初次提交代码
This commit is contained in:
8
haobang-security-xdr/logs/syslog-client.2025-12-01.log
Normal file
8
haobang-security-xdr/logs/syslog-client.2025-12-01.log
Normal file
@@ -0,0 +1,8 @@
|
||||
2025-12-01 14:54:33.447 [main] INFO c.h.syslog.syslogClientApplication - Starting syslogClientApplication using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 30688 (E:\GIT_GOSAME\haobang-security-xdr\syslog-client\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr)
|
||||
2025-12-01 14:54:33.451 [main] INFO c.h.syslog.syslogClientApplication - No active profile set, falling back to 1 default profile: "default"
|
||||
2025-12-01 14:54:34.030 [main] INFO c.h.syslog.syslogClientApplication - Started syslogClientApplication in 0.983 seconds (JVM running for 11.611)
|
||||
2025-12-01 14:54:34.045 [TCP] INFO com.haobang.syslog.ClientClass - 设置syslog端口:514
|
||||
2025-12-01 14:55:09.158 [main] INFO c.h.syslog.syslogClientApplication - Starting syslogClientApplication using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 30652 (E:\GIT_GOSAME\haobang-security-xdr\syslog-client\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr)
|
||||
2025-12-01 14:55:09.165 [main] INFO c.h.syslog.syslogClientApplication - No active profile set, falling back to 1 default profile: "default"
|
||||
2025-12-01 14:55:10.188 [main] INFO c.h.syslog.syslogClientApplication - Started syslogClientApplication in 1.799 seconds (JVM running for 8.423)
|
||||
2025-12-01 14:55:10.209 [TCP] INFO com.haobang.syslog.ClientClass - 设置syslog端口:514
|
||||
4
haobang-security-xdr/logs/syslog-client.log
Normal file
4
haobang-security-xdr/logs/syslog-client.log
Normal file
@@ -0,0 +1,4 @@
|
||||
2025-12-17 23:59:44.041 [main] INFO c.h.syslog.syslogClientApplication - Starting syslogClientApplication using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 17184 (E:\GIT_GOSAME\haobang-security-xdr\syslog-client\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr)
|
||||
2025-12-17 23:59:44.061 [main] INFO c.h.syslog.syslogClientApplication - No active profile set, falling back to 1 default profile: "default"
|
||||
2025-12-17 23:59:45.393 [main] INFO c.h.syslog.syslogClientApplication - Started syslogClientApplication in 2.275 seconds (JVM running for 9.275)
|
||||
2025-12-17 23:59:45.440 [TCP] INFO com.haobang.syslog.ClientClass - 设置syslog端口:514
|
||||
1756
haobang-security-xdr/logs/syslog-consumer.log
Normal file
1756
haobang-security-xdr/logs/syslog-consumer.log
Normal file
File diff suppressed because it is too large
Load Diff
132
haobang-security-xdr/logs/syslog-serve.2026-01-09.log
Normal file
132
haobang-security-xdr/logs/syslog-serve.2026-01-09.log
Normal file
@@ -0,0 +1,132 @@
|
||||
2026-01-09 11:00:51.832 [main] INFO com.SyslogServeMainApp - Starting SyslogServeMainApp using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 18748 (E:\GIT_GOSAME\haobang-security-xdr\syslog-serve\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr)
|
||||
2026-01-09 11:00:51.832 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final
|
||||
2026-01-09 11:00:51.840 [main] INFO com.SyslogServeMainApp - No active profile set, falling back to 1 default profile: "default"
|
||||
2026-01-09 11:00:53.934 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
|
||||
2026-01-09 11:00:53.938 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode.
|
||||
2026-01-09 11:00:54.173 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 220 ms. Found 0 Redis repository interfaces.
|
||||
2026-01-09 11:00:54.772 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8189 (http)
|
||||
2026-01-09 11:00:54.780 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8189"]
|
||||
2026-01-09 11:00:54.781 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat]
|
||||
2026-01-09 11:00:54.781 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65]
|
||||
2026-01-09 11:00:55.055 [main] INFO o.a.c.c.C.[.[.[/syslogserve] - Initializing Spring embedded WebApplicationContext
|
||||
2026-01-09 11:00:55.055 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 3122 ms
|
||||
2026-01-09 11:01:00.030 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8189"]
|
||||
2026-01-09 11:01:00.049 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8189 (http) with context path '/syslogserve'
|
||||
2026-01-09 11:01:00.062 [main] INFO com.SyslogServeMainApp - Started SyslogServeMainApp in 8.727 seconds (JVM running for 13.906)
|
||||
2026-01-09 11:01:00.109 [main] INFO com.SyslogServeMainApp - Application SyslogServer start !
|
||||
2026-01-09 11:01:00.109 [main] INFO com.netty.SyslogServer - Starting Syslog server with TCP port 514 and UDP port 514
|
||||
2026-01-09 11:01:00.831 [pool-3-thread-2] INFO com.netty.SyslogServer - TCP Syslog server started on port 514
|
||||
2026-01-09 11:01:00.832 [pool-3-thread-1] INFO com.netty.SyslogServer - UDP Syslog server started on port 514
|
||||
2026-01-09 11:01:00.832 [main] INFO com.netty.SyslogServer - Both TCP and UDP Syslog servers are running
|
||||
2026-01-09 11:01:49.047 [nioEventLoopGroup-5-1] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:56244: <0> 2026-01-09T07:39:59+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-09T07:39:59.845554+0800","flow_id":1102849895591141,"community_id":"aT54c1tW1hhcT3lcsk2zR5FrSPQ=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":58657,"dest_ip":"112.34.111.149","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":4101951934,"tcp_ack_sequence":1757098085,"ether":{},"uri":"","referer":"","method":"\u0015\u0000\u0000\u0001\u0000\u0001\u0000\\x94\\x93p\\xfb\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","protocol":"","req_content_type":"","request_headers":"\u0015 \r\n","rsp_content_type":"","response_headers":""}
|
||||
2026-01-09 11:01:51.280 [nioEventLoopGroup-5-1] ERROR com.netty.SyslogMessageHandler - Exception in channel handler
|
||||
org.springframework.data.redis.RedisConnectionFailureException: Unable to connect to Redis; nested exception is io.lettuce.core.RedisConnectionException: Unable to connect to localhost:6379
|
||||
at org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory$ExceptionTranslatingConnectionProvider.translateException(LettuceConnectionFactory.java:1689)
|
||||
at org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory$ExceptionTranslatingConnectionProvider.getConnection(LettuceConnectionFactory.java:1597)
|
||||
at org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory$SharedConnection.getNativeConnection(LettuceConnectionFactory.java:1383)
|
||||
at org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory$SharedConnection.getConnection(LettuceConnectionFactory.java:1366)
|
||||
at org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory.getSharedConnection(LettuceConnectionFactory.java:1093)
|
||||
at org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory.getConnection(LettuceConnectionFactory.java:421)
|
||||
at org.springframework.data.redis.cache.DefaultRedisCacheWriter.execute(DefaultRedisCacheWriter.java:304)
|
||||
at org.springframework.data.redis.cache.DefaultRedisCacheWriter.get(DefaultRedisCacheWriter.java:130)
|
||||
at org.springframework.data.redis.cache.RedisCache.lookup(RedisCache.java:89)
|
||||
at org.springframework.cache.support.AbstractValueAdaptingCache.get(AbstractValueAdaptingCache.java:58)
|
||||
at org.springframework.cache.transaction.TransactionAwareCacheDecorator.get(TransactionAwareCacheDecorator.java:80)
|
||||
at org.springframework.cache.interceptor.AbstractCacheInvoker.doGet(AbstractCacheInvoker.java:73)
|
||||
at org.springframework.cache.interceptor.CacheAspectSupport.findInCaches(CacheAspectSupport.java:571)
|
||||
at org.springframework.cache.interceptor.CacheAspectSupport.findCachedItem(CacheAspectSupport.java:536)
|
||||
at org.springframework.cache.interceptor.CacheAspectSupport.execute(CacheAspectSupport.java:402)
|
||||
at org.springframework.cache.interceptor.CacheAspectSupport.execute(CacheAspectSupport.java:345)
|
||||
at org.springframework.cache.interceptor.CacheInterceptor.invoke(CacheInterceptor.java:64)
|
||||
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:186)
|
||||
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763)
|
||||
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:708)
|
||||
at com.common.service.impl.DeviceDeviceServiceImpl$$EnhancerBySpringCGLIB$$bac109c0.getByIpSafely(<generated>)
|
||||
at com.Modules.Device.DeviceProcess.<init>(DeviceProcess.java:49)
|
||||
at com.netty.SyslogMessageHandler.channelRead0(SyslogMessageHandler.java:47)
|
||||
at io.netty.channel.SimpleChannelInboundHandler.channelRead(SimpleChannelInboundHandler.java:99)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
|
||||
at io.netty.handler.codec.MessageToMessageDecoder.channelRead(MessageToMessageDecoder.java:103)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
|
||||
at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:346)
|
||||
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:318)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
|
||||
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
|
||||
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
|
||||
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
|
||||
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:788)
|
||||
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:724)
|
||||
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:650)
|
||||
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:562)
|
||||
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997)
|
||||
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
|
||||
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
|
||||
at java.lang.Thread.run(Thread.java:745)
|
||||
Caused by: io.lettuce.core.RedisConnectionException: Unable to connect to localhost:6379
|
||||
at io.lettuce.core.RedisConnectionException.create(RedisConnectionException.java:78)
|
||||
at io.lettuce.core.RedisConnectionException.create(RedisConnectionException.java:56)
|
||||
at io.lettuce.core.AbstractRedisClient.getConnection(AbstractRedisClient.java:330)
|
||||
at io.lettuce.core.RedisClient.connect(RedisClient.java:216)
|
||||
at org.springframework.data.redis.connection.lettuce.StandaloneConnectionProvider.lambda$getConnection$1(StandaloneConnectionProvider.java:115)
|
||||
at java.util.Optional.orElseGet(Optional.java:267)
|
||||
at org.springframework.data.redis.connection.lettuce.StandaloneConnectionProvider.getConnection(StandaloneConnectionProvider.java:115)
|
||||
at org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory$ExceptionTranslatingConnectionProvider.getConnection(LettuceConnectionFactory.java:1595)
|
||||
... 47 common frames omitted
|
||||
Caused by: java.nio.channels.ClosedChannelException: null
|
||||
at io.netty.channel.nio.AbstractNioChannel.doClose(AbstractNioChannel.java:502)
|
||||
at io.netty.channel.socket.nio.NioSocketChannel.doClose(NioSocketChannel.java:349)
|
||||
at io.netty.channel.AbstractChannel$AbstractUnsafe.doClose0(AbstractChannel.java:754)
|
||||
at io.netty.channel.AbstractChannel$AbstractUnsafe.close(AbstractChannel.java:731)
|
||||
at io.netty.channel.AbstractChannel$AbstractUnsafe.close(AbstractChannel.java:620)
|
||||
at io.netty.channel.DefaultChannelPipeline$HeadContext.close(DefaultChannelPipeline.java:1352)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.invokeClose(AbstractChannelHandlerContext.java:749)
|
||||
at io.netty.channel.AbstractChannelHandlerContext.access$1200(AbstractChannelHandlerContext.java:61)
|
||||
at io.netty.channel.AbstractChannelHandlerContext$11.run(AbstractChannelHandlerContext.java:732)
|
||||
at io.netty.util.concurrent.AbstractEventExecutor.runTask(AbstractEventExecutor.java:174)
|
||||
at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:167)
|
||||
at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:470)
|
||||
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:569)
|
||||
... 4 common frames omitted
|
||||
2026-01-09 11:29:32.247 [nioEventLoopGroup-5-2] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:54671: <0> 2026-01-09T07:39:59+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-09T07:39:59.845554+0800","flow_id":1102849895591141,"community_id":"aT54c1tW1hhcT3lcsk2zR5FrSPQ=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":58657,"dest_ip":"112.34.111.149","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":4101951934,"tcp_ack_sequence":1757098085,"ether":{},"uri":"","referer":"","method":"\u0015\u0000\u0000\u0001\u0000\u0001\u0000\\x94\\x93p\\xfb\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","protocol":"","req_content_type":"","request_headers":"\u0015 \r\n","rsp_content_type":"","response_headers":""}
|
||||
2026-01-09 11:29:32.384 [nioEventLoopGroup-5-2] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
|
||||
2026-01-09 11:29:33.051 [nioEventLoopGroup-5-2] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed.
|
||||
2026-01-09 11:38:58.872 [nioEventLoopGroup-5-3] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:52850: <0> 2026-01-09T07:39:59+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-09T07:39:59.845554+0800","flow_id":1102849895591141,"community_id":"aT54c1tW1hhcT3lcsk2zR5FrSPQ=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":58657,"dest_ip":"112.34.111.149","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":4101951934,"tcp_ack_sequence":1757098085,"ether":{},"uri":"","referer":"","method":"\u0015\u0000\u0000\u0001\u0000\u0001\u0000\\x94\\x93p\\xfb\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","protocol":"","req_content_type":"","request_headers":"\u0015 \r\n","rsp_content_type":"","response_headers":""}
|
||||
2026-01-09 11:47:57.824 [nioEventLoopGroup-5-4] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:57928: <0> 2026-01-09T07:39:59+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-09T07:39:59.845554+0800","flow_id":1102849895591141,"community_id":"aT54c1tW1hhcT3lcsk2zR5FrSPQ=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":58657,"dest_ip":"112.34.111.149","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":4101951934,"tcp_ack_sequence":1757098085,"ether":{},"uri":"","referer":"","method":"\u0015\u0000\u0000\u0001\u0000\u0001\u0000\\x94\\x93p\\xfb\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","protocol":"","req_content_type":"","request_headers":"\u0015 \r\n","rsp_content_type":"","response_headers":""}
|
||||
2026-01-09 15:27:55.550 [nioEventLoopGroup-5-5] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:55192: <0> 2026-01-09T07:39:59+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-09T07:39:59.845554+0800","flow_id":1102849895591141,"community_id":"aT54c1tW1hhcT3lcsk2zR5FrSPQ=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":58657,"dest_ip":"112.34.111.149","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":4101951934,"tcp_ack_sequence":1757098085,"ether":{},"uri":"","referer":"","method":"\u0015\u0000\u0000\u0001\u0000\u0001\u0000\\x94\\x93p\\xfb\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","protocol":"","req_content_type":"","request_headers":"\u0015 \r\n","rsp_content_type":"","response_headers":""}
|
||||
2026-01-09 15:36:44.239 [nioEventLoopGroup-5-6] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:49951: <0> 2026-01-09T07:39:59+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-09T07:39:59.845554+0800","flow_id":1102849895591141,"community_id":"aT54c1tW1hhcT3lcsk2zR5FrSPQ=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":58657,"dest_ip":"112.34.111.149","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":4101951934,"tcp_ack_sequence":1757098085,"ether":{},"uri":"","referer":"","method":"\u0015\u0000\u0000\u0001\u0000\u0001\u0000\\x94\\x93p\\xfb\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000","protocol":"","req_content_type":"","request_headers":"\u0015 \r\n","rsp_content_type":"","response_headers":""}
|
||||
2026-01-09 15:57:14.712 [HikariPool-1 housekeeper] WARN com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Thread starvation or clock leap detected (housekeeper delta=5m37s501ms654µs800ns).
|
||||
2026-01-09 17:25:52.192 [nioEventLoopGroup-5-7] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:52890: <0> 2026-01-09T17:09:15+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-09T17:09:15.160715+0800","flow_id":1198350732579968,"community_id":"q1DYMZcSdDgmfpAj9ozxmTzKNbY=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":41736,"dest_ip":"120.232.164.162","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3497657839,"tcp_ack_sequence":95825740,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"pull-hs-f5.flive.douyincdn.com","host_md5":"2b821a78621370fb0703c0c8076651ee","uri":"/thirdgame/stream-118644793116984074.flv?arch_hrchy=w1&enfpresource=2&exp_hrchy=w1&expire=1768553531&major_anchor_level=common&mtu_probe=false&protocol_stack=rust&rtm_sei_bypass=1&rtm_sstream_tag=fcdn_v3&sign=708e6204542769e1be14e825a3075aac&t_id=037-20260109165209EC0131706463F07583DF-WnNoS5&unique_id=stream-118644793116984074_778_flv&volcSecret=708e6204542769e1be14e825a3075aac&volcTime=1768553531&edgeup=v1&pt=v4&ptag=v4&_session_id=037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464&abr_pts=-2100","uri_md5":"7dfeefd12fae0a1654ba0cd0a980789e","agent":"LiveIO_ANDROID","referer":"","method":"GET","protocol":"HTTP/1.1","status":302,"req_content_type":"","request_headers":"user-agent: LiveIO_ANDROID\r\naccept: */*\r\nconnection: Close\r\nhost: pull-hs-f5.flive.douyincdn.com\r\n","rsp_content_type":"video/x-flv","response_headers":"access-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Server-Ip\r\ncache-control: no-cache\r\nconnection: close\r\ncontent-type: video/x-flv\r\nLocation: http://39.175.244.72/thirdgame/stream-118644793116984074.flv?302_type=extreme_cold_aggr&302_type_code=04&_session_id=037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464&abr_pts=-2100&align_delay=10&arch_hrchy=w1&domain=pull-hs-f5.flive.douyincdn.com&edgeup=v1&enable_pts_align=1&enfpresource=2&exp_hrchy=w1&expire=1768553531&fp_user_url=http%3A%2F%2Fpull-hs-f5.flive.douyincdn.com%2Fthirdgame%2Fstream-118644793116984074.flv%3Farch_hrchy%3Dw1%26enfpresource%3D2%26exp_hrchy%3Dw1%26expire%3D1768553531%26major_anchor_level%3Dcommon%26mtu_probe%3Dfalse%26protocol_stack%3Drust%26rtm_sei_bypass%3D1%26rtm_sstream_tag%3Dfcdn_v3%26sign%3D708e6204542769e1be14e825a3075aac%26t_id%3D037-20260109165209EC0131706463F07583DF-WnNoS5%26unique_id%3Dstream-118644793116984074_778_flv%26volcSecret%3D708e6204542769e1be14e825a3075aac%26volcTime%3D1768553531%26edgeup%3Dv1%26pt%3Dv4%26ptag%3Dv4%26_session_id%3D037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464%26abr_pts%3D-2100&hls_redirect_domain=bytefcdnrd.com&major_anchor_level=common&manage_ip=&mtu_probe=false&node_id=&pro_type=http&protocol_stack=rust&pt=v4&ptag=v4&redirect_from=pod.cn-6pz3yu.lvdb.nss&redirect_to=fc.cn-cn2316g2&redirect_to_ip=39.175.244.72&rtm_sei_bypass=1&rtm_sstream_tag=fcdn_v3&sign=708e6204542769e1be14e825a3075aac&t_id=037-20260109165209EC0131706463F07583DF-WnNoS5&unique_id=stream-118644793116984074_778_flv&vhost=push-rtmp-hs-f5.douyincdn.com&volcSecret=708e6204542769e1be14e825a3075aac&volcTime=1768553531\r\nServer: Bytedance NSS\r\nTiming-Allow-Origin: *\r\nVia: n120-232-164-132\r\nX-Cache-Status: Miss\r\nX-Client-Ip: 120.230.79.196\r\nX-Has-Token: 917220198\r\nX-Response-Timecost: {\"time_to_source\":-1,\"total_time\":-1}\r\nX-Server-Ip: 120.232.164.132\r\n"}
|
||||
2026-01-09 18:01:54.416 [nioEventLoopGroup-5-8] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:51626: <0> 2026-01-09T17:09:15+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-09T17:09:15.160715+0800","flow_id":1198350732579968,"community_id":"q1DYMZcSdDgmfpAj9ozxmTzKNbY=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":41736,"dest_ip":"120.232.164.162","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3497657839,"tcp_ack_sequence":95825740,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"pull-hs-f5.flive.douyincdn.com","host_md5":"2b821a78621370fb0703c0c8076651ee","uri":"/thirdgame/stream-118644793116984074.flv?arch_hrchy=w1&enfpresource=2&exp_hrchy=w1&expire=1768553531&major_anchor_level=common&mtu_probe=false&protocol_stack=rust&rtm_sei_bypass=1&rtm_sstream_tag=fcdn_v3&sign=708e6204542769e1be14e825a3075aac&t_id=037-20260109165209EC0131706463F07583DF-WnNoS5&unique_id=stream-118644793116984074_778_flv&volcSecret=708e6204542769e1be14e825a3075aac&volcTime=1768553531&edgeup=v1&pt=v4&ptag=v4&_session_id=037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464&abr_pts=-2100","uri_md5":"7dfeefd12fae0a1654ba0cd0a980789e","agent":"LiveIO_ANDROID","referer":"","method":"GET","protocol":"HTTP/1.1","status":302,"req_content_type":"","request_headers":"user-agent: LiveIO_ANDROID\r\naccept: */*\r\nconnection: Close\r\nhost: pull-hs-f5.flive.douyincdn.com\r\n","rsp_content_type":"video/x-flv","response_headers":"access-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Server-Ip\r\ncache-control: no-cache\r\nconnection: close\r\ncontent-type: video/x-flv\r\nLocation: http://39.175.244.72/thirdgame/stream-118644793116984074.flv?302_type=extreme_cold_aggr&302_type_code=04&_session_id=037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464&abr_pts=-2100&align_delay=10&arch_hrchy=w1&domain=pull-hs-f5.flive.douyincdn.com&edgeup=v1&enable_pts_align=1&enfpresource=2&exp_hrchy=w1&expire=1768553531&fp_user_url=http%3A%2F%2Fpull-hs-f5.flive.douyincdn.com%2Fthirdgame%2Fstream-118644793116984074.flv%3Farch_hrchy%3Dw1%26enfpresource%3D2%26exp_hrchy%3Dw1%26expire%3D1768553531%26major_anchor_level%3Dcommon%26mtu_probe%3Dfalse%26protocol_stack%3Drust%26rtm_sei_bypass%3D1%26rtm_sstream_tag%3Dfcdn_v3%26sign%3D708e6204542769e1be14e825a3075aac%26t_id%3D037-20260109165209EC0131706463F07583DF-WnNoS5%26unique_id%3Dstream-118644793116984074_778_flv%26volcSecret%3D708e6204542769e1be14e825a3075aac%26volcTime%3D1768553531%26edgeup%3Dv1%26pt%3Dv4%26ptag%3Dv4%26_session_id%3D037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464%26abr_pts%3D-2100&hls_redirect_domain=bytefcdnrd.com&major_anchor_level=common&manage_ip=&mtu_probe=false&node_id=&pro_type=http&protocol_stack=rust&pt=v4&ptag=v4&redirect_from=pod.cn-6pz3yu.lvdb.nss&redirect_to=fc.cn-cn2316g2&redirect_to_ip=39.175.244.72&rtm_sei_bypass=1&rtm_sstream_tag=fcdn_v3&sign=708e6204542769e1be14e825a3075aac&t_id=037-20260109165209EC0131706463F07583DF-WnNoS5&unique_id=stream-118644793116984074_778_flv&vhost=push-rtmp-hs-f5.douyincdn.com&volcSecret=708e6204542769e1be14e825a3075aac&volcTime=1768553531\r\nServer: Bytedance NSS\r\nTiming-Allow-Origin: *\r\nVia: n120-232-164-132\r\nX-Cache-Status: Miss\r\nX-Client-Ip: 120.230.79.196\r\nX-Has-Token: 917220198\r\nX-Response-Timecost: {\"time_to_source\":-1,\"total_time\":-1}\r\nX-Server-Ip: 120.232.164.132\r\n"}
|
||||
2026-01-09 18:10:56.132 [nioEventLoopGroup-5-9] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:63324: <0> 2026-01-09T17:09:15+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-09T17:09:15.160715+0800","flow_id":1198350732579968,"community_id":"q1DYMZcSdDgmfpAj9ozxmTzKNbY=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":41736,"dest_ip":"120.232.164.162","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3497657839,"tcp_ack_sequence":95825740,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"pull-hs-f5.flive.douyincdn.com","host_md5":"2b821a78621370fb0703c0c8076651ee","uri":"/thirdgame/stream-118644793116984074.flv?arch_hrchy=w1&enfpresource=2&exp_hrchy=w1&expire=1768553531&major_anchor_level=common&mtu_probe=false&protocol_stack=rust&rtm_sei_bypass=1&rtm_sstream_tag=fcdn_v3&sign=708e6204542769e1be14e825a3075aac&t_id=037-20260109165209EC0131706463F07583DF-WnNoS5&unique_id=stream-118644793116984074_778_flv&volcSecret=708e6204542769e1be14e825a3075aac&volcTime=1768553531&edgeup=v1&pt=v4&ptag=v4&_session_id=037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464&abr_pts=-2100","uri_md5":"7dfeefd12fae0a1654ba0cd0a980789e","agent":"LiveIO_ANDROID","referer":"","method":"GET","protocol":"HTTP/1.1","status":302,"req_content_type":"","request_headers":"user-agent: LiveIO_ANDROID\r\naccept: */*\r\nconnection: Close\r\nhost: pull-hs-f5.flive.douyincdn.com\r\n","rsp_content_type":"video/x-flv","response_headers":"access-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Server-Ip\r\ncache-control: no-cache\r\nconnection: close\r\ncontent-type: video/x-flv\r\nLocation: http://39.175.244.72/thirdgame/stream-118644793116984074.flv?302_type=extreme_cold_aggr&302_type_code=04&_session_id=037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464&abr_pts=-2100&align_delay=10&arch_hrchy=w1&domain=pull-hs-f5.flive.douyincdn.com&edgeup=v1&enable_pts_align=1&enfpresource=2&exp_hrchy=w1&expire=1768553531&fp_user_url=http%3A%2F%2Fpull-hs-f5.flive.douyincdn.com%2Fthirdgame%2Fstream-118644793116984074.flv%3Farch_hrchy%3Dw1%26enfpresource%3D2%26exp_hrchy%3Dw1%26expire%3D1768553531%26major_anchor_level%3Dcommon%26mtu_probe%3Dfalse%26protocol_stack%3Drust%26rtm_sei_bypass%3D1%26rtm_sstream_tag%3Dfcdn_v3%26sign%3D708e6204542769e1be14e825a3075aac%26t_id%3D037-20260109165209EC0131706463F07583DF-WnNoS5%26unique_id%3Dstream-118644793116984074_778_flv%26volcSecret%3D708e6204542769e1be14e825a3075aac%26volcTime%3D1768553531%26edgeup%3Dv1%26pt%3Dv4%26ptag%3Dv4%26_session_id%3D037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464%26abr_pts%3D-2100&hls_redirect_domain=bytefcdnrd.com&major_anchor_level=common&manage_ip=&mtu_probe=false&node_id=&pro_type=http&protocol_stack=rust&pt=v4&ptag=v4&redirect_from=pod.cn-6pz3yu.lvdb.nss&redirect_to=fc.cn-cn2316g2&redirect_to_ip=39.175.244.72&rtm_sei_bypass=1&rtm_sstream_tag=fcdn_v3&sign=708e6204542769e1be14e825a3075aac&t_id=037-20260109165209EC0131706463F07583DF-WnNoS5&unique_id=stream-118644793116984074_778_flv&vhost=push-rtmp-hs-f5.douyincdn.com&volcSecret=708e6204542769e1be14e825a3075aac&volcTime=1768553531\r\nServer: Bytedance NSS\r\nTiming-Allow-Origin: *\r\nVia: n120-232-164-132\r\nX-Cache-Status: Miss\r\nX-Client-Ip: 120.230.79.196\r\nX-Has-Token: 917220198\r\nX-Response-Timecost: {\"time_to_source\":-1,\"total_time\":-1}\r\nX-Server-Ip: 120.232.164.132\r\n"}
|
||||
2026-01-09 18:17:37.914 [nioEventLoopGroup-5-10] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:64167: <0> 2026-01-09T17:09:15+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-09T17:09:15.160715+0800","flow_id":1198350732579968,"community_id":"q1DYMZcSdDgmfpAj9ozxmTzKNbY=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":41736,"dest_ip":"120.232.164.162","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3497657839,"tcp_ack_sequence":95825740,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"pull-hs-f5.flive.douyincdn.com","host_md5":"2b821a78621370fb0703c0c8076651ee","uri":"/thirdgame/stream-118644793116984074.flv?arch_hrchy=w1&enfpresource=2&exp_hrchy=w1&expire=1768553531&major_anchor_level=common&mtu_probe=false&protocol_stack=rust&rtm_sei_bypass=1&rtm_sstream_tag=fcdn_v3&sign=708e6204542769e1be14e825a3075aac&t_id=037-20260109165209EC0131706463F07583DF-WnNoS5&unique_id=stream-118644793116984074_778_flv&volcSecret=708e6204542769e1be14e825a3075aac&volcTime=1768553531&edgeup=v1&pt=v4&ptag=v4&_session_id=037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464&abr_pts=-2100","uri_md5":"7dfeefd12fae0a1654ba0cd0a980789e","agent":"LiveIO_ANDROID","referer":"","method":"GET","protocol":"HTTP/1.1","status":302,"req_content_type":"","request_headers":"user-agent: LiveIO_ANDROID\r\naccept: */*\r\nconnection: Close\r\nhost: pull-hs-f5.flive.douyincdn.com\r\n","rsp_content_type":"video/x-flv","response_headers":"access-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Server-Ip\r\ncache-control: no-cache\r\nconnection: close\r\ncontent-type: video/x-flv\r\nLocation: http://39.175.244.72/thirdgame/stream-118644793116984074.flv?302_type=extreme_cold_aggr&302_type_code=04&_session_id=037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464&abr_pts=-2100&align_delay=10&arch_hrchy=w1&domain=pull-hs-f5.flive.douyincdn.com&edgeup=v1&enable_pts_align=1&enfpresource=2&exp_hrchy=w1&expire=1768553531&fp_user_url=http%3A%2F%2Fpull-hs-f5.flive.douyincdn.com%2Fthirdgame%2Fstream-118644793116984074.flv%3Farch_hrchy%3Dw1%26enfpresource%3D2%26exp_hrchy%3Dw1%26expire%3D1768553531%26major_anchor_level%3Dcommon%26mtu_probe%3Dfalse%26protocol_stack%3Drust%26rtm_sei_bypass%3D1%26rtm_sstream_tag%3Dfcdn_v3%26sign%3D708e6204542769e1be14e825a3075aac%26t_id%3D037-20260109165209EC0131706463F07583DF-WnNoS5%26unique_id%3Dstream-118644793116984074_778_flv%26volcSecret%3D708e6204542769e1be14e825a3075aac%26volcTime%3D1768553531%26edgeup%3Dv1%26pt%3Dv4%26ptag%3Dv4%26_session_id%3D037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464%26abr_pts%3D-2100&hls_redirect_domain=bytefcdnrd.com&major_anchor_level=common&manage_ip=&mtu_probe=false&node_id=&pro_type=http&protocol_stack=rust&pt=v4&ptag=v4&redirect_from=pod.cn-6pz3yu.lvdb.nss&redirect_to=fc.cn-cn2316g2&redirect_to_ip=39.175.244.72&rtm_sei_bypass=1&rtm_sstream_tag=fcdn_v3&sign=708e6204542769e1be14e825a3075aac&t_id=037-20260109165209EC0131706463F07583DF-WnNoS5&unique_id=stream-118644793116984074_778_flv&vhost=push-rtmp-hs-f5.douyincdn.com&volcSecret=708e6204542769e1be14e825a3075aac&volcTime=1768553531\r\nServer: Bytedance NSS\r\nTiming-Allow-Origin: *\r\nVia: n120-232-164-132\r\nX-Cache-Status: Miss\r\nX-Client-Ip: 120.230.79.196\r\nX-Has-Token: 917220198\r\nX-Response-Timecost: {\"time_to_source\":-1,\"total_time\":-1}\r\nX-Server-Ip: 120.232.164.132\r\n"}
|
||||
2026-01-09 18:26:22.954 [main] INFO com.SyslogServeMainApp - Starting SyslogServeMainApp using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 25676 (E:\GIT_GOSAME\haobang-security-xdr\syslog-serve\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr)
|
||||
2026-01-09 18:26:22.954 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final
|
||||
2026-01-09 18:26:22.956 [main] INFO com.SyslogServeMainApp - No active profile set, falling back to 1 default profile: "default"
|
||||
2026-01-09 18:26:24.953 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
|
||||
2026-01-09 18:26:24.954 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode.
|
||||
2026-01-09 18:26:25.122 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 153 ms. Found 0 Redis repository interfaces.
|
||||
2026-01-09 18:26:25.561 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8189 (http)
|
||||
2026-01-09 18:26:25.561 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8189"]
|
||||
2026-01-09 18:26:25.561 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat]
|
||||
2026-01-09 18:26:25.561 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65]
|
||||
2026-01-09 18:26:25.813 [main] INFO o.a.c.c.C.[.[.[/syslogserve] - Initializing Spring embedded WebApplicationContext
|
||||
2026-01-09 18:26:25.813 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 2787 ms
|
||||
2026-01-09 18:26:29.613 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8189"]
|
||||
2026-01-09 18:26:29.627 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8189 (http) with context path '/syslogserve'
|
||||
2026-01-09 18:26:29.636 [main] INFO com.SyslogServeMainApp - Started SyslogServeMainApp in 7.135 seconds (JVM running for 11.565)
|
||||
2026-01-09 18:26:29.675 [main] INFO com.SyslogServeMainApp - Application SyslogServer start !
|
||||
2026-01-09 18:26:29.675 [main] INFO com.netty.SyslogServer - Starting Syslog server with TCP port 514 and UDP port 514
|
||||
2026-01-09 18:26:30.117 [pool-3-thread-2] INFO com.netty.SyslogServer - TCP Syslog server started on port 514
|
||||
2026-01-09 18:26:30.117 [pool-3-thread-1] INFO com.netty.SyslogServer - UDP Syslog server started on port 514
|
||||
2026-01-09 18:26:30.118 [main] INFO com.netty.SyslogServer - Both TCP and UDP Syslog servers are running
|
||||
2026-01-09 18:26:32.082 [nioEventLoopGroup-5-1] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:57387: <0> 2026-01-09T17:09:15+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-09T17:09:15.160715+0800","flow_id":1198350732579968,"community_id":"q1DYMZcSdDgmfpAj9ozxmTzKNbY=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":41736,"dest_ip":"120.232.164.162","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3497657839,"tcp_ack_sequence":95825740,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"pull-hs-f5.flive.douyincdn.com","host_md5":"2b821a78621370fb0703c0c8076651ee","uri":"/thirdgame/stream-118644793116984074.flv?arch_hrchy=w1&enfpresource=2&exp_hrchy=w1&expire=1768553531&major_anchor_level=common&mtu_probe=false&protocol_stack=rust&rtm_sei_bypass=1&rtm_sstream_tag=fcdn_v3&sign=708e6204542769e1be14e825a3075aac&t_id=037-20260109165209EC0131706463F07583DF-WnNoS5&unique_id=stream-118644793116984074_778_flv&volcSecret=708e6204542769e1be14e825a3075aac&volcTime=1768553531&edgeup=v1&pt=v4&ptag=v4&_session_id=037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464&abr_pts=-2100","uri_md5":"7dfeefd12fae0a1654ba0cd0a980789e","agent":"LiveIO_ANDROID","referer":"","method":"GET","protocol":"HTTP/1.1","status":302,"req_content_type":"","request_headers":"user-agent: LiveIO_ANDROID\r\naccept: */*\r\nconnection: Close\r\nhost: pull-hs-f5.flive.douyincdn.com\r\n","rsp_content_type":"video/x-flv","response_headers":"access-control-allow-methods: GET,POST,OPTIONS\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: X-Server-Ip\r\ncache-control: no-cache\r\nconnection: close\r\ncontent-type: video/x-flv\r\nLocation: http://39.175.244.72/thirdgame/stream-118644793116984074.flv?302_type=extreme_cold_aggr&302_type_code=04&_session_id=037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464&abr_pts=-2100&align_delay=10&arch_hrchy=w1&domain=pull-hs-f5.flive.douyincdn.com&edgeup=v1&enable_pts_align=1&enfpresource=2&exp_hrchy=w1&expire=1768553531&fp_user_url=http%3A%2F%2Fpull-hs-f5.flive.douyincdn.com%2Fthirdgame%2Fstream-118644793116984074.flv%3Farch_hrchy%3Dw1%26enfpresource%3D2%26exp_hrchy%3Dw1%26expire%3D1768553531%26major_anchor_level%3Dcommon%26mtu_probe%3Dfalse%26protocol_stack%3Drust%26rtm_sei_bypass%3D1%26rtm_sstream_tag%3Dfcdn_v3%26sign%3D708e6204542769e1be14e825a3075aac%26t_id%3D037-20260109165209EC0131706463F07583DF-WnNoS5%26unique_id%3Dstream-118644793116984074_778_flv%26volcSecret%3D708e6204542769e1be14e825a3075aac%26volcTime%3D1768553531%26edgeup%3Dv1%26pt%3Dv4%26ptag%3Dv4%26_session_id%3D037-20260109165209EC0131706463F07583DF-WnNoS5.1767949754287.-940398464%26abr_pts%3D-2100&hls_redirect_domain=bytefcdnrd.com&major_anchor_level=common&manage_ip=&mtu_probe=false&node_id=&pro_type=http&protocol_stack=rust&pt=v4&ptag=v4&redirect_from=pod.cn-6pz3yu.lvdb.nss&redirect_to=fc.cn-cn2316g2&redirect_to_ip=39.175.244.72&rtm_sei_bypass=1&rtm_sstream_tag=fcdn_v3&sign=708e6204542769e1be14e825a3075aac&t_id=037-20260109165209EC0131706463F07583DF-WnNoS5&unique_id=stream-118644793116984074_778_flv&vhost=push-rtmp-hs-f5.douyincdn.com&volcSecret=708e6204542769e1be14e825a3075aac&volcTime=1768553531\r\nServer: Bytedance NSS\r\nTiming-Allow-Origin: *\r\nVia: n120-232-164-132\r\nX-Cache-Status: Miss\r\nX-Client-Ip: 120.230.79.196\r\nX-Has-Token: 917220198\r\nX-Response-Timecost: {\"time_to_source\":-1,\"total_time\":-1}\r\nX-Server-Ip: 120.232.164.132\r\n"}
|
||||
2026-01-09 18:26:32.265 [nioEventLoopGroup-5-1] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
|
||||
2026-01-09 18:26:32.842 [nioEventLoopGroup-5-1] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed.
|
||||
31
haobang-security-xdr/logs/syslog-serve.log
Normal file
31
haobang-security-xdr/logs/syslog-serve.log
Normal file
@@ -0,0 +1,31 @@
|
||||
2026-01-10 13:26:58.023 [main] INFO com.SyslogServeMainApp - Starting SyslogServeMainApp using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 26480 (E:\GIT_GOSAME\haobang-security-xdr\syslog-serve\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr)
|
||||
2026-01-10 13:26:58.023 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final
|
||||
2026-01-10 13:26:58.029 [main] INFO com.SyslogServeMainApp - No active profile set, falling back to 1 default profile: "default"
|
||||
2026-01-10 13:26:59.839 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
|
||||
2026-01-10 13:26:59.839 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode.
|
||||
2026-01-10 13:27:00.011 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 153 ms. Found 0 Redis repository interfaces.
|
||||
2026-01-10 13:27:00.592 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8189 (http)
|
||||
2026-01-10 13:27:00.604 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8189"]
|
||||
2026-01-10 13:27:00.604 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat]
|
||||
2026-01-10 13:27:00.604 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65]
|
||||
2026-01-10 13:27:00.971 [main] INFO o.a.c.c.C.[.[.[/syslogserve] - Initializing Spring embedded WebApplicationContext
|
||||
2026-01-10 13:27:00.971 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 2874 ms
|
||||
2026-01-10 13:27:04.637 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8189"]
|
||||
2026-01-10 13:27:04.652 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8189 (http) with context path '/syslogserve'
|
||||
2026-01-10 13:27:04.662 [main] INFO com.SyslogServeMainApp - Started SyslogServeMainApp in 7.133 seconds (JVM running for 12.488)
|
||||
2026-01-10 13:27:04.693 [main] INFO com.SyslogServeMainApp - Application SyslogServer start !
|
||||
2026-01-10 13:27:04.694 [main] INFO com.netty.SyslogServer - Starting Syslog server with TCP port 514 and UDP port 514
|
||||
2026-01-10 13:27:05.069 [pool-3-thread-2] INFO com.netty.SyslogServer - TCP Syslog server started on port 514
|
||||
2026-01-10 13:27:05.069 [pool-3-thread-1] INFO com.netty.SyslogServer - UDP Syslog server started on port 514
|
||||
2026-01-10 13:27:05.069 [main] INFO com.netty.SyslogServer - Both TCP and UDP Syslog servers are running
|
||||
2026-01-10 13:38:58.993 [nioEventLoopGroup-5-1] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.0.103:65442: <0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}
|
||||
2026-01-10 13:38:59.375 [nioEventLoopGroup-5-1] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
|
||||
2026-01-10 13:38:59.994 [nioEventLoopGroup-5-1] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed.
|
||||
2026-01-10 13:39:00.321 [nioEventLoopGroup-5-1] ERROR com.Modules.Device.DeviceProcess - 设备请求的Host IP非系统注册,请联系管理员添加设备信息!
|
||||
2026-01-10 13:39:00.321 [nioEventLoopGroup-5-1] INFO com.netty.SyslogMessageHandler - syslog message 的请求设备IP:192.168.0.103非系统注册,暂不做处理!
|
||||
2026-01-10 13:39:00.579 [nioEventLoopGroup-5-1] INFO c.c.s.impl.DeviceUnknownServiceImpl - 更新设备最后发现时间成功,ID: 16
|
||||
2026-01-10 13:59:49.596 [HikariPool-1 housekeeper] WARN com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Thread starvation or clock leap detected (housekeeper delta=5m51s158ms35µs500ns).
|
||||
2026-01-10 14:08:50.222 [nioEventLoopGroup-5-2] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.0.103:59772: <0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}
|
||||
2026-01-10 14:08:55.232 [nioEventLoopGroup-5-2] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@53953cd1 (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
|
||||
2026-01-10 14:25:15.953 [nioEventLoopGroup-5-3] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.0.103:65302: <0> 2026-01-10T13:47:27+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T13:47:27.249503+0800","flow_id":767115114538067,"community_id":"fFU2gDB2+pyUS6xQpAqqLdPLG4k=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"192.168.2.81","src_port":51018,"dest_ip":"120.241.131.42","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":423808413,"tcp_ack_sequence":3371175627,"ether":{},"host":"szextshort.weixin.qq.com","host_md5":"d7745538302ebc766b77ca8a4f3dd735","uri":"/mmtls/1abfe317","uri_md5":"e889825636e4d22b1d364b6bd6400ad5","agent":"MicroMessenger Client","referer":"","method":"POST","protocol":"HTTP/1.1","req_content_type":"application/octet-stream","request_headers":"accept: */*\r\ncache-control: no-cache\r\nconnection: Keep-Alive\r\ncontent-length: 2579\r\ncontent-type: application/octet-stream\r\nHost: szextshort.weixin.qq.com\r\nUpgrade: mmtls\r\nUser-Agent: MicroMessenger Client\r\n","rsp_content_type":"","response_headers":""}
|
||||
2026-01-10 14:48:21.561 [nioEventLoopGroup-5-4] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.0.103:64558: <0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}
|
||||
Reference in New Issue
Block a user