||||||
<if test="dataMap.origin_asset_group != null">#{dataMap.origin_asset_group},</if>
|
<if test="dataMap.origin_asset_group != null">#{dataMap.origin_asset_group},</if>
|
||||||
<if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port},</if>
|
<if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port}::int8,</if>
|
||||||
<if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip}::inet,</if>
|
<if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip}::inet,</if>
|
||||||
<if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip}::inet,</if>
|
<if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip}::inet,</if>
|
||||||
<if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip}::inet,</if>
|
<if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip}::inet,</if>
|
||||||
<if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr}::inet,</if>
|
<if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr}::inet,</if>
|
||||||
<if test="dataMap.agent_id != null">#{dataMap.agent_id},</if>
|
<if test="dataMap.agent_id != null">#{dataMap.agent_id}::int8,</if>
|
||||||
<if test="dataMap.agent_name != null">#{dataMap.agent_name},</if>
|
<if test="dataMap.agent_name != null">#{dataMap.agent_name},</if>
|
||||||
<if test="dataMap.tc_title != null">#{dataMap.tc_title},</if>
|
<if test="dataMap.tc_title != null">#{dataMap.tc_title},</if>
|
||||||
<if test="dataMap.log_id != null">#{dataMap.log_id},</if>
|
<if test="dataMap.log_id != null">#{dataMap.log_id},</if>
|
||||||
@@ -596,7 +597,7 @@
|
|||||||
<if test="dataMap.src_mac != null">#{dataMap.src_mac},</if>
|
<if test="dataMap.src_mac != null">#{dataMap.src_mac},</if>
|
||||||
<if test="dataMap.dest_mac != null">#{dataMap.dest_mac},</if>
|
<if test="dataMap.dest_mac != null">#{dataMap.dest_mac},</if>
|
||||||
<if test="dataMap.proto != null">#{dataMap.proto},</if>
|
<if test="dataMap.proto != null">#{dataMap.proto},</if>
|
||||||
<if test="dataMap.dev_id != null">#{dataMap.dev_id},</if>
|
<if test="dataMap.dev_id != null">#{dataMap.dev_id}::int8,</if>
|
||||||
<if test="dataMap.created_time != null">#{dataMap.created_time},</if>
|
<if test="dataMap.created_time != null">#{dataMap.created_time},</if>
|
||||||
<if test="dataMap.src_country != null">#{dataMap.src_country},</if>
|
<if test="dataMap.src_country != null">#{dataMap.src_country},</if>
|
||||||
<if test="dataMap.src_country_code != null">#{dataMap.src_country_code},</if>
|
<if test="dataMap.src_country_code != null">#{dataMap.src_country_code},</if>
|
||||||
@@ -631,9 +632,9 @@
|
|||||||
<if test="dataMap.check_item != null">#{dataMap.check_item},</if>
|
<if test="dataMap.check_item != null">#{dataMap.check_item},</if>
|
||||||
<if test="dataMap.check_type != null">#{dataMap.check_type},</if>
|
<if test="dataMap.check_type != null">#{dataMap.check_type},</if>
|
||||||
<if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip}::inet,</if>
|
<if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip}::inet,</if>
|
||||||
<if test="dataMap.attacker_port != null">#{dataMap.attacker_port},</if>
|
<if test="dataMap.attacker_port != null">#{dataMap.attacker_port}::int8,</if>
|
||||||
<if test="dataMap.victim_ip != null">#{dataMap.victim_ip}::inet,</if>
|
<if test="dataMap.victim_ip != null">#{dataMap.victim_ip}::inet,</if>
|
||||||
<if test="dataMap.victim_port != null">#{dataMap.victim_port},</if>
|
<if test="dataMap.victim_port != null">#{dataMap.victim_port}::int8,</if>
|
||||||
<if test="dataMap.attacker_city != null">#{dataMap.attacker_city},</if>
|
<if test="dataMap.attacker_city != null">#{dataMap.attacker_city},</if>
|
||||||
<if test="dataMap.attacker_lon != null">#{dataMap.attacker_lon},</if>
|
<if test="dataMap.attacker_lon != null">#{dataMap.attacker_lon},</if>
|
||||||
<if test="dataMap.attacker_lat != null">#{dataMap.attacker_lat},</if>
|
<if test="dataMap.attacker_lat != null">#{dataMap.attacker_lat},</if>
|
||||||
@@ -686,15 +687,15 @@
|
|||||||
<if test="dataMap.dest_city != null">#{dataMap.dest_city},</if>
|
<if test="dataMap.dest_city != null">#{dataMap.dest_city},</if>
|
||||||
<if test="dataMap.dest_lon != null">#{dataMap.dest_lon},</if>
|
<if test="dataMap.dest_lon != null">#{dataMap.dest_lon},</if>
|
||||||
<if test="dataMap.dest_lat != null">#{dataMap.dest_lat},</if>
|
<if test="dataMap.dest_lat != null">#{dataMap.dest_lat},</if>
|
||||||
<if test="dataMap.event_category != null">#{dataMap.event_category},</if>
|
<if test="dataMap.event_category != null">#{dataMap.event_category}::int4,</if>
|
||||||
<if test="dataMap.attack_result != null">#{dataMap.attack_result}::int,</if>
|
<if test="dataMap.attack_result != null">#{dataMap.attack_result}::int4,</if>
|
||||||
<if test="dataMap.probe_ip != null">#{dataMap.probe_ip}::inet,</if>
|
<if test="dataMap.probe_ip != null">#{dataMap.probe_ip}::inet,</if>
|
||||||
<if test="dataMap.device_ip != null">#{dataMap.device_ip}::inet,</if>
|
<if test="dataMap.device_ip != null">#{dataMap.device_ip}::inet,</if>
|
||||||
<if test="dataMap.device_manufacturer != null">#{dataMap.device_manufacturer},</if>
|
<if test="dataMap.device_manufacturer != null">#{dataMap.device_manufacturer},</if>
|
||||||
<if test="dataMap.device_name != null">#{dataMap.device_name},</if>
|
<if test="dataMap.device_name != null">#{dataMap.device_name},</if>
|
||||||
<if test="dataMap.product_name != null">#{dataMap.product_name},</if>
|
<if test="dataMap.product_name != null">#{dataMap.product_name},</if>
|
||||||
<if test="dataMap.__id != null">#{dataMap.__id},</if>
|
<if test="dataMap.__id != null">#{dataMap.__id},</if>
|
||||||
<if test="dataMap.__count != null">#{dataMap.__count},</if>
|
<if test="dataMap.__count != null">#{dataMap.__count}::int8,</if>
|
||||||
<if test="dataMap.__count_reason != null">#{dataMap.__count_reason},</if>
|
<if test="dataMap.__count_reason != null">#{dataMap.__count_reason},</if>
|
||||||
<if test="dataMap.event_type != null">#{dataMap.event_type}::int,</if>
|
<if test="dataMap.event_type != null">#{dataMap.event_type}::int,</if>
|
||||||
<if test="dataMap.protocol != null">#{dataMap.protocol},</if>
|
<if test="dataMap.protocol != null">#{dataMap.protocol},</if>
|
||||||
@@ -702,19 +703,19 @@
|
|||||||
<if test="dataMap.parent_name != null">#{dataMap.parent_name},</if>
|
<if test="dataMap.parent_name != null">#{dataMap.parent_name},</if>
|
||||||
<if test="dataMap.host_file_path != null">#{dataMap.host_file_path},</if>
|
<if test="dataMap.host_file_path != null">#{dataMap.host_file_path},</if>
|
||||||
<if test="dataMap.uid != null">#{dataMap.uid},</if>
|
<if test="dataMap.uid != null">#{dataMap.uid},</if>
|
||||||
<if test="dataMap.fall != null">#{dataMap.fall},</if>
|
<if test="dataMap.fall != null">#{dataMap.fall}::int4,</if>
|
||||||
<if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip}::inet,</if>
|
<if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip}::inet,</if>
|
||||||
<if test="dataMap.dev_type != null">#{dataMap.dev_type},</if>
|
<if test="dataMap.dev_type != null">#{dataMap.dev_type}::int4,</if>
|
||||||
<if test="dataMap.collect_method != null">#{dataMap.collect_method},</if>
|
<if test="dataMap.collect_method != null">#{dataMap.collect_method}::int4,</if>
|
||||||
<if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id},</if>
|
<if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id}::int4,</if>
|
||||||
<if test="dataMap.device_type != null">#{dataMap.device_type},</if>
|
<if test="dataMap.device_type != null">#{dataMap.device_type}::int4,</if>
|
||||||
<if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip}::inet,</if>
|
<if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip}::inet,</if>
|
||||||
<if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name}::inet,</if>
|
<if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name}::inet,</if>
|
||||||
<if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages},</if>
|
<if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages}::int8,</if>
|
||||||
<if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes},</if>
|
<if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes}::int8,</if>
|
||||||
<if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate},</if>
|
<if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate}::int8,</if>
|
||||||
<if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate},</if>
|
<if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate}::int8,</if>
|
||||||
<if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate},</if>
|
<if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate}::int8,</if>
|
||||||
<if test="dataMap.apt_orgname != null">#{dataMap.apt_orgname},</if>
|
<if test="dataMap.apt_orgname != null">#{dataMap.apt_orgname},</if>
|
||||||
<if test="dataMap.apt_orgmsg != null">#{dataMap.apt_orgmsg},</if>
|
<if test="dataMap.apt_orgmsg != null">#{dataMap.apt_orgmsg},</if>
|
||||||
<if test="dataMap.mail_message_id != null">#{dataMap.mail_message_id},</if>
|
<if test="dataMap.mail_message_id != null">#{dataMap.mail_message_id},</if>
|
||||||
@@ -731,11 +732,11 @@
|
|||||||
<if test="dataMap.origin_source_servername != null">#{dataMap.origin_source_servername},</if>
|
<if test="dataMap.origin_source_servername != null">#{dataMap.origin_source_servername},</if>
|
||||||
<if test="dataMap.mail_filename != null">#{dataMap.mail_filename},</if>
|
<if test="dataMap.mail_filename != null">#{dataMap.mail_filename},</if>
|
||||||
<if test="dataMap.dst_upload_appname != null">#{dataMap.dst_upload_appname},</if>
|
<if test="dataMap.dst_upload_appname != null">#{dataMap.dst_upload_appname},</if>
|
||||||
<if test="dataMap.target_port != null">#{dataMap.target_port},</if>
|
<if test="dataMap.target_port != null">#{dataMap.target_port}::int8,</if>
|
||||||
<if test="dataMap.gid != null">#{dataMap.gid},</if>
|
<if test="dataMap.gid != null">#{dataMap.gid},</if>
|
||||||
<if test="dataMap.origin_uid != null">#{dataMap.origin_uid},</if>
|
<if test="dataMap.origin_uid != null">#{dataMap.origin_uid},</if>
|
||||||
<if test="dataMap.origin_gid != null">#{dataMap.origin_gid},</if>
|
<if test="dataMap.origin_gid != null">#{dataMap.origin_gid},</if>
|
||||||
<if test="dataMap.target_ports != null">#{dataMap.target_ports},</if>
|
<if test="dataMap.target_ports != null">#{dataMap.target_ports}::int8,</if>
|
||||||
<if test="dataMap.tc_miguan_name1 != null">#{dataMap.tc_miguan_name1},</if>
|
<if test="dataMap.tc_miguan_name1 != null">#{dataMap.tc_miguan_name1},</if>
|
||||||
<if test="dataMap.tc_miguan_class1 != null">#{dataMap.tc_miguan_class1},</if>
|
<if test="dataMap.tc_miguan_class1 != null">#{dataMap.tc_miguan_class1},</if>
|
||||||
<if test="dataMap.etl_time != null">#{dataMap.etl_time},</if>
|
<if test="dataMap.etl_time != null">#{dataMap.etl_time},</if>
|
||||||
@@ -755,7 +756,6 @@
|
|||||||
<if test="dataMap.syslog_topic != null">#{dataMap.syslog_topic},</if>
|
<if test="dataMap.syslog_topic != null">#{dataMap.syslog_topic},</if>
|
||||||
</trim>
|
</trim>
|
||||||
</insert>
|
</insert>
|
||||||
|
|
||||||
<!-- 使用实体类插入 -->
|
<!-- 使用实体类插入 -->
|
||||||
<insert id="insertByEntity" parameterType="com.common.entity.SyslogNormalData">
|
<insert id="insertByEntity" parameterType="com.common.entity.SyslogNormalData">
|
||||||
INSERT INTO syslog_normal_alarm
|
INSERT INTO syslog_normal_alarm
|
||||||
|
|||||||
+33
-33
@@ -541,7 +541,7 @@
|
|||||||
<if test="dataMap.container_name != null">#{dataMap.container_name},</if>
|
<if test="dataMap.container_name != null">#{dataMap.container_name},</if>
|
||||||
<if test="dataMap.container_id != null">#{dataMap.container_id},</if>
|
<if test="dataMap.container_id != null">#{dataMap.container_id},</if>
|
||||||
<if test="dataMap.http_resp_server != null">#{dataMap.http_resp_server},</if>
|
<if test="dataMap.http_resp_server != null">#{dataMap.http_resp_server},</if>
|
||||||
<if test="dataMap.srcip_id != null">#{dataMap.srcip_id},</if>
|
<if test="dataMap.srcip_id != null">#{dataMap.srcip_id}::int8,</if>
|
||||||
<if test="dataMap.cdnip != null">#{dataMap.cdnip}::inet,</if>
|
<if test="dataMap.cdnip != null">#{dataMap.cdnip}::inet,</if>
|
||||||
<if test="dataMap.natip != null">#{dataMap.natip}::inet,</if>
|
<if test="dataMap.natip != null">#{dataMap.natip}::inet,</if>
|
||||||
<if test="dataMap.mail_sender != null">#{dataMap.mail_sender},</if>
|
<if test="dataMap.mail_sender != null">#{dataMap.mail_sender},</if>
|
||||||
@@ -574,8 +574,8 @@
|
|||||||
<if test="dataMap.print_time != null">#{dataMap.print_time},</if>
|
<if test="dataMap.print_time != null">#{dataMap.print_time},</if>
|
||||||
<if test="dataMap.printer != null">#{dataMap.printer},</if>
|
<if test="dataMap.printer != null">#{dataMap.printer},</if>
|
||||||
<if test="dataMap.printer_type != null">#{dataMap.printer_type},</if>
|
<if test="dataMap.printer_type != null">#{dataMap.printer_type},</if>
|
||||||
<if test="dataMap.print_pages != null">#{dataMap.print_pages},</if>
|
<if test="dataMap.print_pages != null">#{dataMap.print_pages}::int8,</if>
|
||||||
<if test="dataMap.print_copies != null">#{dataMap.print_copies},</if>
|
<if test="dataMap.print_copies != null">#{dataMap.print_copies}::int8,</if>
|
||||||
<if test="dataMap.src_device != null">#{dataMap.src_device},</if>
|
<if test="dataMap.src_device != null">#{dataMap.src_device},</if>
|
||||||
<if test="dataMap.dst_device != null">#{dataMap.dst_device},</if>
|
<if test="dataMap.dst_device != null">#{dataMap.dst_device},</if>
|
||||||
<if test="dataMap.src_file != null">#{dataMap.src_file},</if>
|
<if test="dataMap.src_file != null">#{dataMap.src_file},</if>
|
||||||
@@ -592,7 +592,7 @@
|
|||||||
<if test="dataMap.env != null">#{dataMap.env},</if>
|
<if test="dataMap.env != null">#{dataMap.env},</if>
|
||||||
<if test="dataMap.brute_force_service != null">#{dataMap.brute_force_service},</if>
|
<if test="dataMap.brute_force_service != null">#{dataMap.brute_force_service},</if>
|
||||||
<if test="dataMap.vuirs_name != null">#{dataMap.vuirs_name},</if>
|
<if test="dataMap.vuirs_name != null">#{dataMap.vuirs_name},</if>
|
||||||
<if test="dataMap.http_req_length != null">#{dataMap.http_req_length},</if>
|
<if test="dataMap.http_req_length != null">#{dataMap.http_req_length}::int8,</if>
|
||||||
<if test="dataMap.http_req_content_type != null">#{dataMap.http_req_content_type},</if>
|
<if test="dataMap.http_req_content_type != null">#{dataMap.http_req_content_type},</if>
|
||||||
<if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port}::inet,</if>
|
<if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port}::inet,</if>
|
||||||
<if test="dataMap.tc_labels != null">#{dataMap.tc_labels}::inet,</if>
|
<if test="dataMap.tc_labels != null">#{dataMap.tc_labels}::inet,</if>
|
||||||
@@ -623,25 +623,25 @@
|
|||||||
<if test="dataMap.src_ip_apt != null">#{dataMap.src_ip_apt},</if>
|
<if test="dataMap.src_ip_apt != null">#{dataMap.src_ip_apt},</if>
|
||||||
<if test="dataMap.srcip_name != null">#{dataMap.srcip_name},</if>
|
<if test="dataMap.srcip_name != null">#{dataMap.srcip_name},</if>
|
||||||
<if test="dataMap.tc_client != null">#{dataMap.tc_client},</if>
|
<if test="dataMap.tc_client != null">#{dataMap.tc_client},</if>
|
||||||
<if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id},</if>
|
<if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id}::int8,</if>
|
||||||
<if test="dataMap.dest_ip_intranetip != null">#{dataMap.dest_ip_intranetip},</if>
|
<if test="dataMap.dest_ip_intranetip != null">#{dataMap.dest_ip_intranetip},</if>
|
||||||
<if test="dataMap.dest_ip_ioc != null">#{dataMap.dest_ip_ioc},</if>
|
<if test="dataMap.dest_ip_ioc != null">#{dataMap.dest_ip_ioc},</if>
|
||||||
<if test="dataMap.desip_id != null">#{dataMap.desip_id},</if>
|
<if test="dataMap.desip_id != null">#{dataMap.desip_id}::int8,</if>
|
||||||
<if test="dataMap.desip_name != null">#{dataMap.desip_name},</if>
|
<if test="dataMap.desip_name != null">#{dataMap.desip_name},</if>
|
||||||
<if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip}::inet,</if>
|
<if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip}::inet,</if>
|
||||||
<if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id},</if>
|
<if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id}::int8,</if>
|
||||||
<if test="dataMap.origin_confidence != null">#{dataMap.origin_confidence},</if>
|
<if test="dataMap.origin_confidence != null">#{dataMap.origin_confidence},</if>
|
||||||
<if test="dataMap.origin_malscore != null">#{dataMap.origin_malscore},</if>
|
<if test="dataMap.origin_malscore != null">#{dataMap.origin_malscore},</if>
|
||||||
<if test="dataMap.attacker_icampaign != null">#{dataMap.attacker_icampaign},</if>
|
<if test="dataMap.attacker_icampaign != null">#{dataMap.attacker_icampaign},</if>
|
||||||
<if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id},</if>
|
<if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id}::int8,</if>
|
||||||
<if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id},</if>
|
<if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id}::int8,</if>
|
||||||
<if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id},</if>
|
<if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id}::int8,</if>
|
||||||
<if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id},</if>
|
<if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id}::int8,</if>
|
||||||
<if test="dataMap.logout_time != null">#{dataMap.logout_time},</if>
|
<if test="dataMap.logout_time != null">#{dataMap.logout_time},</if>
|
||||||
<if test="dataMap.http_req_line != null">#{dataMap.http_req_line},</if>
|
<if test="dataMap.http_req_line != null">#{dataMap.http_req_line},</if>
|
||||||
<if test="dataMap.desip_security_scope_id != null">#{dataMap.desip_security_scope_id},</if>
|
<if test="dataMap.desip_security_scope_id != null">#{dataMap.desip_security_scope_id},</if>
|
||||||
<if test="dataMap.srcip_security_scope_id != null">#{dataMap.srcip_security_scope_id},</if>
|
<if test="dataMap.srcip_security_scope_id != null">#{dataMap.srcip_security_scope_id},</if>
|
||||||
<if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length},</if>
|
<if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length}::int8,</if>
|
||||||
<if test="dataMap.tc_attack_type != null">#{dataMap.tc_attack_type},</if>
|
<if test="dataMap.tc_attack_type != null">#{dataMap.tc_attack_type},</if>
|
||||||
<if test="dataMap.tc_realip != null">#{dataMap.tc_realip}::inet,</if>
|
<if test="dataMap.tc_realip != null">#{dataMap.tc_realip}::inet,</if>
|
||||||
<if test="dataMap.attacker_ip_lists != null">#{dataMap.attacker_ip_lists},</if>
|
<if test="dataMap.attacker_ip_lists != null">#{dataMap.attacker_ip_lists},</if>
|
||||||
@@ -665,7 +665,7 @@
|
|||||||
<if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip}::inet,</if>
|
<if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip}::inet,</if>
|
||||||
<if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip}::inet,</if>
|
<if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip}::inet,</if>
|
||||||
<if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip}::inet,</if>
|
<if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip}::inet,</if>
|
||||||
<if test="dataMap.http_status_code != null">#{dataMap.http_status_code},</if>
|
<if test="dataMap.http_status_code != null">#{dataMap.http_status_code}::int8,</if>
|
||||||
<if test="dataMap.device_domian != null">#{dataMap.device_domian},</if>
|
<if test="dataMap.device_domian != null">#{dataMap.device_domian},</if>
|
||||||
<if test="dataMap.src_ip_str != null">#{dataMap.src_ip_str},</if>
|
<if test="dataMap.src_ip_str != null">#{dataMap.src_ip_str},</if>
|
||||||
<if test="dataMap.src_port_str != null">#{dataMap.src_port_str},</if>
|
<if test="dataMap.src_port_str != null">#{dataMap.src_port_str},</if>
|
||||||
@@ -711,12 +711,12 @@
|
|||||||
<if test="dataMap.origin_agent_name != null">#{dataMap.origin_agent_name},</if>
|
<if test="dataMap.origin_agent_name != null">#{dataMap.origin_agent_name},</if>
|
||||||
<if test="dataMap.origin_work_group != null">#{dataMap.origin_work_group},</if>
|
<if test="dataMap.origin_work_group != null">#{dataMap.origin_work_group},</if>
|
||||||
<if test="dataMap.origin_asset_group != null">#{dataMap.origin_asset_group},</if>
|
<if test="dataMap.origin_asset_group != null">#{dataMap.origin_asset_group},</if>
|
||||||
<if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port},</if>
|
<if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port}::int8,</if>
|
||||||
<if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip}::inet,</if>
|
<if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip}::inet,</if>
|
||||||
<if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip}::inet,</if>
|
<if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip}::inet,</if>
|
||||||
<if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip}::inet,</if>
|
<if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip}::inet,</if>
|
||||||
<if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr}::inet,</if>
|
<if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr}::inet,</if>
|
||||||
<if test="dataMap.agent_id != null">#{dataMap.agent_id},</if>
|
<if test="dataMap.agent_id != null">#{dataMap.agent_id}::int8,</if>
|
||||||
<if test="dataMap.agent_name != null">#{dataMap.agent_name},</if>
|
<if test="dataMap.agent_name != null">#{dataMap.agent_name},</if>
|
||||||
<if test="dataMap.tc_title != null">#{dataMap.tc_title},</if>
|
<if test="dataMap.tc_title != null">#{dataMap.tc_title},</if>
|
||||||
<if test="dataMap.log_id != null">#{dataMap.log_id},</if>
|
<if test="dataMap.log_id != null">#{dataMap.log_id},</if>
|
||||||
@@ -732,7 +732,7 @@
|
|||||||
<if test="dataMap.src_mac != null">#{dataMap.src_mac},</if>
|
<if test="dataMap.src_mac != null">#{dataMap.src_mac},</if>
|
||||||
<if test="dataMap.dest_mac != null">#{dataMap.dest_mac},</if>
|
<if test="dataMap.dest_mac != null">#{dataMap.dest_mac},</if>
|
||||||
<if test="dataMap.proto != null">#{dataMap.proto},</if>
|
<if test="dataMap.proto != null">#{dataMap.proto},</if>
|
||||||
<if test="dataMap.dev_id != null">#{dataMap.dev_id},</if>
|
<if test="dataMap.dev_id != null">#{dataMap.dev_id}::int8,</if>
|
||||||
<if test="dataMap.created_time != null">#{dataMap.created_time},</if>
|
<if test="dataMap.created_time != null">#{dataMap.created_time},</if>
|
||||||
<if test="dataMap.src_country != null">#{dataMap.src_country},</if>
|
<if test="dataMap.src_country != null">#{dataMap.src_country},</if>
|
||||||
<if test="dataMap.src_country_code != null">#{dataMap.src_country_code},</if>
|
<if test="dataMap.src_country_code != null">#{dataMap.src_country_code},</if>
|
||||||
@@ -767,9 +767,9 @@
|
|||||||
<if test="dataMap.check_item != null">#{dataMap.check_item},</if>
|
<if test="dataMap.check_item != null">#{dataMap.check_item},</if>
|
||||||
<if test="dataMap.check_type != null">#{dataMap.check_type},</if>
|
<if test="dataMap.check_type != null">#{dataMap.check_type},</if>
|
||||||
<if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip}::inet,</if>
|
<if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip}::inet,</if>
|
||||||
<if test="dataMap.attacker_port != null">#{dataMap.attacker_port},</if>
|
<if test="dataMap.attacker_port != null">#{dataMap.attacker_port}::int8,</if>
|
||||||
<if test="dataMap.victim_ip != null">#{dataMap.victim_ip}::inet,</if>
|
<if test="dataMap.victim_ip != null">#{dataMap.victim_ip}::inet,</if>
|
||||||
<if test="dataMap.victim_port != null">#{dataMap.victim_port},</if>
|
<if test="dataMap.victim_port != null">#{dataMap.victim_port}::int8,</if>
|
||||||
<if test="dataMap.attacker_city != null">#{dataMap.attacker_city},</if>
|
<if test="dataMap.attacker_city != null">#{dataMap.attacker_city},</if>
|
||||||
<if test="dataMap.attacker_lon != null">#{dataMap.attacker_lon},</if>
|
<if test="dataMap.attacker_lon != null">#{dataMap.attacker_lon},</if>
|
||||||
<if test="dataMap.attacker_lat != null">#{dataMap.attacker_lat},</if>
|
<if test="dataMap.attacker_lat != null">#{dataMap.attacker_lat},</if>
|
||||||
@@ -822,15 +822,15 @@
|
|||||||
<if test="dataMap.dest_city != null">#{dataMap.dest_city},</if>
|
<if test="dataMap.dest_city != null">#{dataMap.dest_city},</if>
|
||||||
<if test="dataMap.dest_lon != null">#{dataMap.dest_lon},</if>
|
<if test="dataMap.dest_lon != null">#{dataMap.dest_lon},</if>
|
||||||
<if test="dataMap.dest_lat != null">#{dataMap.dest_lat},</if>
|
<if test="dataMap.dest_lat != null">#{dataMap.dest_lat},</if>
|
||||||
<if test="dataMap.event_category != null">#{dataMap.event_category},</if>
|
<if test="dataMap.event_category != null">#{dataMap.event_category}::int4,</if>
|
||||||
<if test="dataMap.attack_result != null">#{dataMap.attack_result},</if>
|
<if test="dataMap.attack_result != null">#{dataMap.attack_result}::int4,</if>
|
||||||
<if test="dataMap.probe_ip != null">#{dataMap.probe_ip}::inet,</if>
|
<if test="dataMap.probe_ip != null">#{dataMap.probe_ip}::inet,</if>
|
||||||
<if test="dataMap.device_ip != null">#{dataMap.device_ip}::inet,</if>
|
<if test="dataMap.device_ip != null">#{dataMap.device_ip}::inet,</if>
|
||||||
<if test="dataMap.device_manufacturer != null">#{dataMap.device_manufacturer},</if>
|
<if test="dataMap.device_manufacturer != null">#{dataMap.device_manufacturer},</if>
|
||||||
<if test="dataMap.device_name != null">#{dataMap.device_name},</if>
|
<if test="dataMap.device_name != null">#{dataMap.device_name},</if>
|
||||||
<if test="dataMap.product_name != null">#{dataMap.product_name},</if>
|
<if test="dataMap.product_name != null">#{dataMap.product_name},</if>
|
||||||
<if test="dataMap.__id != null">#{dataMap.__id},</if>
|
<if test="dataMap.__id != null">#{dataMap.__id},</if>
|
||||||
<if test="dataMap.__count != null">#{dataMap.__count},</if>
|
<if test="dataMap.__count != null">#{dataMap.__count}::int8,</if>
|
||||||
<if test="dataMap.__count_reason != null">#{dataMap.__count_reason},</if>
|
<if test="dataMap.__count_reason != null">#{dataMap.__count_reason},</if>
|
||||||
<if test="dataMap.event_type != null">#{dataMap.event_type}::int,</if>
|
<if test="dataMap.event_type != null">#{dataMap.event_type}::int,</if>
|
||||||
<if test="dataMap.protocol != null">#{dataMap.protocol},</if>
|
<if test="dataMap.protocol != null">#{dataMap.protocol},</if>
|
||||||
@@ -838,19 +838,19 @@
|
|||||||
<if test="dataMap.parent_name != null">#{dataMap.parent_name},</if>
|
<if test="dataMap.parent_name != null">#{dataMap.parent_name},</if>
|
||||||
<if test="dataMap.host_file_path != null">#{dataMap.host_file_path},</if>
|
<if test="dataMap.host_file_path != null">#{dataMap.host_file_path},</if>
|
||||||
<if test="dataMap.uid != null">#{dataMap.uid},</if>
|
<if test="dataMap.uid != null">#{dataMap.uid},</if>
|
||||||
<if test="dataMap.fall != null">#{dataMap.fall},</if>
|
<if test="dataMap.fall != null">#{dataMap.fall}::int4,</if>
|
||||||
<if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip}::inet,</if>
|
<if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip}::inet,</if>
|
||||||
<if test="dataMap.dev_type != null">#{dataMap.dev_type},</if>
|
<if test="dataMap.dev_type != null">#{dataMap.dev_type}::int4,</if>
|
||||||
<if test="dataMap.collect_method != null">#{dataMap.collect_method},</if>
|
<if test="dataMap.collect_method != null">#{dataMap.collect_method}::int4,</if>
|
||||||
<if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id},</if>
|
<if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id}::int4,</if>
|
||||||
<if test="dataMap.device_type != null">#{dataMap.device_type},</if>
|
<if test="dataMap.device_type != null">#{dataMap.device_type}::int4,</if>
|
||||||
<if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip}::inet,</if>
|
<if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip}::inet,</if>
|
||||||
<if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name}::inet,</if>
|
<if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name}::inet,</if>
|
||||||
<if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages},</if>
|
<if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages}::int8,</if>
|
||||||
<if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes},</if>
|
<if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes}::int8,</if>
|
||||||
<if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate},</if>
|
<if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate}::int8,</if>
|
||||||
<if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate},</if>
|
<if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate}::int8,</if>
|
||||||
<if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate},</if>
|
<if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate}::int8,</if>
|
||||||
<if test="dataMap.apt_orgname != null">#{dataMap.apt_orgname},</if>
|
<if test="dataMap.apt_orgname != null">#{dataMap.apt_orgname},</if>
|
||||||
<if test="dataMap.apt_orgmsg != null">#{dataMap.apt_orgmsg},</if>
|
<if test="dataMap.apt_orgmsg != null">#{dataMap.apt_orgmsg},</if>
|
||||||
<if test="dataMap.mail_message_id != null">#{dataMap.mail_message_id},</if>
|
<if test="dataMap.mail_message_id != null">#{dataMap.mail_message_id},</if>
|
||||||
@@ -867,11 +867,11 @@
|
|||||||
<if test="dataMap.origin_source_servername != null">#{dataMap.origin_source_servername},</if>
|
<if test="dataMap.origin_source_servername != null">#{dataMap.origin_source_servername},</if>
|
||||||
<if test="dataMap.mail_filename != null">#{dataMap.mail_filename},</if>
|
<if test="dataMap.mail_filename != null">#{dataMap.mail_filename},</if>
|
||||||
<if test="dataMap.dst_upload_appname != null">#{dataMap.dst_upload_appname},</if>
|
<if test="dataMap.dst_upload_appname != null">#{dataMap.dst_upload_appname},</if>
|
||||||
<if test="dataMap.target_port != null">#{dataMap.target_port},</if>
|
<if test="dataMap.target_port != null">#{dataMap.target_port}::int8,</if>
|
||||||
<if test="dataMap.gid != null">#{dataMap.gid},</if>
|
<if test="dataMap.gid != null">#{dataMap.gid},</if>
|
||||||
<if test="dataMap.origin_uid != null">#{dataMap.origin_uid},</if>
|
<if test="dataMap.origin_uid != null">#{dataMap.origin_uid},</if>
|
||||||
<if test="dataMap.origin_gid != null">#{dataMap.origin_gid},</if>
|
<if test="dataMap.origin_gid != null">#{dataMap.origin_gid},</if>
|
||||||
<if test="dataMap.target_ports != null">#{dataMap.target_ports},</if>
|
<if test="dataMap.target_ports != null">#{dataMap.target_ports}::int8,</if>
|
||||||
<if test="dataMap.tc_miguan_name1 != null">#{dataMap.tc_miguan_name1},</if>
|
<if test="dataMap.tc_miguan_name1 != null">#{dataMap.tc_miguan_name1},</if>
|
||||||
<if test="dataMap.tc_miguan_class1 != null">#{dataMap.tc_miguan_class1},</if>
|
<if test="dataMap.tc_miguan_class1 != null">#{dataMap.tc_miguan_class1},</if>
|
||||||
<if test="dataMap.etl_time != null">#{dataMap.etl_time},</if>
|
<if test="dataMap.etl_time != null">#{dataMap.etl_time},</if>
|
||||||
|
|||||||
Reference in New Issue
Block a user