diff --git a/haobang-security-dm/.idea/workspace.xml b/haobang-security-dm/.idea/workspace.xml
index 358da24..7035a1c 100644
--- a/haobang-security-dm/.idea/workspace.xml
+++ b/haobang-security-dm/.idea/workspace.xml
@@ -1,265 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project version="4">
   <component name="ChangeListManager">
-    <list default="true" id="a9c448ac-d772-4746-916f-923fb3063966" name="Default Changelist" comment="1、新增降噪日志数据健康监测告警&#10;2、IP联动封禁功能完善">
-      <change afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/docker-compose/docker-compose-consumer-nw.yaml" afterDir="false" />
-      <change afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/docker-compose/docker-compose-consumer-prod.yaml" afterDir="false" />
-      <change afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/resources/application-pre-nw.properties" afterDir="false" />
-      <change afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/docker-compose/docker-compose-serve-nw.yaml" afterDir="false" />
-      <change afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/docker-compose/docker-compose-serve-prod.yaml" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/compiler.xml" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/.idea/compiler.xml" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/encodings.xml" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/.idea/encodings.xml" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__ch_qos_logback_logback_classic_1_2_11.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__ch_qos_logback_logback_core_1_2_11.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__cn_hutool_hutool_all_5_8_16.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__co_elastic_clients_elasticsearch_java_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_alibaba_fastjson2_fastjson2_2_0_40.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_alibaba_fastjson_1_2_83.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_baomidou_mybatis_plus_3_5_3_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_baomidou_mybatis_plus_annotation_3_5_3_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_baomidou_mybatis_plus_boot_starter_3_5_3_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_baomidou_mybatis_plus_core_3_5_3_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_baomidou_mybatis_plus_extension_3_5_3_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_carrotsearch_hppc_0_8_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_classmate_1_5_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_jackson_core_jackson_annotations_2_13_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_jackson_core_jackson_annotations_2_13_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_jackson_core_jackson_core_2_13_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_jackson_core_jackson_core_2_13_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_jackson_core_jackson_databind_2_13_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_jackson_dataformat_jackson_dataformat_cbor_2_13_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_jackson_dataformat_jackson_dataformat_smile_2_13_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_jackson_dataformat_jackson_dataformat_yaml_2_13_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_jackson_datatype_jackson_datatype_jdk8_2_13_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_jackson_datatype_jackson_datatype_jsr310_2_13_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_fasterxml_jackson_module_jackson_module_parameter_names_2_13_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_github_jsqlparser_jsqlparser_4_5.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_github_luben_zstd_jni_1_5_2_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_github_pagehelper_pagehelper_5_3_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_github_pagehelper_pagehelper_spring_boot_autoconfigure_1_4_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_github_pagehelper_pagehelper_spring_boot_starter_1_4_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_github_spullara_mustache_java_compiler_0_9_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_google_code_findbugs_jsr305_3_0_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_google_code_gson_gson_2_9_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_influxdb_influxdb_client_core_6_9_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_influxdb_influxdb_client_java_6_9_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_influxdb_influxdb_client_utils_6_9_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_jayway_jsonpath_json_path_2_7_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_mchange_mchange_commons_java_0_2_15.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_squareup_okhttp3_logging_interceptor_4_9_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_squareup_okhttp3_okhttp_4_9_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_squareup_okio_okio_3_3_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_squareup_okio_okio_jvm_3_3_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_squareup_retrofit2_adapter_rxjava3_2_9_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_squareup_retrofit2_converter_gson_2_9_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_squareup_retrofit2_converter_scalars_2_9_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_squareup_retrofit2_retrofit_2_9_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_tdunning_t_digest_3_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_typesafe_config_1_4_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_vaadin_external_google_android_json_0_0_20131108_vaadin1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__com_zaxxer_HikariCP_4_0_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__commons_codec_commons_codec_1_15.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_lettuce_lettuce_core_6_1_9_RELEASE.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_all_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_buffer_4_1_82_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_buffer_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_4_1_82_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_dns_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_haproxy_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_http2_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_http_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_memcache_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_mqtt_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_redis_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_smtp_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_socks_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_stomp_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_codec_xml_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_common_4_1_82_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_common_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_handler_4_1_82_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_handler_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_handler_proxy_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_handler_ssl_ocsp_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_resolver_4_1_82_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_resolver_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_resolver_dns_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_resolver_dns_classes_macos_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_resolver_dns_native_macos_osx_aarch_64_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_resolver_dns_native_macos_osx_x86_64_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_4_1_82_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_classes_epoll_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_classes_kqueue_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_native_epoll_linux_aarch_64_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_native_epoll_linux_x86_64_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_native_kqueue_osx_aarch_64_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_native_kqueue_osx_x86_64_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_native_unix_common_4_1_82_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_native_unix_common_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_rxtx_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_sctp_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_netty_netty_transport_udt_4_1_92_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_projectreactor_reactor_core_3_4_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__io_reactivex_rxjava3_rxjava_3_1_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__jakarta_activation_jakarta_activation_api_1_2_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__jakarta_annotation_jakarta_annotation_api_1_3_5.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__jakarta_json_jakarta_json_api_1_1_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__jakarta_validation_jakarta_validation_api_2_0_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__jakarta_xml_bind_jakarta_xml_bind_api_2_3_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__joda_time_joda_time_2_9_9.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__net_bytebuddy_byte_buddy_1_12_17.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__net_bytebuddy_byte_buddy_agent_1_12_17.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__net_java_dev_jna_jna_5_10_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__net_minidev_accessors_smart_2_4_8.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__net_minidev_json_smart_2_4_8.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__net_sf_jopt_simple_jopt_simple_5_0_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_commons_commons_csv_1_10_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_commons_commons_lang3_3_12_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_httpcomponents_httpasyncclient_4_1_5.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_httpcomponents_httpclient_4_5_13.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_httpcomponents_httpcore_4_4_15.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_httpcomponents_httpcore_nio_4_4_15.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_kafka_kafka_clients_3_4_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_logging_log4j_log4j_api_2_17_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_logging_log4j_log4j_to_slf4j_2_17_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_analyzers_common_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_backward_codecs_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_core_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_grouping_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_highlighter_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_join_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_memory_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_misc_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_queries_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_queryparser_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_sandbox_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_spatial3d_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_lucene_lucene_suggest_8_11_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_tomcat_embed_tomcat_embed_core_9_0_65.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_tomcat_embed_tomcat_embed_el_9_0_65.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apache_tomcat_embed_tomcat_embed_websocket_9_0_65.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_apiguardian_apiguardian_api_1_1_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_assertj_assertj_core_3_22_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_checkerframework_checker_qual_3_5_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_eclipse_parsson_parsson_1_0_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_client_elasticsearch_rest_client_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_client_elasticsearch_rest_high_level_client_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_elasticsearch_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_elasticsearch_cli_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_elasticsearch_core_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_elasticsearch_geo_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_elasticsearch_lz4_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_elasticsearch_plugin_classloader_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_elasticsearch_secure_sm_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_elasticsearch_x_content_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_plugin_aggs_matrix_stats_client_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_plugin_lang_mustache_client_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_plugin_mapper_extras_client_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_plugin_parent_join_client_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_elasticsearch_plugin_rank_eval_client_7_17_6.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_graylog2_syslog4j_0_9_61.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_hamcrest_hamcrest_2_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_hdrhistogram_HdrHistogram_2_1_9.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_hibernate_validator_hibernate_validator_6_2_5_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_jboss_logging_jboss_logging_3_4_3_Final.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_jetbrains_annotations_13_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_jetbrains_kotlin_kotlin_stdlib_1_6_21.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_jetbrains_kotlin_kotlin_stdlib_common_1_6_21.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_jetbrains_kotlin_kotlin_stdlib_jdk7_1_6_21.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_jetbrains_kotlin_kotlin_stdlib_jdk8_1_6_21.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_json_json_20231013.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_junit_jupiter_junit_jupiter_5_8_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_junit_jupiter_junit_jupiter_5_9_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_junit_jupiter_junit_jupiter_api_5_8_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_junit_jupiter_junit_jupiter_engine_5_8_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_junit_jupiter_junit_jupiter_params_5_8_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_junit_platform_junit_platform_commons_1_8_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_junit_platform_junit_platform_engine_1_8_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_lz4_lz4_java_1_8_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_mockito_mockito_core_4_5_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_mockito_mockito_junit_jupiter_4_5_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_mybatis_mybatis_3_5_10.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_mybatis_mybatis_spring_2_1_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_mybatis_spring_boot_mybatis_spring_boot_autoconfigure_2_3_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_mybatis_spring_boot_mybatis_spring_boot_starter_2_3_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_objenesis_objenesis_3_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_opentest4j_opentest4j_1_2_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_ow2_asm_asm_9_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_postgresql_postgresql_42_5_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_projectlombok_lombok_1_18_24.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_quartz_scheduler_quartz_2_3_2.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_reactivestreams_reactive_streams_1_0_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_skyscreamer_jsonassert_1_5_1.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_slf4j_jul_to_slf4j_1_7_36.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_slf4j_slf4j_api_1_7_36.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_slf4j_slf4j_simple_2_0_7.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_autoconfigure_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_cache_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_data_elasticsearch_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_data_redis_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_jdbc_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_json_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_logging_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_quartz_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_test_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_tomcat_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_validation_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_starter_web_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_test_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_boot_spring_boot_test_autoconfigure_2_7_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_data_spring_data_commons_2_7_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_data_spring_data_elasticsearch_4_4_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_data_spring_data_keyvalue_2_7_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_data_spring_data_redis_2_7_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_kafka_spring_kafka_2_8_9.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_retry_spring_retry_1_3_3.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_aop_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_beans_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_context_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_context_support_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_core_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_expression_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_jcl_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_jdbc_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_messaging_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_oxm_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_test_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_tx_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_web_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_springframework_spring_webmvc_5_3_23.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_xerial_snappy_snappy_java_1_1_8_4.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_xmlunit_xmlunit_core_2_9_0.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/libraries/Maven__org_yaml_snakeyaml_1_30.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/misc.xml" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/.idea/misc.xml" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/modules.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/uiDesigner.xml" beforeDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/.idea/workspace.xml" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/logs/syslog-consumer.log" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/logs/syslog-consumer.log" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/logs/syslog-serve.log" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/logs/syslog-serve.log" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/pom.xml" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/pom.xml" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-client/logs/syslog-client.log" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-client/logs/syslog-client.log" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/docker_run.txt" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/docker_run.txt" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/pom.xml" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/pom.xml" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/java/com/Modules/NormalData/SysLogProcessor.java" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/java/com/Modules/NormalData/SysLogProcessor.java" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/java/com/common/schedule/AlarmHealthCheckScheduler.java" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/java/com/common/schedule/AlarmHealthCheckScheduler.java" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/java/com/common/service/AlarmHealthCheckService.java" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/java/com/common/service/AlarmHealthCheckService.java" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/java/com/influx/InfluxDBClient.java" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/java/com/influx/InfluxDBClient.java" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/resources/application-dev.properties" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/resources/application-dev.properties" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/resources/application-prod.properties" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/resources/application-prod.properties" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/resources/application.properties" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-consumer/src/main/resources/application.properties" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/docker_run.txt" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/docker_run.txt" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/logs/syslog-serve.log" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/logs/syslog-serve.log" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/pom.xml" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/pom.xml" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/src/main/java/com/haobang/firewall/FirewallApiClient.java" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/src/main/java/com/haobang/firewall/FirewallApiClient.java" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/src/main/resources/application-dev.properties" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/src/main/resources/application-dev.properties" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/src/main/resources/application-prod.properties" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/src/main/resources/application-prod.properties" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/src/main/resources/application-test.properties" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/src/main/resources/application-test.properties" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/src/main/resources/application.properties" beforeDir="false" afterPath="$PROJECT_DIR$/../haobang-security-xdr/syslog-serve/src/main/resources/application.properties" afterDir="false" />
-    </list>
+    <list default="true" id="a9c448ac-d772-4746-916f-923fb3063966" name="Default Changelist" comment="1、新增降噪日志数据健康监测告警&#10;2、IP联动封禁功能完善" />
     <ignored path="$PROJECT_DIR$/syslog-serve/target/" />
     <ignored path="$PROJECT_DIR$/syslog-client/target/" />
     <ignored path="$PROJECT_DIR$/syslog-consumer/target/" />
@@ -360,24 +102,56 @@
         </counts>
       </usages-collector>
     </session>
-    <session id="-807770361">
+    <session id="-66873345">
       <usages-collector id="statistics.lifecycle.project">
         <counts>
-          <entry key="project.closed" value="1" />
-          <entry key="project.open.time.4" value="1" />
-          <entry key="project.opened" value="1" />
+          <entry key="project.closed" value="6" />
+          <entry key="project.open.time.16" value="2" />
+          <entry key="project.open.time.17" value="1" />
+          <entry key="project.open.time.18" value="1" />
+          <entry key="project.open.time.19" value="1" />
+          <entry key="project.open.time.20" value="1" />
+          <entry key="project.open.time.25" value="1" />
+          <entry key="project.open.time.27" value="1" />
+          <entry key="project.open.time.3" value="1" />
+          <entry key="project.opened" value="9" />
         </counts>
       </usages-collector>
       <usages-collector id="statistics.file.extensions.open">
         <counts>
-          <entry key="java" value="10" />
-          <entry key="yaml" value="1" />
+          <entry key="Dockerfile" value="4" />
+          <entry key="class" value="6" />
+          <entry key="java" value="76" />
+          <entry key="log" value="2" />
+          <entry key="properties" value="68" />
+          <entry key="txt" value="8" />
+          <entry key="xml" value="20" />
         </counts>
       </usages-collector>
       <usages-collector id="statistics.file.types.open">
         <counts>
-          <entry key="JAVA" value="10" />
-          <entry key="YAML" value="1" />
+          <entry key="CLASS" value="6" />
+          <entry key="JAVA" value="76" />
+          <entry key="PLAIN_TEXT" value="14" />
+          <entry key="Properties" value="68" />
+          <entry key="XML" value="20" />
+        </counts>
+      </usages-collector>
+      <usages-collector id="statistics.file.extensions.edit">
+        <counts>
+          <entry key="java" value="304" />
+          <entry key="properties" value="339" />
+          <entry key="txt" value="102" />
+          <entry key="xml" value="32" />
+        </counts>
+      </usages-collector>
+      <usages-collector id="statistics.file.types.edit">
+        <counts>
+          <entry key="JAVA" value="304" />
+          <entry key="PLAIN_TEXT" value="102" />
+          <entry key="Properties" value="339" />
+          <entry key="SQL" value="10" />
+          <entry key="XML" value="22" />
         </counts>
       </usages-collector>
     </session>
@@ -388,91 +162,87 @@
   <component name="FileEditorManager">
     <leaf SIDE_TABS_SIZE_LIMIT_KEY="300">
       <file pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/PartitionTableController.java">
+        <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/application-dev.properties">
+          <provider selected="true" editor-type-id="text-editor">
+            <state relative-caret-position="1980">
+              <caret line="90" column="28" selection-start-line="90" selection-start-column="28" selection-end-line="90" selection-end-column="28" />
+            </state>
+          </provider>
+        </entry>
+      </file>
+      <file pinned="false" current-in-tab="false">
+        <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/Modules/Device/DeviceProcess.java">
+          <provider selected="true" editor-type-id="text-editor">
+            <state relative-caret-position="2750">
+              <caret line="145" column="68" selection-start-line="145" selection-start-column="68" selection-end-line="145" selection-end-column="68" />
+            </state>
+          </provider>
+        </entry>
+      </file>
+      <file pinned="false" current-in-tab="false">
+        <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/common/mapper/AlarmMapper.java">
           <provider selected="true" editor-type-id="text-editor">
             <state relative-caret-position="132">
-              <caret line="13" column="13" selection-start-line="13" selection-start-column="13" selection-end-line="13" selection-end-column="13" />
+              <caret line="8" column="17" selection-start-line="8" selection-start-column="17" selection-end-line="8" selection-end-column="17" />
             </state>
           </provider>
         </entry>
       </file>
       <file pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/GlobalExceptionHandler.java">
+        <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalAlarmMapper.xml">
+          <provider selected="true" editor-type-id="text-editor" />
+        </entry>
+      </file>
+      <file pinned="false" current-in-tab="false">
+        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/mapper/SyslogNormalDataMapper.java">
           <provider selected="true" editor-type-id="text-editor">
-            <state relative-caret-position="110">
-              <caret line="17" column="13" selection-start-line="17" selection-start-column="13" selection-end-line="17" selection-end-column="13" />
+            <state relative-caret-position="1760">
+              <caret line="87" column="27" selection-start-line="87" selection-start-column="27" selection-end-line="87" selection-end-column="27" />
             </state>
           </provider>
         </entry>
       </file>
       <file pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/ETLController.java">
+        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/resources/mapper/SyslogNormalDataMapper.xml">
           <provider selected="true" editor-type-id="text-editor">
-            <state relative-caret-position="198">
-              <caret line="17" column="13" selection-start-line="17" selection-start-column="13" selection-end-line="17" selection-end-column="13" />
+            <state relative-caret-position="20020">
+              <caret line="910" column="57" selection-start-line="910" selection-start-column="57" selection-end-line="910" selection-end-column="57" />
             </state>
           </provider>
         </entry>
       </file>
       <file pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/DmColumnController.java">
+        <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/common/entity/Alarm.java">
           <provider selected="true" editor-type-id="text-editor">
-            <state relative-caret-position="132">
-              <caret line="25" column="13" selection-start-line="25" selection-start-column="13" selection-end-line="25" selection-end-column="13" />
-            </state>
-          </provider>
-        </entry>
-      </file>
-      <file pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/CacheController.java">
-          <provider selected="true" editor-type-id="text-editor">
-            <state relative-caret-position="176">
-              <caret line="16" column="13" selection-start-line="16" selection-start-column="13" selection-end-line="16" selection-end-column="13" />
+            <state relative-caret-position="154">
+              <caret line="9" column="13" selection-start-line="9" selection-start-column="13" selection-end-line="9" selection-end-column="13" />
             </state>
           </provider>
         </entry>
       </file>
       <file pinned="false" current-in-tab="true">
-        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/AppLogController.java">
+        <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/common/entity/AlarmVisit.java">
           <provider selected="true" editor-type-id="text-editor">
-            <state relative-caret-position="550">
-              <caret line="31" column="5" lean-forward="true" selection-start-line="31" selection-start-column="5" selection-end-line="31" selection-end-column="5" />
+            <state relative-caret-position="95">
+              <caret line="33" column="27" selection-start-line="33" selection-start-column="27" selection-end-line="33" selection-end-column="27" />
             </state>
           </provider>
         </entry>
       </file>
       <file pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/AnalysisRuleController.java">
+        <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalDataMapper.xml">
           <provider selected="true" editor-type-id="text-editor">
-            <state relative-caret-position="220">
-              <caret line="20" column="13" selection-start-line="20" selection-start-column="13" selection-end-line="20" selection-end-column="13" />
+            <state relative-caret-position="16082">
+              <caret line="731" column="77" selection-start-line="731" selection-start-column="77" selection-end-line="731" selection-end-column="77" />
             </state>
           </provider>
         </entry>
       </file>
       <file pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/SyslogPushController.java">
+        <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/Dockerfile">
           <provider selected="true" editor-type-id="text-editor">
-            <state relative-caret-position="132">
-              <caret line="27" column="13" selection-start-line="27" selection-start-column="13" selection-end-line="27" selection-end-column="13" />
-            </state>
-          </provider>
-        </entry>
-      </file>
-      <file pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/SyslogNonNormalMessageController.java">
-          <provider selected="true" editor-type-id="text-editor">
-            <state relative-caret-position="220">
-              <caret line="24" column="13" selection-start-line="24" selection-start-column="13" selection-end-line="24" selection-end-column="13" />
-            </state>
-          </provider>
-        </entry>
-      </file>
-      <file pinned="false" current-in-tab="false">
-        <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/SyslogController.java">
-          <provider selected="true" editor-type-id="text-editor">
-            <state relative-caret-position="242">
-              <caret line="30" column="13" selection-start-line="30" selection-start-column="13" selection-end-line="30" selection-end-column="13" />
+            <state relative-caret-position="286">
+              <caret line="13" column="39" selection-start-line="13" selection-start-column="39" selection-end-line="13" selection-end-column="39" />
             </state>
           </provider>
         </entry>
@@ -488,20 +258,6 @@
   </component>
   <component name="FindInProjectRecents">
     <findStrings>
-      <find>bigint</find>
-      <find>device_id</find>
-      <find>event_level</find>
-      <find>event_category</find>
-      <find>dataMap.event_category</find>
-      <find>dataMap.attack_result</find>
-      <find>dataMap.event_type</find>
-      <find>dataMap.fall</find>
-      <find>dataMap.collect_method</find>
-      <find>dataMap.device_type</find>
-      <find>dataMap.srcip_id</find>
-      <find>dataMap.origin_total_bytes</find>
-      <find>dataMap.target_port</find>
-      <find>print_pages</find>
       <find>srcAddress</find>
       <find>src_ip</find>
       <find>window</find>
@@ -518,6 +274,20 @@
       <find>syslog-consumer</find>
       <find>@Scheduled</find>
       <find>配置 Elasticsearch</find>
+      <find>dameng</find>
+      <find>spring.jackson.serialization.fail-on-self-references=false</find>
+      <find>处理初始化异常</find>
+      <find>getCropperParams</find>
+      <find>ARRAY_AGG</find>
+      <find>JSONB_AGG</find>
+      <find>AS window_time</find>
+      <find>tumble_start</find>
+      <find>hop_start</find>
+      <find>session</find>
+      <find>toString</find>
+      <find>补充原始记录日志字段异</find>
+      <find>补充原始记录日志字段异常</find>
+      <find>processAlgorithm</find>
     </findStrings>
     <replaceStrings>
       <replace>com.common.</replace>
@@ -532,57 +302,57 @@
   <component name="IdeDocumentHistory">
     <option name="CHANGED_PATHS">
       <list>
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/DeviceStatsUpdateService.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/schedule/ETLOrchestrator.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/SyslogNonNormalMessageController.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/mapper/SyslogNormalDataMapper.xml" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/mapper/SyslogNormalAlarmMapper.xml" />
-        <option value="$PROJECT_DIR$/syslog-consumer/docker_run.txt" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/influx/InfluxDBClient.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/Modules/NormalData/SysLogProcessor.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/AlarmHealthCheckService.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/schedule/AlarmHealthCheckScheduler.java" />
-        <option value="$PROJECT_DIR$/syslog-serve/src/main/java/com/haobang/interlocking/InterlockingService.java" />
-        <option value="$PROJECT_DIR$/syslog-serve/src/main/resources/application-test.properties" />
-        <option value="$PROJECT_DIR$/syslog-serve/src/main/java/com/haobang/firewall/FirewallApiClient.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/haobang/controller/ProbeHeartbeatController.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/entity/DeviceCollectHeartbeatHistory.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/entity/DeviceCollectHeartbeat.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/mapper/DeviceCollectHeartbeatHistoryMapper.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/mapper/DeviceCollectHeartbeatMapper.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/ProbeHeartbeatService.java" />
-        <option value="$PROJECT_DIR$/syslog-serve/src/main/java/com/haobang/interlocking/ProbeHeartbeatClient.java" />
         <option value="$PROJECT_DIR$/syslog-consumer/docker-compose-consumer-prod.yaml" />
         <option value="$PROJECT_DIR$/syslog-consumer/docker-compose-consumer.yaml" />
         <option value="$PROJECT_DIR$/syslog-serve/docker-compose-serve.yaml" />
         <option value="$PROJECT_DIR$/syslog-consumer/docker-compose/docker-compose-consumer-nw.yaml" />
         <option value="$PROJECT_DIR$/syslog-serve/docker-compose/docker-compose-serve-nw.yaml" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/application-prod.properties" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/application-pre-nw.properties" />
         <option value="$PROJECT_DIR$/syslog-serve/pom.xml" />
         <option value="$PROJECT_DIR$/syslog-consumer/pom.xml" />
         <option value="$PROJECT_DIR$/pom.xml" />
         <option value="$PROJECT_DIR$/syslog-consumer-rule/pom.xml" />
         <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/syslogApplication.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/logback.xml" />
         <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/common/service/AccessLogAlertService.java" />
         <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/common/schedule/PartitionTableSchedule.java" />
         <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/common/schedule/ETLOrchestrator.java" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/application-dev.properties" />
-        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/application.properties" />
         <option value="$PROJECT_DIR$/syslog-serve/docker-compose/docker-compose-serve-prod.yaml" />
-        <option value="$PROJECT_DIR$/syslog-serve/src/main/resources/application-dev.properties" />
-        <option value="$PROJECT_DIR$/syslog-serve/src/main/resources/application-prod.properties" />
         <option value="$PROJECT_DIR$/syslog-consumer-rule/docker-compose/docker-compose-consumer-nw.yaml" />
         <option value="$PROJECT_DIR$/syslog-consumer-rule/Dockerfile" />
-        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-pre-nw.properties" />
-        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-dev.properties" />
-        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-prod.properties" />
         <option value="$PROJECT_DIR$/syslog-consumer-rule/docker-compose/docker-compose-consumer-prod.yaml" />
         <option value="$PROJECT_DIR$/syslog-consumer-rule/docker-compose/docker-compose-consumer.yaml" />
-        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-dev.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-prod-zc.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-test.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/application-pre-nw.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/application-test.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/mapper/DeviceCollectTaskMapper.java" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/application-prod-zc.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/AlarmHealthCheckService.java" />
+        <option value="$PROJECT_DIR$/syslog-serve/src/main/java/com/haobang/interlocking/InterlockingService.java" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/Modules/NormalData/LogNormalProcessor.java" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/impl/SqlGeneratorServiceImpl.java" />
+        <option value="$PROJECT_DIR$/syslog-serve/src/main/java/com/config/CacheConfig.java" />
+        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalDataMapper.xml" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/mapper/SyslogNormalDataMapper.xml" />
+        <option value="$PROJECT_DIR$/syslog-serve/src/main/resources/application-prod.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/PartitionTableService.java" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/schedule/PartitionTableSchedule.java" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/application-dev.properties" />
+        <option value="$PROJECT_DIR$/syslog-serve/src/main/resources/application-test.properties" />
+        <option value="$PROJECT_DIR$/syslog-serve/src/main/resources/application-dev.properties" />
         <option value="$PROJECT_DIR$/syslog-serve/src/main/resources/application.properties" />
+        <option value="$PROJECT_DIR$/syslog-serve/docker_run.txt" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/application.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/application-prod.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer/docker_run.txt" />
+        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-prod.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-pre-nw.properties" />
+        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application.properties" />
         <option value="$PROJECT_DIR$/syslog-consumer-rule/docker_run.txt" />
+        <option value="$PROJECT_DIR$/syslog-serve/src/main/resources/logback.xml" />
+        <option value="$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/logback.xml" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/resources/logback.xml" />
+        <option value="$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/AccessLogAlertService.java" />
       </list>
     </option>
   </component>
@@ -598,11 +368,6 @@
         <option name="importAutomatically" value="true" />
       </MavenImportingSettings>
     </option>
-    <option name="enabledProfiles">
-      <list>
-        <option value="dev" />
-      </list>
-    </option>
   </component>
   <component name="MavenProjectNavigator">
     <treeState>
@@ -611,6 +376,24 @@
           <item name="" type="16c1761:MavenProjectsStructure$RootNode" />
           <item name="Profiles" type="6783ec58:MavenProjectsStructure$ProfilesNode" />
         </path>
+        <path>
+          <item name="" type="16c1761:MavenProjectsStructure$RootNode" />
+          <item name="security-xdr" type="9519ce18:MavenProjectsStructure$ProjectNode" />
+        </path>
+        <path>
+          <item name="" type="16c1761:MavenProjectsStructure$RootNode" />
+          <item name="security-xdr" type="9519ce18:MavenProjectsStructure$ProjectNode" />
+          <item name="Lifecycle" type="58874e2:MavenProjectsStructure$LifecycleNode" />
+        </path>
+        <path>
+          <item name="" type="16c1761:MavenProjectsStructure$RootNode" />
+          <item name="syslog-consumer" type="9519ce18:MavenProjectsStructure$ProjectNode" />
+        </path>
+        <path>
+          <item name="" type="16c1761:MavenProjectsStructure$RootNode" />
+          <item name="syslog-consumer" type="9519ce18:MavenProjectsStructure$ProjectNode" />
+          <item name="Lifecycle" type="58874e2:MavenProjectsStructure$LifecycleNode" />
+        </path>
         <path>
           <item name="" type="16c1761:MavenProjectsStructure$RootNode" />
           <item name="syslog-consumer-rule" type="9519ce18:MavenProjectsStructure$ProjectNode" />
@@ -629,18 +412,13 @@
           <item name="syslog-serve" type="9519ce18:MavenProjectsStructure$ProjectNode" />
           <item name="Lifecycle" type="58874e2:MavenProjectsStructure$LifecycleNode" />
         </path>
-        <path>
-          <item name="" type="16c1761:MavenProjectsStructure$RootNode" />
-          <item name="syslog-serve" type="9519ce18:MavenProjectsStructure$ProjectNode" />
-          <item name="Plugins" type="7aea1407:MavenProjectsStructure$PluginsNode" />
-        </path>
       </expand>
       <select />
     </treeState>
   </component>
-  <component name="ProjectFrameBounds" extendedState="6">
-    <option name="x" value="1912" />
-    <option name="y" value="-8" />
+  <component name="ProjectFrameBounds" extendedState="7">
+    <option name="x" value="1257" />
+    <option name="y" value="156" />
     <option name="width" value="1936" />
     <option name="height" value="1048" />
   </component>
@@ -650,6 +428,8 @@
       <foldersAlwaysOnTop value="true" />
     </navigator>
     <panes>
+      <pane id="Scope" />
+      <pane id="PackagesPane" />
       <pane id="ProjectPane">
         <subPane>
           <expand>
@@ -660,37 +440,66 @@
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-consumer-rule" type="462c0819:PsiDirectoryNode" />
             </path>
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer" type="462c0819:PsiDirectoryNode" />
-              <item name="doc" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-consumer-rule" type="462c0819:PsiDirectoryNode" />
+              <item name="src" type="462c0819:PsiDirectoryNode" />
             </path>
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-consumer-rule" type="462c0819:PsiDirectoryNode" />
+              <item name="src" type="462c0819:PsiDirectoryNode" />
+              <item name="main" type="462c0819:PsiDirectoryNode" />
+            </path>
+            <path>
+              <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
+              <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-consumer-rule" type="462c0819:PsiDirectoryNode" />
+              <item name="src" type="462c0819:PsiDirectoryNode" />
+              <item name="main" type="462c0819:PsiDirectoryNode" />
+              <item name="java" type="462c0819:PsiDirectoryNode" />
+            </path>
+            <path>
+              <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
+              <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-consumer-rule" type="462c0819:PsiDirectoryNode" />
+              <item name="src" type="462c0819:PsiDirectoryNode" />
+              <item name="main" type="462c0819:PsiDirectoryNode" />
+              <item name="java" type="462c0819:PsiDirectoryNode" />
+              <item name="com" type="462c0819:PsiDirectoryNode" />
+            </path>
+            <path>
+              <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
+              <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
+            </path>
+            <path>
+              <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
+              <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
               <item name="docker-compose" type="462c0819:PsiDirectoryNode" />
             </path>
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
               <item name="src" type="462c0819:PsiDirectoryNode" />
             </path>
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
               <item name="src" type="462c0819:PsiDirectoryNode" />
               <item name="main" type="462c0819:PsiDirectoryNode" />
             </path>
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
               <item name="src" type="462c0819:PsiDirectoryNode" />
               <item name="main" type="462c0819:PsiDirectoryNode" />
               <item name="java" type="462c0819:PsiDirectoryNode" />
@@ -698,7 +507,7 @@
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
               <item name="src" type="462c0819:PsiDirectoryNode" />
               <item name="main" type="462c0819:PsiDirectoryNode" />
               <item name="java" type="462c0819:PsiDirectoryNode" />
@@ -707,63 +516,55 @@
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
               <item name="src" type="462c0819:PsiDirectoryNode" />
               <item name="main" type="462c0819:PsiDirectoryNode" />
               <item name="java" type="462c0819:PsiDirectoryNode" />
               <item name="com" type="462c0819:PsiDirectoryNode" />
-              <item name="controllers" type="462c0819:PsiDirectoryNode" />
+              <item name="Modules" type="462c0819:PsiDirectoryNode" />
             </path>
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
               <item name="src" type="462c0819:PsiDirectoryNode" />
               <item name="main" type="462c0819:PsiDirectoryNode" />
               <item name="java" type="462c0819:PsiDirectoryNode" />
               <item name="com" type="462c0819:PsiDirectoryNode" />
-              <item name="haobang" type="462c0819:PsiDirectoryNode" />
+              <item name="Modules" type="462c0819:PsiDirectoryNode" />
+              <item name="Device" type="462c0819:PsiDirectoryNode" />
             </path>
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer-rule" type="462c0819:PsiDirectoryNode" />
-            </path>
-            <path>
-              <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
-              <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer-rule" type="462c0819:PsiDirectoryNode" />
-              <item name="docker-compose" type="462c0819:PsiDirectoryNode" />
-            </path>
-            <path>
-              <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
-              <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer-rule" type="462c0819:PsiDirectoryNode" />
-              <item name="src" type="462c0819:PsiDirectoryNode" />
-            </path>
-            <path>
-              <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
-              <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer-rule" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
               <item name="src" type="462c0819:PsiDirectoryNode" />
               <item name="main" type="462c0819:PsiDirectoryNode" />
+              <item name="resources" type="462c0819:PsiDirectoryNode" />
             </path>
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer-rule" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
               <item name="src" type="462c0819:PsiDirectoryNode" />
-              <item name="main" type="462c0819:PsiDirectoryNode" />
+              <item name="test" type="462c0819:PsiDirectoryNode" />
+            </path>
+            <path>
+              <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
+              <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
+              <item name="src" type="462c0819:PsiDirectoryNode" />
+              <item name="test" type="462c0819:PsiDirectoryNode" />
               <item name="java" type="462c0819:PsiDirectoryNode" />
             </path>
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
               <item name="haobang-security-dm" type="462c0819:PsiDirectoryNode" />
-              <item name="syslog-consumer-rule" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog-serve" type="462c0819:PsiDirectoryNode" />
               <item name="src" type="462c0819:PsiDirectoryNode" />
-              <item name="main" type="462c0819:PsiDirectoryNode" />
+              <item name="test" type="462c0819:PsiDirectoryNode" />
               <item name="java" type="462c0819:PsiDirectoryNode" />
-              <item name="com" type="462c0819:PsiDirectoryNode" />
+              <item name="syslog" type="462c0819:PsiDirectoryNode" />
             </path>
             <path>
               <item name="security-xdr" type="b2602c69:ProjectViewProjectNode" />
@@ -773,8 +574,6 @@
           <select />
         </subPane>
       </pane>
-      <pane id="PackagesPane" />
-      <pane id="Scope" />
     </panes>
   </component>
   <component name="PropertiesComponent">
@@ -784,10 +583,11 @@
     <property name="RequestMappingsPanelWidth1" value="75" />
     <property name="WebServerToolWindowFactoryState" value="false" />
     <property name="aspect.path.notification.shown" value="true" />
-    <property name="com.android.tools.idea.instantapp.provision.ProvisionBeforeRunTaskProvider.myTimeStamp" value="1779456372289" />
-    <property name="last_opened_file_path" value="G:/codebuddy/haobang-security-dm" />
+    <property name="com.android.tools.idea.instantapp.provision.ProvisionBeforeRunTaskProvider.myTimeStamp" value="1779878483926" />
+    <property name="last_opened_file_path" value="E:/GIT_GOSAME/ai-security-xdr/haobang-security-xdr" />
     <property name="nodejs_interpreter_path.stuck_in_default_project" value="undefined stuck path" />
     <property name="nodejs_npm_path_reset_for_default_project" value="true" />
+    <property name="settings.editor.selected.configurable" value="preferences.pluginManager" />
   </component>
   <component name="RecentsManager">
     <key name="MoveFile.RECENT_KEYS">
@@ -853,6 +653,20 @@
         <option name="Make" enabled="true" />
       </method>
     </configuration>
+    <configuration name="DeviceDeviceTest" type="JUnit" factoryName="JUnit" temporary="true" nameIsGenerated="true">
+      <module name="syslog-serve" />
+      <extension name="coverage">
+        <pattern>
+          <option name="PATTERN" value="com.haobang.syslog.*" />
+          <option name="ENABLED" value="true" />
+        </pattern>
+      </extension>
+      <option name="PACKAGE_NAME" value="com.haobang.syslog" />
+      <option name="MAIN_CLASS_NAME" value="com.haobang.syslog.DeviceDeviceTest" />
+      <method v="2">
+        <option name="Make" enabled="true" />
+      </method>
+    </configuration>
     <configuration name="SyslogServeMainApp" type="SpringBootApplicationConfigurationType" factoryName="Spring Boot">
       <module name="syslog-serve" />
       <option name="SPRING_BOOT_MAIN_CLASS" value="com.SyslogServeMainApp" />
@@ -895,10 +709,12 @@
       <item itemvalue="Application.DMTDMTest" />
       <item itemvalue="Application.Sm4Util" />
       <item itemvalue="Spring Boot.syslogRuleApplication" />
+      <item itemvalue="JUnit.DeviceDeviceTest" />
     </list>
     <recent_temporary>
       <list>
         <item itemvalue="Spring Boot.syslogRuleApplication" />
+        <item itemvalue="JUnit.DeviceDeviceTest" />
         <item itemvalue="Application.Sm4Util" />
         <item itemvalue="Application.DMTDMTest" />
         <item itemvalue="Application.TimeConversionUtils" />
@@ -1007,7 +823,15 @@
       <workItem from="1778745836380" duration="4719000" />
       <workItem from="1779076362274" duration="9060000" />
       <workItem from="1779160268635" duration="16314000" />
-      <workItem from="1779421854668" duration="10488000" />
+      <workItem from="1779453968918" duration="14206000" />
+      <workItem from="1779606570099" duration="11653000" />
+      <workItem from="1779618867518" duration="16174000" />
+      <workItem from="1779680522419" duration="3461000" />
+      <workItem from="1779781768740" duration="10713000" />
+      <workItem from="1779794458677" duration="7657000" />
+      <workItem from="1779851869490" duration="18915000" />
+      <workItem from="1779934243581" duration="4699000" />
+      <workItem from="1779950952327" duration="250000" />
     </task>
     <task id="LOCAL-00001" summary="1、修改算子运算结果后入库BUG&#10;2、根据设备ID获取设备IP、设备厂商、设备名称 信息补全标准化表&#10;3、完善告警表字段内容：syslog_normal_alarm: http_url -&gt;alarm: victim_web_url">
       <created>1769412046230</created>
@@ -1033,8 +857,40 @@
     <option name="localTasksCounter" value="4" />
     <servers />
   </component>
+  <component name="TestHistory">
+    <history-entry file="DeviceDeviceTest - 2026.05.22 at 22h 28m 11s.xml">
+      <configuration name="DeviceDeviceTest" configurationId="JUnit" />
+    </history-entry>
+    <history-entry file="DeviceDeviceTest - 2026.05.22 at 22h 31m 27s.xml">
+      <configuration name="DeviceDeviceTest" configurationId="JUnit" />
+    </history-entry>
+    <history-entry file="DeviceDeviceTest - 2026.05.22 at 22h 33m 24s.xml">
+      <configuration name="DeviceDeviceTest" configurationId="JUnit" />
+    </history-entry>
+    <history-entry file="DeviceDeviceTest - 2026.05.22 at 22h 34m 53s.xml">
+      <configuration name="DeviceDeviceTest" configurationId="JUnit" />
+    </history-entry>
+    <history-entry file="DeviceDeviceTest - 2026.05.22 at 22h 35m 44s.xml">
+      <configuration name="DeviceDeviceTest" configurationId="JUnit" />
+    </history-entry>
+    <history-entry file="DeviceDeviceTest - 2026.05.22 at 22h 37m 08s.xml">
+      <configuration name="DeviceDeviceTest" configurationId="JUnit" />
+    </history-entry>
+    <history-entry file="DeviceDeviceTest - 2026.05.22 at 22h 38m 03s.xml">
+      <configuration name="DeviceDeviceTest" configurationId="JUnit" />
+    </history-entry>
+    <history-entry file="DeviceDeviceTest - 2026.05.22 at 22h 48m 32s.xml">
+      <configuration name="DeviceDeviceTest" configurationId="JUnit" />
+    </history-entry>
+    <history-entry file="DeviceDeviceTest - 2026.05.22 at 22h 49m 37s.xml">
+      <configuration name="DeviceDeviceTest" configurationId="JUnit" />
+    </history-entry>
+    <history-entry file="DeviceDeviceTest - 2026.05.22 at 22h 51m 24s.xml">
+      <configuration name="DeviceDeviceTest" configurationId="JUnit" />
+    </history-entry>
+  </component>
   <component name="TimeTrackingManager">
-    <option name="totallyTimeSpent" value="663904000" />
+    <option name="totallyTimeSpent" value="741144000" />
   </component>
   <component name="TodoView">
     <todo-panel id="selected-file">
@@ -1048,7 +904,7 @@
   <component name="ToolWindowManager">
     <frame x="1912" y="-8" width="1936" height="1048" extended-state="6" />
     <layout>
-      <window_info content_ui="combo" x="2058" y="127" width="479" height="485" id="Project" order="0" sideWeight="0.7275542" visible="true" weight="0.29157782" />
+      <window_info content_ui="combo" x="2058" y="127" width="479" height="485" id="Project" order="0" sideWeight="0.7275542" visible="true" weight="0.20255864" />
       <window_info id="Structure" order="1" sideWeight="0.4136253" side_tool="true" weight="0.2553305" />
       <window_info id="Designer" order="2" />
       <window_info id="Image Layers" order="3" />
@@ -1058,24 +914,24 @@
       <window_info id="Web" order="7" sideWeight="0.4136253" side_tool="true" weight="0.2553305" />
       <window_info anchor="bottom" id="Message" order="0" />
       <window_info anchor="bottom" id="Find" order="1" weight="0.32932165" />
-      <window_info anchor="bottom" id="Run" order="2" sideWeight="0.69402987" weight="0.24070022" />
-      <window_info anchor="bottom" id="Debug" order="3" sideWeight="0.7153518" weight="0.24945295" />
+      <window_info active="true" anchor="bottom" id="Run" order="2" sideWeight="0.69402987" visible="true" weight="0.6291028" />
+      <window_info anchor="bottom" id="Debug" order="3" sideWeight="0.7153518" weight="0.6083151" />
       <window_info anchor="bottom" id="Cvs" order="4" weight="0.25" />
       <window_info anchor="bottom" id="Inspection" order="5" weight="0.4" />
-      <window_info active="true" anchor="bottom" id="TODO" order="6" sideWeight="0.49733475" visible="true" weight="0.32932165" />
+      <window_info anchor="bottom" id="TODO" order="6" sideWeight="0.49733475" weight="0.32932165" />
       <window_info anchor="bottom" id="Spring" order="7" sideWeight="0.4978678" weight="0.32932165" />
       <window_info anchor="bottom" id="Terminal" order="8" sideWeight="0.4978678" weight="0.32932165" />
       <window_info anchor="bottom" id="Event Log" order="9" sideWeight="0.30597016" side_tool="true" weight="0.34245077" />
       <window_info anchor="bottom" id="Java Enterprise" order="10" sideWeight="0.49733475" weight="0.32932165" />
       <window_info anchor="bottom" id="Database Changes" order="11" show_stripe_button="false" />
       <window_info anchor="bottom" id="Version Control" order="12" sideWeight="0.49733475" weight="0.58862144" />
-      <window_info anchor="bottom" id="Messages" order="13" sideWeight="0.4946695" weight="0.23960613" />
+      <window_info anchor="bottom" id="Messages" order="13" sideWeight="0.4946695" weight="0.46608314" />
       <window_info anchor="right" id="Commander" internal_type="SLIDING" order="0" type="SLIDING" weight="0.4" />
       <window_info anchor="right" id="Ant Build" order="1" weight="0.25" />
       <window_info anchor="right" content_ui="combo" id="Hierarchy" order="2" weight="0.25" />
       <window_info anchor="right" id="Palette" order="3" />
       <window_info anchor="right" id="Capture Analysis" order="4" />
-      <window_info anchor="right" id="Maven Projects" order="5" visible="true" weight="0.20842217" />
+      <window_info anchor="right" id="Maven Projects" order="5" visible="true" weight="0.21055438" />
       <window_info anchor="right" id="Database" order="6" weight="0.32995737" />
       <window_info anchor="right" id="Palette&#9;" order="7" />
       <window_info anchor="right" id="Theme Preview" order="8" />
@@ -1159,28 +1015,16 @@
           <option name="timeStamp" value="9" />
         </line-breakpoint>
         <line-breakpoint enabled="true" type="java-line">
-          <url>file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/Modules/NormalData/SysLogProcessor.java</url>
-          <line>93</line>
+          <url>file://$PROJECT_DIR$/syslog-serve/src/main/java/com/haobang/interlocking/InterlockingService.java</url>
+          <line>120</line>
           <properties />
-          <option name="timeStamp" value="11" />
+          <option name="timeStamp" value="22" />
         </line-breakpoint>
         <line-breakpoint enabled="true" type="java-line">
-          <url>file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/Modules/NormalData/SysLogProcessor.java</url>
-          <line>90</line>
+          <url>file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/AccessLogAlertService.java</url>
+          <line>365</line>
           <properties />
-          <option name="timeStamp" value="12" />
-        </line-breakpoint>
-        <line-breakpoint enabled="true" type="java-line">
-          <url>file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/SyslogNormalDataService.java</url>
-          <line>53</line>
-          <properties />
-          <option name="timeStamp" value="14" />
-        </line-breakpoint>
-        <line-breakpoint enabled="true" type="java-line">
-          <url>file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/SyslogNormalDataService.java</url>
-          <line>50</line>
-          <properties />
-          <option name="timeStamp" value="17" />
+          <option name="timeStamp" value="25" />
         </line-breakpoint>
       </breakpoints>
     </breakpoint-manager>
@@ -1190,339 +1034,15 @@
     <option name="FILTER_TARGETS" value="false" />
   </component>
   <component name="editorHistoryManager">
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/common/service/DeviceInterlockingService.java">
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/mapper/DeviceCollectTaskMapper.xml">
       <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="110">
-          <caret line="9" column="13" selection-start-line="9" selection-start-column="13" selection-end-line="9" selection-end-column="13" />
-        </state>
+        <state relative-caret-position="-999" />
       </provider>
     </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/config/ScheduleConfig.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="132">
-          <caret line="8" column="13" selection-start-line="8" selection-start-column="13" selection-end-line="8" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/config/RestTemplateConfig.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="-220">
-          <caret line="26" column="62" lean-forward="true" selection-start-line="26" selection-start-column="62" selection-end-line="26" selection-end-column="62" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/config/ThreadPoolConfig.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="110">
-          <caret line="13" column="13" selection-start-line="13" selection-start-column="13" selection-end-line="13" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/controllers/DmColumnController.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="132">
-          <caret line="25" column="13" selection-start-line="25" selection-start-column="13" selection-end-line="25" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/haobang/config/ApiKeyInterceptor.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="176">
-          <caret line="13" column="13" selection-start-line="13" selection-start-column="13" selection-end-line="13" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/haobang/config/WebMvcConfig.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="176">
-          <caret line="11" column="13" selection-start-line="11" selection-start-column="13" selection-end-line="11" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/influx/InfluxDBClient.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="110">
-          <caret line="21" column="13" selection-start-line="21" selection-start-column="13" selection-end-line="21" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/syslogRuleApplication.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="352">
-          <caret line="38" column="16" selection-start-line="38" selection-start-column="16" selection-end-line="38" selection-end-column="16" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/influx/SyslogToInfluxApp.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="418">
-          <caret line="49" column="34" lean-forward="true" selection-start-line="49" selection-start-column="34" selection-end-line="49" selection-end-column="34" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/docker-compose/docker-compose-serve-nw.yaml">
-      <provider selected="true" editor-type-id="text-editor" />
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/docker-compose/docker-compose-serve.yaml">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="-664">
-          <caret line="29" column="65" lean-forward="true" selection-start-line="29" selection-start-column="65" selection-end-line="29" selection-end-column="65" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/docker-compose/docker-compose-serve-prod.yaml">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="373">
-          <caret line="56" column="14" lean-forward="true" selection-start-line="56" selection-start-column="14" selection-end-line="56" selection-end-column="14" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/application-prod-zc.properties">
-      <provider selected="true" editor-type-id="text-editor" />
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/application-dev.properties">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="42">
-          <caret line="81" selection-start-line="81" selection-end-line="81" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-pre-nw.properties">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="44">
-          <caret line="2" column="36" selection-start-line="2" selection-start-column="36" selection-end-line="2" selection-end-column="36" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-dev.properties">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="-198">
-          <caret line="6" column="42" lean-forward="true" selection-start-line="6" selection-start-column="42" selection-end-line="6" selection-end-column="42" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/logback.xml">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="198">
-          <caret line="9" column="50" lean-forward="true" selection-start-line="9" selection-start-column="50" selection-end-line="9" selection-end-column="50" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-test.properties">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="440">
-          <caret line="26" column="25" lean-forward="true" selection-start-line="26" selection-start-column="25" selection-end-line="26" selection-end-column="25" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/docker-compose/docker-compose-consumer-nw.yaml">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="-240">
-          <caret line="18" column="16" lean-forward="true" selection-start-line="18" selection-start-column="16" selection-end-line="18" selection-end-column="16" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/doc/realtime-scheduler-design.md">
-      <provider selected="true" editor-type-id="split-provider[text-editor;markdown-preview-editor]">
-        <state split_layout="SPLIT">
-          <first_editor />
-          <second_editor />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/application-prod.properties">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="20">
-          <caret line="80" column="37" lean-forward="true" selection-end-line="100" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/Dockerfile">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="110">
-          <caret line="5" column="17" lean-forward="true" selection-start-line="5" selection-start-column="17" selection-end-line="5" selection-end-column="17" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/docker_run.txt">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="44">
-          <caret line="2" column="3" lean-forward="true" selection-start-line="2" selection-start-column="3" selection-end-line="2" selection-end-column="35" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application.properties">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="323">
-          <caret line="41" lean-forward="true" selection-start-line="41" selection-end-line="41" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/resources/application.properties">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="178">
-          <caret line="62" column="48" selection-start-line="62" selection-start-column="48" selection-end-line="62" selection-end-column="48" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/resources/application-prod.properties">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="220">
-          <caret line="22" column="21" selection-start-line="22" selection-start-column="13" selection-end-line="22" selection-end-column="21" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/docker-compose/docker-compose-consumer-prod.yaml">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="349">
-          <caret line="84" lean-forward="true" selection-start-line="84" selection-end-line="84" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/application.properties">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="220">
-          <caret line="89" column="11" lean-forward="true" selection-start-line="89" selection-start-column="11" selection-end-line="89" selection-end-column="11" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/docker_run.txt">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="132">
-          <caret line="18" column="12" lean-forward="true" selection-start-line="18" selection-start-column="12" selection-end-line="18" selection-end-column="12" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/haobang/config/AppConfig.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="2156">
-          <caret line="119" column="55" lean-forward="true" selection-start-line="119" selection-start-column="55" selection-end-line="119" selection-end-column="55" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/Modules/NormalData/SysLogProcessor.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="330">
-          <caret line="71" column="55" lean-forward="true" selection-start-line="71" selection-start-column="55" selection-end-line="71" selection-end-column="55" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/kafka/kafkaConsumer.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="88">
-          <caret line="8" column="13" selection-start-line="8" selection-start-column="13" selection-end-line="8" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-prod.properties">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="1320">
-          <caret line="60" selection-start-line="60" selection-end-line="60" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/Modules/Device/DeviceProcess.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="110">
-          <caret line="25" column="13" selection-start-line="25" selection-start-column="13" selection-end-line="25" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/netty/SyslogServer.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="154">
-          <caret line="16" column="13" selection-start-line="16" selection-start-column="13" selection-end-line="16" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/netty/SyslogMessageHandler.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="132">
-          <caret line="16" column="13" selection-start-line="16" selection-start-column="13" selection-end-line="16" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/netty/SyslogMessage.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="154">
-          <caret line="7" column="13" selection-start-line="7" selection-start-column="13" selection-end-line="7" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/Modules/DeviceCollect/DeviceCollectProcess.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="44">
-          <caret line="2" column="13" selection-start-line="2" selection-start-column="13" selection-end-line="2" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/kafka/kafkaProducer.java">
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/config/CacheConfig.java">
       <provider selected="true" editor-type-id="text-editor">
         <state relative-caret-position="484">
-          <caret line="35" column="52" lean-forward="true" selection-start-line="35" selection-start-column="52" selection-end-line="35" selection-end-column="52" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/docker-compose/docker-compose-consumer.yaml">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="421">
-          <caret line="58" column="32" lean-forward="true" selection-start-line="58" selection-start-column="32" selection-end-line="58" selection-end-column="32" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/SyslogPushController.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="132">
-          <caret line="27" column="13" selection-start-line="27" selection-start-column="13" selection-end-line="27" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/SyslogController.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="242">
-          <caret line="30" column="13" selection-start-line="30" selection-start-column="13" selection-end-line="30" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/PartitionTableController.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="132">
-          <caret line="13" column="13" selection-start-line="13" selection-start-column="13" selection-end-line="13" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/SyslogNonNormalMessageController.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="220">
-          <caret line="24" column="13" selection-start-line="24" selection-start-column="13" selection-end-line="24" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/GlobalExceptionHandler.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="110">
-          <caret line="17" column="13" selection-start-line="17" selection-start-column="13" selection-end-line="17" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/ETLController.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="198">
-          <caret line="17" column="13" selection-start-line="17" selection-start-column="13" selection-end-line="17" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/DmColumnController.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="132">
-          <caret line="25" column="13" selection-start-line="25" selection-start-column="13" selection-end-line="25" selection-end-column="13" />
-        </state>
-      </provider>
-    </entry>
-    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/CacheController.java">
-      <provider selected="true" editor-type-id="text-editor">
-        <state relative-caret-position="176">
-          <caret line="16" column="13" selection-start-line="16" selection-start-column="13" selection-end-line="16" selection-end-column="13" />
+          <caret line="48" column="8" selection-start-line="48" selection-start-column="8" selection-end-line="48" selection-end-column="8" />
         </state>
       </provider>
     </entry>
@@ -1534,9 +1054,326 @@
       </provider>
     </entry>
     <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/AppLogController.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="176">
+          <caret line="14" column="13" selection-start-line="14" selection-start-column="13" selection-end-line="14" selection-end-column="13" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/controllers/CacheController.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="-1298">
+          <caret line="21" column="32" selection-start-line="21" selection-start-column="32" selection-end-line="21" selection-end-column="32" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/config/RedisConfig.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="396">
+          <caret line="64" selection-start-line="64" selection-end-line="64" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/config/RestTemplateConfig.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="418">
+          <caret line="45" column="9" selection-start-line="45" selection-start-column="9" selection-end-line="45" selection-end-column="9" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/mapper/DeviceReceiveLogMapper.xml">
+      <provider selected="true" editor-type-id="text-editor" />
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/entity/AlarmVisit.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="-874">
+          <caret line="24" column="25" lean-forward="true" selection-start-line="24" selection-start-column="25" selection-end-line="24" selection-end-column="25" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/mapper/DeviceUnknownMapper.xml">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="2970">
+          <caret line="135" column="22" selection-start-line="135" selection-start-column="22" selection-end-line="135" selection-end-column="22" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/common/service/impl/RealtimeAnalysisEngine.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="13860">
+          <caret line="644" column="29" selection-start-line="644" selection-start-column="21" selection-end-line="644" selection-end-column="29" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/entity/SyslogNormalData.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="110">
+          <caret line="7" column="13" selection-start-line="7" selection-start-column="13" selection-end-line="7" selection-end-column="13" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/entity/SecExceptionAlgorithm.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="154">
+          <caret line="8" selection-start-line="8" selection-end-line="8" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/AlarmHealthCheckService.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="418">
+          <caret line="28" column="49" selection-start-line="28" selection-start-column="49" selection-end-line="28" selection-end-column="49" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/resources/application-pre-nw.properties">
       <provider selected="true" editor-type-id="text-editor">
         <state relative-caret-position="550">
-          <caret line="31" column="5" lean-forward="true" selection-start-line="31" selection-start-column="5" selection-end-line="31" selection-end-column="5" />
+          <caret line="25" column="28" lean-forward="true" selection-start-line="25" selection-start-column="28" selection-end-line="25" selection-end-column="28" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/resources/application-prod-zc.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="449">
+          <caret line="64" selection-start-line="64" selection-end-line="64" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/resources/application-test.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="577">
+          <caret line="77" column="62" lean-forward="true" selection-start-line="77" selection-start-column="62" selection-end-line="77" selection-end-column="62" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/schedule/ETLOrchestrator.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="-1881">
+          <caret line="19" column="13" selection-start-line="19" selection-start-column="13" selection-end-line="19" selection-end-column="13" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/PartitionTableService.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="287">
+          <caret line="118" column="16" selection-start-line="118" selection-start-column="16" selection-end-line="118" selection-end-column="16" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/schedule/PartitionTableSchedule.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="396">
+          <caret line="30" lean-forward="true" selection-start-line="30" selection-end-line="30" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/resources/application-dev.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="511">
+          <caret line="175" column="38" lean-forward="true" selection-start-line="175" selection-start-column="38" selection-end-line="175" selection-end-column="38" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/Dockerfile">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="220">
+          <caret line="10" lean-forward="true" selection-start-line="10" selection-end-line="10" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/application-test.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="462">
+          <caret line="72" column="70" selection-start-line="72" selection-start-column="70" selection-end-line="72" selection-end-column="70" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/application-prod-zc.properties">
+      <provider selected="true" editor-type-id="text-editor" />
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/test/java/com/haobang/syslog/DeviceDeviceTest.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="88">
+          <caret line="30" column="26" selection-start-line="30" selection-start-column="26" selection-end-line="30" selection-end-column="26" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/Dockerfile">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="242">
+          <caret line="11" column="45" selection-start-line="11" selection-start-column="45" selection-end-line="11" selection-end-column="45" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/docker_run.txt">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="330">
+          <caret line="30" column="84" selection-start-line="30" selection-start-column="84" selection-end-line="30" selection-end-column="84" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/application-prod.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="22">
+          <caret line="28" column="21" selection-start-line="28" selection-start-column="21" selection-end-line="28" selection-end-column="21" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/resources/application-prod.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="423">
+          <caret line="90" column="19" lean-forward="true" selection-start-line="90" selection-start-column="19" selection-end-line="90" selection-end-column="19" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/resources/application.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="148">
+          <caret line="39" selection-start-line="39" selection-end-line="43" selection-end-column="42" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-dev.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="258">
+          <caret line="126" column="42" lean-forward="true" selection-start-line="126" selection-start-column="42" selection-end-line="126" selection-end-column="42" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-pre-nw.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="124">
+          <caret line="143" column="65" selection-start-line="143" selection-start-column="65" selection-end-line="143" selection-end-column="65" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="195">
+          <caret line="58" column="47" lean-forward="true" selection-start-line="58" selection-start-column="47" selection-end-line="58" selection-end-column="47" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/logback.xml">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="107">
+          <caret line="16" column="45" lean-forward="true" selection-start-line="16" selection-start-column="45" selection-end-line="16" selection-end-column="45" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/docker_run.txt">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="418">
+          <caret line="19" column="4" selection-start-line="19" selection-start-column="4" selection-end-line="19" selection-end-column="4" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/application.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="968">
+          <caret line="44" selection-start-line="44" selection-end-line="44" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/service/AccessLogAlertService.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="990">
+          <caret line="74" column="31" selection-start-line="74" selection-start-column="31" selection-end-line="74" selection-end-column="31" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/docker_run.txt">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="176">
+          <caret line="8" column="38" selection-start-line="8" selection-start-column="38" selection-end-line="8" selection-end-column="38" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/resources/logback.xml">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="198">
+          <caret line="9" column="37" selection-start-line="9" selection-start-column="37" selection-end-line="9" selection-end-column="37" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/logback.xml">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="352">
+          <caret line="16" column="34" selection-start-line="16" selection-start-column="34" selection-end-line="16" selection-end-column="34" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/application-prod.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="1298">
+          <caret line="59" column="49" selection-start-line="59" selection-start-column="49" selection-end-line="59" selection-end-column="49" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/resources/application-dev.properties">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="1980">
+          <caret line="90" column="28" selection-start-line="90" selection-start-column="28" selection-end-line="90" selection-end-column="28" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-serve/src/main/java/com/Modules/Device/DeviceProcess.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="2750">
+          <caret line="145" column="68" selection-start-line="145" selection-start-column="68" selection-end-line="145" selection-end-column="68" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/common/mapper/AlarmMapper.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="132">
+          <caret line="8" column="17" selection-start-line="8" selection-start-column="17" selection-end-line="8" selection-end-column="17" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalAlarmMapper.xml">
+      <provider selected="true" editor-type-id="text-editor" />
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/java/com/common/mapper/SyslogNormalDataMapper.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="1760">
+          <caret line="87" column="27" selection-start-line="87" selection-start-column="27" selection-end-line="87" selection-end-column="27" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer/src/main/resources/mapper/SyslogNormalDataMapper.xml">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="20020">
+          <caret line="910" column="57" selection-start-line="910" selection-start-column="57" selection-end-line="910" selection-end-column="57" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/common/entity/Alarm.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="154">
+          <caret line="9" column="13" selection-start-line="9" selection-start-column="13" selection-end-line="9" selection-end-column="13" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalDataMapper.xml">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="16082">
+          <caret line="731" column="77" selection-start-line="731" selection-start-column="77" selection-end-line="731" selection-end-column="77" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/Dockerfile">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="286">
+          <caret line="13" column="39" selection-start-line="13" selection-start-column="39" selection-end-line="13" selection-end-column="39" />
+        </state>
+      </provider>
+    </entry>
+    <entry file="file://$PROJECT_DIR$/syslog-consumer-rule/src/main/java/com/common/entity/AlarmVisit.java">
+      <provider selected="true" editor-type-id="text-editor">
+        <state relative-caret-position="95">
+          <caret line="33" column="27" selection-start-line="33" selection-start-column="27" selection-end-line="33" selection-end-column="27" />
         </state>
       </provider>
     </entry>
diff --git a/haobang-security-dm/syslog-consumer-rule/docker_run.txt b/haobang-security-dm/syslog-consumer-rule/docker_run.txt
index 6ddbaf2..e8248e7 100644
--- a/haobang-security-dm/syslog-consumer-rule/docker_run.txt
+++ b/haobang-security-dm/syslog-consumer-rule/docker_run.txt
@@ -8,15 +8,19 @@ docker ps -a
 
 --2.���docker image�ļ� (Dockerfile ��ǰĿ¼��
 docker build -t syslog-consumer-rule:v1.X.X  .
-
+--dm
+docker build -t syslog-consumer-rule-dm:v1.2.X  .
 
 --3.ֹͣ���� ��ɾ��
 docker stop  syslog-consumer-rule  &&  docker  rm syslog-consumer-rule
 
 --4.����docker �ļ�
-docker run --restart unless-stopped -e TZ=Asia/Shanghai -d --name ct-syslog-consumer-rule -p 8289:8289 -v /home/syslog/logs:/app/logs --privileged=true   syslog-consumer-rule:v1.X.X
+--dm
+docker run --restart unless-stopped -e TZ=Asia/Shanghai -d --name syslog-consumer-rule-dm   -v /home/syslog/logs:/app/logs --privileged=true   syslog-consumer-rule-dm:v1.2.X
+--pg
+docker run --restart unless-stopped -e TZ=Asia/Shanghai -d --name syslog-consumer-rule   -v /home/syslog/logs:/app/logs --privileged=true   syslog-consumer-rule:v1.2.X
 �ڳ�CMD��
-docker run --restart unless-stopped -e TZ=Asia/Shanghai -d --name ct-syslog-consumer-rule -p 8289:8289 -v /data/syslog/logs:/app/logs --privileged=true   syslog-consumer-rule:v1.X.X
+docker run --restart unless-stopped -e TZ=Asia/Shanghai -d --name syslog-consumer-rule-dm -p 8289:8289 -v /data/syslog/logs:/app/logs --privileged=true   syslog-consumer-rule-dm:v1.X.X
 
 --������������
 docker run  -d --name ct-syslog-consumer-rule -p 8089:8089 --privileged=true   syslog-consumer-rule:v1.X.X
diff --git a/haobang-security-dm/syslog-consumer-rule/pom.xml b/haobang-security-dm/syslog-consumer-rule/pom.xml
index 11b588e..cfb977b 100644
--- a/haobang-security-dm/syslog-consumer-rule/pom.xml
+++ b/haobang-security-dm/syslog-consumer-rule/pom.xml
@@ -92,12 +92,21 @@
             <version>${mybatis.version}</version>
         </dependency>
 
-        <!-- PostgreSQL驱动 -->
+        <!-- PostgreSQL驱动（已切换至达梦数据库，保留备用） -->
+        <!--
         <dependency>
             <groupId>org.postgresql</groupId>
             <artifactId>postgresql</artifactId>
             <version>${postgresql.version}</version>
         </dependency>
+        -->
+        
+        <!-- 达梦数据库驱动 JDK1.8 -->
+        <dependency>
+            <groupId>com.dameng</groupId>
+            <artifactId>DmJdbcDriver18</artifactId>
+            <version>8.1.2.141</version>
+        </dependency>
 
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
@@ -193,11 +202,7 @@
         </dependency>
 
 
-        <dependency>
-            <groupId>com.dameng</groupId>
-            <artifactId>DmJdbcDriver18</artifactId>
-            <version>8.1.2.141</version> <!-- 请根据你的数据库版本替换 -->
-        </dependency>
+
         <!-- Bouncy Castle 国密算法支持 -->
         <dependency>
             <groupId>org.bouncycastle</groupId>
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayByteTypeHandler.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayByteTypeHandler.java
index 484cb34..ae919b7 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayByteTypeHandler.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayByteTypeHandler.java
@@ -1,47 +1,86 @@
 package com.Modules.etl.handler;
 
-
-
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import org.apache.ibatis.type.BaseTypeHandler;
 import org.apache.ibatis.type.JdbcType;
 import org.apache.ibatis.type.MappedJdbcTypes;
 import org.apache.ibatis.type.MappedTypes;
-import java.sql.*;
 
+import java.sql.CallableStatement;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.Base64;
+import java.util.List;
+
+/**
+ * 字节数组类型处理器 - 达梦数据库兼容版本（JSON格式）
+ * 
+ * 将 Java byte[][] 与数据库 VARCHAR 列进行互转。
+ * 存储格式: JSON 数组，每个元素为 Base64 编码字符串，如 ["YWJj","ZGVm"]
+ * 空数组: 存储为 "[]"
+ * null值: 存储为 NULL
+ * 
+ * 原 PostgreSQL 版本使用 createArrayOf("bytea", ...) 创建原生 bytea 数组，
+ * 达梦数据库不兼容此 API，改为 VARCHAR + JSON + Base64 存储。
+ */
 @MappedTypes(byte[][].class)
-@MappedJdbcTypes(JdbcType.ARRAY)
+@MappedJdbcTypes(JdbcType.VARCHAR)
 public class ArrayByteTypeHandler extends BaseTypeHandler<byte[][]> {
 
+    private static final ObjectMapper MAPPER = new ObjectMapper();
+
     @Override
     public void setNonNullParameter(PreparedStatement ps, int i, byte[][] parameter, JdbcType jdbcType) throws SQLException {
-        Array array = ps.getConnection().createArrayOf("bytea", parameter);
-        ps.setArray(i, array);
+        try {
+            String[] encoded = new String[parameter.length];
+            for (int j = 0; j < parameter.length; j++) {
+                encoded[j] = Base64.getEncoder().encodeToString(parameter[j]);
+            }
+            ps.setString(i, MAPPER.writeValueAsString(encoded));
+        } catch (JsonProcessingException e) {
+            throw new SQLException("Failed to serialize byte[][] to JSON", e);
+        }
     }
 
     @Override
     public byte[][] getNullableResult(ResultSet rs, String columnName) throws SQLException {
-        return getArray(rs.getArray(columnName));
+        return parseArray(rs.getString(columnName));
     }
 
     @Override
     public byte[][] getNullableResult(ResultSet rs, int columnIndex) throws SQLException {
-        return getArray(rs.getArray(columnIndex));
+        return parseArray(rs.getString(columnIndex));
     }
 
     @Override
     public byte[][] getNullableResult(CallableStatement cs, int columnIndex) throws SQLException {
-        return getArray(cs.getArray(columnIndex));
+        return parseArray(cs.getString(columnIndex));
     }
 
-    private byte[][] getArray(Array array) throws SQLException {
-        if (array != null) {
-            Object[] objArray = (Object[]) array.getArray();
-            byte[][] result = new byte[objArray.length][];
-            for (int i = 0; i < objArray.length; i++) {
-                result[i] = (byte[]) objArray[i];
+    private byte[][] parseArray(String value) {
+        if (value == null || value.isEmpty()) {
+            return new byte[0][];
+        }
+        try {
+            // JSON 格式: ["abc","def"]
+            List<String> list = MAPPER.readValue(value, MAPPER.getTypeFactory().constructCollectionType(List.class, String.class));
+            byte[][] result = new byte[list.size()][];
+            for (int i = 0; i < list.size(); i++) {
+                String s = list.get(i);
+                result[i] = (s == null || s.isEmpty()) ? new byte[0] : Base64.getDecoder().decode(s);
+            }
+            return result;
+        } catch (JsonProcessingException e) {
+            // 兼容旧的逗号分隔格式
+            String[] parts = value.split(",", -1);
+            byte[][] result = new byte[parts.length][];
+            for (int i = 0; i < parts.length; i++) {
+                String part = parts[i].trim();
+                result[i] = part.isEmpty() ? new byte[0] : Base64.getDecoder().decode(part);
             }
             return result;
         }
-        return null;
     }
-}
\ No newline at end of file
+}
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayIntegerTypeHandler.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayIntegerTypeHandler.java
index 0a40ce1..bb70315 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayIntegerTypeHandler.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayIntegerTypeHandler.java
@@ -1,43 +1,73 @@
 package com.Modules.etl.handler;
 
-
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import org.apache.ibatis.type.BaseTypeHandler;
 import org.apache.ibatis.type.JdbcType;
 import org.apache.ibatis.type.MappedJdbcTypes;
 import org.apache.ibatis.type.MappedTypes;
-import java.sql.*;
-import java.util.Arrays;
 
+import java.sql.CallableStatement;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+
+/**
+ * 整型数组类型处理器 - 达梦数据库兼容版本（JSON格式）
+ * 
+ * 将 Java Integer[] 与数据库 VARCHAR 列进行互转。
+ * 存储格式: JSON 数组，如 [1,2,3]
+ * 空数组: 存储为 "[]"
+ * null值: 存储为 NULL
+ * 
+ * 原 PostgreSQL 版本使用 createArrayOf("integer", ...) 创建原生数组，
+ * 达梦数据库不兼容此 API，改为 VARCHAR + JSON 存储。
+ */
 @MappedTypes(Integer[].class)
-@MappedJdbcTypes(JdbcType.ARRAY)
+@MappedJdbcTypes(JdbcType.VARCHAR)
 public class ArrayIntegerTypeHandler extends BaseTypeHandler<Integer[]> {
 
+    private static final ObjectMapper MAPPER = new ObjectMapper();
+
     @Override
     public void setNonNullParameter(PreparedStatement ps, int i, Integer[] parameter, JdbcType jdbcType) throws SQLException {
-        Array array = ps.getConnection().createArrayOf("integer", parameter);
-        ps.setArray(i, array);
+        try {
+            ps.setString(i, MAPPER.writeValueAsString(parameter));
+        } catch (JsonProcessingException e) {
+            throw new SQLException("Failed to serialize Integer[] to JSON", e);
+        }
     }
 
     @Override
     public Integer[] getNullableResult(ResultSet rs, String columnName) throws SQLException {
-        return getArray(rs.getArray(columnName));
+        return parseArray(rs.getString(columnName));
     }
 
     @Override
     public Integer[] getNullableResult(ResultSet rs, int columnIndex) throws SQLException {
-        return getArray(rs.getArray(columnIndex));
+        return parseArray(rs.getString(columnIndex));
     }
 
     @Override
     public Integer[] getNullableResult(CallableStatement cs, int columnIndex) throws SQLException {
-        return getArray(cs.getArray(columnIndex));
+        return parseArray(cs.getString(columnIndex));
     }
 
-    private Integer[] getArray(Array array) throws SQLException {
-        if (array != null) {
-            Object[] objArray = (Object[]) array.getArray();
-            return Arrays.copyOf(objArray, objArray.length, Integer[].class);
+    private Integer[] parseArray(String value) {
+        if (value == null || value.isEmpty()) {
+            return new Integer[0];
+        }
+        try {
+            return MAPPER.readValue(value, Integer[].class);
+        } catch (JsonProcessingException e) {
+            // 兼容旧的逗号分隔格式
+            String[] parts = value.split(",", -1);
+            Integer[] result = new Integer[parts.length];
+            for (int i = 0; i < parts.length; i++) {
+                String part = parts[i].trim();
+                result[i] = part.isEmpty() ? null : Integer.parseInt(part);
+            }
+            return result;
         }
-        return null;
     }
-}
\ No newline at end of file
+}
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayStringTypeHandler.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayStringTypeHandler.java
index 174364f..cac69e9 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayStringTypeHandler.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/Modules/etl/handler/ArrayStringTypeHandler.java
@@ -1,43 +1,67 @@
 package com.Modules.etl.handler;
 
-
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import org.apache.ibatis.type.BaseTypeHandler;
 import org.apache.ibatis.type.JdbcType;
 import org.apache.ibatis.type.MappedJdbcTypes;
 import org.apache.ibatis.type.MappedTypes;
-import java.sql.*;
-import java.util.Arrays;
 
+import java.sql.CallableStatement;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+
+/**
+ * 字符串数组类型处理器 - 达梦数据库兼容版本（JSON格式）
+ * 
+ * 将 Java String[] 与数据库 VARCHAR 列进行互转。
+ * 存储格式: JSON 数组，如 ["value1","value2","value3"]
+ * 空数组: 存储为 "[]"
+ * null值: 存储为 NULL
+ * 
+ * 原 PostgreSQL 版本使用 createArrayOf("text", ...) 创建原生数组，
+ * 达梦数据库不兼容此 API，改为 VARCHAR + JSON 存储。
+ */
 @MappedTypes(String[].class)
-@MappedJdbcTypes(JdbcType.ARRAY)
+@MappedJdbcTypes(JdbcType.VARCHAR)
 public class ArrayStringTypeHandler extends BaseTypeHandler<String[]> {
 
+    private static final ObjectMapper MAPPER = new ObjectMapper();
+
     @Override
     public void setNonNullParameter(PreparedStatement ps, int i, String[] parameter, JdbcType jdbcType) throws SQLException {
-        Array array = ps.getConnection().createArrayOf("text", parameter);
-        ps.setArray(i, array);
+        try {
+            ps.setString(i, MAPPER.writeValueAsString(parameter));
+        } catch (JsonProcessingException e) {
+            throw new SQLException("Failed to serialize String[] to JSON", e);
+        }
     }
 
     @Override
     public String[] getNullableResult(ResultSet rs, String columnName) throws SQLException {
-        return getArray(rs.getArray(columnName));
+        return parseArray(rs.getString(columnName));
     }
 
     @Override
     public String[] getNullableResult(ResultSet rs, int columnIndex) throws SQLException {
-        return getArray(rs.getArray(columnIndex));
+        return parseArray(rs.getString(columnIndex));
     }
 
     @Override
     public String[] getNullableResult(CallableStatement cs, int columnIndex) throws SQLException {
-        return getArray(cs.getArray(columnIndex));
+        return parseArray(cs.getString(columnIndex));
     }
 
-    private String[] getArray(Array array) throws SQLException {
-        if (array != null) {
-            Object[] objArray = (Object[]) array.getArray();
-            return Arrays.copyOf(objArray, objArray.length, String[].class);
+    private String[] parseArray(String value) {
+        if (value == null || value.isEmpty()) {
+            return new String[0];
+        }
+        try {
+            return MAPPER.readValue(value, String[].class);
+        } catch (JsonProcessingException e) {
+            // 兼容旧的逗号分隔格式
+            return value.split(",", -1);
         }
-        return null;
     }
-}
\ No newline at end of file
+}
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlocking.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlocking.java
index 6ce07ee..1c16f59 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlocking.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlocking.java
@@ -1,6 +1,6 @@
 package com.common.entity;
 
-import java.time.OffsetDateTime;
+import java.time.LocalDateTime;
 
 /**
  * 联动设备表实体类（防火墙设备信息）
@@ -17,9 +17,9 @@ public class DeviceInterlocking {
     private String tenantId;
     private Long createDept;
     private Long createBy;
-    private OffsetDateTime createTime;
+    private LocalDateTime createTime;
     private Long updateBy;
-    private OffsetDateTime updateTime;
+    private LocalDateTime updateTime;
     private String remark;
     private String authUsername;              // 用户名
     private String authPassword;              // 密码
@@ -55,14 +55,14 @@ public class DeviceInterlocking {
     public Long getCreateBy() { return createBy; }
     public void setCreateBy(Long createBy) { this.createBy = createBy; }
 
-    public OffsetDateTime getCreateTime() { return createTime; }
-    public void setCreateTime(OffsetDateTime createTime) { this.createTime = createTime; }
+    public LocalDateTime getCreateTime() { return createTime; }
+    public void setCreateTime(LocalDateTime createTime) { this.createTime = createTime; }
 
     public Long getUpdateBy() { return updateBy; }
     public void setUpdateBy(Long updateBy) { this.updateBy = updateBy; }
 
-    public OffsetDateTime getUpdateTime() { return updateTime; }
-    public void setUpdateTime(OffsetDateTime updateTime) { this.updateTime = updateTime; }
+    public LocalDateTime getUpdateTime() { return updateTime; }
+    public void setUpdateTime(LocalDateTime updateTime) { this.updateTime = updateTime; }
 
     public String getRemark() { return remark; }
     public void setRemark(String remark) { this.remark = remark; }
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlockingCmd.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlockingCmd.java
index 29343a0..c01ab29 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlockingCmd.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlockingCmd.java
@@ -4,9 +4,8 @@ import com.Modules.etl.handler.ArrayIntegerTypeHandler;
 import com.Modules.etl.handler.ArrayStringTypeHandler;
 import org.apache.ibatis.type.JdbcType;
 import org.apache.ibatis.type.TypeHandler;
-import org.apache.ibatis.type.ArrayTypeHandler;
 
-import java.time.OffsetDateTime;
+import java.time.LocalDateTime;
 import java.util.Arrays;
 import java.util.List;
 
@@ -25,8 +24,8 @@ public class DeviceInterlockingCmd {
     private String banType;                    // 封禁类型（1:白名单、0:黑名单）
     private String cmdStatus;                  // 指令状态（0:未执行、1:已完成、2:执行中）
     private Integer banDuration;              // 封禁时长（秒，-1表示永久）
-    private OffsetDateTime createTime;
-    private OffsetDateTime updateTime;
+    private LocalDateTime createTime;
+    private LocalDateTime updateTime;
     private String tenantId;
     private Long createDept;
     private Long createBy;
@@ -65,11 +64,11 @@ public class DeviceInterlockingCmd {
     public Integer getBanDuration() { return banDuration; }
     public void setBanDuration(Integer banDuration) { this.banDuration = banDuration; }
 
-    public OffsetDateTime getCreateTime() { return createTime; }
-    public void setCreateTime(OffsetDateTime createTime) { this.createTime = createTime; }
+    public LocalDateTime getCreateTime() { return createTime; }
+    public void setCreateTime(LocalDateTime createTime) { this.createTime = createTime; }
 
-    public OffsetDateTime getUpdateTime() { return updateTime; }
-    public void setUpdateTime(OffsetDateTime updateTime) { this.updateTime = updateTime; }
+    public LocalDateTime getUpdateTime() { return updateTime; }
+    public void setUpdateTime(LocalDateTime updateTime) { this.updateTime = updateTime; }
 
     public String getTenantId() { return tenantId; }
     public void setTenantId(String tenantId) { this.tenantId = tenantId; }
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlockingLog.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlockingLog.java
index 516c829..c4147ee 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlockingLog.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/entity/DeviceInterlockingLog.java
@@ -1,6 +1,6 @@
 package com.common.entity;
 
-import java.time.OffsetDateTime;
+import java.time.LocalDateTime;
 
 /**
  * 封禁记录表实体类
@@ -12,15 +12,15 @@ public class DeviceInterlockingLog {
     private Long deviceInterlockingId;         // 封禁设备ID
     private String banIp;                     // 封禁IP地址
     private String deviceName;                 // 封禁设备名称
-    private OffsetDateTime banTime;            // 封禁时间
+    private LocalDateTime banTime;            // 封禁时间
     private String banMethod;                  // 封禁方式（0.人工、1.自动化封禁）
     private Integer banResult;                // 联动结果（成功：1、失败：0）
     private String tenantId;
     private Long createDept;
     private Long createBy;
-    private OffsetDateTime createTime;
+    private LocalDateTime createTime;
     private Long updateBy;
-    private OffsetDateTime updateTime;
+    private LocalDateTime updateTime;
     private String remark;
     private String respBody;                 // 响应body
     private String reqBody;                   // 请求body
@@ -41,8 +41,8 @@ public class DeviceInterlockingLog {
     public String getDeviceName() { return deviceName; }
     public void setDeviceName(String deviceName) { this.deviceName = deviceName; }
 
-    public OffsetDateTime getBanTime() { return banTime; }
-    public void setBanTime(OffsetDateTime banTime) { this.banTime = banTime; }
+    public LocalDateTime getBanTime() { return banTime; }
+    public void setBanTime(LocalDateTime banTime) { this.banTime = banTime; }
 
     public String getBanMethod() { return banMethod; }
     public void setBanMethod(String banMethod) { this.banMethod = banMethod; }
@@ -59,14 +59,14 @@ public class DeviceInterlockingLog {
     public Long getCreateBy() { return createBy; }
     public void setCreateBy(Long createBy) { this.createBy = createBy; }
 
-    public OffsetDateTime getCreateTime() { return createTime; }
-    public void setCreateTime(OffsetDateTime createTime) { this.createTime = createTime; }
+    public LocalDateTime getCreateTime() { return createTime; }
+    public void setCreateTime(LocalDateTime createTime) { this.createTime = createTime; }
 
     public Long getUpdateBy() { return updateBy; }
     public void setUpdateBy(Long updateBy) { this.updateBy = updateBy; }
 
-    public OffsetDateTime getUpdateTime() { return updateTime; }
-    public void setUpdateTime(OffsetDateTime updateTime) { this.updateTime = updateTime; }
+    public LocalDateTime getUpdateTime() { return updateTime; }
+    public void setUpdateTime(LocalDateTime updateTime) { this.updateTime = updateTime; }
 
     public String getRemark() { return remark; }
     public void setRemark(String remark) { this.remark = remark; }
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/AlarmMapper.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/AlarmMapper.java
index b8a5ffc..f06eefb 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/AlarmMapper.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/AlarmMapper.java
@@ -15,7 +15,7 @@ public interface AlarmMapper {
             "INSERT INTO alarm (",
             "id, created_at, alarm_name, alarm_level, alarm_type, ",
             "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, victim_web_url, ",
-            "device_id, comment,origin_log_ids,log_start_at, log_end_at, window_time, http_status, ",
+            "device_id, \"comment\",origin_log_ids,log_start_at, log_end_at, window_time, http_status, ",
             "attack_port, victim_port, attack_method, etl_time, log_count, ",
             "attack_chain_phase, disposition_advice, attack_direction, ",
             "judged_state, disposed_state, attack_result, fall, payload,  dns_info, engine_type,   " ,
@@ -52,7 +52,7 @@ public interface AlarmMapper {
     @Insert("INSERT INTO alarm (" +
             "id, created_at, alarm_name, alarm_level, alarm_type, " +
             "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, victim_web_url, " +
-            "device_id, comment,origin_log_ids, log_start_at, log_end_at, window_time, http_status, " +
+            "device_id, \"comment\",origin_log_ids, log_start_at, log_end_at, window_time, http_status, " +
             "attack_port, victim_port, attack_method, etl_time, log_count, " +
             "attack_chain_phase, disposition_advice, attack_direction, " +
             "judged_state, disposed_state, attack_result, fall, payload, dns_info, engine_type,  " +
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/AlarmVisitMapper.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/AlarmVisitMapper.java
index 00b1948..9a20855 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/AlarmVisitMapper.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/AlarmVisitMapper.java
@@ -19,7 +19,7 @@ public interface AlarmVisitMapper {
             "INSERT INTO alarm_visit (",
             "id, created_at, alarm_name, alarm_level, alarm_type, ",
             "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, victim_web_url, ",
-            "device_id, comment,origin_log_ids,log_start_at, log_end_at,window_time, http_status, ",
+            "device_id, \"comment\",origin_log_ids,log_start_at, log_end_at,window_time, http_status, ",
             "attack_port, victim_port, attack_method, etl_time, log_count, ",
             "attack_chain_phase, disposition_advice, attack_direction, ",
             "judged_state, disposed_state, attack_result, fall, payload, dns_info, engine_type,  " ,
@@ -56,7 +56,7 @@ public interface AlarmVisitMapper {
     @Insert("INSERT INTO alarm_visit (" +
             "id, created_at, alarm_name, alarm_level, alarm_type, " +
             "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, victim_web_url,  " +
-            "device_id, comment,origin_log_ids, log_start_at, log_end_at, window_time,http_status, " +
+            "device_id, \"comment\",origin_log_ids, log_start_at, log_end_at, window_time,http_status, " +
             "attack_port, victim_port, attack_method, etl_time, log_count, " +
             "attack_chain_phase, disposition_advice, attack_direction, " +
             "judged_state, disposed_state, attack_result, fall, payload, dns_info,engine_type, " +
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceCollectHeartbeatMapper.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceCollectHeartbeatMapper.java
index b74af1b..a169f07 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceCollectHeartbeatMapper.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceCollectHeartbeatMapper.java
@@ -37,22 +37,37 @@ public interface DeviceCollectHeartbeatMapper {
 
     /**
      * 插入或更新（根据collect_id）
+     * 达梦数据库使用 MERGE INTO 实现 upsert
      */
-    @Insert("INSERT INTO device_collect_heartbeat (" +
+    @Update("MERGE INTO device_collect_heartbeat t " +
+            "USING (SELECT " +
+            "#{collectId} AS collect_id, " +
+            "#{collectName} AS collect_name, " +
+            "#{deviceIp} AS device_ip, " +
+            "#{appVersion} AS app_version, " +
+            "#{lastHeartbeat} AS last_heartbeat, " +
+            "#{heartbeatCount} AS heartbeat_count, " +
+            "#{status} AS status, " +
+            "#{failCount} AS fail_count, " +
+            "#{updateTime} AS update_time " +
+            "FROM DUAL) s " +
+            "ON (t.collect_id = s.collect_id) " +
+            "WHEN MATCHED THEN UPDATE SET " +
+            "t.collect_name = s.collect_name, " +
+            "t.device_ip = s.device_ip, " +
+            "t.app_version = s.app_version, " +
+            "t.last_heartbeat = s.last_heartbeat, " +
+            "t.heartbeat_count = s.heartbeat_count, " +
+            "t.status = s.status, " +
+            "t.fail_count = s.fail_count, " +
+            "t.update_time = s.update_time " +
+            "WHEN NOT MATCHED THEN INSERT (" +
             "collect_id, collect_name, device_ip, app_version, last_heartbeat, " +
-            "heartbeat_count, status, fail_count, update_time " +
+            "heartbeat_count, status, fail_count, update_time" +
             ") VALUES (" +
-            "#{collectId}, #{collectName}, #{deviceIp}, #{appVersion}, #{lastHeartbeat}, " +
-            "#{heartbeatCount}, #{status}, #{failCount}, #{updateTime} " +
-            ") ON CONFLICT (collect_id) DO UPDATE SET " +
-            "collect_name = EXCLUDED.collect_name, " +
-            "device_ip = EXCLUDED.device_ip, " +
-            "app_version = EXCLUDED.app_version, " +
-            "last_heartbeat = EXCLUDED.last_heartbeat, " +
-            "heartbeat_count = EXCLUDED.heartbeat_count, " +
-            "status = EXCLUDED.status, " +
-            "fail_count = EXCLUDED.fail_count, " +
-            "update_time = EXCLUDED.update_time")
+            "s.collect_id, s.collect_name, s.device_ip, s.app_version, s.last_heartbeat, " +
+            "s.heartbeat_count, s.status, s.fail_count, s.update_time" +
+            ")")
     int upsert(DeviceCollectHeartbeat heartbeat);
 
     /**
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceCollectTaskMapper.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceCollectTaskMapper.java
index 3a05666..221223e 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceCollectTaskMapper.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceCollectTaskMapper.java
@@ -155,12 +155,12 @@ public interface DeviceCollectTaskMapper extends BaseMapper<DeviceCollectTask>{
             "<foreach collection='tasks' item='task' separator=';'>" +
             "UPDATE device_collect_task SET " +
             "  first_time = CASE " +
-            "    WHEN first_time IS NULL AND #{task.firstTime}::TIMESTAMP IS NOT NULL THEN #{task.firstTime}::TIMESTAMP " +
+            "    WHEN first_time IS NULL AND #{task.firstTime} IS NOT NULL THEN #{task.firstTime} " +
             "    ELSE first_time " +
             "  END, " +
-            "  last_success_time = #{task.lastSuccessTime}::TIMESTAMP, " +
-            "  last_failed_time = #{task.lastFailedTime}::TIMESTAMP, " +
-            "  updated_at = #{task.updatedAt}::TIMESTAMP " +
+            "  last_success_time = #{task.lastSuccessTime}, " +
+            "  last_failed_time = #{task.lastFailedTime}, " +
+            "  updated_at = #{task.updatedAt} " +
             "WHERE id = #{task.id}" +
             "</foreach>" +
             "</script>")
@@ -171,12 +171,12 @@ public interface DeviceCollectTaskMapper extends BaseMapper<DeviceCollectTask>{
      */
     @Update("UPDATE device_collect_task " +
             "SET first_time = CASE " +
-            "    WHEN first_time IS NULL AND #{firstTime}::TIMESTAMP IS NOT NULL THEN #{firstTime}::TIMESTAMP " +
+            "    WHEN first_time IS NULL AND #{firstTime} IS NOT NULL THEN #{firstTime} " +
             "    ELSE first_time " +
             "  END, " +
-            "  last_success_time = #{lastSuccessTime}::TIMESTAMP, " +
-            "  last_failed_time = #{lastFailTime}::TIMESTAMP, " +
-            "  updated_at = #{updateTime}::TIMESTAMP " +
+            "  last_success_time = #{lastSuccessTime}, " +
+            "  last_failed_time = #{lastFailTime}, " +
+            "  updated_at = #{updateTime} " +
             "WHERE id = #{deviceCollectId}")
     int updateTaskTime(@Param("deviceCollectId") String deviceCollectId,
                        @Param("firstTime") LocalDateTime firstTime,
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceInterlockingCmdMapper.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceInterlockingCmdMapper.java
index 57bfe7e..a51f63c 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceInterlockingCmdMapper.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceInterlockingCmdMapper.java
@@ -61,8 +61,11 @@ public interface DeviceInterlockingCmdMapper {
     @Insert("INSERT INTO device_interlocking_cmd (probe_id, probe_ip, device_interlocking_id, device_interlocking_ip, " +
             "ban_ips, ban_method, ban_type, cmd_status, ban_duration, create_time, update_time, " +
             "tenant_id, create_dept, create_by, remark, ban_operation_type) " +
-            "VALUES (#{probeId}, #{probeIp}, ARRAY[:ids], ARRAY[:ips], ARRAY[:banIps], " +
-            "#{banMethod}, #{banType}, #{cmdStatus}, #{banDuration}, NOW(), NOW(), " +
+            "VALUES (#{probeId}, #{probeIp}, " +
+            "#{deviceInterlockingId, typeHandler=com.Modules.etl.handler.ArrayIntegerTypeHandler}, " +
+            "#{deviceInterlockingIp, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, " +
+            "#{banIps, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, " +
+            "#{banMethod}, #{banType}, #{cmdStatus}, #{banDuration}, SYSDATE, SYSDATE, " +
             "#{tenantId}, #{createDept}, #{createBy}, #{remark}, #{banOperationType})")
     @Options(useGeneratedKeys = true, keyProperty = "id")
     int insert(DeviceInterlockingCmd cmd);
@@ -73,25 +76,25 @@ public interface DeviceInterlockingCmdMapper {
      * @param cmdStatus 新状态
      * @return 影响行数
      */
-    @Update("UPDATE device_interlocking_cmd SET cmd_status = #{cmdStatus}, update_time = NOW() WHERE id = #{id}")
+    @Update("UPDATE device_interlocking_cmd SET cmd_status = #{cmdStatus}, update_time = SYSDATE WHERE id = #{id}")
     int updateStatus(@Param("id") Long id, @Param("cmdStatus") String cmdStatus);
 
     /**
      * 更新指令状态为执行中
      */
-    @Update("UPDATE device_interlocking_cmd SET cmd_status = '2', update_time = NOW() WHERE id = #{id}")
+    @Update("UPDATE device_interlocking_cmd SET cmd_status = '2', update_time = SYSDATE WHERE id = #{id}")
     int updateStatusToExecuting(@Param("id") Long id);
 
     /**
      * 更新指令状态为执行完成
      */
-    @Update("UPDATE device_interlocking_cmd SET cmd_status = '1', update_time = NOW() WHERE id = #{id}")
+    @Update("UPDATE device_interlocking_cmd SET cmd_status = '1', update_time = SYSDATE WHERE id = #{id}")
     int updateStatusToCompleted(@Param("id") Long id);
 
     /**
      * 更新指令状态为执行失败
      */
-    @Update("UPDATE device_interlocking_cmd SET cmd_status = '3', update_time = NOW() WHERE id = #{id}")
+    @Update("UPDATE device_interlocking_cmd SET cmd_status = '3', update_time = SYSDATE WHERE id = #{id}")
     int updateStatusToFailed(@Param("id") Long id);
 
     /**
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceReceiveLogMapper.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceReceiveLogMapper.java
index cf38883..6124c49 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceReceiveLogMapper.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/DeviceReceiveLogMapper.java
@@ -84,7 +84,7 @@ public interface DeviceReceiveLogMapper {
      */
     @Select("SELECT device_collect_id, MAX(created_at) AS last_success_time " +
             "FROM device_receive_log " +
-            "WHERE push_success = true " +
+            "WHERE push_success = 1 " +
             "AND created_at >= CURRENT_DATE " +
             "GROUP BY device_collect_id")
     List<DeviceCollectTaskTime> selectDailySuccessTimes();
@@ -94,7 +94,7 @@ public interface DeviceReceiveLogMapper {
      */
     @Select("SELECT device_collect_id, MAX(created_at) AS last_fail_time " +
             "FROM device_receive_log " +
-            "WHERE push_success = false " +
+            "WHERE push_success = 0 " +
             "AND created_at >= CURRENT_DATE " +
             "GROUP BY device_collect_id")
     List<DeviceCollectTaskTime> selectDailyFailTimes();
@@ -104,7 +104,7 @@ public interface DeviceReceiveLogMapper {
      */
     @Select("SELECT device_collect_id, MIN(created_at) AS first_success_time " +
             "FROM device_receive_log " +
-            "WHERE push_success = true " +
+            "WHERE push_success = 1 " +
             "GROUP BY device_collect_id")
     List<DeviceCollectTaskTime> selectFirstSuccessTimes();
 
@@ -114,7 +114,7 @@ public interface DeviceReceiveLogMapper {
     @Select("SELECT device_collect_id, MIN(created_at) AS first_time, " +
             "MAX(created_at) AS last_success_time " +
             "FROM device_receive_log " +
-            "WHERE push_success = true " +
+            "WHERE push_success = 1 " +
             "AND created_at >= #{startTime} " +
             "AND created_at < #{endTime} " +
             "GROUP BY device_collect_id")
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/SyslogNormalAlarmMapper.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/SyslogNormalAlarmMapper.java
index e11ffaa..c9addc0 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/SyslogNormalAlarmMapper.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/SyslogNormalAlarmMapper.java
@@ -49,30 +49,29 @@ public interface SyslogNormalAlarmMapper {
      */
     @Select("SELECT " +
             "to_char(log_time, 'YYYYMMDD') as log_date, " +
-            "ARRAY_AGG(DISTINCT  host(src_ip)::text)  as  attack_ips, " +
+            "WM_CONCAT(DISTINCT  src_ip)  as  attack_ips, " +
             "origin_event_name, " +
             "MAX(attack_result) as attack_result, " +
             "MIN(log_time) as min_log_time, " +
             "MAX(log_time) as max_log_time, " +
             "COUNT(1) as log_count, " +
-            "ARRAY_AGG(DISTINCT  host(dest_ip)::text) as victim_ips, " +
-            "ARRAY_AGG(DISTINCT http_url) as victim_web_urls, " +
-            "ARRAY_AGG(DISTINCT device_id) as device_ids, " +
-            "ARRAY_AGG(DISTINCT id) as origin_log_ids, " +
+            "WM_CONCAT(DISTINCT  dest_ip) as victim_ips, " +
+            "WM_CONCAT(DISTINCT http_url) as victim_web_urls, " +
+            "WM_CONCAT(DISTINCT device_id) as device_ids, " +
+            "WM_CONCAT(DISTINCT id) as origin_log_ids, " +
             "MAX(event_level) as max_event_level, " +
             "MIN(origin_event_type)  AS first_event_type, " +
             "MAX(origin_event_type) as event_type, " +
             "MIN(event_type) as min_event_type, " +
-            "ARRAY_AGG(DISTINCT src_port::int4) as attack_ports, " +
-            "ARRAY_AGG(DISTINCT dest_port::int4) as victim_ports, " +
-            "ARRAY_AGG(DISTINCT http_resp_codes::text) as http_status_codes, " +
-            "ARRAY_AGG(DISTINCT payload::BYTEA) as payload_samples, " +
-            "ARRAY_AGG(DISTINCT http_req_header) as httpReqHeaders, " +
-            "ARRAY_AGG(DISTINCT http_req_body) as httpReqBodys, " +
-            "ARRAY_AGG(DISTINCT http_resp_header) as httpRespHeaders, " +
-            "ARRAY_AGG(DISTINCT http_resp_body) as httpRespBodys, " +
-            "MODE() WITHIN GROUP (ORDER BY dest_domain) as dns_info, " +
-            "STRING_AGG(DISTINCT COALESCE(host(dest_ip)::text, ''), ',') as victim_ips_str " +
+            "WM_CONCAT(DISTINCT src_port) as attack_ports, " +
+            "WM_CONCAT(DISTINCT dest_port) as victim_ports, " +
+            "WM_CONCAT(DISTINCT http_resp_codes) as http_status_codes, " +
+            "WM_CONCAT(DISTINCT payload) as payload_samples, " +
+            "WM_CONCAT(DISTINCT http_req_header) as httpReqHeaders, " +
+            "WM_CONCAT(DISTINCT http_req_body) as httpReqBodys, " +
+            "WM_CONCAT(DISTINCT http_resp_header) as httpRespHeaders, " +
+            "WM_CONCAT(DISTINCT http_resp_body) as httpRespBodys, " +
+            "LISTAGG(DISTINCT COALESCE(dest_ip, ''), ',') as victim_ips_str " +
             "FROM syslog_normal_alarm  " +
             "WHERE log_time >= #{startTime} AND log_time < #{endTime} " +
             "AND event_level >= 1 AND src_ip NOT IN ('127.0.0.1', '127.0.0.2') " +
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/SyslogNormalDataMapper.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/SyslogNormalDataMapper.java
index 358218c..7ef7737 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/SyslogNormalDataMapper.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/SyslogNormalDataMapper.java
@@ -46,30 +46,29 @@ public interface SyslogNormalDataMapper {
      */
     @Select("SELECT " +
             "to_char(log_time, 'YYYYMMDD') as log_date, " +
-            "ARRAY_AGG(DISTINCT  host(src_ip)::text)  as  attack_ips, " +
+            "WM_CONCAT(DISTINCT  src_ip)  as  attack_ips, " +
             "origin_event_name, " +
             "MAX(attack_result) as attack_result, " +
             "MIN(log_time) as min_log_time, " +
             "MAX(log_time) as max_log_time, " +
             "COUNT(1) as log_count, " +
-            "ARRAY_AGG(DISTINCT  host(dest_ip)::text) as victim_ips, " +
-            "ARRAY_AGG(DISTINCT http_url) as victim_web_urls, " +
-            "ARRAY_AGG(DISTINCT device_id) as device_ids, " +
-            "ARRAY_AGG(DISTINCT id) as origin_log_ids, " +
+            "WM_CONCAT(DISTINCT  dest_ip) as victim_ips, " +
+            "WM_CONCAT(DISTINCT http_url) as victim_web_urls, " +
+            "WM_CONCAT(DISTINCT device_id) as device_ids, " +
+            "WM_CONCAT(DISTINCT id) as origin_log_ids, " +
             "MAX(event_level) as max_event_level, " +
             "MIN(origin_event_type)  AS first_event_type, " +
             "MAX(origin_event_type) as event_type, " +
             "MIN(event_type) as min_event_type, " +
-            "ARRAY_AGG(DISTINCT src_port::int4) as attack_ports, " +
-            "ARRAY_AGG(DISTINCT dest_port::int4) as victim_ports, " +
-            "ARRAY_AGG(DISTINCT http_resp_codes::text) as http_status_codes, " +
-            "ARRAY_AGG(DISTINCT payload::BYTEA) as payload_samples, " +
-            "ARRAY_AGG(DISTINCT http_req_header) as httpReqHeaders, " +
-            "ARRAY_AGG(DISTINCT http_req_body) as httpReqBodys, " +
-            "ARRAY_AGG(DISTINCT http_resp_header) as httpRespHeaders, " +
-            "ARRAY_AGG(DISTINCT http_resp_body) as httpRespBodys, " +
-            "MODE() WITHIN GROUP (ORDER BY dest_domain) as dns_info, " +
-            "STRING_AGG(DISTINCT COALESCE(host(dest_ip)::text, ''), ',') as victim_ips_str " +
+            "WM_CONCAT(DISTINCT src_port) as attack_ports, " +
+            "WM_CONCAT(DISTINCT dest_port) as victim_ports, " +
+            "WM_CONCAT(DISTINCT http_resp_codes) as http_status_codes, " +
+            "WM_CONCAT(DISTINCT payload) as payload_samples, " +
+            "WM_CONCAT(DISTINCT http_req_header) as httpReqHeaders, " +
+            "WM_CONCAT(DISTINCT http_req_body) as httpReqBodys, " +
+            "WM_CONCAT(DISTINCT http_resp_header) as httpRespHeaders, " +
+            "WM_CONCAT(DISTINCT http_resp_body) as httpRespBodys, " +
+            "LISTAGG(DISTINCT COALESCE(dest_ip, ''), ',') as victim_ips_str " +
             "FROM syslog_normal_data " +
             "WHERE log_time >= #{startTime} AND log_time < #{endTime} " +
             "AND   http_resp_codes =200 and   origin_event_type <> ''   and  origin_event_name='访问日志' AND src_ip NOT IN ('127.0.0.1', '127.0.0.2') " +
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/WecomNotificationMapper.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/WecomNotificationMapper.java
index abd6f61..24d81eb 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/WecomNotificationMapper.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/mapper/WecomNotificationMapper.java
@@ -18,12 +18,12 @@ public interface WecomNotificationMapper {
             "wecom_notification_time, tenant_id, create_dept, create_by, create_time, " +
             "update_by, update_time, remark, wecom_notification_status" +
             ") VALUES (" +
-            "nextval('seq_wecom_notification'), #{userId}, #{wecomNotificationName}, #{wecomNotificationIp}, " +
+            "seq_wecom_notification.NEXTVAL, #{userId}, #{wecomNotificationName}, #{wecomNotificationIp}, " +
             "#{wecomNotificationType}, #{wecomNotificationLevel}, #{wecomNotificationContent}, " +
             "#{wecomNotificationTime}, #{tenantId}, #{createDept}, #{createBy}, #{createTime}, " +
             "#{updateBy}, #{updateTime}, #{remark}, #{wecomNotificationStatus}" +
             ")")
-    @SelectKey(statement = "SELECT currval('seq_wecom_notification')", keyProperty = "wecomNotificationId", resultType = Long.class, before = false)
+    @SelectKey(statement = "SELECT seq_wecom_notification.currval", keyProperty = "wecomNotificationId", resultType = Long.class, before = false)
     int insert(WecomNotification notification);
 
     /**
@@ -41,7 +41,7 @@ public interface WecomNotificationMapper {
     /**
      * 更新通知状态
      */
-    @Update("UPDATE wecom_notification SET wecom_notification_status = #{status}, update_time = NOW() " +
+    @Update("UPDATE wecom_notification SET wecom_notification_status = #{status}, update_time = SYSDATE " +
             "WHERE wecom_notification_id = #{wecomNotificationId}")
     int updateStatus(@Param("wecomNotificationId") Long wecomNotificationId, @Param("status") String status);
 }
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/DeviceInterlockingLogService.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/DeviceInterlockingLogService.java
index b251092..af885b8 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/DeviceInterlockingLogService.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/DeviceInterlockingLogService.java
@@ -4,7 +4,7 @@ import com.common.entity.DeviceInterlockingLog;
 import com.common.mapper.DeviceInterlockingLogMapper;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
-import java.time.OffsetDateTime;
+import java.time.LocalDateTime;
 import java.util.List;
 
 @Service
@@ -32,7 +32,7 @@ public class DeviceInterlockingLogService {
      */
     public int insert(DeviceInterlockingLog log) {
         if (log.getBanTime() == null) {
-            log.setBanTime(OffsetDateTime.now());
+            log.setBanTime(LocalDateTime.now());
         }
         return logMapper.insert(log);
     }
@@ -44,7 +44,7 @@ public class DeviceInterlockingLogService {
         if (logs != null && !logs.isEmpty()) {
             for (DeviceInterlockingLog log : logs) {
                 if (log.getBanTime() == null) {
-                    log.setBanTime(OffsetDateTime.now());
+                    log.setBanTime(LocalDateTime.now());
                 }
             }
         }
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/DmNormalizeRuleService.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/DmNormalizeRuleService.java
index 58e7090..2bf5387 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/DmNormalizeRuleService.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/DmNormalizeRuleService.java
@@ -77,7 +77,7 @@ public class DmNormalizeRuleService {
 
             List<Map<String, Object>>  ruleMap=dmNormalizeRuleMapper.selectByDeviceId(id);
             sqlSession.commit();
-            return ruleMap;
+            return convertClobToString(ruleMap);
 
         } catch (Exception e) {
             logger.error("DmNormalizeRuleService MyBatisUtil getSqlSession 异常", e);
@@ -95,7 +95,41 @@ public class DmNormalizeRuleService {
     {
         System.out.println("调用selectByDeviceIdAuto 方法,id:"+id);
         List<Map<String, Object>>  ruleMap=dmNormalizeRuleMapper.selectByDeviceId(id);
-        return ruleMap;
+        return convertClobToString(ruleMap);
+    }
+
+    /**
+     * 将达梦 JDBC CLOB/NCLOB 对象转换为 String，避免缓存序列化报错
+     * 达梦驱动返回的 TEXT/CLOB 列可能是 dm.jdbc.driver.DmdbNClob 等内部类型，
+     * toString() 只返回对象引用（如 DmdbNClob@xxx），必须通过 Clob 接口获取实际文本
+     */
+    private List<Map<String, Object>> convertClobToString(List<Map<String, Object>> list) {
+        if (list == null) return null;
+        for (Map<String, Object> map : list) {
+            if (map == null) continue;
+            for (Map.Entry<String, Object> entry : map.entrySet()) {
+                Object value = entry.getValue();
+                if (value != null && value.getClass().getName().startsWith("dm.jdbc.")) {
+                    try {
+                        if (value instanceof java.sql.Clob) {
+                            java.sql.Clob clob = (java.sql.Clob) value;
+                            long length = clob.length();
+                            if (length > 0) {
+                                entry.setValue(clob.getSubString(1, (int) length));
+                            } else {
+                                entry.setValue("");
+                            }
+                        } else {
+                            entry.setValue(value.toString());
+                        }
+                    } catch (Exception e) {
+                        logger.warn("CLOB/NCLOB 转换 String 失败: " + e.getMessage());
+                        entry.setValue(null);
+                    }
+                }
+            }
+        }
+        return list;
     }
 
 }
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/impl/RealtimeAnalysisEngine.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/impl/RealtimeAnalysisEngine.java
index 03e9a81..c1b6407 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/impl/RealtimeAnalysisEngine.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/impl/RealtimeAnalysisEngine.java
@@ -734,7 +734,25 @@ public class RealtimeAnalysisEngine implements AnalysisEngine {
             return result;
         }
         // PostgreSQL数组以字符串形式返回，如 "{ip1,ip2,ip3}"
+        // 达梦 JSONB_AGG 返回 JSON 数组格式，如 "[41614, 8080]"
         String str = value.toString();
+        if (str.startsWith("[") && str.endsWith("]")) {
+            str = str.substring(1, str.length() - 1).trim();
+            if (str.isEmpty()) {
+                return new String[0];
+            }
+            // 拆分 JSON 数组元素（兼容带引号和纯数字）
+            String[] parts = str.split(",");
+            String[] result = new String[parts.length];
+            for (int i = 0; i < parts.length; i++) {
+                String part = parts[i].trim();
+                if (part.startsWith("\"") && part.endsWith("\"")) {
+                    part = part.substring(1, part.length() - 1);
+                }
+                result[i] = part;
+            }
+            return result;
+        }
         if (str.startsWith("{") && str.endsWith("}")) {
             str = str.substring(1, str.length() - 1);
             return str.split(",");
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/impl/SqlGeneratorServiceImpl.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/impl/SqlGeneratorServiceImpl.java
index eab92de..c7ce093 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/impl/SqlGeneratorServiceImpl.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/service/impl/SqlGeneratorServiceImpl.java
@@ -747,19 +747,19 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
                 return "AVG(" + columnName + ")";
             case "DUPLICATESANDSPLICE":
                 if (StringUtils.isNotBlank(argsStr)) {
-                    return "STRING_AGG(DISTINCT " + columnName + ", '" + argsStr + "')";
+                    return "LISTAGG(DISTINCT " + columnName + ", '" + argsStr + "')";
                 }
-                return "STRING_AGG(DISTINCT " + columnName + ", ',')";
+                return "LISTAGG(DISTINCT " + columnName + ", ',')";
             case "CONCAT_AGG":
                 if (StringUtils.isNotBlank(argsStr)) {
-                    return "STRING_AGG(" + columnName + ", '" + argsStr + "')";
+                    return "LISTAGG(" + columnName + ", '" + argsStr + "')";
                 }
-                return "STRING_AGG(" + columnName + ", ',')";
+                return "LISTAGG(" + columnName + ", ',')";
             case "CONCAT_AGG_ID":
                 if (StringUtils.isNotBlank(argsStr)) {
-                    return "STRING_AGG(" + columnName + ", '" + argsStr + "')";
+                    return "LISTAGG(" + columnName + ", '" + argsStr + "')";
                 }
-                return "STRING_AGG(" + columnName + ", ',')";
+                return "LISTAGG(" + columnName + ", ',')";
             case "SPLIT_DISTINCT_CONCAT":
                 if (StringUtils.isNotBlank(argsStr)) {
                     String[] splitArgs = argsStr.split(",");
@@ -767,23 +767,23 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
                         String separator = splitArgs[0].trim();
                         String delimiter = splitArgs[1].trim();
                         String limit = splitArgs[2].trim();
-                        return "STRING_AGG(DISTINCT REGEXP_SPLIT(" + columnName + ", '" + delimiter + "'), '" + separator + "') LIMIT " + limit;
+                        return "LISTAGG(DISTINCT REGEXP_SPLIT(" + columnName + ", '" + delimiter + "'), '" + separator + "') LIMIT " + limit;
                     }
                 }
                 return columnName;
             //自定添加方法
             case "MODE_WITH_GROUP":
-                return "MODE() WITHIN GROUP (ORDER BY   " + columnName + ")";
+                return columnName;
 
             // 聚合函数（兼容旧代码）
             case "ARRAY_AGG":
 
-                return "ARRAY_AGG(DISTINCT " + columnName + ")";
+                return "WM_CONCAT(DISTINCT " + columnName + ")";
             case "STRING_AGG":
                 if (StringUtils.isNotBlank(argsStr)) {
-                    return "STRING_AGG(" + columnSafeWrap(columnName) + ", " + argsStr + ")";
+                    return "LISTAGG(" + columnSafeWrap(columnName) + ", " + argsStr + ")";
                 }
-                return "STRING_AGG(DISTINCT " + columnName + ", ',')";
+                return "LISTAGG(DISTINCT " + columnName + ", ',')";
 
             // 时间函数
             case "YEAR":
@@ -847,7 +847,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
             case "TO_CHAR":
                 return "TO_CHAR(" + columnName + ", 'YYYYMMDD')";
             case "HOST":
-                return "HOST(" + columnName + ")::text";
+                return columnName;
             default:
                 return functionName + "(" + columnName + ")";
         }
@@ -938,12 +938,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
      * 列名安全包装（处理类型转换）
      */
     private String columnSafeWrap(String columnName) {
-        if (columnName.toLowerCase().contains("ip")) {
-            return "host(" + columnName + ")::text";
-        }
-        if (columnName.toLowerCase().contains("port")) {
-            return columnName + "::int4";
-        }
+        // DM不需要类型转换，直接返回列名
         return columnName;
     }
 
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/util/JsonbUtil.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/util/JsonbUtil.java
index a3d0ca5..3b05f88 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/util/JsonbUtil.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/common/util/JsonbUtil.java
@@ -22,6 +22,18 @@ public class JsonbUtil {
             return null;
         }
 
+        // 达梦数据库：TEXT/CLOB 列返回 dm.jdbc.driver.DmdbNClob 对象，
+        // toString() 只返回对象引用而非实际内容，必须通过 Clob 接口读取
+        if (value instanceof java.sql.Clob) {
+            try {
+                java.sql.Clob clob = (java.sql.Clob) value;
+                long length = clob.length();
+                value = length > 0 ? clob.getSubString(1, (int) length) : "";
+            } catch (Exception e) {
+                value = value.toString();
+            }
+        }
+
         // 如果已经是字符串，直接返回
         if (value instanceof String) {
             String strValue = (String) value;
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/CacheConfig.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/CacheConfig.java
index 4daedcf..6ac6023 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/CacheConfig.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/CacheConfig.java
@@ -1,8 +1,16 @@
 package com.config;
 
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanDescription;
+import com.fasterxml.jackson.databind.JsonSerializer;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationConfig;
+import com.fasterxml.jackson.databind.SerializerProvider;
 import com.fasterxml.jackson.databind.jsontype.BasicPolymorphicTypeValidator;
 import com.fasterxml.jackson.databind.jsontype.PolymorphicTypeValidator;
+import com.fasterxml.jackson.databind.jsontype.TypeSerializer;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+import com.fasterxml.jackson.databind.ser.BeanSerializerModifier;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import org.springframework.cache.CacheManager;
 import org.springframework.cache.annotation.EnableCaching;
@@ -15,6 +23,7 @@ import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSeriali
 import org.springframework.data.redis.serializer.RedisSerializationContext;
 import org.springframework.data.redis.serializer.StringRedisSerializer;
 import com.fasterxml.jackson.databind.DeserializationFeature;
+import java.io.IOException;
 import java.time.Duration;
 import java.util.Collections;
 import org.springframework.context.annotation.Primary;
@@ -35,6 +44,33 @@ public class CacheConfig {
         // 禁用将日期序列化为时间戳
         mapper.disable(com.fasterxml.jackson.databind.SerializationFeature.WRITE_DATES_AS_TIMESTAMPS);
 
+        // 注册达梦 JDBC 安全序列化器 — 拦截 dm.jdbc.* 类，直接返回 null 防止循环引用 StackOverflow
+        SimpleModule dmSafeModule = new SimpleModule("dm-safe");
+        dmSafeModule.setSerializerModifier(new BeanSerializerModifier() {
+            @Override
+            public JsonSerializer<?> modifySerializer(SerializationConfig config,
+                                                       BeanDescription beanDesc,
+                                                       JsonSerializer<?> serializer) {
+                if (beanDesc.getBeanClass().getName().startsWith("dm.jdbc.")) {
+                    return new JsonSerializer<Object>() {
+                        @Override
+                        public void serialize(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers) throws IOException {
+                            gen.writeNull();
+                        }
+
+                        @Override
+                        public void serializeWithType(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers, TypeSerializer typeSer) throws IOException {
+                            gen.writeNull();
+                        }
+                    };
+                }
+                return serializer;
+            }
+        });
+        mapper.registerModule(dmSafeModule);
+
         // 启用类型信息，解决 LinkedHashMap 转换问题
         PolymorphicTypeValidator ptv = BasicPolymorphicTypeValidator.builder()
                 .allowIfSubType("com.common.entity.")    // 允许你的实体类包
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/RedisConfig.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/RedisConfig.java
index 3bd7321..134af0f 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/RedisConfig.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/RedisConfig.java
@@ -1,6 +1,14 @@
 package com.config;
 
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanDescription;
+import com.fasterxml.jackson.databind.JsonSerializer;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationConfig;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.jsontype.TypeSerializer;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+import com.fasterxml.jackson.databind.ser.BeanSerializerModifier;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -9,6 +17,8 @@ import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer;
 import org.springframework.data.redis.serializer.StringRedisSerializer;
 
+import java.io.IOException;
+
 @Configuration
 public class RedisConfig {
 
@@ -23,6 +33,32 @@ public class RedisConfig {
 
         ObjectMapper mapper = new ObjectMapper();
         mapper.registerModule(new JavaTimeModule());
+        // 注册达梦 JDBC 安全序列化器 — 拦截 dm.jdbc.* 类，直接返回 null 防止循环引用 StackOverflow
+        SimpleModule dmSafeModule = new SimpleModule("dm-safe");
+        dmSafeModule.setSerializerModifier(new BeanSerializerModifier() {
+            @Override
+            public JsonSerializer<?> modifySerializer(SerializationConfig config,
+                                                       BeanDescription beanDesc,
+                                                       JsonSerializer<?> serializer) {
+                if (beanDesc.getBeanClass().getName().startsWith("dm.jdbc.")) {
+                    return new JsonSerializer<Object>() {
+                        @Override
+                        public void serialize(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers) throws IOException {
+                            gen.writeNull();
+                        }
+
+                        @Override
+                        public void serializeWithType(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers, TypeSerializer typeSer) throws IOException {
+                            gen.writeNull();
+                        }
+                    };
+                }
+                return serializer;
+            }
+        });
+        mapper.registerModule(dmSafeModule);
         mapper.activateDefaultTyping(
                 mapper.getPolymorphicTypeValidator(),
                 ObjectMapper.DefaultTyping.NON_FINAL
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/WebConfig.java b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/WebConfig.java
index 5f52013..7330f38 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/WebConfig.java
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/java/com/config/WebConfig.java
@@ -1,8 +1,16 @@
 package com.config;
 
 
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanDescription;
 import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.JsonSerializer;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationConfig;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.jsontype.TypeSerializer;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+import com.fasterxml.jackson.databind.ser.BeanSerializerModifier;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -10,6 +18,7 @@ import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
+import java.io.IOException;
 import java.util.List;
 
 @Configuration
@@ -28,6 +37,33 @@ public class WebConfig implements WebMvcConfigurer {
         // 禁用将日期序列化为时间戳
         mapper.disable(com.fasterxml.jackson.databind.SerializationFeature.WRITE_DATES_AS_TIMESTAMPS);
 
+        // 注册达梦 JDBC 安全序列化器 — 拦截 dm.jdbc.* 类，直接返回 null 防止循环引用 StackOverflow
+        SimpleModule dmSafeModule = new SimpleModule("dm-safe");
+        dmSafeModule.setSerializerModifier(new BeanSerializerModifier() {
+            @Override
+            public JsonSerializer<?> modifySerializer(SerializationConfig config,
+                                                       BeanDescription beanDesc,
+                                                       JsonSerializer<?> serializer) {
+                if (beanDesc.getBeanClass().getName().startsWith("dm.jdbc.")) {
+                    return new JsonSerializer<Object>() {
+                        @Override
+                        public void serialize(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers) throws IOException {
+                            gen.writeNull();
+                        }
+
+                        @Override
+                        public void serializeWithType(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers, TypeSerializer typeSer) throws IOException {
+                            gen.writeNull();
+                        }
+                    };
+                }
+                return serializer;
+            }
+        });
+        mapper.registerModule(dmSafeModule);
+
         // 忽略未知属性
         mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
 
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-dev.properties b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-dev.properties
index 1968b74..b499174 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-dev.properties
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-dev.properties
@@ -24,7 +24,7 @@ influxdb.batch.size=1000
 influxdb.flush.interval=1000
 influxdb.retry.attempts=3
 influxdb.retry.delay=1000
-# InfluxDB 2.7 ���ӳ�ʱ����
+# InfluxDB 2.7 连接超时配置
 influxdb.connection.timeout=30s
 influxdb.connection.read-timeout=30s
 influxdb.connection.write-timeout=60s
@@ -35,16 +35,16 @@ app.metrics.enabled=true
 
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://117.72.68.72:54329/ecosys
-spring.datasource.username=postgres
-spring.datasource.password=TnLanWaidYSwTSG5
-spring.datasource.driver-class-name=org.postgresql.Driver
-
+spring.datasource.url=jdbc:dm://192.163.4.99:5237/DM_ecosys
+spring.datasource.username=SYSDBA
+spring.datasource.password=caZ2TcmXNSW8L2Ap
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
 
-#mybatis handler ��
+#mybatis handler 类
 mybatis.configuration.default-statement-timeout=30
 mybatis.configuration.default-fetch-size=1000
 mybatis.configuration.map-underscore-to-camel-case=true
@@ -71,22 +71,22 @@ spring.kafka.listener.concurrency= 2
 spring.kafka.listener.type=batch
 
 
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
-# ����������������
+# 开发环境缓存配置
 spring.redis.host=localhost
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=
 spring.redis.database=0
 spring.redis.timeout=2000
@@ -95,11 +95,11 @@ spring.redis.lettuce.pool.max-active=8
 spring.redis.lettuce.pool.max-wait=-1
 spring.redis.lettuce.pool.max-idle=8
 spring.redis.lettuce.pool.min-idle=0
-# ������������ʱ��϶̣��������
+# 开发环境缓存时间较短，方便调试
 spring.cache.redis.time-to-live=600000
 
 
-# Ӧ�ô���������
+# 应用处理器配置
 app.processor.thread-pool.core-pool-size=10
 app.processor.thread-pool.max-pool-size=20
 app.processor.thread-pool.queue-capacity=2000
@@ -107,7 +107,7 @@ app.processor.thread-pool.keep-alive-seconds=60
 app.processor.batch-size=100
 app.processor.process-timeout-ms=30000
 
-# ETL����
+# ETL配置
 etl.batch.page-size=1000
 etl.batch.insert-batch-size=500
 etl.schedule.cron=0 0 2 * * ?
@@ -120,10 +120,9 @@ spring.datasource.hikari.minimum-idle=5
 spring.datasource.hikari.connection-timeout=30000
 spring.datasource.hikari.idle-timeout=600000
 spring.datasource.hikari.max-lifetime=900000
-spring.datasource.hikari.connection-test-query=SELECT 1
+spring.datasource.hikari.connection-test-query=SELECT 1 FROM DUAL
 spring.datasource.hikari.validation-timeout=5000
 spring.datasource.hikari.leak-detection-threshold=30000          
 spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer-rule
 spring.datasource.hikari.auto-commit=false
-spring.datasource.hikari.schema=public
 
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-pre-nw.properties b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-pre-nw.properties
index 21f8b04..d7eeab2 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-pre-nw.properties
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-pre-nw.properties
@@ -26,7 +26,7 @@ influxdb.batch.size=1000
 influxdb.flush.interval=1000
 influxdb.retry.attempts=3
 influxdb.retry.delay=1000
-# InfluxDB 2.7 ���ӳ�ʱ����
+# InfluxDB 2.7 连接超时配置
 influxdb.connection.timeout=30s
 influxdb.connection.read-timeout=30s
 influxdb.connection.write-timeout=60s
@@ -37,15 +37,15 @@ app.metrics.enabled=true
 
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://10.150 81.209:5432/ecosys
-spring.datasource.username=postgres
+spring.datasource.url=jdbc:dm://192.163.4.99:5237/DM_ecosys
+spring.datasource.username=SYSDBA
 spring.datasource.password=caZ2TcmXNSW8L2Ap
-spring.datasource.driver-class-name=org.postgresql.Driver
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
 
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
-#mybatis handler ��
+#mybatis handler 类
 mybatis.configuration.default-statement-timeout=30
 mybatis.configuration.default-fetch-size=1000
 mybatis.configuration.map-underscore-to-camel-case=true
@@ -72,23 +72,23 @@ spring.kafka.listener.concurrency= 2
 spring.kafka.listener.type=batch
 
 
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
 
-# ����������������
+# 生产环境缓存配置
 spring.redis.host=192.168.4.26
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=123456
 spring.redis.database=0
 spring.redis.timeout=5000
@@ -99,10 +99,10 @@ spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
 
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
 
-# Ӧ�ô���������
+# 应用处理器配置
 app.processor.thread-pool.core-pool-size=10
 app.processor.thread-pool.max-pool-size=20
 app.processor.thread-pool.queue-capacity=2000
@@ -111,20 +111,20 @@ app.processor.batch-size=100
 app.processor.process-timeout-ms=30000
 
 
-# ���� Elasticsearch
-# Elasticsearch���ӵ�ַ
+# 配置 Elasticsearch
+# Elasticsearch连接地址
 spring.elasticsearch.uris=http://192.168.1.174:9200
-# ���� Elasticsearch �û���
+# 配置 Elasticsearch 用户名
 spring.elasticsearch.username=CONTAINER_NAME
-# ���� Elasticsearch ����
+# 配置 Elasticsearch 密码
 spring.elasticsearch.password=t2NZCiajmdazxBrF
-# ���ӳ�ʱʱ��
+# 连接超时时间
 spring.elasticsearch.connection-timeout=10s
-# Socket ��ʱʱ��
+# Socket 超时时间
 spring.elasticsearch.socket-timeout=30s
 
 
-# ETL����
+# ETL配置
 etl.batch.page-size=1000
 etl.batch.insert-batch-size=500
 etl.schedule.cron=0 0 2 * * ?
@@ -138,51 +138,50 @@ spring.datasource.hikari.minimum-idle=5
 spring.datasource.hikari.connection-timeout=30000
 spring.datasource.hikari.idle-timeout=600000
 spring.datasource.hikari.max-lifetime=900000
-spring.datasource.hikari.connection-test-query=SELECT 1
+spring.datasource.hikari.connection-test-query=SELECT 1 FROM DUAL
 spring.datasource.hikari.validation-timeout=5000
 spring.datasource.hikari.leak-detection-threshold=30000          
-spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer
+spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer-rule
 spring.datasource.hikari.auto-commit=false
-spring.datasource.hikari.schema=public
 
 
-# ����������������
+# 关联分析规则配置
 analysis.realtime.enabled= true
-# ��������룩 - Ĭ��10��
+# 检查间隔（秒） - 默认10秒
 analysis.realtime.check-interval-seconds: 10
 
 # ============================================
-# ̽������API����
+# 探针联动API配置
 # ============================================
-# API-KEY��֤��32λ������ʹ��������ɵ���Կ��
+# API-KEY认证（32位，建议使用随机生成的密钥）
 interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
-# API�ӿڻ���URL����syslog-serve���ã�
+# API接口基础URL（供syslog-serve调用）
 interlocking.api.base-url=http://10.150 81.210:8089/xdrservice/interlocking
 
 # ============================================
-# �澯�����������
+# 告警健康检查配置
 # ============================================
-# �澯����������ֵ��Сʱ��
+# 告警表无数据阈值（小时）
 alarm.health-check.alarm-hours=2
-# �澯��־����������ֵ��Сʱ��
+# 告警日志表无数据阈值（小时）
 alarm.health-check.alarm-visit-hours=4
-# �Ƿ����ö�ʱѲ��
+# 是否启用定时巡检
 alarm.health-check.enabled=true
 
 # ============================================
-# ̽�������������
+# 探针心跳检测配置
 # ============================================
-# �Ƿ������������
+# 是否启用心跳检测
 probe.heartbeat.enabled=true
-# ̽��������ֵ�����ӣ���������ʱ��δ�յ��������ж�Ϊ����
+# 探针离线阈值（分钟），超过此时间未收到心跳则判定为离线
 probe.heartbeat.offline-threshold-minutes=10
-# ״̬���Cron����ʽ��Ĭ��ÿ10���ӣ�
+# 状态检查Cron表达式（默认每10分钟）
 probe.status.check.cron=0 */10 * * * ?
-# ̽���⻧ID
+# 探针租户ID
 probe.heartbeat.tenant-id=000000
-# ������ʷ��������
+# 心跳历史保留天数
 probe.heartbeat.history.keep-days=10
-# �Ƿ�������ʷ����
+# 是否启用历史清理
 probe.heartbeat.history.cleanup-enabled=true
-# ��ʷ����Cron����ʽ��Ĭ��ÿ���賿1�㣩
+# 历史清理Cron表达式（默认每天凌晨1点）
 probe.history.cleanup.cron=0 0 1 * * ?
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-prod-zc.properties b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-prod-zc.properties
index 597fdfa..f4e3637 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-prod-zc.properties
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-prod-zc.properties
@@ -25,7 +25,7 @@ influxdb.batch.size=1000
 influxdb.flush.interval=1000
 influxdb.retry.attempts=3
 influxdb.retry.delay=1000
-# InfluxDB 2.7 ���ӳ�ʱ����
+# InfluxDB 2.7 连接超时配置
 influxdb.connection.timeout=30s
 influxdb.connection.read-timeout=30s
 influxdb.connection.write-timeout=60s
@@ -36,16 +36,16 @@ app.metrics.enabled=true
 
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://10.11.2.141:5432/ecosys
-spring.datasource.username=ecosys
-spring.datasource.password=wsYDPjrpNZPrkPrR
-spring.datasource.driver-class-name=org.postgresql.Driver
-
+spring.datasource.url=jdbc:dm://192.163.4.99:5237/DM_ecosys
+spring.datasource.username=SYSDBA
+spring.datasource.password=caZ2TcmXNSW8L2Ap
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
 
-#mybatis handler ��
+#mybatis handler 类
 mybatis.configuration.default-statement-timeout=30
 mybatis.configuration.default-fetch-size=1000
 mybatis.configuration.map-underscore-to-camel-case=true
@@ -73,23 +73,23 @@ spring.kafka.listener.ack-mode= manual
 spring.kafka.listener.concurrency= 2  
 spring.kafka.listener.type=batch
 
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
 
-# ����������������
+# 生产环境缓存配置
 spring.redis.host=10.11.2.142
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=redis_edP6N6
 spring.redis.database=0
 spring.redis.timeout=5000
@@ -99,10 +99,10 @@ spring.redis.lettuce.pool.max-active=20
 spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
 
-# Ӧ�ô���������
+# 应用处理器配置
 app.processor.thread-pool.core-pool-size=10
 app.processor.thread-pool.max-pool-size=20
 app.processor.thread-pool.queue-capacity=2000
@@ -110,20 +110,20 @@ app.processor.thread-pool.keep-alive-seconds=60
 app.processor.batch-size=100
 app.processor.process-timeout-ms=30000
 
-# ���� Elasticsearch
-# Elasticsearch���ӵ�ַ
+# 配置 Elasticsearch
+# Elasticsearch连接地址
 spring.elasticsearch.uris=http://192.168.1.174:9200
-# ���� Elasticsearch �û���
+# 配置 Elasticsearch 用户名
 spring.elasticsearch.username=CONTAINER_NAME
-# ���� Elasticsearch ����
+# 配置 Elasticsearch 密码
 spring.elasticsearch.password=t2NZCiajmdazxBrF
-# ���ӳ�ʱʱ��
+# 连接超时时间
 spring.elasticsearch.connection-timeout=10s
-# Socket ��ʱʱ��
+# Socket 超时时间
 spring.elasticsearch.socket-timeout=30s
 
 
-# ETL����
+# ETL配置
 etl.batch.page-size=1000
 etl.batch.insert-batch-size=500
 etl.schedule.cron=0 0 2 * * ?
@@ -137,15 +137,14 @@ spring.datasource.hikari.minimum-idle=5
 spring.datasource.hikari.connection-timeout=30000
 spring.datasource.hikari.idle-timeout=600000
 spring.datasource.hikari.max-lifetime=900000
-spring.datasource.hikari.connection-test-query=SELECT 1
+spring.datasource.hikari.connection-test-query=SELECT 1 FROM DUAL
 spring.datasource.hikari.validation-timeout=5000
 spring.datasource.hikari.leak-detection-threshold=30000          
 spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer
 spring.datasource.hikari.auto-commit=false
-spring.datasource.hikari.schema=public
 
 
-# ����������������
+# 关联分析规则配置
 analysis.realtime.enabled= true
-# ��������룩 - Ĭ��10��
+# 检查间隔（秒） - 默认10秒
 analysis.realtime.check-interval-seconds: 10
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-prod.properties b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-prod.properties
index 43ccc54..fbc2bc1 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-prod.properties
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-prod.properties
@@ -17,15 +17,15 @@ syslog.buffer.size=1000
 syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
 
 # InfluxDB 2.7 Configuration
-influxdb.url=http://192.168.4.26:8087
-influxdb.token=LFjXZyRxTf1V84oN-wwjhSjS4qIK-ZMoHzQJB67ir3qHNSBVJbMcTkPuNmM0cNxvzFEDWLYNzrz1VJKMitY5hw==
+influxdb.url=http://192.168.4.99:8087
+influxdb.token=JsUyvU8vhQEFlMM_el4Drm87fyh707IhwJNsPBucPghSdbVmdQ-UvmPcyP5NTzWxsRfEz0T51Rw4ebZUuUrmZg==
 influxdb.org=influxdb
 influxdb.bucket=yelangbucket
 influxdb.batch.size=1000
 influxdb.flush.interval=1000
 influxdb.retry.attempts=3
 influxdb.retry.delay=1000
-# InfluxDB 2.7 ���ӳ�ʱ����
+# InfluxDB 2.7 连接超时配置
 influxdb.connection.timeout=30s
 influxdb.connection.read-timeout=30s
 influxdb.connection.write-timeout=60s
@@ -35,15 +35,15 @@ app.max.queue.size=10000
 app.metrics.enabled=true
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://192.168.4.26:5432/ecosys
-spring.datasource.username=postgres
+spring.datasource.url=jdbc:dm://192.163.4.99:5237
+spring.datasource.username=SYSDBA
 spring.datasource.password=caZ2TcmXNSW8L2Ap
-spring.datasource.driver-class-name=org.postgresql.Driver
-
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
-#mybatis handler ��
+#mybatis handler 类
 mybatis.configuration.default-statement-timeout=30
 mybatis.configuration.default-fetch-size=1000
 mybatis.configuration.map-underscore-to-camel-case=true
@@ -53,7 +53,7 @@ mybatis-plus.type-handlers-package=com.Modules.etl.handler
 
 # kafka Configuration
 spring.kafka.consumer.bootstrap-servers=192.168.4.26:9092
-spring.kafka.consumer.group-id=agent-01-syslog-group
+spring.kafka.consumer.group-id=agent-01-syslog-group-dm
 spring.kafka.consumer.auto-offset-reset=latest
 spring.kafka.consumer.enable-auto-commit=false 
 spring.kafka.consumer.auto-commit-interval=1000
@@ -70,24 +70,24 @@ spring.kafka.listener.concurrency= 2
 spring.kafka.listener.type=batch
 
 
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
 
-# ����������������
-spring.redis.host=192.168.4.26
+# 生产环境缓存配置
+spring.redis.host=192.168.4.99
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
-spring.redis.password=123456
+# 密码（如果没有设置密码，可以省略）
+spring.redis.password=redis_GdGWte
 spring.redis.database=0
 spring.redis.timeout=5000
 #spring.redis.password=${REDIS_PASSWORD:default_prod_password}
@@ -97,10 +97,10 @@ spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
 
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
 
-# Ӧ�ô���������
+# 应用处理器配置
 app.processor.thread-pool.core-pool-size=10
 app.processor.thread-pool.max-pool-size=20
 app.processor.thread-pool.queue-capacity=2000
@@ -108,7 +108,7 @@ app.processor.thread-pool.keep-alive-seconds=60
 app.processor.batch-size=100
 app.processor.process-timeout-ms=30000
 
-# ETL����
+# ETL配置
 etl.batch.page-size=1000
 etl.batch.insert-batch-size=500
 etl.schedule.cron=0 0 2 * * ?
@@ -121,9 +121,8 @@ spring.datasource.hikari.minimum-idle=5
 spring.datasource.hikari.connection-timeout=30000
 spring.datasource.hikari.idle-timeout=600000
 spring.datasource.hikari.max-lifetime=900000
-spring.datasource.hikari.connection-test-query=SELECT 1
+spring.datasource.hikari.connection-test-query=SELECT 1 FROM DUAL
 spring.datasource.hikari.validation-timeout=5000
 spring.datasource.hikari.leak-detection-threshold=30000          
-spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer
-spring.datasource.hikari.auto-commit=false
-spring.datasource.hikari.schema=public
\ No newline at end of file
+spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer-rule
+spring.datasource.hikari.auto-commit=false
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-test.properties b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-test.properties
index 4cfb03b..0274086 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-test.properties
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application-test.properties
@@ -33,10 +33,11 @@ app.metrics.enabled=true
 
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://192.168.4.32:5432/ecosys
-spring.datasource.username=user_eSER8N
-spring.datasource.password=password_QCYKj6
-spring.datasource.driver-class-name=org.postgresql.Driver
+spring.datasource.url=jdbc:dm://192.163.4.99:5237/DM_ecosys
+spring.datasource.username=SYSDBA
+spring.datasource.password=caZ2TcmXNSW8L2Ap
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
@@ -54,23 +55,23 @@ spring.kafka.consumer.topic=agent-syslog-topic
 
 
 
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
 
-# ����������������
+# 生产环境缓存配置
 spring.redis.host=192.168.4.32
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=redis_edP6N6
 spring.redis.database=0
 spring.redis.timeout=5000
@@ -81,5 +82,5 @@ spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
 
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application.properties b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application.properties
index 43ccc54..faf832d 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/application.properties
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/application.properties
@@ -17,15 +17,15 @@ syslog.buffer.size=1000
 syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
 
 # InfluxDB 2.7 Configuration
-influxdb.url=http://192.168.4.26:8087
-influxdb.token=LFjXZyRxTf1V84oN-wwjhSjS4qIK-ZMoHzQJB67ir3qHNSBVJbMcTkPuNmM0cNxvzFEDWLYNzrz1VJKMitY5hw==
+influxdb.url=http://192.168.4.99:8087
+influxdb.token=JsUyvU8vhQEFlMM_el4Drm87fyh707IhwJNsPBucPghSdbVmdQ-UvmPcyP5NTzWxsRfEz0T51Rw4ebZUuUrmZg==
 influxdb.org=influxdb
 influxdb.bucket=yelangbucket
 influxdb.batch.size=1000
 influxdb.flush.interval=1000
 influxdb.retry.attempts=3
 influxdb.retry.delay=1000
-# InfluxDB 2.7 ���ӳ�ʱ����
+# InfluxDB 2.7 连接超时配置
 influxdb.connection.timeout=30s
 influxdb.connection.read-timeout=30s
 influxdb.connection.write-timeout=60s
@@ -35,15 +35,15 @@ app.max.queue.size=10000
 app.metrics.enabled=true
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://192.168.4.26:5432/ecosys
-spring.datasource.username=postgres
+spring.datasource.url=jdbc:dm://192.168.4.99:5237
+spring.datasource.username=SYSDBA
 spring.datasource.password=caZ2TcmXNSW8L2Ap
-spring.datasource.driver-class-name=org.postgresql.Driver
-
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
-#mybatis handler ��
+#mybatis handler 类
 mybatis.configuration.default-statement-timeout=30
 mybatis.configuration.default-fetch-size=1000
 mybatis.configuration.map-underscore-to-camel-case=true
@@ -53,7 +53,7 @@ mybatis-plus.type-handlers-package=com.Modules.etl.handler
 
 # kafka Configuration
 spring.kafka.consumer.bootstrap-servers=192.168.4.26:9092
-spring.kafka.consumer.group-id=agent-01-syslog-group
+spring.kafka.consumer.group-id=agent-01-syslog-group-dm
 spring.kafka.consumer.auto-offset-reset=latest
 spring.kafka.consumer.enable-auto-commit=false 
 spring.kafka.consumer.auto-commit-interval=1000
@@ -70,24 +70,24 @@ spring.kafka.listener.concurrency= 2
 spring.kafka.listener.type=batch
 
 
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
 
-# ����������������
-spring.redis.host=192.168.4.26
+# 生产环境缓存配置
+spring.redis.host=192.168.4.99
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
-spring.redis.password=123456
+# 密码（如果没有设置密码，可以省略）
+spring.redis.password=redis_GdGWte
 spring.redis.database=0
 spring.redis.timeout=5000
 #spring.redis.password=${REDIS_PASSWORD:default_prod_password}
@@ -97,10 +97,10 @@ spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
 
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
 
-# Ӧ�ô���������
+# 应用处理器配置
 app.processor.thread-pool.core-pool-size=10
 app.processor.thread-pool.max-pool-size=20
 app.processor.thread-pool.queue-capacity=2000
@@ -108,7 +108,7 @@ app.processor.thread-pool.keep-alive-seconds=60
 app.processor.batch-size=100
 app.processor.process-timeout-ms=30000
 
-# ETL����
+# ETL配置
 etl.batch.page-size=1000
 etl.batch.insert-batch-size=500
 etl.schedule.cron=0 0 2 * * ?
@@ -121,9 +121,8 @@ spring.datasource.hikari.minimum-idle=5
 spring.datasource.hikari.connection-timeout=30000
 spring.datasource.hikari.idle-timeout=600000
 spring.datasource.hikari.max-lifetime=900000
-spring.datasource.hikari.connection-test-query=SELECT 1
+spring.datasource.hikari.connection-test-query=SELECT 1 FROM DUAL
 spring.datasource.hikari.validation-timeout=5000
 spring.datasource.hikari.leak-detection-threshold=30000          
-spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer
-spring.datasource.hikari.auto-commit=false
-spring.datasource.hikari.schema=public
\ No newline at end of file
+spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer-rule
+spring.datasource.hikari.auto-commit=false
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/logback.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/logback.xml
index 966b2eb..9196a6f 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/logback.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/logback.xml
@@ -7,9 +7,9 @@
     </appender>
 
     <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
-        <file>logs/syslog-consumer-rule.log</file>
+        <file>logs/syslog-consumer-rule-dm.log</file>
         <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-            <fileNamePattern>logs/syslog-consumer-rule.%d{yyyy-MM-dd}.log</fileNamePattern>
+            <fileNamePattern>logs/syslog-consumer-rule-dm.%d{yyyy-MM-dd}.log</fileNamePattern>
 
             <!-- 保留的日志文件的最大天数 -->
             <maxHistory>1</maxHistory>
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisAnalysisRuleMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisAnalysisRuleMapper.xml
index 9402d7e..c09d908 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisAnalysisRuleMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisAnalysisRuleMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisAnalysisRuleMapper">
 
@@ -53,7 +53,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_analysis_rule
-        WHERE rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id =#{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
     </select>
 
@@ -62,7 +62,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_analysis_rule
-        WHERE rule_id = #{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id = #{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
     </select>
 
@@ -70,11 +70,11 @@
     <update id="updateTaskStatus">
         UPDATE analysis_analysis_rule
         SET task_status = #{taskStatus},
-            update_time = NOW()
+            update_time = SYSDATE
         <if test="updateBy != null">
             ,update_by = #{updateBy}
         </if>
-        WHERE rule_id = #{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id = #{ruleId, jdbcType=OTHER}
     </update>
 
 </mapper>
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisFieldMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisFieldMapper.xml
index 9416648..45df145 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisFieldMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisFieldMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisFieldMapper">
 
@@ -42,7 +42,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_field
-        WHERE rule_id = #{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id = #{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
         ORDER BY id ASC
     </select>
@@ -52,7 +52,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_field
-        WHERE rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id =#{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
         AND type IN ('measure', 'calc')
         ORDER BY id ASC
@@ -63,7 +63,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_field
-        WHERE rule_id = #{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id = #{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
         AND type = 'dimension'
         ORDER BY id ASC
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisFilterMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisFilterMapper.xml
index b8f9dd6..c98190c 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisFilterMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisFilterMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisFilterMapper">
 
@@ -13,9 +13,9 @@
         <result column="column_desc" property="columnDesc" jdbcType="VARCHAR"/>
         <result column="data_type" property="dataType" jdbcType="VARCHAR"/>
         <result column="fn" property="fn" jdbcType="VARCHAR"/>
-        <result column="arguments" property="arguments" jdbcType="OTHER"/>
+        <result column="arguments" property="arguments" jdbcType="VARCHAR"/>
         <result column="operator" property="operator" jdbcType="VARCHAR"/>
-        <result column="value" property="value" jdbcType="OTHER"/>
+        <result column="value" property="value" jdbcType="VARCHAR"/>
         <result column="base_type" property="baseType" jdbcType="INTEGER"/>
         <result column="category_id" property="categoryId" jdbcType="INTEGER"/>
         <result column="create_dept" property="createDept" jdbcType="BIGINT"/>
@@ -42,7 +42,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_filter
-        WHERE rule_id  =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id  =#{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
     </select>
 
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByColumnMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByColumnMapper.xml
index 64048ae..a5de79f 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByColumnMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByColumnMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisGroupByColumnMapper">
 
@@ -44,7 +44,7 @@
         create_time, update_time, create_by, update_by, remark,
         tenant_id, rule_id, group_id, field_id, sort
         FROM analysis_group_by_column
-        WHERE rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id =#{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
         ORDER BY sort ASC
     </select>
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByHavingMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByHavingMapper.xml
index ca3cdb1..8cd682a 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByHavingMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByHavingMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisGroupByHavingMapper">
 
@@ -13,9 +13,9 @@
         <result column="column_desc" property="columnDesc" jdbcType="VARCHAR"/>
         <result column="data_type" property="dataType" jdbcType="VARCHAR"/>
         <result column="fn" property="fn" jdbcType="VARCHAR"/>
-        <result column="arguments" property="arguments" jdbcType="OTHER"/>
+        <result column="arguments" property="arguments" jdbcType="VARCHAR"/>
         <result column="operator" property="operator" jdbcType="VARCHAR"/>
-        <result column="value" property="value" jdbcType="OTHER"/>
+        <result column="value" property="value" jdbcType="VARCHAR"/>
         <result column="base_type" property="baseType" jdbcType="INTEGER"/>
         <result column="category_id" property="categoryId" jdbcType="INTEGER"/>
         <result column="create_dept" property="createDept" jdbcType="BIGINT"/>
@@ -53,7 +53,7 @@
         h.update_time, h.create_by, h.update_by, h.remark, h.tenant_id
         FROM analysis_group_by_having h
         INNER JOIN analysis_group_by g ON h.group_by_id = g.id
-        WHERE g.rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE g.rule_id =#{ruleId, jdbcType=OTHER}
         AND h.del_flag = '0'
         AND g.del_flag = '0'
         ORDER BY h.id ASC
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByMapper.xml
index 1e426e8..f9d0bba 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisGroupByMapper.xml
@@ -1,10 +1,10 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisGroupByMapper">
 
     <resultMap id="BaseResultMap" type="com.common.entity.AnalysisGroupBy">
         <id column="id" property="id" jdbcType="BIGINT"/>
-        <result column="rule_id" property="ruleId" jdbcType="OTHER"/>
+        <result column="rule_id" property="ruleId" jdbcType="VARCHAR"/>
         <result column="group_type" property="groupType" jdbcType="INTEGER"/>
         <result column="window_type" property="windowType" jdbcType="VARCHAR"/>
         <result column="create_dept" property="createDept" jdbcType="BIGINT"/>
@@ -33,7 +33,7 @@
         SELECT
             <include refid="Base_Column_List"/>
         FROM analysis_group_by
-        WHERE rule_id = #{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id = #{ruleId, jdbcType=OTHER}
           AND del_flag = '0'
     </select>
 
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisTaskHistoryMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisTaskHistoryMapper.xml
index 10eb841..99dccbe 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisTaskHistoryMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisTaskHistoryMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisTaskHistoryMapper">
 
@@ -33,7 +33,7 @@
         INSERT INTO analysis_task_history (
         <include refid="Base_Column_List"/>
         ) VALUES (
-        #{id}, #{ruleId}::uuid, #{startTime}, #{endTime}, #{durationTime}, #{progressPercent},
+        #{id}, #{ruleId}, #{startTime}, #{endTime}, #{durationTime}, #{progressPercent},
         #{inputCount}, #{outputCount}, #{status}, #{createDept}, #{delFlag},
         #{createTime}, #{updateTime}, #{createBy}, #{updateBy}, #{remark}, #{tenantId}
         )
@@ -48,7 +48,7 @@
         input_count = #{inputCount},
         output_count = #{outputCount},
         status = #{status},
-        update_time = NOW()
+        update_time = SYSDATE
         <if test="remark != null">
             ,remark = #{remark}
         </if>
@@ -60,7 +60,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_task_history
-        WHERE rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id =#{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
         ORDER BY create_time DESC
         <if test="limit != null and limit > 0">
@@ -73,7 +73,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_task_history
-        WHERE rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id =#{ruleId, jdbcType=OTHER}
         AND status = #{status}
         AND del_flag = '0'
         ORDER BY create_time DESC
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisWhereConditionMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisWhereConditionMapper.xml
index 541bebb..8b65090 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisWhereConditionMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/AnalysisWhereConditionMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisWhereConditionMapper">
 
@@ -29,7 +29,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_where_condition
-        WHERE rule_id = #{ruleId}::uuid
+        WHERE rule_id = #{ruleId}
         AND del_flag = '0'
         ORDER BY seq_num ASC
     </select>
@@ -39,7 +39,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_where_condition
-        WHERE rule_id = #{ruleId}::uuid
+        WHERE rule_id = #{ruleId}
         AND (parent_cond_id IS NULL OR parent_cond_id = 0)
         AND del_flag = '0'
         ORDER BY seq_num ASC
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DeviceDeviceMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DeviceDeviceMapper.xml
index e6f8c47..be096be 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DeviceDeviceMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DeviceDeviceMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8" ?>
+<?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 
@@ -46,11 +46,11 @@
 
     <!-- 基础查询列 -->
     <sql id="Base_Column_List">
-        id, created_at::timestamp , updated_at::timestamp, deleted_at::timestamp, name, ip, device_group, device_type,
-        vendor, product_name, organization_id, last_receive_time::timestamp, agent_id, detail_id,
-        control_agent_id, license_start_time::timestamp, license_end_time::timestamp, is_monitoring,
+        id, created_at , updated_at, deleted_at, name, ip, device_group, device_type,
+        vendor, product_name, organization_id, last_receive_time, agent_id, detail_id,
+        control_agent_id, license_start_time, license_end_time, is_monitoring,
         security_scope_id, owner_id, ssh_config_id, status, created_by_id, decode_type,
-        miss_policy, tenant_id, create_time::timestamp, update_time::timestamp, create_by, update_by, del_flag,
+        miss_policy, tenant_id, create_time, update_time, create_by, update_by, del_flag,
         manager_name, today_parse_count, today_non_log_count, create_dept, device_collect_id
     </sql>
 
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DeviceReceiveLogMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DeviceReceiveLogMapper.xml
index e07532e..1b1af5e 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DeviceReceiveLogMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DeviceReceiveLogMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8" ?>
+<?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.DeviceReceiveLogMapper">
@@ -26,10 +26,10 @@
             receive_time_str,
             syslog_message
         ) VALUES (
-            COALESCE(#{createdAt}, NOW() AT TIME ZONE 'utc'),
+            COALESCE(#{createdAt}, SYSDATE),
             #{deviceCollectId},
             #{deviceId},
-            #{deviceIp}::inet,
+            #{deviceIp},
             #{receiveTime},
             #{receiveTimeStr},
             #{syslogMessage}
@@ -49,10 +49,10 @@
         ) VALUES
         <foreach collection="list" item="item" separator=",">
             (
-            COALESCE(#{item.createdAt}, NOW() AT TIME ZONE 'utc'),
+            COALESCE(#{item.createdAt}, SYSDATE),
             #{item.deviceCollectId},
             #{item.deviceId},
-            #{item.deviceIp}::inet,
+            #{item.deviceIp},
             #{item.receiveTime},
             #{item.receiveTimeStr},
             #{item.syslogMessage}
@@ -80,10 +80,10 @@
         ORDER BY receive_time DESC
     </select>
 
-    <!-- 根据IP地址查询（使用PostgreSQL的inet操作符） -->
+    <!-- 根据IP地址查询（） -->
     <select id="selectByDeviceIp" resultMap="BaseResultMap">
         SELECT * FROM device_receive_log
-        WHERE device_ip >>= #{deviceIp}::inet
+        WHERE device_ip = #{deviceIp}
         ORDER BY receive_time DESC
     </select>
 
@@ -105,7 +105,7 @@
                 AND device_collect_id = #{deviceCollectId}
             </if>
             <if test="deviceIp != null and deviceIp != ''">
-                AND device_ip >>= #{deviceIp}::inet
+                AND device_ip = #{deviceIp}
             </if>
             <if test="receiveTime != null">
                 AND receive_time >= #{receiveTime}
@@ -128,7 +128,7 @@
                 AND device_collect_id = #{deviceCollectId}
             </if>
             <if test="deviceIp != null and deviceIp != ''">
-                AND device_ip >>= #{deviceIp}::inet
+                AND device_ip = #{deviceIp}
             </if>
             <if test="receiveTime != null">
                 AND receive_time >= #{receiveTime}
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DmColumnMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DmColumnMapper.xml
index c72ee92..2eadc56 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DmColumnMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DmColumnMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8" ?>
+<?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 
@@ -65,13 +65,13 @@
 
 
     <select id="findById" parameterType="java.lang.Long" resultMap="BaseResultMap">
-         SELECT Id, created_at::timestamp as created_at ,
-          updated_at::timestamp as updated_at , deleted_at::timestamp as deleted_at , name, display_name,
+         SELECT Id, created_at as created_at ,
+          updated_at as updated_at , deleted_at as deleted_at , name, display_name,
         storage_data_type, business_data_type, is_built_in, is_hidden,
         is_not_normalizable, is_required, category_id, custom_asset_category_id,
         is_virtual, table_id, asset_table_id, column_set_id, base_type,
-        user_task_id, created_by_id, create_dept, create_by, create_time::timestamp as create_time ,
-        update_by, update_time::timestamp as update_time
+        user_task_id, created_by_id, create_dept, create_by, create_time as create_time ,
+        update_by, update_time as update_time
          FROM dm_column
         WHERE   id = #{id} AND deleted_at IS NULL
     </select>
@@ -80,13 +80,13 @@
     <!-- 查询全部正常字段-->
 
     <select id="selectAllNormal" parameterType="java.lang.Long" resultType="java.util.LinkedHashMap">
-     SELECT Id, created_at::timestamp as created_at ,
-          updated_at::timestamp as updated_at , deleted_at::timestamp as deleted_at , name, display_name,
+     SELECT Id, created_at as created_at ,
+          updated_at as updated_at , deleted_at as deleted_at , name, display_name,
         storage_data_type, business_data_type, is_built_in, is_hidden,
         is_not_normalizable, is_required, category_id, custom_asset_category_id,
         is_virtual, table_id, asset_table_id, column_set_id, base_type,
-        user_task_id, created_by_id, create_dept, create_by, create_time::timestamp as create_time ,
-        update_by, update_time::timestamp as update_time
+        user_task_id, created_by_id, create_dept, create_by, create_time as create_time ,
+        update_by, update_time as update_time
          FROM dm_column
     where  deleted_at is  null and id  in ( select  distinct column_id  from dm_field_table_column  where   deleted_at is null
     )
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DmNormalizeRuleMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DmNormalizeRuleMapper.xml
index 17b945a..3fb4932 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DmNormalizeRuleMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/DmNormalizeRuleMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8" ?>
+<?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.DmNormalizeRuleMapper">
 
@@ -16,7 +16,7 @@
         <result column="data_type" property="dataType" />
         <result column="field_cate_id" property="fieldCateId" />
         <result column="log_parsed" property="logParsed" />
-        <result column="sample_logs" property="sampleLogs" typeHandler="org.apache.ibatis.type.ArrayTypeHandler" />
+        <result column="sample_logs" property="sampleLogs" typeHandler="com.Modules.etl.handler.ArrayStringTypeHandler" />
         <result column="is_data_merge_enabled" property="isDataMergeEnabled" />
         <result column="data_merge_interval" property="dataMergeInterval" />
         <result column="data_merge_time_unit" property="dataMergeTimeUnit" />
@@ -51,12 +51,12 @@
 
         SELECT
         id,
-        created_at::timestamp as created_at,  <!-- 转换为 timestamp -->
-        updated_at::timestamp as updated_at,
-        deleted_at::timestamp as deleted_at,
-        first_data_saved_at::timestamp as first_data_saved_at,
-        create_time::timestamp as create_time,
-        update_time::timestamp as update_time,
+        created_at as created_at,  
+        updated_at as updated_at,
+        deleted_at as deleted_at,
+        first_data_saved_at as first_data_saved_at,
+        create_time as create_time,
+        update_time as update_time,
         name, display_name, description, is_built_in, is_running,
         data_type, field_cate_id, log_parsed, sample_logs,
         is_data_merge_enabled, data_merge_interval, data_merge_time_unit,
@@ -74,12 +74,12 @@
 
         SELECT
         id,
-        created_at::timestamp as created_at,  <!-- 转换为 timestamp -->
-        updated_at::timestamp as updated_at,
-        deleted_at::timestamp as deleted_at,
-        first_data_saved_at::timestamp as first_data_saved_at,
-        create_time::timestamp as create_time,
-        update_time::timestamp as update_time,
+        created_at as created_at,  
+        updated_at as updated_at,
+        deleted_at as deleted_at,
+        first_data_saved_at as first_data_saved_at,
+        create_time as create_time,
+        update_time as update_time,
         name, display_name, description, is_built_in, is_running,
         data_type, field_cate_id, log_parsed, sample_logs,
         is_data_merge_enabled, data_merge_interval, data_merge_time_unit,
@@ -113,7 +113,7 @@
             <if test="dataType != null">data_type = #{dataType},</if>
             <if test="fieldCateId != null">field_cate_id = #{fieldCateId},</if>
             <if test="logParsed != null">log_parsed = #{logParsed},</if>
-            <if test="sampleLogs != null">sample_logs = #{sampleLogs, typeHandler=org.apache.ibatis.type.ArrayTypeHandler},</if>
+            <if test="sampleLogs != null">sample_logs = #{sampleLogs, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler},</if>
             <if test="isDataMergeEnabled != null">is_data_merge_enabled = #{isDataMergeEnabled},</if>
             <if test="dataMergeInterval != null">data_merge_interval = #{dataMergeInterval},</if>
             <if test="dataMergeTimeUnit != null">data_merge_time_unit = #{dataMergeTimeUnit},</if>
@@ -142,7 +142,7 @@
             <if test="dataType != null">data_type = #{dataType},</if>
             <if test="fieldCateId != null">field_cate_id = #{fieldCateId},</if>
             <if test="logParsed != null">log_parsed = #{logParsed},</if>
-            <if test="sampleLogs != null">sample_logs = #{sampleLogs, typeHandler=org.apache.ibatis.type.ArrayTypeHandler},</if>
+            <if test="sampleLogs != null">sample_logs = #{sampleLogs, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler},</if>
             <if test="isDataMergeEnabled != null">is_data_merge_enabled = #{isDataMergeEnabled},</if>
             <if test="dataMergeInterval != null">data_merge_interval = #{dataMergeInterval},</if>
             <if test="dataMergeTimeUnit != null">data_merge_time_unit = #{dataMergeTimeUnit},</if>
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNonNormalMessageMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNonNormalMessageMapper.xml
index 510de01..6b7450b 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNonNormalMessageMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNonNormalMessageMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.SyslogNonNormalMessageMapper">
 
@@ -118,7 +118,7 @@
         WHERE del_flag = '0'
         AND (
         <foreach collection="ids" item="id" index="index" separator=" OR ">
-            (id = #{id} AND created_at = #{createdAts[${index}]}::timestamptz)
+            (id = #{id} AND created_at = #{createdAts[${index}]}tz)
         </foreach>
         )
     </select>
@@ -137,7 +137,7 @@
     <update id="updateBatchDelFlag">
         UPDATE syslog_non_normal_message
         SET del_flag = '1',
-        update_time = NOW()
+        update_time = SYSDATE
         WHERE id IN
         <foreach collection="messages" item="item" open="(" separator="," close=")">
             #{item.id}
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalAlarmMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalAlarmMapper.xml
index 004a2b3..486c430 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalAlarmMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalAlarmMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8" ?>
+<?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.SyslogNormalAlarmMapper">
@@ -406,9 +406,9 @@
             <if test="dataMap.container_name != null">#{dataMap.container_name},</if>
             <if test="dataMap.container_id != null">#{dataMap.container_id},</if>
             <if test="dataMap.http_resp_server != null">#{dataMap.http_resp_server},</if>
-            <if test="dataMap.srcip_id != null">#{dataMap.srcip_id}::int8,</if>
-            <if test="dataMap.cdnip != null">#{dataMap.cdnip}::inet,</if>
-            <if test="dataMap.natip != null">#{dataMap.natip}::inet,</if>
+            <if test="dataMap.srcip_id != null">#{dataMap.srcip_id},</if>
+            <if test="dataMap.cdnip != null">#{dataMap.cdnip},</if>
+            <if test="dataMap.natip != null">#{dataMap.natip},</if>
             <if test="dataMap.mail_sender != null">#{dataMap.mail_sender},</if>
             <if test="dataMap.mail_receiver != null">#{dataMap.mail_receiver},</if>
             <if test="dataMap.vpn_mac != null">#{dataMap.vpn_mac},</if>
@@ -439,8 +439,8 @@
             <if test="dataMap.print_time != null">#{dataMap.print_time},</if>
             <if test="dataMap.printer != null">#{dataMap.printer},</if>
             <if test="dataMap.printer_type != null">#{dataMap.printer_type},</if>
-            <if test="dataMap.print_pages != null">#{dataMap.print_pages}::int8,</if>
-            <if test="dataMap.print_copies != null">#{dataMap.print_copies}::int8,</if>
+            <if test="dataMap.print_pages != null">#{dataMap.print_pages},</if>
+            <if test="dataMap.print_copies != null">#{dataMap.print_copies},</if>
             <if test="dataMap.src_device != null">#{dataMap.src_device},</if>
             <if test="dataMap.dst_device != null">#{dataMap.dst_device},</if>
             <if test="dataMap.src_file != null">#{dataMap.src_file},</if>
@@ -457,18 +457,18 @@
             <if test="dataMap.env != null">#{dataMap.env},</if>
             <if test="dataMap.brute_force_service != null">#{dataMap.brute_force_service},</if>
             <if test="dataMap.vuirs_name != null">#{dataMap.vuirs_name},</if>
-            <if test="dataMap.http_req_length != null">#{dataMap.http_req_length}::int8,</if>
+            <if test="dataMap.http_req_length != null">#{dataMap.http_req_length},</if>
             <if test="dataMap.http_req_content_type != null">#{dataMap.http_req_content_type},</if>
-            <if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port}::inet,</if>
-            <if test="dataMap.tc_labels != null">#{dataMap.tc_labels}::inet,</if>
+            <if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port},</if>
+            <if test="dataMap.tc_labels != null">#{dataMap.tc_labels},</if>
             <if test="dataMap.http_resp_content_type != null">#{dataMap.http_resp_content_type},</if>
             <if test="dataMap.dns_msg_type != null">#{dataMap.dns_msg_type},</if>
             <if test="dataMap.dns_answer_length != null">#{dataMap.dns_answer_length},</if>
             <if test="dataMap.dns_ioc != null">#{dataMap.dns_ioc},</if>
-            <if test="dataMap.tx_bytes != null">#{dataMap.tx_bytes}::double precision,</if>
-            <if test="dataMap.rx_bytes != null">#{dataMap.rx_bytes}::double precision,</if>
-            <if test="dataMap.all_bytes != null">#{dataMap.all_bytes}::double precision,</if>
-            <if test="dataMap.duration_time != null">#{dataMap.duration_time}::int8,</if>
+            <if test="dataMap.tx_bytes != null">#{dataMap.tx_bytes},</if>
+            <if test="dataMap.rx_bytes != null">#{dataMap.rx_bytes},</if>
+            <if test="dataMap.all_bytes != null">#{dataMap.all_bytes},</if>
+            <if test="dataMap.duration_time != null">#{dataMap.duration_time},</if>
             <if test="dataMap.mail_attach_name != null">#{dataMap.mail_attach_name},</if>
             <if test="dataMap.mail_subject != null">#{dataMap.mail_subject},</if>
             <if test="dataMap.mail_message != null">#{dataMap.mail_message},</if>
@@ -488,27 +488,27 @@
             <if test="dataMap.src_ip_apt != null">#{dataMap.src_ip_apt},</if>
             <if test="dataMap.srcip_name != null">#{dataMap.srcip_name},</if>
             <if test="dataMap.tc_client != null">#{dataMap.tc_client},</if>
-            <if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id}::int8,</if>
+            <if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id},</if>
             <if test="dataMap.dest_ip_intranetip != null">#{dataMap.dest_ip_intranetip},</if>
             <if test="dataMap.dest_ip_ioc != null">#{dataMap.dest_ip_ioc},</if>
-            <if test="dataMap.desip_id != null">#{dataMap.desip_id}::int8,</if>
+            <if test="dataMap.desip_id != null">#{dataMap.desip_id},</if>
             <if test="dataMap.desip_name != null">#{dataMap.desip_name},</if>
-            <if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip}::inet,</if>
-            <if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id}::int8,</if>
+            <if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip},</if>
+            <if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id},</if>
             <if test="dataMap.origin_confidence != null">#{dataMap.origin_confidence},</if>
             <if test="dataMap.origin_malscore != null">#{dataMap.origin_malscore},</if>
             <if test="dataMap.attacker_icampaign != null">#{dataMap.attacker_icampaign},</if>
-            <if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id}::int8,</if>
-            <if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id}::int8,</if>
-            <if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id}::int8,</if>
-            <if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id}::int8,</if>
+            <if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id},</if>
+            <if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id},</if>
+            <if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id},</if>
+            <if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id},</if>
             <if test="dataMap.logout_time != null">#{dataMap.logout_time},</if>
             <if test="dataMap.http_req_line != null">#{dataMap.http_req_line},</if>
             <if test="dataMap.desip_security_scope_id != null">#{dataMap.desip_security_scope_id},</if>
             <if test="dataMap.srcip_security_scope_id != null">#{dataMap.srcip_security_scope_id},</if>
-            <if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length}::int8,</if>
+            <if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length},</if>
             <if test="dataMap.tc_attack_type != null">#{dataMap.tc_attack_type},</if>
-            <if test="dataMap.tc_realip != null">#{dataMap.tc_realip}::inet,</if>
+            <if test="dataMap.tc_realip != null">#{dataMap.tc_realip},</if>
             <if test="dataMap.attacker_ip_lists != null">#{dataMap.attacker_ip_lists},</if>
             <if test="dataMap.login_password != null">#{dataMap.login_password},</if>
             <if test="dataMap.detail != null">#{dataMap.detail},</if>
@@ -525,12 +525,12 @@
             <if test="dataMap.login_abnormal_type != null">#{dataMap.login_abnormal_type},</if>
             <if test="dataMap.file_tag != null">#{dataMap.file_tag},</if>
             <if test="dataMap.file_platform != null">#{dataMap.file_platform},</if>
-            <if test="dataMap.target_ip != null">#{dataMap.target_ip}::inet,</if>
+            <if test="dataMap.target_ip != null">#{dataMap.target_ip},</if>
             <if test="dataMap.collect_date != null">#{dataMap.collect_date},</if>
-            <if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip}::inet,</if>
-            <if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip}::inet,</if>
-            <if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip}::inet,</if>
-            <if test="dataMap.http_status_code != null">#{dataMap.http_status_code}::int8,</if>
+            <if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip},</if>
+            <if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip},</if>
+            <if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip},</if>
+            <if test="dataMap.http_status_code != null">#{dataMap.http_status_code},</if>
             <if test="dataMap.device_domian != null">#{dataMap.device_domian},</if>
             <if test="dataMap.src_ip_str != null">#{dataMap.src_ip_str},</if>
             <if test="dataMap.src_port_str != null">#{dataMap.src_port_str},</if>
@@ -576,28 +576,28 @@
             <if test="dataMap.origin_agent_name != null">#{dataMap.origin_agent_name},</if>
             <if test="dataMap.origin_work_group != null">#{dataMap.origin_work_group},</if>
             <if test="dataMap.origin_asset_group != null">#{dataMap.origin_asset_group},</if>
-            <if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port}::int8,</if>
-            <if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip}::inet,</if>
-            <if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip}::inet,</if>
-            <if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip}::inet,</if>
-            <if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr}::inet,</if>
-            <if test="dataMap.agent_id != null">#{dataMap.agent_id}::int8,</if>
+            <if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port},</if>
+            <if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip},</if>
+            <if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip},</if>
+            <if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip},</if>
+            <if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr},</if>
+            <if test="dataMap.agent_id != null">#{dataMap.agent_id},</if>
             <if test="dataMap.agent_name != null">#{dataMap.agent_name},</if>
             <if test="dataMap.tc_title != null">#{dataMap.tc_title},</if>
             <if test="dataMap.log_id != null">#{dataMap.log_id},</if>
             <if test="dataMap.event_date != null">#{dataMap.event_date},</if>
             <if test="dataMap.event_time_ts != null">#{dataMap.event_time_ts},</if>
-            <if test="dataMap.event_level != null">#{dataMap.event_level}::int ,</if>
-            <if test="dataMap.src_ip != null">#{dataMap.src_ip}::inet,</if>
-            <if test="dataMap.src_port != null">#{dataMap.src_port}::BIGINT ,</if>
-            <if test="dataMap.dest_ip != null">#{dataMap.dest_ip}::inet,</if>
+            <if test="dataMap.event_level != null">#{dataMap.event_level},</if>
+            <if test="dataMap.src_ip != null">#{dataMap.src_ip},</if>
+            <if test="dataMap.src_port != null">#{dataMap.src_port},</if>
+            <if test="dataMap.dest_ip != null">#{dataMap.dest_ip},</if>
             <if test="dataMap.dest_port != null">#{dataMap.dest_port}::BIGINT,</if>
             <if test="dataMap.event_time != null">#{dataMap.event_time},</if>
             <if test="dataMap.attacker_country != null">#{dataMap.attacker_country},</if>
             <if test="dataMap.src_mac != null">#{dataMap.src_mac},</if>
             <if test="dataMap.dest_mac != null">#{dataMap.dest_mac},</if>
             <if test="dataMap.proto != null">#{dataMap.proto},</if>
-            <if test="dataMap.dev_id != null">#{dataMap.dev_id}::int8,</if>
+            <if test="dataMap.dev_id != null">#{dataMap.dev_id},</if>
             <if test="dataMap.created_time != null">#{dataMap.created_time},</if>
             <if test="dataMap.src_country != null">#{dataMap.src_country},</if>
             <if test="dataMap.src_country_code != null">#{dataMap.src_country_code},</if>
@@ -621,20 +621,20 @@
             <if test="dataMap.end_time != null">#{dataMap.end_time},</if>
             <if test="dataMap.file_created_time != null">#{dataMap.file_created_time},</if>
             <if test="dataMap.file_modified_time != null">#{dataMap.file_modified_time},</if>
-            <if test="dataMap.tc_miguan_scan_port != null">#{dataMap.tc_miguan_scan_port}::inet,</if>
+            <if test="dataMap.tc_miguan_scan_port != null">#{dataMap.tc_miguan_scan_port},</if>
             <if test="dataMap.process_path != null">#{dataMap.process_path},</if>
             <if test="dataMap.parent_process_path != null">#{dataMap.parent_process_path},</if>
             <if test="dataMap.gname != null">#{dataMap.gname},</if>
             <if test="dataMap.exe_name != null">#{dataMap.exe_name},</if>
             <if test="dataMap.exe_path != null">#{dataMap.exe_path},</if>
             <if test="dataMap.login_time != null">#{dataMap.login_time},</if>
-            <if test="dataMap.login_times != null">#{dataMap.login_times}::int8,</if>
+            <if test="dataMap.login_times != null">#{dataMap.login_times},</if>
             <if test="dataMap.check_item != null">#{dataMap.check_item},</if>
             <if test="dataMap.check_type != null">#{dataMap.check_type},</if>
-            <if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip}::inet,</if>
-            <if test="dataMap.attacker_port != null">#{dataMap.attacker_port}::int8,</if>
-            <if test="dataMap.victim_ip != null">#{dataMap.victim_ip}::inet,</if>
-            <if test="dataMap.victim_port != null">#{dataMap.victim_port}::int8,</if>
+            <if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip},</if>
+            <if test="dataMap.attacker_port != null">#{dataMap.attacker_port},</if>
+            <if test="dataMap.victim_ip != null">#{dataMap.victim_ip},</if>
+            <if test="dataMap.victim_port != null">#{dataMap.victim_port},</if>
             <if test="dataMap.attacker_city != null">#{dataMap.attacker_city},</if>
             <if test="dataMap.attacker_lon != null">#{dataMap.attacker_lon},</if>
             <if test="dataMap.attacker_lat != null">#{dataMap.attacker_lat},</if>
@@ -660,7 +660,7 @@
             <if test="dataMap.file_ssdeep != null">#{dataMap.file_ssdeep},</if>
             <if test="dataMap.victim_country_code != null">#{dataMap.victim_country_code},</if>
             <if test="dataMap.http_xff_ip != null">#{dataMap.http_xff_ip},</if>
-            <if test="dataMap.tc_miguan_class != null">#{dataMap.tc_miguan_class}::inet,</if>
+            <if test="dataMap.tc_miguan_class != null">#{dataMap.tc_miguan_class},</if>
             <if test="dataMap.pid != null">#{dataMap.pid},</if>
             <if test="dataMap.ppid != null">#{dataMap.ppid},</if>
             <if test="dataMap.process_name != null">#{dataMap.process_name},</if>
@@ -687,35 +687,35 @@
             <if test="dataMap.dest_city != null">#{dataMap.dest_city},</if>
             <if test="dataMap.dest_lon != null">#{dataMap.dest_lon},</if>
             <if test="dataMap.dest_lat != null">#{dataMap.dest_lat},</if>
-            <if test="dataMap.event_category != null">#{dataMap.event_category}::int4,</if>
-            <if test="dataMap.attack_result != null">#{dataMap.attack_result}::int4,</if>
-            <if test="dataMap.probe_ip != null">#{dataMap.probe_ip}::inet,</if>
-            <if test="dataMap.device_ip != null">#{dataMap.device_ip}::inet,</if>
+            <if test="dataMap.event_category != null">#{dataMap.event_category},</if>
+            <if test="dataMap.attack_result != null">#{dataMap.attack_result},</if>
+            <if test="dataMap.probe_ip != null">#{dataMap.probe_ip},</if>
+            <if test="dataMap.device_ip != null">#{dataMap.device_ip},</if>
             <if test="dataMap.device_manufacturer != null">#{dataMap.device_manufacturer},</if>
             <if test="dataMap.device_name != null">#{dataMap.device_name},</if>
             <if test="dataMap.product_name != null">#{dataMap.product_name},</if>
             <if test="dataMap.__id != null">#{dataMap.__id},</if>
-            <if test="dataMap.__count != null">#{dataMap.__count}::int8,</if>
+            <if test="dataMap.__count != null">#{dataMap.__count},</if>
             <if test="dataMap.__count_reason != null">#{dataMap.__count_reason},</if>
-            <if test="dataMap.event_type != null">#{dataMap.event_type}::int,</if>
+            <if test="dataMap.event_type != null">#{dataMap.event_type},</if>
             <if test="dataMap.protocol != null">#{dataMap.protocol},</if>
             <if test="dataMap.shell_cmd != null">#{dataMap.shell_cmd},</if>
             <if test="dataMap.parent_name != null">#{dataMap.parent_name},</if>
             <if test="dataMap.host_file_path != null">#{dataMap.host_file_path},</if>
             <if test="dataMap.uid != null">#{dataMap.uid},</if>
-            <if test="dataMap.fall != null">#{dataMap.fall}::int4,</if>
-            <if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip}::inet,</if>
-            <if test="dataMap.dev_type != null">#{dataMap.dev_type}::int4,</if>
-            <if test="dataMap.collect_method != null">#{dataMap.collect_method}::int4,</if>
-            <if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id}::int4,</if>
-            <if test="dataMap.device_type != null">#{dataMap.device_type}::int4,</if>
-            <if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip}::inet,</if>
-            <if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name}::inet,</if>
-            <if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages}::int8,</if>
-            <if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes}::int8,</if>
-            <if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate}::int8,</if>
-            <if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate}::int8,</if>
-            <if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate}::int8,</if>
+            <if test="dataMap.fall != null">#{dataMap.fall},</if>
+            <if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip},</if>
+            <if test="dataMap.dev_type != null">#{dataMap.dev_type},</if>
+            <if test="dataMap.collect_method != null">#{dataMap.collect_method},</if>
+            <if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id},</if>
+            <if test="dataMap.device_type != null">#{dataMap.device_type},</if>
+            <if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip},</if>
+            <if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name},</if>
+            <if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages},</if>
+            <if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes},</if>
+            <if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate},</if>
+            <if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate},</if>
+            <if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate},</if>
             <if test="dataMap.apt_orgname != null">#{dataMap.apt_orgname},</if>
             <if test="dataMap.apt_orgmsg != null">#{dataMap.apt_orgmsg},</if>
             <if test="dataMap.mail_message_id != null">#{dataMap.mail_message_id},</if>
@@ -725,18 +725,18 @@
             <if test="dataMap.mail_url != null">#{dataMap.mail_url},</if>
             <if test="dataMap.mail_cc != null">#{dataMap.mail_cc},</if>
             <if test="dataMap.algorithm != null">#{dataMap.algorithm},</if>
-            <if test="dataMap.miningpool_ip != null">#{dataMap.miningpool_ip}::inet,</if>
+            <if test="dataMap.miningpool_ip != null">#{dataMap.miningpool_ip},</if>
             <if test="dataMap.process_md5 != null">#{dataMap.process_md5},</if>
             <if test="dataMap.pprocess_md5 != null">#{dataMap.pprocess_md5},</if>
             <if test="dataMap.source_servername != null">#{dataMap.source_servername},</if>
             <if test="dataMap.origin_source_servername != null">#{dataMap.origin_source_servername},</if>
             <if test="dataMap.mail_filename != null">#{dataMap.mail_filename},</if>
             <if test="dataMap.dst_upload_appname != null">#{dataMap.dst_upload_appname},</if>
-            <if test="dataMap.target_port != null">#{dataMap.target_port}::int8,</if>
+            <if test="dataMap.target_port != null">#{dataMap.target_port},</if>
             <if test="dataMap.gid != null">#{dataMap.gid},</if>
             <if test="dataMap.origin_uid != null">#{dataMap.origin_uid},</if>
             <if test="dataMap.origin_gid != null">#{dataMap.origin_gid},</if>
-            <if test="dataMap.target_ports != null">#{dataMap.target_ports}::int8,</if>
+            <if test="dataMap.target_ports != null">#{dataMap.target_ports},</if>
             <if test="dataMap.tc_miguan_name1 != null">#{dataMap.tc_miguan_name1},</if>
             <if test="dataMap.tc_miguan_class1 != null">#{dataMap.tc_miguan_class1},</if>
             <if test="dataMap.etl_time != null">#{dataMap.etl_time},</if>
@@ -744,7 +744,7 @@
             <if test="dataMap.desip_security_scope != null">#{dataMap.desip_security_scope},</if>
             <if test="dataMap.srcip_security_scope != null">#{dataMap.srcip_security_scope},</if>
             <if test="dataMap.collect_time_ts != null">#{dataMap.collect_time_ts},</if>
-            <if test="dataMap.tc_miguan_scan_port1 != null">#{dataMap.tc_miguan_scan_port1}::inet,</if>
+            <if test="dataMap.tc_miguan_scan_port1 != null">#{dataMap.tc_miguan_scan_port1},</if>
             <if test="dataMap.src_dev_name != null">#{dataMap.src_dev_name},</if>
             <if test="dataMap.collect_protocol != null">#{dataMap.collect_protocol},</if>
             <if test="dataMap.destination_system_type != null">#{dataMap.destination_system_type},</if>
diff --git a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalDataMapper.xml b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalDataMapper.xml
index 9d60d7c..527387b 100644
--- a/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalDataMapper.xml
+++ b/haobang-security-dm/syslog-consumer-rule/src/main/resources/mapper/SyslogNormalDataMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8" ?>
+<?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.SyslogNormalDataMapper">
@@ -57,6 +57,7 @@
             id,
             created_at,
             log_time,
+            device_id,
             device_ip,
             dest_ip,
             dest_port,
@@ -103,6 +104,7 @@
             id,
             created_at,
             log_time,
+            device_id,
             device_ip,
             dest_ip,
             dest_port,
@@ -541,9 +543,9 @@
             <if test="dataMap.container_name != null">#{dataMap.container_name},</if>
             <if test="dataMap.container_id != null">#{dataMap.container_id},</if>
             <if test="dataMap.http_resp_server != null">#{dataMap.http_resp_server},</if>
-            <if test="dataMap.srcip_id != null">#{dataMap.srcip_id}::int8,</if>
-            <if test="dataMap.cdnip != null">#{dataMap.cdnip}::inet,</if>
-            <if test="dataMap.natip != null">#{dataMap.natip}::inet,</if>
+            <if test="dataMap.srcip_id != null">#{dataMap.srcip_id},</if>
+            <if test="dataMap.cdnip != null">#{dataMap.cdnip},</if>
+            <if test="dataMap.natip != null">#{dataMap.natip},</if>
             <if test="dataMap.mail_sender != null">#{dataMap.mail_sender},</if>
             <if test="dataMap.mail_receiver != null">#{dataMap.mail_receiver},</if>
             <if test="dataMap.vpn_mac != null">#{dataMap.vpn_mac},</if>
@@ -574,8 +576,8 @@
             <if test="dataMap.print_time != null">#{dataMap.print_time},</if>
             <if test="dataMap.printer != null">#{dataMap.printer},</if>
             <if test="dataMap.printer_type != null">#{dataMap.printer_type},</if>
-            <if test="dataMap.print_pages != null">#{dataMap.print_pages}::int8,</if>
-            <if test="dataMap.print_copies != null">#{dataMap.print_copies}::int8,</if>
+            <if test="dataMap.print_pages != null">#{dataMap.print_pages},</if>
+            <if test="dataMap.print_copies != null">#{dataMap.print_copies},</if>
             <if test="dataMap.src_device != null">#{dataMap.src_device},</if>
             <if test="dataMap.dst_device != null">#{dataMap.dst_device},</if>
             <if test="dataMap.src_file != null">#{dataMap.src_file},</if>
@@ -592,18 +594,18 @@
             <if test="dataMap.env != null">#{dataMap.env},</if>
             <if test="dataMap.brute_force_service != null">#{dataMap.brute_force_service},</if>
             <if test="dataMap.vuirs_name != null">#{dataMap.vuirs_name},</if>
-            <if test="dataMap.http_req_length != null">#{dataMap.http_req_length}::int8,</if>
+            <if test="dataMap.http_req_length != null">#{dataMap.http_req_length},</if>
             <if test="dataMap.http_req_content_type != null">#{dataMap.http_req_content_type},</if>
-            <if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port}::inet,</if>
-            <if test="dataMap.tc_labels != null">#{dataMap.tc_labels}::inet,</if>
+            <if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port},</if>
+            <if test="dataMap.tc_labels != null">#{dataMap.tc_labels},</if>
             <if test="dataMap.http_resp_content_type != null">#{dataMap.http_resp_content_type},</if>
             <if test="dataMap.dns_msg_type != null">#{dataMap.dns_msg_type},</if>
             <if test="dataMap.dns_answer_length != null">#{dataMap.dns_answer_length},</if>
             <if test="dataMap.dns_ioc != null">#{dataMap.dns_ioc},</if>
-            <if test="dataMap.tx_bytes != null">#{dataMap.tx_bytes}::double precision,</if>
-            <if test="dataMap.rx_bytes != null">#{dataMap.rx_bytes}::double precision,</if>
-            <if test="dataMap.all_bytes != null">#{dataMap.all_bytes}::double precision,</if>
-            <if test="dataMap.duration_time != null">#{dataMap.duration_time}::int8,</if>
+            <if test="dataMap.tx_bytes != null">#{dataMap.tx_bytes},</if>
+            <if test="dataMap.rx_bytes != null">#{dataMap.rx_bytes},</if>
+            <if test="dataMap.all_bytes != null">#{dataMap.all_bytes},</if>
+            <if test="dataMap.duration_time != null">#{dataMap.duration_time},</if>
             <if test="dataMap.mail_attach_name != null">#{dataMap.mail_attach_name},</if>
             <if test="dataMap.mail_subject != null">#{dataMap.mail_subject},</if>
             <if test="dataMap.mail_message != null">#{dataMap.mail_message},</if>
@@ -623,27 +625,27 @@
             <if test="dataMap.src_ip_apt != null">#{dataMap.src_ip_apt},</if>
             <if test="dataMap.srcip_name != null">#{dataMap.srcip_name},</if>
             <if test="dataMap.tc_client != null">#{dataMap.tc_client},</if>
-            <if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id}::int8,</if>
+            <if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id},</if>
             <if test="dataMap.dest_ip_intranetip != null">#{dataMap.dest_ip_intranetip},</if>
             <if test="dataMap.dest_ip_ioc != null">#{dataMap.dest_ip_ioc},</if>
-            <if test="dataMap.desip_id != null">#{dataMap.desip_id}::int8,</if>
+            <if test="dataMap.desip_id != null">#{dataMap.desip_id},</if>
             <if test="dataMap.desip_name != null">#{dataMap.desip_name},</if>
-            <if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip}::inet,</if>
-            <if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id}::int8,</if>
+            <if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip},</if>
+            <if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id},</if>
             <if test="dataMap.origin_confidence != null">#{dataMap.origin_confidence},</if>
             <if test="dataMap.origin_malscore != null">#{dataMap.origin_malscore},</if>
             <if test="dataMap.attacker_icampaign != null">#{dataMap.attacker_icampaign},</if>
-            <if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id}::int8,</if>
-            <if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id}::int8,</if>
-            <if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id}::int8,</if>
-            <if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id}::int8,</if>
+            <if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id},</if>
+            <if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id},</if>
+            <if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id},</if>
+            <if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id},</if>
             <if test="dataMap.logout_time != null">#{dataMap.logout_time},</if>
             <if test="dataMap.http_req_line != null">#{dataMap.http_req_line},</if>
             <if test="dataMap.desip_security_scope_id != null">#{dataMap.desip_security_scope_id},</if>
             <if test="dataMap.srcip_security_scope_id != null">#{dataMap.srcip_security_scope_id},</if>
-            <if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length}::int8,</if>
+            <if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length},</if>
             <if test="dataMap.tc_attack_type != null">#{dataMap.tc_attack_type},</if>
-            <if test="dataMap.tc_realip != null">#{dataMap.tc_realip}::inet,</if>
+            <if test="dataMap.tc_realip != null">#{dataMap.tc_realip},</if>
             <if test="dataMap.attacker_ip_lists != null">#{dataMap.attacker_ip_lists},</if>
             <if test="dataMap.login_password != null">#{dataMap.login_password},</if>
             <if test="dataMap.detail != null">#{dataMap.detail},</if>
@@ -660,12 +662,12 @@
             <if test="dataMap.login_abnormal_type != null">#{dataMap.login_abnormal_type},</if>
             <if test="dataMap.file_tag != null">#{dataMap.file_tag},</if>
             <if test="dataMap.file_platform != null">#{dataMap.file_platform},</if>
-            <if test="dataMap.target_ip != null">#{dataMap.target_ip}::inet,</if>
+            <if test="dataMap.target_ip != null">#{dataMap.target_ip},</if>
             <if test="dataMap.collect_date != null">#{dataMap.collect_date},</if>
-            <if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip}::inet,</if>
-            <if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip}::inet,</if>
-            <if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip}::inet,</if>
-            <if test="dataMap.http_status_code != null">#{dataMap.http_status_code}::int8,</if>
+            <if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip},</if>
+            <if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip},</if>
+            <if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip},</if>
+            <if test="dataMap.http_status_code != null">#{dataMap.http_status_code},</if>
             <if test="dataMap.device_domian != null">#{dataMap.device_domian},</if>
             <if test="dataMap.src_ip_str != null">#{dataMap.src_ip_str},</if>
             <if test="dataMap.src_port_str != null">#{dataMap.src_port_str},</if>
@@ -711,28 +713,28 @@
             <if test="dataMap.origin_agent_name != null">#{dataMap.origin_agent_name},</if>
             <if test="dataMap.origin_work_group != null">#{dataMap.origin_work_group},</if>
             <if test="dataMap.origin_asset_group != null">#{dataMap.origin_asset_group},</if>
-            <if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port}::int8,</if>
-            <if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip}::inet,</if>
-            <if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip}::inet,</if>
-            <if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip}::inet,</if>
-            <if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr}::inet,</if>
-            <if test="dataMap.agent_id != null">#{dataMap.agent_id}::int8,</if>
+            <if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port},</if>
+            <if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip},</if>
+            <if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip},</if>
+            <if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip},</if>
+            <if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr},</if>
+            <if test="dataMap.agent_id != null">#{dataMap.agent_id},</if>
             <if test="dataMap.agent_name != null">#{dataMap.agent_name},</if>
             <if test="dataMap.tc_title != null">#{dataMap.tc_title},</if>
             <if test="dataMap.log_id != null">#{dataMap.log_id},</if>
             <if test="dataMap.event_date != null">#{dataMap.event_date},</if>
             <if test="dataMap.event_time_ts != null">#{dataMap.event_time_ts},</if>
-            <if test="dataMap.event_level != null">#{dataMap.event_level}::int ,</if>
-            <if test="dataMap.src_ip != null">#{dataMap.src_ip}::inet,</if>
-            <if test="dataMap.src_port != null">#{dataMap.src_port}::BIGINT ,</if>
-            <if test="dataMap.dest_ip != null">#{dataMap.dest_ip}::inet,</if>
+            <if test="dataMap.event_level != null">#{dataMap.event_level},</if>
+            <if test="dataMap.src_ip != null">#{dataMap.src_ip},</if>
+            <if test="dataMap.src_port != null">#{dataMap.src_port},</if>
+            <if test="dataMap.dest_ip != null">#{dataMap.dest_ip},</if>
             <if test="dataMap.dest_port != null">#{dataMap.dest_port}::BIGINT,</if>
             <if test="dataMap.event_time != null">#{dataMap.event_time},</if>
             <if test="dataMap.attacker_country != null">#{dataMap.attacker_country},</if>
             <if test="dataMap.src_mac != null">#{dataMap.src_mac},</if>
             <if test="dataMap.dest_mac != null">#{dataMap.dest_mac},</if>
             <if test="dataMap.proto != null">#{dataMap.proto},</if>
-            <if test="dataMap.dev_id != null">#{dataMap.dev_id}::int8,</if>
+            <if test="dataMap.dev_id != null">#{dataMap.dev_id},</if>
             <if test="dataMap.created_time != null">#{dataMap.created_time},</if>
             <if test="dataMap.src_country != null">#{dataMap.src_country},</if>
             <if test="dataMap.src_country_code != null">#{dataMap.src_country_code},</if>
@@ -756,20 +758,20 @@
             <if test="dataMap.end_time != null">#{dataMap.end_time},</if>
             <if test="dataMap.file_created_time != null">#{dataMap.file_created_time},</if>
             <if test="dataMap.file_modified_time != null">#{dataMap.file_modified_time},</if>
-            <if test="dataMap.tc_miguan_scan_port != null">#{dataMap.tc_miguan_scan_port}::inet,</if>
+            <if test="dataMap.tc_miguan_scan_port != null">#{dataMap.tc_miguan_scan_port},</if>
             <if test="dataMap.process_path != null">#{dataMap.process_path},</if>
             <if test="dataMap.parent_process_path != null">#{dataMap.parent_process_path},</if>
             <if test="dataMap.gname != null">#{dataMap.gname},</if>
             <if test="dataMap.exe_name != null">#{dataMap.exe_name},</if>
             <if test="dataMap.exe_path != null">#{dataMap.exe_path},</if>
             <if test="dataMap.login_time != null">#{dataMap.login_time},</if>
-            <if test="dataMap.login_times != null">#{dataMap.login_times}::int8,</if>
+            <if test="dataMap.login_times != null">#{dataMap.login_times},</if>
             <if test="dataMap.check_item != null">#{dataMap.check_item},</if>
             <if test="dataMap.check_type != null">#{dataMap.check_type},</if>
-            <if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip}::inet,</if>
-            <if test="dataMap.attacker_port != null">#{dataMap.attacker_port}::int8,</if>
-            <if test="dataMap.victim_ip != null">#{dataMap.victim_ip}::inet,</if>
-            <if test="dataMap.victim_port != null">#{dataMap.victim_port}::int8,</if>
+            <if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip},</if>
+            <if test="dataMap.attacker_port != null">#{dataMap.attacker_port},</if>
+            <if test="dataMap.victim_ip != null">#{dataMap.victim_ip},</if>
+            <if test="dataMap.victim_port != null">#{dataMap.victim_port},</if>
             <if test="dataMap.attacker_city != null">#{dataMap.attacker_city},</if>
             <if test="dataMap.attacker_lon != null">#{dataMap.attacker_lon},</if>
             <if test="dataMap.attacker_lat != null">#{dataMap.attacker_lat},</if>
@@ -795,7 +797,7 @@
             <if test="dataMap.file_ssdeep != null">#{dataMap.file_ssdeep},</if>
             <if test="dataMap.victim_country_code != null">#{dataMap.victim_country_code},</if>
             <if test="dataMap.http_xff_ip != null">#{dataMap.http_xff_ip},</if>
-            <if test="dataMap.tc_miguan_class != null">#{dataMap.tc_miguan_class}::inet,</if>
+            <if test="dataMap.tc_miguan_class != null">#{dataMap.tc_miguan_class},</if>
             <if test="dataMap.pid != null">#{dataMap.pid},</if>
             <if test="dataMap.ppid != null">#{dataMap.ppid},</if>
             <if test="dataMap.process_name != null">#{dataMap.process_name},</if>
@@ -822,35 +824,35 @@
             <if test="dataMap.dest_city != null">#{dataMap.dest_city},</if>
             <if test="dataMap.dest_lon != null">#{dataMap.dest_lon},</if>
             <if test="dataMap.dest_lat != null">#{dataMap.dest_lat},</if>
-            <if test="dataMap.event_category != null">#{dataMap.event_category}::int4,</if>
-            <if test="dataMap.attack_result != null">#{dataMap.attack_result}::int4,</if>
-            <if test="dataMap.probe_ip != null">#{dataMap.probe_ip}::inet,</if>
-            <if test="dataMap.device_ip != null">#{dataMap.device_ip}::inet,</if>
+            <if test="dataMap.event_category != null">#{dataMap.event_category},</if>
+            <if test="dataMap.attack_result != null">#{dataMap.attack_result},</if>
+            <if test="dataMap.probe_ip != null">#{dataMap.probe_ip},</if>
+            <if test="dataMap.device_ip != null">#{dataMap.device_ip},</if>
             <if test="dataMap.device_manufacturer != null">#{dataMap.device_manufacturer},</if>
             <if test="dataMap.device_name != null">#{dataMap.device_name},</if>
             <if test="dataMap.product_name != null">#{dataMap.product_name},</if>
             <if test="dataMap.__id != null">#{dataMap.__id},</if>
-            <if test="dataMap.__count != null">#{dataMap.__count}::int8,</if>
+            <if test="dataMap.__count != null">#{dataMap.__count},</if>
             <if test="dataMap.__count_reason != null">#{dataMap.__count_reason},</if>
-            <if test="dataMap.event_type != null">#{dataMap.event_type}::int,</if>
+            <if test="dataMap.event_type != null">#{dataMap.event_type},</if>
             <if test="dataMap.protocol != null">#{dataMap.protocol},</if>
             <if test="dataMap.shell_cmd != null">#{dataMap.shell_cmd},</if>
             <if test="dataMap.parent_name != null">#{dataMap.parent_name},</if>
             <if test="dataMap.host_file_path != null">#{dataMap.host_file_path},</if>
             <if test="dataMap.uid != null">#{dataMap.uid},</if>
-            <if test="dataMap.fall != null">#{dataMap.fall}::int4,</if>
-            <if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip}::inet,</if>
-            <if test="dataMap.dev_type != null">#{dataMap.dev_type}::int4,</if>
-            <if test="dataMap.collect_method != null">#{dataMap.collect_method}::int4,</if>
-            <if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id}::int4,</if>
-            <if test="dataMap.device_type != null">#{dataMap.device_type}::int4,</if>
-            <if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip}::inet,</if>
-            <if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name}::inet,</if>
-            <if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages}::int8,</if>
-            <if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes}::int8,</if>
-            <if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate}::int8,</if>
-            <if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate}::int8,</if>
-            <if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate}::int8,</if>
+            <if test="dataMap.fall != null">#{dataMap.fall},</if>
+            <if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip},</if>
+            <if test="dataMap.dev_type != null">#{dataMap.dev_type},</if>
+            <if test="dataMap.collect_method != null">#{dataMap.collect_method},</if>
+            <if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id},</if>
+            <if test="dataMap.device_type != null">#{dataMap.device_type},</if>
+            <if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip},</if>
+            <if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name},</if>
+            <if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages},</if>
+            <if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes},</if>
+            <if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate},</if>
+            <if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate},</if>
+            <if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate},</if>
             <if test="dataMap.apt_orgname != null">#{dataMap.apt_orgname},</if>
             <if test="dataMap.apt_orgmsg != null">#{dataMap.apt_orgmsg},</if>
             <if test="dataMap.mail_message_id != null">#{dataMap.mail_message_id},</if>
@@ -860,18 +862,18 @@
             <if test="dataMap.mail_url != null">#{dataMap.mail_url},</if>
             <if test="dataMap.mail_cc != null">#{dataMap.mail_cc},</if>
             <if test="dataMap.algorithm != null">#{dataMap.algorithm},</if>
-            <if test="dataMap.miningpool_ip != null">#{dataMap.miningpool_ip}::inet,</if>
+            <if test="dataMap.miningpool_ip != null">#{dataMap.miningpool_ip},</if>
             <if test="dataMap.process_md5 != null">#{dataMap.process_md5},</if>
             <if test="dataMap.pprocess_md5 != null">#{dataMap.pprocess_md5},</if>
             <if test="dataMap.source_servername != null">#{dataMap.source_servername},</if>
             <if test="dataMap.origin_source_servername != null">#{dataMap.origin_source_servername},</if>
             <if test="dataMap.mail_filename != null">#{dataMap.mail_filename},</if>
             <if test="dataMap.dst_upload_appname != null">#{dataMap.dst_upload_appname},</if>
-            <if test="dataMap.target_port != null">#{dataMap.target_port}::int8,</if>
+            <if test="dataMap.target_port != null">#{dataMap.target_port},</if>
             <if test="dataMap.gid != null">#{dataMap.gid},</if>
             <if test="dataMap.origin_uid != null">#{dataMap.origin_uid},</if>
             <if test="dataMap.origin_gid != null">#{dataMap.origin_gid},</if>
-            <if test="dataMap.target_ports != null">#{dataMap.target_ports}::int8,</if>
+            <if test="dataMap.target_ports != null">#{dataMap.target_ports},</if>
             <if test="dataMap.tc_miguan_name1 != null">#{dataMap.tc_miguan_name1},</if>
             <if test="dataMap.tc_miguan_class1 != null">#{dataMap.tc_miguan_class1},</if>
             <if test="dataMap.etl_time != null">#{dataMap.etl_time},</if>
@@ -879,7 +881,7 @@
             <if test="dataMap.desip_security_scope != null">#{dataMap.desip_security_scope},</if>
             <if test="dataMap.srcip_security_scope != null">#{dataMap.srcip_security_scope},</if>
             <if test="dataMap.collect_time_ts != null">#{dataMap.collect_time_ts},</if>
-            <if test="dataMap.tc_miguan_scan_port1 != null">#{dataMap.tc_miguan_scan_port1}::inet,</if>
+            <if test="dataMap.tc_miguan_scan_port1 != null">#{dataMap.tc_miguan_scan_port1},</if>
             <if test="dataMap.src_dev_name != null">#{dataMap.src_dev_name},</if>
             <if test="dataMap.collect_protocol != null">#{dataMap.collect_protocol},</if>
             <if test="dataMap.destination_system_type != null">#{dataMap.destination_system_type},</if>
diff --git a/haobang-security-dm/syslog-consumer/docker_run.txt b/haobang-security-dm/syslog-consumer/docker_run.txt
index 0c1f8df..d059147 100644
--- a/haobang-security-dm/syslog-consumer/docker_run.txt
+++ b/haobang-security-dm/syslog-consumer/docker_run.txt
@@ -8,17 +8,17 @@ docker ps -a
 
 --2.���docker image�ļ� (Dockerfile ��ǰĿ¼��
 docker build -t syslog-consumer:v1.X.X  .
-
+docker build -t syslog-consumer-dm:v1.2.X  .
 
 --3.ֹͣ���� ��ɾ��
-docker stop  ct-syslog-consumer  &&  docker  rm ct-syslog-consumer
+docker stop  syslog-consumer-dm  &&  docker  rm syslog-consumer-dm
 
 --4.����docker �ļ�
-docker run --restart unless-stopped -e TZ=Asia/Shanghai -d --name ct-syslog-consumer -p 8089:8089 -v /home/syslog/logs:/app/logs --privileged=true   syslog-consumer:v1.X.X
+docker run --restart unless-stopped -e TZ=Asia/Shanghai -d --name syslog-consumer-dm -p 8089:8089 -v /home/syslog/logs:/app/logs --privileged=true   syslog-consumer-dm:v1.X.X
 �ڳ�CMD��
-docker run --restart unless-stopped -e TZ=Asia/Shanghai -d --name ct-syslog-consumer -p 8089:8089 -v /data/syslog/logs:/app/logs --privileged=true   syslog-consumer:v1.X.X
+docker run --restart unless-stopped -e TZ=Asia/Shanghai -d --name syslog-consumer-dm -p 8089:8089 -v /data/syslog/logs:/app/logs --privileged=true   syslog-consumer-dm:v1.X.X
 
 --������������
-docker run  -d --name ct-syslog-consumer -p 8089:8089 --privileged=true   syslog-consumer:v1.X.X
+docker run  -d --name syslog-consumer -p 8089:8089 --privileged=true   syslog-consumer:v1.X.X
 
 
diff --git a/haobang-security-dm/syslog-consumer/pom.xml b/haobang-security-dm/syslog-consumer/pom.xml
index 71b1d3c..86bdcb4 100644
--- a/haobang-security-dm/syslog-consumer/pom.xml
+++ b/haobang-security-dm/syslog-consumer/pom.xml
@@ -92,12 +92,21 @@
             <version>${mybatis.version}</version>
         </dependency>
 
-        <!-- PostgreSQL驱动 -->
+        <!-- PostgreSQL驱动（已切换至达梦数据库，保留备用） -->
+        <!--
         <dependency>
             <groupId>org.postgresql</groupId>
             <artifactId>postgresql</artifactId>
             <version>${postgresql.version}</version>
         </dependency>
+        -->
+        
+        <!-- 达梦数据库驱动 JDK1.8 -->
+        <dependency>
+            <groupId>com.dameng</groupId>
+            <artifactId>DmJdbcDriver18</artifactId>
+            <version>8.1.2.141</version>
+        </dependency>
 
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
@@ -193,11 +202,7 @@
         </dependency>
 
 
-        <dependency>
-            <groupId>com.dameng</groupId>
-            <artifactId>DmJdbcDriver18</artifactId>
-            <version>8.1.2.141</version> <!-- 请根据你的数据库版本替换 -->
-        </dependency>
+
         <!-- Bouncy Castle 国密算法支持 -->
         <dependency>
             <groupId>org.bouncycastle</groupId>
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/NormalData/LogNormalProcessor.java b/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/NormalData/LogNormalProcessor.java
index f00d35e..2d1ab30 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/NormalData/LogNormalProcessor.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/NormalData/LogNormalProcessor.java
@@ -183,7 +183,7 @@ public class LogNormalProcessor {
         }
         catch (Exception ex)
         {
-            logger.error("处理初始化异常："+ex.getMessage());
+            logger.error("处理日志消息异常："+ex.getMessage());
             System.out.println(ex.getMessage());
         }
 
@@ -195,6 +195,7 @@ public class LogNormalProcessor {
     {
         Cropper_paramsType  cropperParams = new Cropper_paramsType();
         try {
+
             JSONObject jsonObject = new JSONObject( dmNormalizeRule.get("rule_content").toString());
             if (jsonObject.isEmpty()) return null;
 
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayByteTypeHandler.java b/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayByteTypeHandler.java
index 484cb34..c100dde 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayByteTypeHandler.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayByteTypeHandler.java
@@ -1,47 +1,127 @@
 package com.Modules.etl.handler;
 
-
-
 import org.apache.ibatis.type.BaseTypeHandler;
 import org.apache.ibatis.type.JdbcType;
 import org.apache.ibatis.type.MappedJdbcTypes;
 import org.apache.ibatis.type.MappedTypes;
-import java.sql.*;
 
+import java.sql.CallableStatement;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.Base64;
+import java.util.List;
+
+/**
+ * 字节数组类型处理器 - 达梦数据库兼容版本
+ * 
+ * 将 Java byte[][] 与数据库 TEXT 列进行互转。
+ * 存储格式: JSON 数组字符串，每个元素为 Base64 编码，如 ["base64...","base64..."]
+ * 空数组: 存储为 "[]"
+ * null值: 存储为 NULL
+ * 
+ * 原 PostgreSQL 版本使用 createArrayOf("bytea", ...) 创建原生 bytea 数组，
+ * 达梦数据库不兼容此 API，改为 TEXT 列存储 JSON 数组（Base64编码）。
+ */
 @MappedTypes(byte[][].class)
-@MappedJdbcTypes(JdbcType.ARRAY)
+@MappedJdbcTypes(JdbcType.VARCHAR)
 public class ArrayByteTypeHandler extends BaseTypeHandler<byte[][]> {
 
     @Override
     public void setNonNullParameter(PreparedStatement ps, int i, byte[][] parameter, JdbcType jdbcType) throws SQLException {
-        Array array = ps.getConnection().createArrayOf("bytea", parameter);
-        ps.setArray(i, array);
+        ps.setString(i, toJsonArray(parameter));
     }
 
     @Override
     public byte[][] getNullableResult(ResultSet rs, String columnName) throws SQLException {
-        return getArray(rs.getArray(columnName));
+        return parseJsonArray(rs.getString(columnName));
     }
 
     @Override
     public byte[][] getNullableResult(ResultSet rs, int columnIndex) throws SQLException {
-        return getArray(rs.getArray(columnIndex));
+        return parseJsonArray(rs.getString(columnIndex));
     }
 
     @Override
     public byte[][] getNullableResult(CallableStatement cs, int columnIndex) throws SQLException {
-        return getArray(cs.getArray(columnIndex));
+        return parseJsonArray(cs.getString(columnIndex));
     }
 
-    private byte[][] getArray(Array array) throws SQLException {
-        if (array != null) {
-            Object[] objArray = (Object[]) array.getArray();
-            byte[][] result = new byte[objArray.length][];
-            for (int i = 0; i < objArray.length; i++) {
-                result[i] = (byte[]) objArray[i];
-            }
-            return result;
+    private byte[][] parseJsonArray(String value) {
+        if (value == null || value.isEmpty() || "[]".equals(value.trim())) {
+            return new byte[0][];
         }
-        return null;
+        if (!value.startsWith("[")) {
+            // 兼容旧的逗号分隔格式
+            return parseCommaSeparated(value);
+        }
+        String content = value.substring(1, value.length() - 1).trim();
+        if (content.isEmpty()) {
+            return new byte[0][];
+        }
+        // 解析 JSON 字符串数组
+        List<byte[]> result = new ArrayList<>();
+        int pos = 0;
+        int len = content.length();
+        while (pos < len) {
+            if (content.charAt(pos) == '"') {
+                int end = pos + 1;
+                while (end < len) {
+                    if (content.charAt(end) == '"' && content.charAt(end - 1) != '\\') {
+                        break;
+                    }
+                    end++;
+                }
+                String base64 = content.substring(pos + 1, end);
+                if (!base64.isEmpty()) {
+                    result.add(Base64.getDecoder().decode(base64));
+                } else {
+                    result.add(new byte[0]);
+                }
+                pos = end + 1;
+                while (pos < len && (content.charAt(pos) == ',' || content.charAt(pos) == ' ')) {
+                    pos++;
+                }
+            } else {
+                // skip non-string content
+                pos++;
+            }
+        }
+        return result.toArray(new byte[0][]);
     }
-}
\ No newline at end of file
+
+    private byte[][] parseCommaSeparated(String value) {
+        String[] parts = value.split(",", -1);
+        byte[][] result = new byte[parts.length][];
+        for (int i = 0; i < parts.length; i++) {
+            String part = parts[i].trim();
+            if (part.isEmpty()) {
+                result[i] = new byte[0];
+            } else {
+                result[i] = Base64.getDecoder().decode(part);
+            }
+        }
+        return result;
+    }
+
+    static String toJsonArray(byte[][] array) {
+        if (array == null) {
+            return null;
+        }
+        if (array.length == 0) {
+            return "[]";
+        }
+        StringBuilder sb = new StringBuilder("[");
+        for (int i = 0; i < array.length; i++) {
+            if (i > 0) sb.append(",");
+            sb.append("\"");
+            if (array[i] != null && array[i].length > 0) {
+                sb.append(Base64.getEncoder().encodeToString(array[i]));
+            }
+            sb.append("\"");
+        }
+        sb.append("]");
+        return sb.toString();
+    }
+}
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayIntegerTypeHandler.java b/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayIntegerTypeHandler.java
index 0a40ce1..a70f327 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayIntegerTypeHandler.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayIntegerTypeHandler.java
@@ -1,43 +1,106 @@
 package com.Modules.etl.handler;
 
-
 import org.apache.ibatis.type.BaseTypeHandler;
 import org.apache.ibatis.type.JdbcType;
 import org.apache.ibatis.type.MappedJdbcTypes;
 import org.apache.ibatis.type.MappedTypes;
-import java.sql.*;
-import java.util.Arrays;
 
+import java.sql.CallableStatement;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * 整型数组类型处理器 - 达梦数据库兼容版本
+ * 
+ * 将 Java Integer[] 与数据库 TEXT 列进行互转。
+ * 存储格式: JSON 数组字符串，如 [1,2,3]
+ * 空数组: 存储为 "[]"
+ * null值: 存储为 NULL
+ * 
+ * 原 PostgreSQL 版本使用 createArrayOf("integer", ...) 创建原生 _int4 数组，
+ * 达梦数据库不兼容此 API，改为 TEXT 列存储 JSON 数组。
+ */
 @MappedTypes(Integer[].class)
-@MappedJdbcTypes(JdbcType.ARRAY)
+@MappedJdbcTypes(JdbcType.VARCHAR)
 public class ArrayIntegerTypeHandler extends BaseTypeHandler<Integer[]> {
 
     @Override
     public void setNonNullParameter(PreparedStatement ps, int i, Integer[] parameter, JdbcType jdbcType) throws SQLException {
-        Array array = ps.getConnection().createArrayOf("integer", parameter);
-        ps.setArray(i, array);
+        ps.setString(i, toJsonArray(parameter));
     }
 
     @Override
     public Integer[] getNullableResult(ResultSet rs, String columnName) throws SQLException {
-        return getArray(rs.getArray(columnName));
+        return parseJsonArray(rs.getString(columnName));
     }
 
     @Override
     public Integer[] getNullableResult(ResultSet rs, int columnIndex) throws SQLException {
-        return getArray(rs.getArray(columnIndex));
+        return parseJsonArray(rs.getString(columnIndex));
     }
 
     @Override
     public Integer[] getNullableResult(CallableStatement cs, int columnIndex) throws SQLException {
-        return getArray(cs.getArray(columnIndex));
+        return parseJsonArray(cs.getString(columnIndex));
     }
 
-    private Integer[] getArray(Array array) throws SQLException {
-        if (array != null) {
-            Object[] objArray = (Object[]) array.getArray();
-            return Arrays.copyOf(objArray, objArray.length, Integer[].class);
+    /**
+     * 将 JSON 字符串解析为 Integer[]
+     */
+    private Integer[] parseJsonArray(String value) {
+        if (value == null || value.isEmpty() || "[]".equals(value.trim())) {
+            return new Integer[0];
         }
-        return null;
+        if (!value.startsWith("[")) {
+            // 兼容旧的逗号分隔格式: "1,2,3"
+            return parseCommaSeparated(value);
+        }
+        String content = value.substring(1, value.length() - 1).trim();
+        if (content.isEmpty()) {
+            return new Integer[0];
+        }
+        String[] parts = content.split(",");
+        List<Integer> result = new ArrayList<>(parts.length);
+        for (String part : parts) {
+            String trimmed = part.trim();
+            if (!trimmed.isEmpty()) {
+                result.add(Integer.parseInt(trimmed));
+            }
+        }
+        return result.toArray(new Integer[0]);
     }
-}
\ No newline at end of file
+
+    private Integer[] parseCommaSeparated(String value) {
+        String[] parts = value.split(",");
+        List<Integer> result = new ArrayList<>(parts.length);
+        for (String part : parts) {
+            String trimmed = part.trim();
+            if (!trimmed.isEmpty()) {
+                result.add(Integer.parseInt(trimmed));
+            }
+        }
+        return result.toArray(new Integer[0]);
+    }
+
+    /**
+     * 将 Integer[] 序列化为 JSON 数组字符串
+     */
+    static String toJsonArray(Integer[] array) {
+        if (array == null) {
+            return null;
+        }
+        if (array.length == 0) {
+            return "[]";
+        }
+        StringBuilder sb = new StringBuilder("[");
+        for (int i = 0; i < array.length; i++) {
+            if (i > 0) sb.append(",");
+            sb.append(array[i] != null ? array[i].toString() : "null");
+        }
+        sb.append("]");
+        return sb.toString();
+    }
+}
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayStringTypeHandler.java b/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayStringTypeHandler.java
index 174364f..0b64c99 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayStringTypeHandler.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/Modules/etl/handler/ArrayStringTypeHandler.java
@@ -1,43 +1,120 @@
 package com.Modules.etl.handler;
 
-
 import org.apache.ibatis.type.BaseTypeHandler;
 import org.apache.ibatis.type.JdbcType;
 import org.apache.ibatis.type.MappedJdbcTypes;
 import org.apache.ibatis.type.MappedTypes;
-import java.sql.*;
-import java.util.Arrays;
 
+import java.sql.CallableStatement;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * 字符串数组类型处理器 - 达梦数据库兼容版本
+ * 
+ * 将 Java String[] 与数据库 TEXT 列进行互转。
+ * 存储格式: JSON 数组字符串，如 ["value1","value2","value3"]
+ * 空数组: 存储为 "[]"
+ * null值: 存储为 NULL
+ * 
+ * 原 PostgreSQL 版本使用 createArrayOf("text", ...) 创建原生数组，
+ * 达梦数据库不兼容此 API，改为 TEXT 列存储 JSON 数组。
+ */
 @MappedTypes(String[].class)
-@MappedJdbcTypes(JdbcType.ARRAY)
+@MappedJdbcTypes(JdbcType.VARCHAR)
 public class ArrayStringTypeHandler extends BaseTypeHandler<String[]> {
 
     @Override
     public void setNonNullParameter(PreparedStatement ps, int i, String[] parameter, JdbcType jdbcType) throws SQLException {
-        Array array = ps.getConnection().createArrayOf("text", parameter);
-        ps.setArray(i, array);
+        ps.setString(i, toJsonArray(parameter));
     }
 
     @Override
     public String[] getNullableResult(ResultSet rs, String columnName) throws SQLException {
-        return getArray(rs.getArray(columnName));
+        return parseJsonArray(rs.getString(columnName));
     }
 
     @Override
     public String[] getNullableResult(ResultSet rs, int columnIndex) throws SQLException {
-        return getArray(rs.getArray(columnIndex));
+        return parseJsonArray(rs.getString(columnIndex));
     }
 
     @Override
     public String[] getNullableResult(CallableStatement cs, int columnIndex) throws SQLException {
-        return getArray(cs.getArray(columnIndex));
+        return parseJsonArray(cs.getString(columnIndex));
     }
 
-    private String[] getArray(Array array) throws SQLException {
-        if (array != null) {
-            Object[] objArray = (Object[]) array.getArray();
-            return Arrays.copyOf(objArray, objArray.length, String[].class);
+    /**
+     * 将 JSON 字符串解析为 String[]
+     */
+    static String[] parseJsonArray(String value) {
+        if (value == null || value.isEmpty() || "[]".equals(value.trim())) {
+            return new String[0];
         }
-        return null;
+        if (!value.startsWith("[") || !value.endsWith("]")) {
+            // 兼容旧的逗号分隔格式
+            return value.split(",", -1);
+        }
+        String content = value.substring(1, value.length() - 1).trim();
+        if (content.isEmpty()) {
+            return new String[0];
+        }
+        List<String> list = new ArrayList<>();
+        int pos = 0;
+        int len = content.length();
+        while (pos < len) {
+            if (content.charAt(pos) == '"') {
+                int end = pos + 1;
+                while (end < len) {
+                    if (content.charAt(end) == '"' && (end == 0 || content.charAt(end - 1) != '\\')) {
+                        break;
+                    }
+                    end++;
+                }
+                String item = content.substring(pos + 1, end);
+                item = item.replace("\\\"", "\"").replace("\\\\", "\\");
+                list.add(item);
+                pos = end + 1;
+                // skip comma and whitespace
+                while (pos < len && (content.charAt(pos) == ',' || content.charAt(pos) == ' ')) {
+                    pos++;
+                }
+            } else {
+                // unquoted value (comma-separated)
+                int end = pos;
+                while (end < len && content.charAt(end) != ',') {
+                    end++;
+                }
+                list.add(content.substring(pos, end).trim());
+                pos = end + 1;
+            }
+        }
+        return list.toArray(new String[0]);
     }
-}
\ No newline at end of file
+
+    /**
+     * 将 String[] 序列化为 JSON 数组字符串
+     */
+    static String toJsonArray(String[] array) {
+        if (array == null) {
+            return null;
+        }
+        if (array.length == 0) {
+            return "[]";
+        }
+        StringBuilder sb = new StringBuilder("[");
+        for (int i = 0; i < array.length; i++) {
+            if (i > 0) sb.append(",");
+            sb.append("\"");
+            if (array[i] != null) {
+                sb.append(array[i].replace("\\", "\\\\").replace("\"", "\\\""));
+            }
+            sb.append("\"");
+        }
+        sb.append("]");
+        return sb.toString();
+    }
+}
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlocking.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlocking.java
index 6ce07ee..1c16f59 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlocking.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlocking.java
@@ -1,6 +1,6 @@
 package com.common.entity;
 
-import java.time.OffsetDateTime;
+import java.time.LocalDateTime;
 
 /**
  * 联动设备表实体类（防火墙设备信息）
@@ -17,9 +17,9 @@ public class DeviceInterlocking {
     private String tenantId;
     private Long createDept;
     private Long createBy;
-    private OffsetDateTime createTime;
+    private LocalDateTime createTime;
     private Long updateBy;
-    private OffsetDateTime updateTime;
+    private LocalDateTime updateTime;
     private String remark;
     private String authUsername;              // 用户名
     private String authPassword;              // 密码
@@ -55,14 +55,14 @@ public class DeviceInterlocking {
     public Long getCreateBy() { return createBy; }
     public void setCreateBy(Long createBy) { this.createBy = createBy; }
 
-    public OffsetDateTime getCreateTime() { return createTime; }
-    public void setCreateTime(OffsetDateTime createTime) { this.createTime = createTime; }
+    public LocalDateTime getCreateTime() { return createTime; }
+    public void setCreateTime(LocalDateTime createTime) { this.createTime = createTime; }
 
     public Long getUpdateBy() { return updateBy; }
     public void setUpdateBy(Long updateBy) { this.updateBy = updateBy; }
 
-    public OffsetDateTime getUpdateTime() { return updateTime; }
-    public void setUpdateTime(OffsetDateTime updateTime) { this.updateTime = updateTime; }
+    public LocalDateTime getUpdateTime() { return updateTime; }
+    public void setUpdateTime(LocalDateTime updateTime) { this.updateTime = updateTime; }
 
     public String getRemark() { return remark; }
     public void setRemark(String remark) { this.remark = remark; }
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlockingCmd.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlockingCmd.java
index 29343a0..c01ab29 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlockingCmd.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlockingCmd.java
@@ -4,9 +4,8 @@ import com.Modules.etl.handler.ArrayIntegerTypeHandler;
 import com.Modules.etl.handler.ArrayStringTypeHandler;
 import org.apache.ibatis.type.JdbcType;
 import org.apache.ibatis.type.TypeHandler;
-import org.apache.ibatis.type.ArrayTypeHandler;
 
-import java.time.OffsetDateTime;
+import java.time.LocalDateTime;
 import java.util.Arrays;
 import java.util.List;
 
@@ -25,8 +24,8 @@ public class DeviceInterlockingCmd {
     private String banType;                    // 封禁类型（1:白名单、0:黑名单）
     private String cmdStatus;                  // 指令状态（0:未执行、1:已完成、2:执行中）
     private Integer banDuration;              // 封禁时长（秒，-1表示永久）
-    private OffsetDateTime createTime;
-    private OffsetDateTime updateTime;
+    private LocalDateTime createTime;
+    private LocalDateTime updateTime;
     private String tenantId;
     private Long createDept;
     private Long createBy;
@@ -65,11 +64,11 @@ public class DeviceInterlockingCmd {
     public Integer getBanDuration() { return banDuration; }
     public void setBanDuration(Integer banDuration) { this.banDuration = banDuration; }
 
-    public OffsetDateTime getCreateTime() { return createTime; }
-    public void setCreateTime(OffsetDateTime createTime) { this.createTime = createTime; }
+    public LocalDateTime getCreateTime() { return createTime; }
+    public void setCreateTime(LocalDateTime createTime) { this.createTime = createTime; }
 
-    public OffsetDateTime getUpdateTime() { return updateTime; }
-    public void setUpdateTime(OffsetDateTime updateTime) { this.updateTime = updateTime; }
+    public LocalDateTime getUpdateTime() { return updateTime; }
+    public void setUpdateTime(LocalDateTime updateTime) { this.updateTime = updateTime; }
 
     public String getTenantId() { return tenantId; }
     public void setTenantId(String tenantId) { this.tenantId = tenantId; }
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlockingLog.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlockingLog.java
index 516c829..c4147ee 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlockingLog.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/entity/DeviceInterlockingLog.java
@@ -1,6 +1,6 @@
 package com.common.entity;
 
-import java.time.OffsetDateTime;
+import java.time.LocalDateTime;
 
 /**
  * 封禁记录表实体类
@@ -12,15 +12,15 @@ public class DeviceInterlockingLog {
     private Long deviceInterlockingId;         // 封禁设备ID
     private String banIp;                     // 封禁IP地址
     private String deviceName;                 // 封禁设备名称
-    private OffsetDateTime banTime;            // 封禁时间
+    private LocalDateTime banTime;            // 封禁时间
     private String banMethod;                  // 封禁方式（0.人工、1.自动化封禁）
     private Integer banResult;                // 联动结果（成功：1、失败：0）
     private String tenantId;
     private Long createDept;
     private Long createBy;
-    private OffsetDateTime createTime;
+    private LocalDateTime createTime;
     private Long updateBy;
-    private OffsetDateTime updateTime;
+    private LocalDateTime updateTime;
     private String remark;
     private String respBody;                 // 响应body
     private String reqBody;                   // 请求body
@@ -41,8 +41,8 @@ public class DeviceInterlockingLog {
     public String getDeviceName() { return deviceName; }
     public void setDeviceName(String deviceName) { this.deviceName = deviceName; }
 
-    public OffsetDateTime getBanTime() { return banTime; }
-    public void setBanTime(OffsetDateTime banTime) { this.banTime = banTime; }
+    public LocalDateTime getBanTime() { return banTime; }
+    public void setBanTime(LocalDateTime banTime) { this.banTime = banTime; }
 
     public String getBanMethod() { return banMethod; }
     public void setBanMethod(String banMethod) { this.banMethod = banMethod; }
@@ -59,14 +59,14 @@ public class DeviceInterlockingLog {
     public Long getCreateBy() { return createBy; }
     public void setCreateBy(Long createBy) { this.createBy = createBy; }
 
-    public OffsetDateTime getCreateTime() { return createTime; }
-    public void setCreateTime(OffsetDateTime createTime) { this.createTime = createTime; }
+    public LocalDateTime getCreateTime() { return createTime; }
+    public void setCreateTime(LocalDateTime createTime) { this.createTime = createTime; }
 
     public Long getUpdateBy() { return updateBy; }
     public void setUpdateBy(Long updateBy) { this.updateBy = updateBy; }
 
-    public OffsetDateTime getUpdateTime() { return updateTime; }
-    public void setUpdateTime(OffsetDateTime updateTime) { this.updateTime = updateTime; }
+    public LocalDateTime getUpdateTime() { return updateTime; }
+    public void setUpdateTime(LocalDateTime updateTime) { this.updateTime = updateTime; }
 
     public String getRemark() { return remark; }
     public void setRemark(String remark) { this.remark = remark; }
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/AlarmMapper.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/AlarmMapper.java
index b8a5ffc..f06eefb 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/AlarmMapper.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/AlarmMapper.java
@@ -15,7 +15,7 @@ public interface AlarmMapper {
             "INSERT INTO alarm (",
             "id, created_at, alarm_name, alarm_level, alarm_type, ",
             "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, victim_web_url, ",
-            "device_id, comment,origin_log_ids,log_start_at, log_end_at, window_time, http_status, ",
+            "device_id, \"comment\",origin_log_ids,log_start_at, log_end_at, window_time, http_status, ",
             "attack_port, victim_port, attack_method, etl_time, log_count, ",
             "attack_chain_phase, disposition_advice, attack_direction, ",
             "judged_state, disposed_state, attack_result, fall, payload,  dns_info, engine_type,   " ,
@@ -52,7 +52,7 @@ public interface AlarmMapper {
     @Insert("INSERT INTO alarm (" +
             "id, created_at, alarm_name, alarm_level, alarm_type, " +
             "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, victim_web_url, " +
-            "device_id, comment,origin_log_ids, log_start_at, log_end_at, window_time, http_status, " +
+            "device_id, \"comment\",origin_log_ids, log_start_at, log_end_at, window_time, http_status, " +
             "attack_port, victim_port, attack_method, etl_time, log_count, " +
             "attack_chain_phase, disposition_advice, attack_direction, " +
             "judged_state, disposed_state, attack_result, fall, payload, dns_info, engine_type,  " +
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/AlarmVisitMapper.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/AlarmVisitMapper.java
index 00b1948..9a20855 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/AlarmVisitMapper.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/AlarmVisitMapper.java
@@ -19,7 +19,7 @@ public interface AlarmVisitMapper {
             "INSERT INTO alarm_visit (",
             "id, created_at, alarm_name, alarm_level, alarm_type, ",
             "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, victim_web_url, ",
-            "device_id, comment,origin_log_ids,log_start_at, log_end_at,window_time, http_status, ",
+            "device_id, \"comment\",origin_log_ids,log_start_at, log_end_at,window_time, http_status, ",
             "attack_port, victim_port, attack_method, etl_time, log_count, ",
             "attack_chain_phase, disposition_advice, attack_direction, ",
             "judged_state, disposed_state, attack_result, fall, payload, dns_info, engine_type,  " ,
@@ -56,7 +56,7 @@ public interface AlarmVisitMapper {
     @Insert("INSERT INTO alarm_visit (" +
             "id, created_at, alarm_name, alarm_level, alarm_type, " +
             "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, victim_web_url,  " +
-            "device_id, comment,origin_log_ids, log_start_at, log_end_at, window_time,http_status, " +
+            "device_id, \"comment\",origin_log_ids, log_start_at, log_end_at, window_time,http_status, " +
             "attack_port, victim_port, attack_method, etl_time, log_count, " +
             "attack_chain_phase, disposition_advice, attack_direction, " +
             "judged_state, disposed_state, attack_result, fall, payload, dns_info,engine_type, " +
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceCollectHeartbeatMapper.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceCollectHeartbeatMapper.java
index b74af1b..a169f07 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceCollectHeartbeatMapper.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceCollectHeartbeatMapper.java
@@ -37,22 +37,37 @@ public interface DeviceCollectHeartbeatMapper {
 
     /**
      * 插入或更新（根据collect_id）
+     * 达梦数据库使用 MERGE INTO 实现 upsert
      */
-    @Insert("INSERT INTO device_collect_heartbeat (" +
+    @Update("MERGE INTO device_collect_heartbeat t " +
+            "USING (SELECT " +
+            "#{collectId} AS collect_id, " +
+            "#{collectName} AS collect_name, " +
+            "#{deviceIp} AS device_ip, " +
+            "#{appVersion} AS app_version, " +
+            "#{lastHeartbeat} AS last_heartbeat, " +
+            "#{heartbeatCount} AS heartbeat_count, " +
+            "#{status} AS status, " +
+            "#{failCount} AS fail_count, " +
+            "#{updateTime} AS update_time " +
+            "FROM DUAL) s " +
+            "ON (t.collect_id = s.collect_id) " +
+            "WHEN MATCHED THEN UPDATE SET " +
+            "t.collect_name = s.collect_name, " +
+            "t.device_ip = s.device_ip, " +
+            "t.app_version = s.app_version, " +
+            "t.last_heartbeat = s.last_heartbeat, " +
+            "t.heartbeat_count = s.heartbeat_count, " +
+            "t.status = s.status, " +
+            "t.fail_count = s.fail_count, " +
+            "t.update_time = s.update_time " +
+            "WHEN NOT MATCHED THEN INSERT (" +
             "collect_id, collect_name, device_ip, app_version, last_heartbeat, " +
-            "heartbeat_count, status, fail_count, update_time " +
+            "heartbeat_count, status, fail_count, update_time" +
             ") VALUES (" +
-            "#{collectId}, #{collectName}, #{deviceIp}, #{appVersion}, #{lastHeartbeat}, " +
-            "#{heartbeatCount}, #{status}, #{failCount}, #{updateTime} " +
-            ") ON CONFLICT (collect_id) DO UPDATE SET " +
-            "collect_name = EXCLUDED.collect_name, " +
-            "device_ip = EXCLUDED.device_ip, " +
-            "app_version = EXCLUDED.app_version, " +
-            "last_heartbeat = EXCLUDED.last_heartbeat, " +
-            "heartbeat_count = EXCLUDED.heartbeat_count, " +
-            "status = EXCLUDED.status, " +
-            "fail_count = EXCLUDED.fail_count, " +
-            "update_time = EXCLUDED.update_time")
+            "s.collect_id, s.collect_name, s.device_ip, s.app_version, s.last_heartbeat, " +
+            "s.heartbeat_count, s.status, s.fail_count, s.update_time" +
+            ")")
     int upsert(DeviceCollectHeartbeat heartbeat);
 
     /**
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceCollectTaskMapper.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceCollectTaskMapper.java
index 3a05666..221223e 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceCollectTaskMapper.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceCollectTaskMapper.java
@@ -155,12 +155,12 @@ public interface DeviceCollectTaskMapper extends BaseMapper<DeviceCollectTask>{
             "<foreach collection='tasks' item='task' separator=';'>" +
             "UPDATE device_collect_task SET " +
             "  first_time = CASE " +
-            "    WHEN first_time IS NULL AND #{task.firstTime}::TIMESTAMP IS NOT NULL THEN #{task.firstTime}::TIMESTAMP " +
+            "    WHEN first_time IS NULL AND #{task.firstTime} IS NOT NULL THEN #{task.firstTime} " +
             "    ELSE first_time " +
             "  END, " +
-            "  last_success_time = #{task.lastSuccessTime}::TIMESTAMP, " +
-            "  last_failed_time = #{task.lastFailedTime}::TIMESTAMP, " +
-            "  updated_at = #{task.updatedAt}::TIMESTAMP " +
+            "  last_success_time = #{task.lastSuccessTime}, " +
+            "  last_failed_time = #{task.lastFailedTime}, " +
+            "  updated_at = #{task.updatedAt} " +
             "WHERE id = #{task.id}" +
             "</foreach>" +
             "</script>")
@@ -171,12 +171,12 @@ public interface DeviceCollectTaskMapper extends BaseMapper<DeviceCollectTask>{
      */
     @Update("UPDATE device_collect_task " +
             "SET first_time = CASE " +
-            "    WHEN first_time IS NULL AND #{firstTime}::TIMESTAMP IS NOT NULL THEN #{firstTime}::TIMESTAMP " +
+            "    WHEN first_time IS NULL AND #{firstTime} IS NOT NULL THEN #{firstTime} " +
             "    ELSE first_time " +
             "  END, " +
-            "  last_success_time = #{lastSuccessTime}::TIMESTAMP, " +
-            "  last_failed_time = #{lastFailTime}::TIMESTAMP, " +
-            "  updated_at = #{updateTime}::TIMESTAMP " +
+            "  last_success_time = #{lastSuccessTime}, " +
+            "  last_failed_time = #{lastFailTime}, " +
+            "  updated_at = #{updateTime} " +
             "WHERE id = #{deviceCollectId}")
     int updateTaskTime(@Param("deviceCollectId") String deviceCollectId,
                        @Param("firstTime") LocalDateTime firstTime,
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceInterlockingCmdMapper.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceInterlockingCmdMapper.java
index 57bfe7e..a51f63c 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceInterlockingCmdMapper.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceInterlockingCmdMapper.java
@@ -61,8 +61,11 @@ public interface DeviceInterlockingCmdMapper {
     @Insert("INSERT INTO device_interlocking_cmd (probe_id, probe_ip, device_interlocking_id, device_interlocking_ip, " +
             "ban_ips, ban_method, ban_type, cmd_status, ban_duration, create_time, update_time, " +
             "tenant_id, create_dept, create_by, remark, ban_operation_type) " +
-            "VALUES (#{probeId}, #{probeIp}, ARRAY[:ids], ARRAY[:ips], ARRAY[:banIps], " +
-            "#{banMethod}, #{banType}, #{cmdStatus}, #{banDuration}, NOW(), NOW(), " +
+            "VALUES (#{probeId}, #{probeIp}, " +
+            "#{deviceInterlockingId, typeHandler=com.Modules.etl.handler.ArrayIntegerTypeHandler}, " +
+            "#{deviceInterlockingIp, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, " +
+            "#{banIps, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, " +
+            "#{banMethod}, #{banType}, #{cmdStatus}, #{banDuration}, SYSDATE, SYSDATE, " +
             "#{tenantId}, #{createDept}, #{createBy}, #{remark}, #{banOperationType})")
     @Options(useGeneratedKeys = true, keyProperty = "id")
     int insert(DeviceInterlockingCmd cmd);
@@ -73,25 +76,25 @@ public interface DeviceInterlockingCmdMapper {
      * @param cmdStatus 新状态
      * @return 影响行数
      */
-    @Update("UPDATE device_interlocking_cmd SET cmd_status = #{cmdStatus}, update_time = NOW() WHERE id = #{id}")
+    @Update("UPDATE device_interlocking_cmd SET cmd_status = #{cmdStatus}, update_time = SYSDATE WHERE id = #{id}")
     int updateStatus(@Param("id") Long id, @Param("cmdStatus") String cmdStatus);
 
     /**
      * 更新指令状态为执行中
      */
-    @Update("UPDATE device_interlocking_cmd SET cmd_status = '2', update_time = NOW() WHERE id = #{id}")
+    @Update("UPDATE device_interlocking_cmd SET cmd_status = '2', update_time = SYSDATE WHERE id = #{id}")
     int updateStatusToExecuting(@Param("id") Long id);
 
     /**
      * 更新指令状态为执行完成
      */
-    @Update("UPDATE device_interlocking_cmd SET cmd_status = '1', update_time = NOW() WHERE id = #{id}")
+    @Update("UPDATE device_interlocking_cmd SET cmd_status = '1', update_time = SYSDATE WHERE id = #{id}")
     int updateStatusToCompleted(@Param("id") Long id);
 
     /**
      * 更新指令状态为执行失败
      */
-    @Update("UPDATE device_interlocking_cmd SET cmd_status = '3', update_time = NOW() WHERE id = #{id}")
+    @Update("UPDATE device_interlocking_cmd SET cmd_status = '3', update_time = SYSDATE WHERE id = #{id}")
     int updateStatusToFailed(@Param("id") Long id);
 
     /**
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceReceiveLogMapper.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceReceiveLogMapper.java
index cf38883..6124c49 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceReceiveLogMapper.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/DeviceReceiveLogMapper.java
@@ -84,7 +84,7 @@ public interface DeviceReceiveLogMapper {
      */
     @Select("SELECT device_collect_id, MAX(created_at) AS last_success_time " +
             "FROM device_receive_log " +
-            "WHERE push_success = true " +
+            "WHERE push_success = 1 " +
             "AND created_at >= CURRENT_DATE " +
             "GROUP BY device_collect_id")
     List<DeviceCollectTaskTime> selectDailySuccessTimes();
@@ -94,7 +94,7 @@ public interface DeviceReceiveLogMapper {
      */
     @Select("SELECT device_collect_id, MAX(created_at) AS last_fail_time " +
             "FROM device_receive_log " +
-            "WHERE push_success = false " +
+            "WHERE push_success = 0 " +
             "AND created_at >= CURRENT_DATE " +
             "GROUP BY device_collect_id")
     List<DeviceCollectTaskTime> selectDailyFailTimes();
@@ -104,7 +104,7 @@ public interface DeviceReceiveLogMapper {
      */
     @Select("SELECT device_collect_id, MIN(created_at) AS first_success_time " +
             "FROM device_receive_log " +
-            "WHERE push_success = true " +
+            "WHERE push_success = 1 " +
             "GROUP BY device_collect_id")
     List<DeviceCollectTaskTime> selectFirstSuccessTimes();
 
@@ -114,7 +114,7 @@ public interface DeviceReceiveLogMapper {
     @Select("SELECT device_collect_id, MIN(created_at) AS first_time, " +
             "MAX(created_at) AS last_success_time " +
             "FROM device_receive_log " +
-            "WHERE push_success = true " +
+            "WHERE push_success = 1 " +
             "AND created_at >= #{startTime} " +
             "AND created_at < #{endTime} " +
             "GROUP BY device_collect_id")
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/SyslogNormalAlarmMapper.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/SyslogNormalAlarmMapper.java
index e11ffaa..c9addc0 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/SyslogNormalAlarmMapper.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/SyslogNormalAlarmMapper.java
@@ -49,30 +49,29 @@ public interface SyslogNormalAlarmMapper {
      */
     @Select("SELECT " +
             "to_char(log_time, 'YYYYMMDD') as log_date, " +
-            "ARRAY_AGG(DISTINCT  host(src_ip)::text)  as  attack_ips, " +
+            "WM_CONCAT(DISTINCT  src_ip)  as  attack_ips, " +
             "origin_event_name, " +
             "MAX(attack_result) as attack_result, " +
             "MIN(log_time) as min_log_time, " +
             "MAX(log_time) as max_log_time, " +
             "COUNT(1) as log_count, " +
-            "ARRAY_AGG(DISTINCT  host(dest_ip)::text) as victim_ips, " +
-            "ARRAY_AGG(DISTINCT http_url) as victim_web_urls, " +
-            "ARRAY_AGG(DISTINCT device_id) as device_ids, " +
-            "ARRAY_AGG(DISTINCT id) as origin_log_ids, " +
+            "WM_CONCAT(DISTINCT  dest_ip) as victim_ips, " +
+            "WM_CONCAT(DISTINCT http_url) as victim_web_urls, " +
+            "WM_CONCAT(DISTINCT device_id) as device_ids, " +
+            "WM_CONCAT(DISTINCT id) as origin_log_ids, " +
             "MAX(event_level) as max_event_level, " +
             "MIN(origin_event_type)  AS first_event_type, " +
             "MAX(origin_event_type) as event_type, " +
             "MIN(event_type) as min_event_type, " +
-            "ARRAY_AGG(DISTINCT src_port::int4) as attack_ports, " +
-            "ARRAY_AGG(DISTINCT dest_port::int4) as victim_ports, " +
-            "ARRAY_AGG(DISTINCT http_resp_codes::text) as http_status_codes, " +
-            "ARRAY_AGG(DISTINCT payload::BYTEA) as payload_samples, " +
-            "ARRAY_AGG(DISTINCT http_req_header) as httpReqHeaders, " +
-            "ARRAY_AGG(DISTINCT http_req_body) as httpReqBodys, " +
-            "ARRAY_AGG(DISTINCT http_resp_header) as httpRespHeaders, " +
-            "ARRAY_AGG(DISTINCT http_resp_body) as httpRespBodys, " +
-            "MODE() WITHIN GROUP (ORDER BY dest_domain) as dns_info, " +
-            "STRING_AGG(DISTINCT COALESCE(host(dest_ip)::text, ''), ',') as victim_ips_str " +
+            "WM_CONCAT(DISTINCT src_port) as attack_ports, " +
+            "WM_CONCAT(DISTINCT dest_port) as victim_ports, " +
+            "WM_CONCAT(DISTINCT http_resp_codes) as http_status_codes, " +
+            "WM_CONCAT(DISTINCT payload) as payload_samples, " +
+            "WM_CONCAT(DISTINCT http_req_header) as httpReqHeaders, " +
+            "WM_CONCAT(DISTINCT http_req_body) as httpReqBodys, " +
+            "WM_CONCAT(DISTINCT http_resp_header) as httpRespHeaders, " +
+            "WM_CONCAT(DISTINCT http_resp_body) as httpRespBodys, " +
+            "LISTAGG(DISTINCT COALESCE(dest_ip, ''), ',') as victim_ips_str " +
             "FROM syslog_normal_alarm  " +
             "WHERE log_time >= #{startTime} AND log_time < #{endTime} " +
             "AND event_level >= 1 AND src_ip NOT IN ('127.0.0.1', '127.0.0.2') " +
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/SyslogNormalDataMapper.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/SyslogNormalDataMapper.java
index 358218c..7ef7737 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/SyslogNormalDataMapper.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/SyslogNormalDataMapper.java
@@ -46,30 +46,29 @@ public interface SyslogNormalDataMapper {
      */
     @Select("SELECT " +
             "to_char(log_time, 'YYYYMMDD') as log_date, " +
-            "ARRAY_AGG(DISTINCT  host(src_ip)::text)  as  attack_ips, " +
+            "WM_CONCAT(DISTINCT  src_ip)  as  attack_ips, " +
             "origin_event_name, " +
             "MAX(attack_result) as attack_result, " +
             "MIN(log_time) as min_log_time, " +
             "MAX(log_time) as max_log_time, " +
             "COUNT(1) as log_count, " +
-            "ARRAY_AGG(DISTINCT  host(dest_ip)::text) as victim_ips, " +
-            "ARRAY_AGG(DISTINCT http_url) as victim_web_urls, " +
-            "ARRAY_AGG(DISTINCT device_id) as device_ids, " +
-            "ARRAY_AGG(DISTINCT id) as origin_log_ids, " +
+            "WM_CONCAT(DISTINCT  dest_ip) as victim_ips, " +
+            "WM_CONCAT(DISTINCT http_url) as victim_web_urls, " +
+            "WM_CONCAT(DISTINCT device_id) as device_ids, " +
+            "WM_CONCAT(DISTINCT id) as origin_log_ids, " +
             "MAX(event_level) as max_event_level, " +
             "MIN(origin_event_type)  AS first_event_type, " +
             "MAX(origin_event_type) as event_type, " +
             "MIN(event_type) as min_event_type, " +
-            "ARRAY_AGG(DISTINCT src_port::int4) as attack_ports, " +
-            "ARRAY_AGG(DISTINCT dest_port::int4) as victim_ports, " +
-            "ARRAY_AGG(DISTINCT http_resp_codes::text) as http_status_codes, " +
-            "ARRAY_AGG(DISTINCT payload::BYTEA) as payload_samples, " +
-            "ARRAY_AGG(DISTINCT http_req_header) as httpReqHeaders, " +
-            "ARRAY_AGG(DISTINCT http_req_body) as httpReqBodys, " +
-            "ARRAY_AGG(DISTINCT http_resp_header) as httpRespHeaders, " +
-            "ARRAY_AGG(DISTINCT http_resp_body) as httpRespBodys, " +
-            "MODE() WITHIN GROUP (ORDER BY dest_domain) as dns_info, " +
-            "STRING_AGG(DISTINCT COALESCE(host(dest_ip)::text, ''), ',') as victim_ips_str " +
+            "WM_CONCAT(DISTINCT src_port) as attack_ports, " +
+            "WM_CONCAT(DISTINCT dest_port) as victim_ports, " +
+            "WM_CONCAT(DISTINCT http_resp_codes) as http_status_codes, " +
+            "WM_CONCAT(DISTINCT payload) as payload_samples, " +
+            "WM_CONCAT(DISTINCT http_req_header) as httpReqHeaders, " +
+            "WM_CONCAT(DISTINCT http_req_body) as httpReqBodys, " +
+            "WM_CONCAT(DISTINCT http_resp_header) as httpRespHeaders, " +
+            "WM_CONCAT(DISTINCT http_resp_body) as httpRespBodys, " +
+            "LISTAGG(DISTINCT COALESCE(dest_ip, ''), ',') as victim_ips_str " +
             "FROM syslog_normal_data " +
             "WHERE log_time >= #{startTime} AND log_time < #{endTime} " +
             "AND   http_resp_codes =200 and   origin_event_type <> ''   and  origin_event_name='访问日志' AND src_ip NOT IN ('127.0.0.1', '127.0.0.2') " +
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/WecomNotificationMapper.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/WecomNotificationMapper.java
index abd6f61..24d81eb 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/WecomNotificationMapper.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/mapper/WecomNotificationMapper.java
@@ -18,12 +18,12 @@ public interface WecomNotificationMapper {
             "wecom_notification_time, tenant_id, create_dept, create_by, create_time, " +
             "update_by, update_time, remark, wecom_notification_status" +
             ") VALUES (" +
-            "nextval('seq_wecom_notification'), #{userId}, #{wecomNotificationName}, #{wecomNotificationIp}, " +
+            "seq_wecom_notification.NEXTVAL, #{userId}, #{wecomNotificationName}, #{wecomNotificationIp}, " +
             "#{wecomNotificationType}, #{wecomNotificationLevel}, #{wecomNotificationContent}, " +
             "#{wecomNotificationTime}, #{tenantId}, #{createDept}, #{createBy}, #{createTime}, " +
             "#{updateBy}, #{updateTime}, #{remark}, #{wecomNotificationStatus}" +
             ")")
-    @SelectKey(statement = "SELECT currval('seq_wecom_notification')", keyProperty = "wecomNotificationId", resultType = Long.class, before = false)
+    @SelectKey(statement = "SELECT seq_wecom_notification.currval", keyProperty = "wecomNotificationId", resultType = Long.class, before = false)
     int insert(WecomNotification notification);
 
     /**
@@ -41,7 +41,7 @@ public interface WecomNotificationMapper {
     /**
      * 更新通知状态
      */
-    @Update("UPDATE wecom_notification SET wecom_notification_status = #{status}, update_time = NOW() " +
+    @Update("UPDATE wecom_notification SET wecom_notification_status = #{status}, update_time = SYSDATE " +
             "WHERE wecom_notification_id = #{wecomNotificationId}")
     int updateStatus(@Param("wecomNotificationId") Long wecomNotificationId, @Param("status") String status);
 }
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/schedule/PartitionTableSchedule.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/schedule/PartitionTableSchedule.java
index f048f14..b9ccaec 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/schedule/PartitionTableSchedule.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/schedule/PartitionTableSchedule.java
@@ -52,13 +52,10 @@ public class PartitionTableSchedule {
         logger.info("测试任务: 分区表创建完成");
     }
 
-
-
-
     /**
      * 每天检查第二天的分区表状态 - 凌晨2点执行
      */
-    @Scheduled(cron = "0 0 2 * * ?")
+    //@Scheduled(cron = "0 0 2 * * ?")
     public void checkTomorrowPartitionTable() {
         logger.info("开始检查第二天的分区表状态...");
 
@@ -84,7 +81,7 @@ public class PartitionTableSchedule {
     /**
      * 每周一检查未来7天的分区表状态
      */
-    @Scheduled(cron = "0 0 3 * * MON")
+    //@Scheduled(cron = "0 0 3 * * MON")
     public void checkNextWeekPartitionTables() {
         logger.info("开始检查未来7天的分区表状态...");
 
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/AccessLogAlertService.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/AccessLogAlertService.java
index 01af5f6..138a6e4 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/AccessLogAlertService.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/AccessLogAlertService.java
@@ -272,6 +272,9 @@ public class AccessLogAlertService {
             logObject.put("_source.vlan_id", "");
             logObject.put("_type", "skyeye-file");
 
+            //补充syslog_normal_data.device_id 字段
+            logObject.put("_source.device_id", logData.getDeviceId() != null ? logData.getDeviceId()  : "");
+
             requestArray.add(logObject);
         }
 
@@ -416,12 +419,25 @@ public class AccessLogAlertService {
             log.debug("算法：{},ID:{} ,AlarmNme:{} 没有返回 origin_log节点.",AlgorithmName, alarmVisit.getId(), alarmVisit.getAlarmName());
             return false;
         }
-            alarmVisit.setAttackPort( new Integer[]{alarmResult.getInteger("_source.sport")}  );
-            alarmVisit.setVictimPort( new Integer[]{alarmResult.getInteger("_source.dport")}  );
-            alarmVisit.setAttackMethod(alarmResult.getString("_source.method") );
-            String deviceIp= alarmResult.getString("_source.device_ip");
+            // _source.sport/dport 在 JSON 中为字符串类型，需要用 getString() 读取后 parseInt
+            String sportStr = originLogObject.getString("_source.sport");
+            if (sportStr != null && !sportStr.isEmpty()) {
+                alarmVisit.setAttackPort(new Integer[]{Integer.parseInt(sportStr)});
+            }
+            String dportStr = originLogObject.getString("_source.dport");
+            if (dportStr != null && !dportStr.isEmpty()) {
+                alarmVisit.setVictimPort(new Integer[]{Integer.parseInt(dportStr)});
+            }
+            alarmVisit.setAttackMethod(originLogObject.getString("_source.method"));
+            String deviceIp = originLogObject.getString("_source.device_ip");
             //alarmVisit.setDeviceId(  new Integer[]{ getDeviceID(deviceIp)}  );
-            alarmVisit.setHttpStatus( alarmResult.getString("_source.status"));
+
+            //补充alarm_visist.device_id
+            String deviceidStr = originLogObject.getString("_source.device_id");
+            if (deviceidStr != null && !deviceidStr.isEmpty()) {
+                alarmVisit.setDeviceId(new Integer[]{Integer.parseInt(deviceidStr)});
+            }
+            alarmVisit.setHttpStatus(originLogObject.getString("_source.status"));
         return true;
         } catch (Exception e) {
             log.error("算法：{} 补充原始记录日志字段异常。error:{} ",AlgorithmName,e.getMessage(), e );
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/AlarmHealthCheckService.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/AlarmHealthCheckService.java
index ab7ea69..46f4b2a 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/AlarmHealthCheckService.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/AlarmHealthCheckService.java
@@ -64,9 +64,10 @@ public class AlarmHealthCheckService {
      */
     public boolean checkAlarmTable() {
         String partitionDate = LocalDateTime.now().format(DATE_FORMATTER);
-        String tableName = "alarm_" + partitionDate;
+        String tableName = "alarm_p_" + partitionDate;
         
-        String sql = "SELECT COUNT(*) FROM " + tableName + " WHERE created_at >= NOW() - INTERVAL '" + alarmHoursThreshold + " hours'";
+        // 达梦使用 SYSDATE 和 HOUR 关键字（PG 用 NOW() / INTERVAL 'N hours'）
+        String sql = "SELECT COUNT(*) FROM " + tableName + " WHERE created_at >= SYSDATE - INTERVAL '" + alarmHoursThreshold + "' HOUR";
         
         try {
             Long count = jdbcTemplate.queryForObject(sql, Long.class);
@@ -89,9 +90,10 @@ public class AlarmHealthCheckService {
      */
     public boolean checkAlarmVisitTable() {
         String partitionDate = LocalDateTime.now().format(DATE_FORMATTER);
-        String tableName = "alarm_visit_" + partitionDate;
+        String tableName = "alarm_visit_p_" + partitionDate;
         
-        String sql = "SELECT COUNT(*) FROM " + tableName + " WHERE created_at >= NOW() - INTERVAL '" + alarmVisitHoursThreshold + " hours'";
+        // 达梦使用 SYSDATE 和 HOUR 关键字（PG 用 NOW() / INTERVAL 'N hours'）
+        String sql = "SELECT COUNT(*) FROM " + tableName + " WHERE created_at >= SYSDATE - INTERVAL '" + alarmVisitHoursThreshold + "' HOUR";
         
         try {
             Long count = jdbcTemplate.queryForObject(sql, Long.class);
@@ -123,7 +125,6 @@ public class AlarmHealthCheckService {
                 "建议: 请检查数据采集服务是否正常运行%n" +
                 "状态: 需要人工介入检查",
                 tableName,
-                LocalDateTime.now().format(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss")),
                 hoursThreshold
         );
         
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DeviceInterlockingLogService.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DeviceInterlockingLogService.java
index b251092..af885b8 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DeviceInterlockingLogService.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DeviceInterlockingLogService.java
@@ -4,7 +4,7 @@ import com.common.entity.DeviceInterlockingLog;
 import com.common.mapper.DeviceInterlockingLogMapper;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
-import java.time.OffsetDateTime;
+import java.time.LocalDateTime;
 import java.util.List;
 
 @Service
@@ -32,7 +32,7 @@ public class DeviceInterlockingLogService {
      */
     public int insert(DeviceInterlockingLog log) {
         if (log.getBanTime() == null) {
-            log.setBanTime(OffsetDateTime.now());
+            log.setBanTime(LocalDateTime.now());
         }
         return logMapper.insert(log);
     }
@@ -44,7 +44,7 @@ public class DeviceInterlockingLogService {
         if (logs != null && !logs.isEmpty()) {
             for (DeviceInterlockingLog log : logs) {
                 if (log.getBanTime() == null) {
-                    log.setBanTime(OffsetDateTime.now());
+                    log.setBanTime(LocalDateTime.now());
                 }
             }
         }
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DeviceStatsUpdateService.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DeviceStatsUpdateService.java
index f3713dc..75e48a6 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DeviceStatsUpdateService.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DeviceStatsUpdateService.java
@@ -75,14 +75,14 @@ public class DeviceStatsUpdateService {
                     "SET last_receive_time = ?, " +
                     "    today_parse_count = ?, " +
                     "    today_non_log_count = ?, " +
-                    "    updated_at = NOW() " +
+                    "    updated_at = SYSDATE " +
                     "WHERE id = ?";
 
     private static final String UPDATE_DEVICE_COUNT_SQL =
             "UPDATE device_device " +
                     "SET today_parse_count = 0, " +
                     "    today_non_log_count = 0, " +
-                    "    updated_at = NOW() " ;
+                    "    updated_at = SYSDATE " ;
 
     /**
      * 每5分钟执行一次设备统计更新（秒：0，分：*，时：*）
@@ -141,9 +141,10 @@ public class DeviceStatsUpdateService {
     private List<DeviceStatsDTO> collectDeviceStats(String today) {
         // 构建动态表名
         String receiveLogTable = "device_receive_log";
-        String normalDataTable = "syslog_normal_data_" + today;
-        String normalAlarmTable = "syslog_normal_alarm_" + today;
-        String nonNormalTable = "syslog_non_normal_message_" + today;
+        // 达梦分区表命名规则：基表名_p_日期（达梦不支持纯数字分区名）
+        String normalDataTable = "syslog_normal_data_p_" + today;
+        String normalAlarmTable = "syslog_normal_alarm_p_" + today;
+        String nonNormalTable = "syslog_non_normal_message_p_" + today;
         String sql = String.format(
                 COLLECT_DEVICE_STATS_SQL,
                 receiveLogTable,
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DmNormalizeRuleService.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DmNormalizeRuleService.java
index 58e7090..2bf5387 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DmNormalizeRuleService.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/DmNormalizeRuleService.java
@@ -77,7 +77,7 @@ public class DmNormalizeRuleService {
 
             List<Map<String, Object>>  ruleMap=dmNormalizeRuleMapper.selectByDeviceId(id);
             sqlSession.commit();
-            return ruleMap;
+            return convertClobToString(ruleMap);
 
         } catch (Exception e) {
             logger.error("DmNormalizeRuleService MyBatisUtil getSqlSession 异常", e);
@@ -95,7 +95,41 @@ public class DmNormalizeRuleService {
     {
         System.out.println("调用selectByDeviceIdAuto 方法,id:"+id);
         List<Map<String, Object>>  ruleMap=dmNormalizeRuleMapper.selectByDeviceId(id);
-        return ruleMap;
+        return convertClobToString(ruleMap);
+    }
+
+    /**
+     * 将达梦 JDBC CLOB/NCLOB 对象转换为 String，避免缓存序列化报错
+     * 达梦驱动返回的 TEXT/CLOB 列可能是 dm.jdbc.driver.DmdbNClob 等内部类型，
+     * toString() 只返回对象引用（如 DmdbNClob@xxx），必须通过 Clob 接口获取实际文本
+     */
+    private List<Map<String, Object>> convertClobToString(List<Map<String, Object>> list) {
+        if (list == null) return null;
+        for (Map<String, Object> map : list) {
+            if (map == null) continue;
+            for (Map.Entry<String, Object> entry : map.entrySet()) {
+                Object value = entry.getValue();
+                if (value != null && value.getClass().getName().startsWith("dm.jdbc.")) {
+                    try {
+                        if (value instanceof java.sql.Clob) {
+                            java.sql.Clob clob = (java.sql.Clob) value;
+                            long length = clob.length();
+                            if (length > 0) {
+                                entry.setValue(clob.getSubString(1, (int) length));
+                            } else {
+                                entry.setValue("");
+                            }
+                        } else {
+                            entry.setValue(value.toString());
+                        }
+                    } catch (Exception e) {
+                        logger.warn("CLOB/NCLOB 转换 String 失败: " + e.getMessage());
+                        entry.setValue(null);
+                    }
+                }
+            }
+        }
+        return list;
     }
 
 }
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/PartitionTableService.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/PartitionTableService.java
index c20c17a..fa28f97 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/PartitionTableService.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/PartitionTableService.java
@@ -34,7 +34,7 @@ public class PartitionTableService {
 
         try {
             LocalDate tomorrow = LocalDate.now().plusDays(1);
-            String tableName = "syslog_normal_data_" + tomorrow.format(DATE_FORMATTER);
+            String tableName = "syslog_normal_data_p_" + tomorrow.format(DATE_FORMATTER);
 
             status.setCheckDate(tomorrow);
             status.setTableName(tableName);
@@ -100,7 +100,7 @@ public class PartitionTableService {
 
         for (int i = 1; i <= days; i++) {
             LocalDate checkDate = LocalDate.now().plusDays(i);
-            String tableName = "syslog_normal_data_" + checkDate.format(DATE_FORMATTER);
+            String tableName = "syslog_normal_data_p_" + checkDate.format(DATE_FORMATTER);
 
             PartitionTableStatus status = new PartitionTableStatus();
             status.setCheckDate(checkDate);
@@ -145,7 +145,7 @@ public class PartitionTableService {
      */
     public boolean createDailyPartitionTable(LocalDate date) {
         try {
-            String tableName = "syslog_normal_data_" + date.format(DATE_FORMATTER);
+            String tableName = "syslog_normal_data_p_" + date.format(DATE_FORMATTER);
             String nextDay = date.plusDays(1).format(SQL_DATE_FORMATTER);
             String currentDay = date.format(SQL_DATE_FORMATTER);
 
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/impl/RealtimeAnalysisEngine.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/impl/RealtimeAnalysisEngine.java
index 03e9a81..c1b6407 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/impl/RealtimeAnalysisEngine.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/impl/RealtimeAnalysisEngine.java
@@ -734,7 +734,25 @@ public class RealtimeAnalysisEngine implements AnalysisEngine {
             return result;
         }
         // PostgreSQL数组以字符串形式返回，如 "{ip1,ip2,ip3}"
+        // 达梦 JSONB_AGG 返回 JSON 数组格式，如 "[41614, 8080]"
         String str = value.toString();
+        if (str.startsWith("[") && str.endsWith("]")) {
+            str = str.substring(1, str.length() - 1).trim();
+            if (str.isEmpty()) {
+                return new String[0];
+            }
+            // 拆分 JSON 数组元素（兼容带引号和纯数字）
+            String[] parts = str.split(",");
+            String[] result = new String[parts.length];
+            for (int i = 0; i < parts.length; i++) {
+                String part = parts[i].trim();
+                if (part.startsWith("\"") && part.endsWith("\"")) {
+                    part = part.substring(1, part.length() - 1);
+                }
+                result[i] = part;
+            }
+            return result;
+        }
         if (str.startsWith("{") && str.endsWith("}")) {
             str = str.substring(1, str.length() - 1);
             return str.split(",");
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/impl/SqlGeneratorServiceImpl.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/impl/SqlGeneratorServiceImpl.java
index eab92de..9925ad0 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/impl/SqlGeneratorServiceImpl.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/service/impl/SqlGeneratorServiceImpl.java
@@ -445,7 +445,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
         String sizeUnit = convertTimeUnit(window.getTumbleWindowSizeUnit());
         Integer size = window.getTumbleWindowSize();
 
-        return String.format("TUMBLE(%s, INTERVAL '%d %s') AS window_start", timeCol, size, sizeUnit);
+        return String.format("TUMBLE(%s, INTERVAL '%d' %s) AS window_start", timeCol, size, sizeUnit);
     }
 
     /**
@@ -456,7 +456,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
         String sizeUnit = convertTimeUnit(window.getTumbleWindowSizeUnit());
         Integer size = window.getTumbleWindowSize();
         //return String.format("TUMBLE_START(%s, INTERVAL '%d %s') AS window_time", timeCol, size, sizeUnit);
-        return String.format("TUMBLE(%s, INTERVAL '%d %s') AS window_time", timeCol, size, sizeUnit);
+        return String.format("TUMBLE(%s, INTERVAL '%d' %s) AS window_time", timeCol, size, sizeUnit);
     }
 
     /**
@@ -467,7 +467,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
         String sizeUnit = convertTimeUnit(window.getTumbleWindowSizeUnit());
         Integer size = window.getTumbleWindowSize();
 
-        return String.format("TUMBLE(%s, INTERVAL '%d %s')", timeCol, size, sizeUnit);
+        return String.format("TUMBLE(%s, INTERVAL '%d' %s)", timeCol, size, sizeUnit);
     }
 
     /**
@@ -480,7 +480,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
         Integer size = window.getHopWindowSize();
         Integer slide = window.getHopWindowSlide();
 
-        return String.format("HOP(%s, INTERVAL '%d %s', INTERVAL '%d %s') AS window_start",
+        return String.format("HOP(%s, INTERVAL '%d' %s, INTERVAL '%d' %s) AS window_start",
                 timeCol, size, sizeUnit, slide, slideUnit);
     }
 
@@ -496,7 +496,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
 
         //return String.format("HOP_START(%s, INTERVAL '%d %s', INTERVAL '%d %s') AS window_time",
           //      timeCol, size, sizeUnit, slide, slideUnit);
-        return String.format("HOP(%s, INTERVAL '%d %s', INTERVAL '%d %s') AS window_time",
+        return String.format("HOP(%s, INTERVAL '%d' %s, INTERVAL '%d' %s) AS window_time",
                 timeCol, size, sizeUnit, slide, slideUnit);
     }
 
@@ -510,7 +510,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
         Integer size = window.getHopWindowSize();
         Integer slide = window.getHopWindowSlide();
 
-        return String.format("HOP(%s, INTERVAL '%d %s', INTERVAL '%d %s')",
+        return String.format("HOP(%s, INTERVAL '%d' %s, INTERVAL '%d' %s)",
                 timeCol, size, sizeUnit, slide, slideUnit);
     }
 
@@ -522,7 +522,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
         String sizeUnit = convertTimeUnit(window.getSessionWindowSizeUnit());
         Integer size = window.getSessionWindowSize();
 
-        return String.format("SESSION(%s, INTERVAL '%d %s') AS window_start", timeCol, size, sizeUnit);
+        return String.format("SESSION(%s, INTERVAL '%d' %s) AS window_start", timeCol, size, sizeUnit);
     }
 
     /**
@@ -534,7 +534,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
         Integer size = window.getSessionWindowSize();
 
         //return String.format("SESSION_START(%s, INTERVAL '%d %s') AS window_time", timeCol, size, sizeUnit);
-        return String.format("SESSION(%s, INTERVAL '%d %s') AS window_time", timeCol, size, sizeUnit);
+        return String.format("SESSION(%s, INTERVAL '%d' %s) AS window_time", timeCol, size, sizeUnit);
     }
 
     /**
@@ -545,7 +545,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
         String sizeUnit = convertTimeUnit(window.getSessionWindowSizeUnit());
         Integer size = window.getSessionWindowSize();
 
-        return String.format("SESSION(%s, INTERVAL '%d %s')", timeCol, size, sizeUnit);
+        return String.format("SESSION(%s, INTERVAL '%d' %s)", timeCol, size, sizeUnit);
     }
 
     /**
@@ -747,19 +747,19 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
                 return "AVG(" + columnName + ")";
             case "DUPLICATESANDSPLICE":
                 if (StringUtils.isNotBlank(argsStr)) {
-                    return "STRING_AGG(DISTINCT " + columnName + ", '" + argsStr + "')";
+                    return "LISTAGG(DISTINCT " + columnName + ", '" + argsStr + "')";
                 }
-                return "STRING_AGG(DISTINCT " + columnName + ", ',')";
+                return "LISTAGG(DISTINCT " + columnName + ", ',')";
             case "CONCAT_AGG":
                 if (StringUtils.isNotBlank(argsStr)) {
-                    return "STRING_AGG(" + columnName + ", '" + argsStr + "')";
+                    return "LISTAGG(" + columnName + ", '" + argsStr + "')";
                 }
-                return "STRING_AGG(" + columnName + ", ',')";
+                return "LISTAGG(" + columnName + ", ',')";
             case "CONCAT_AGG_ID":
                 if (StringUtils.isNotBlank(argsStr)) {
-                    return "STRING_AGG(" + columnName + ", '" + argsStr + "')";
+                    return "LISTAGG(" + columnName + ", '" + argsStr + "')";
                 }
-                return "STRING_AGG(" + columnName + ", ',')";
+                return "LISTAGG(" + columnName + ", ',')";
             case "SPLIT_DISTINCT_CONCAT":
                 if (StringUtils.isNotBlank(argsStr)) {
                     String[] splitArgs = argsStr.split(",");
@@ -767,23 +767,23 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
                         String separator = splitArgs[0].trim();
                         String delimiter = splitArgs[1].trim();
                         String limit = splitArgs[2].trim();
-                        return "STRING_AGG(DISTINCT REGEXP_SPLIT(" + columnName + ", '" + delimiter + "'), '" + separator + "') LIMIT " + limit;
+                        return "LISTAGG(DISTINCT REGEXP_SPLIT(" + columnName + ", '" + delimiter + "'), '" + separator + "') LIMIT " + limit;
                     }
                 }
                 return columnName;
             //自定添加方法
             case "MODE_WITH_GROUP":
-                return "MODE() WITHIN GROUP (ORDER BY   " + columnName + ")";
+
+               return   "MAX( " + columnName + ") KEEP (DENSE_RANK FIRST ORDER BY dest_ip DESC)";
 
             // 聚合函数（兼容旧代码）
             case "ARRAY_AGG":
-
-                return "ARRAY_AGG(DISTINCT " + columnName + ")";
+                return "JSONB_AGG(DISTINCT " + columnName + ")";
             case "STRING_AGG":
                 if (StringUtils.isNotBlank(argsStr)) {
-                    return "STRING_AGG(" + columnSafeWrap(columnName) + ", " + argsStr + ")";
+                    return "LISTAGG(" + columnSafeWrap(columnName) + ", " + argsStr + ")";
                 }
-                return "STRING_AGG(DISTINCT " + columnName + ", ',')";
+                return "LISTAGG(DISTINCT " + columnName + ", ',')";
 
             // 时间函数
             case "YEAR":
@@ -847,7 +847,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
             case "TO_CHAR":
                 return "TO_CHAR(" + columnName + ", 'YYYYMMDD')";
             case "HOST":
-                return "HOST(" + columnName + ")::text";
+                return columnName;
             default:
                 return functionName + "(" + columnName + ")";
         }
@@ -938,12 +938,7 @@ public class SqlGeneratorServiceImpl implements SqlGeneratorService {
      * 列名安全包装（处理类型转换）
      */
     private String columnSafeWrap(String columnName) {
-        if (columnName.toLowerCase().contains("ip")) {
-            return "host(" + columnName + ")::text";
-        }
-        if (columnName.toLowerCase().contains("port")) {
-            return columnName + "::int4";
-        }
+        // DM不需要类型转换，直接返回列名
         return columnName;
     }
 
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/common/util/JsonbUtil.java b/haobang-security-dm/syslog-consumer/src/main/java/com/common/util/JsonbUtil.java
index a3d0ca5..3b05f88 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/common/util/JsonbUtil.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/common/util/JsonbUtil.java
@@ -22,6 +22,18 @@ public class JsonbUtil {
             return null;
         }
 
+        // 达梦数据库：TEXT/CLOB 列返回 dm.jdbc.driver.DmdbNClob 对象，
+        // toString() 只返回对象引用而非实际内容，必须通过 Clob 接口读取
+        if (value instanceof java.sql.Clob) {
+            try {
+                java.sql.Clob clob = (java.sql.Clob) value;
+                long length = clob.length();
+                value = length > 0 ? clob.getSubString(1, (int) length) : "";
+            } catch (Exception e) {
+                value = value.toString();
+            }
+        }
+
         // 如果已经是字符串，直接返回
         if (value instanceof String) {
             String strValue = (String) value;
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/config/CacheConfig.java b/haobang-security-dm/syslog-consumer/src/main/java/com/config/CacheConfig.java
index 4daedcf..6ac6023 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/config/CacheConfig.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/config/CacheConfig.java
@@ -1,8 +1,16 @@
 package com.config;
 
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanDescription;
+import com.fasterxml.jackson.databind.JsonSerializer;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationConfig;
+import com.fasterxml.jackson.databind.SerializerProvider;
 import com.fasterxml.jackson.databind.jsontype.BasicPolymorphicTypeValidator;
 import com.fasterxml.jackson.databind.jsontype.PolymorphicTypeValidator;
+import com.fasterxml.jackson.databind.jsontype.TypeSerializer;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+import com.fasterxml.jackson.databind.ser.BeanSerializerModifier;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import org.springframework.cache.CacheManager;
 import org.springframework.cache.annotation.EnableCaching;
@@ -15,6 +23,7 @@ import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSeriali
 import org.springframework.data.redis.serializer.RedisSerializationContext;
 import org.springframework.data.redis.serializer.StringRedisSerializer;
 import com.fasterxml.jackson.databind.DeserializationFeature;
+import java.io.IOException;
 import java.time.Duration;
 import java.util.Collections;
 import org.springframework.context.annotation.Primary;
@@ -35,6 +44,33 @@ public class CacheConfig {
         // 禁用将日期序列化为时间戳
         mapper.disable(com.fasterxml.jackson.databind.SerializationFeature.WRITE_DATES_AS_TIMESTAMPS);
 
+        // 注册达梦 JDBC 安全序列化器 — 拦截 dm.jdbc.* 类，直接返回 null 防止循环引用 StackOverflow
+        SimpleModule dmSafeModule = new SimpleModule("dm-safe");
+        dmSafeModule.setSerializerModifier(new BeanSerializerModifier() {
+            @Override
+            public JsonSerializer<?> modifySerializer(SerializationConfig config,
+                                                       BeanDescription beanDesc,
+                                                       JsonSerializer<?> serializer) {
+                if (beanDesc.getBeanClass().getName().startsWith("dm.jdbc.")) {
+                    return new JsonSerializer<Object>() {
+                        @Override
+                        public void serialize(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers) throws IOException {
+                            gen.writeNull();
+                        }
+
+                        @Override
+                        public void serializeWithType(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers, TypeSerializer typeSer) throws IOException {
+                            gen.writeNull();
+                        }
+                    };
+                }
+                return serializer;
+            }
+        });
+        mapper.registerModule(dmSafeModule);
+
         // 启用类型信息，解决 LinkedHashMap 转换问题
         PolymorphicTypeValidator ptv = BasicPolymorphicTypeValidator.builder()
                 .allowIfSubType("com.common.entity.")    // 允许你的实体类包
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/config/RedisConfig.java b/haobang-security-dm/syslog-consumer/src/main/java/com/config/RedisConfig.java
index 3bd7321..134af0f 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/config/RedisConfig.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/config/RedisConfig.java
@@ -1,6 +1,14 @@
 package com.config;
 
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanDescription;
+import com.fasterxml.jackson.databind.JsonSerializer;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationConfig;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.jsontype.TypeSerializer;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+import com.fasterxml.jackson.databind.ser.BeanSerializerModifier;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -9,6 +17,8 @@ import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer;
 import org.springframework.data.redis.serializer.StringRedisSerializer;
 
+import java.io.IOException;
+
 @Configuration
 public class RedisConfig {
 
@@ -23,6 +33,32 @@ public class RedisConfig {
 
         ObjectMapper mapper = new ObjectMapper();
         mapper.registerModule(new JavaTimeModule());
+        // 注册达梦 JDBC 安全序列化器 — 拦截 dm.jdbc.* 类，直接返回 null 防止循环引用 StackOverflow
+        SimpleModule dmSafeModule = new SimpleModule("dm-safe");
+        dmSafeModule.setSerializerModifier(new BeanSerializerModifier() {
+            @Override
+            public JsonSerializer<?> modifySerializer(SerializationConfig config,
+                                                       BeanDescription beanDesc,
+                                                       JsonSerializer<?> serializer) {
+                if (beanDesc.getBeanClass().getName().startsWith("dm.jdbc.")) {
+                    return new JsonSerializer<Object>() {
+                        @Override
+                        public void serialize(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers) throws IOException {
+                            gen.writeNull();
+                        }
+
+                        @Override
+                        public void serializeWithType(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers, TypeSerializer typeSer) throws IOException {
+                            gen.writeNull();
+                        }
+                    };
+                }
+                return serializer;
+            }
+        });
+        mapper.registerModule(dmSafeModule);
         mapper.activateDefaultTyping(
                 mapper.getPolymorphicTypeValidator(),
                 ObjectMapper.DefaultTyping.NON_FINAL
diff --git a/haobang-security-dm/syslog-consumer/src/main/java/com/config/WebConfig.java b/haobang-security-dm/syslog-consumer/src/main/java/com/config/WebConfig.java
index 5f52013..7330f38 100644
--- a/haobang-security-dm/syslog-consumer/src/main/java/com/config/WebConfig.java
+++ b/haobang-security-dm/syslog-consumer/src/main/java/com/config/WebConfig.java
@@ -1,8 +1,16 @@
 package com.config;
 
 
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanDescription;
 import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.JsonSerializer;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationConfig;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.jsontype.TypeSerializer;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+import com.fasterxml.jackson.databind.ser.BeanSerializerModifier;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -10,6 +18,7 @@ import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
+import java.io.IOException;
 import java.util.List;
 
 @Configuration
@@ -28,6 +37,33 @@ public class WebConfig implements WebMvcConfigurer {
         // 禁用将日期序列化为时间戳
         mapper.disable(com.fasterxml.jackson.databind.SerializationFeature.WRITE_DATES_AS_TIMESTAMPS);
 
+        // 注册达梦 JDBC 安全序列化器 — 拦截 dm.jdbc.* 类，直接返回 null 防止循环引用 StackOverflow
+        SimpleModule dmSafeModule = new SimpleModule("dm-safe");
+        dmSafeModule.setSerializerModifier(new BeanSerializerModifier() {
+            @Override
+            public JsonSerializer<?> modifySerializer(SerializationConfig config,
+                                                       BeanDescription beanDesc,
+                                                       JsonSerializer<?> serializer) {
+                if (beanDesc.getBeanClass().getName().startsWith("dm.jdbc.")) {
+                    return new JsonSerializer<Object>() {
+                        @Override
+                        public void serialize(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers) throws IOException {
+                            gen.writeNull();
+                        }
+
+                        @Override
+                        public void serializeWithType(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers, TypeSerializer typeSer) throws IOException {
+                            gen.writeNull();
+                        }
+                    };
+                }
+                return serializer;
+            }
+        });
+        mapper.registerModule(dmSafeModule);
+
         // 忽略未知属性
         mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
 
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/application-dev.properties b/haobang-security-dm/syslog-consumer/src/main/resources/application-dev.properties
index a468313..8794954 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/application-dev.properties
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/application-dev.properties
@@ -9,7 +9,6 @@ server.error.include-binding-errors=always
 #run.environment:  dev|test|pro
 server.run.environment=dev
 
-
 # Syslog Server Configuration
 syslog.tcp.port=514
 syslog.udp.port=514
@@ -17,15 +16,15 @@ syslog.max.frame.length=65536
 syslog.buffer.size=1000
 syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
 # InfluxDB 2.7 Configuration
-influxdb.url=http://192.168.222.131:8086
-influxdb.token=3Tvu-IZWtaY03UDkbUDlufD0kxn85keo9LhYQcv2Cxk0LJmXqqHkNVrO664DbaJAYwoGI7UIg904KqZC7Q_ZFA==
-influxdb.org=yelang
+influxdb.url=http://192.168.4.99:8087
+influxdb.token=JsUyvU8vhQEFlMM_el4Drm87fyh707IhwJNsPBucPghSdbVmdQ-UvmPcyP5NTzWxsRfEz0T51Rw4ebZUuUrmZg==
+influxdb.org=influxdb
 influxdb.bucket=yelangbucket
 influxdb.batch.size=1000
 influxdb.flush.interval=1000
 influxdb.retry.attempts=3
 influxdb.retry.delay=1000
-# InfluxDB 2.7 ���ӳ�ʱ����
+# InfluxDB 2.7 连接超时配置
 influxdb.connection.timeout=30s
 influxdb.connection.read-timeout=30s
 influxdb.connection.write-timeout=60s
@@ -36,16 +35,16 @@ app.metrics.enabled=true
 
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://117.72.68.72:54329/ecosys
-spring.datasource.username=postgres
-spring.datasource.password=TnLanWaidYSwTSG5
-spring.datasource.driver-class-name=org.postgresql.Driver
-
+spring.datasource.url=jdbc:dm://192.168.4.99:5237
+spring.datasource.username=SYSDBA
+spring.datasource.password=caZ2TcmXNSW8L2Ap
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
 
-#mybatis handler ��
+#mybatis handler 类
 mybatis.configuration.default-statement-timeout=30
 mybatis.configuration.default-fetch-size=1000
 mybatis.configuration.map-underscore-to-camel-case=true
@@ -53,12 +52,12 @@ mybatis.type-handlers-package=com.Modules.etl.handler
 mybatis-plus.configuration.map-underscore-to-camel-case=true
 mybatis-plus.type-handlers-package=com.Modules.etl.handler
 # kafka Configuration
-spring.kafka.consumer.bootstrap-servers=192.168.222.130:9092
-spring.kafka.consumer.group-id=test-group-app
+spring.kafka.consumer.bootstrap-servers=192.168.4.99:9092
+spring.kafka.consumer.group-id=test-group
 spring.kafka.consumer.auto-offset-reset=latest
 spring.kafka.consumer.enable-auto-commit=false 
 spring.kafka.consumer.auto-commit-interval=1000
-spring.kafka.consumer.topic=test-topic
+spring.kafka.consumer.topic=agent-syslog-topic
 
 spring.kafka.consumer.max-poll-records=1000
 spring.kafka.consumer.properties.max.poll.interval.ms=300000
@@ -71,23 +70,22 @@ spring.kafka.listener.ack-mode= manual
 spring.kafka.listener.concurrency= 2  
 spring.kafka.listener.type=batch
 
-
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
-# ����������������
+# 开发环境缓存配置
 spring.redis.host=localhost
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=
 spring.redis.database=0
 spring.redis.timeout=2000
@@ -96,11 +94,11 @@ spring.redis.lettuce.pool.max-active=8
 spring.redis.lettuce.pool.max-wait=-1
 spring.redis.lettuce.pool.max-idle=8
 spring.redis.lettuce.pool.min-idle=0
-# ������������ʱ��϶̣��������
+# 开发环境缓存时间较短，方便调试
 spring.cache.redis.time-to-live=600000
 
 
-# Ӧ�ô���������
+# 应用处理器配置
 app.processor.thread-pool.core-pool-size=10
 app.processor.thread-pool.max-pool-size=20
 app.processor.thread-pool.queue-capacity=2000
@@ -109,20 +107,20 @@ app.processor.batch-size=100
 app.processor.process-timeout-ms=30000
 
 
-# ���� Elasticsearch
-# Elasticsearch���ӵ�ַ
+# 配置 Elasticsearch
+# Elasticsearch连接地址
 spring.elasticsearch.uris=http://192.168.1.174:9200
-# ���� Elasticsearch �û���
+# 配置 Elasticsearch 用户名
 spring.elasticsearch.username=CONTAINER_NAME
-# ���� Elasticsearch ����
+# 配置 Elasticsearch 密码
 spring.elasticsearch.password=t2NZCiajmdazxBrF
-# ���ӳ�ʱʱ��
+# 连接超时时间
 spring.elasticsearch.connection-timeout=10s
-# Socket ��ʱʱ��
+# Socket 超时时间
 spring.elasticsearch.socket-timeout=30s
 
 
-# ETL����
+# ETL配置
 etl.batch.page-size=1000
 etl.batch.insert-batch-size=500
 etl.schedule.cron=0 0 2 * * ?
@@ -136,53 +134,54 @@ spring.datasource.hikari.minimum-idle=5
 spring.datasource.hikari.connection-timeout=30000
 spring.datasource.hikari.idle-timeout=600000
 spring.datasource.hikari.max-lifetime=900000
-spring.datasource.hikari.connection-test-query=SELECT 1
+spring.datasource.hikari.connection-test-query=SELECT 1 FROM DUAL
 spring.datasource.hikari.validation-timeout=5000
 spring.datasource.hikari.leak-detection-threshold=30000          
 spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer
 spring.datasource.hikari.auto-commit=false
-spring.datasource.hikari.schema=public
 
-# ����������������
+# 关联分析规则配置
 analysis.realtime.enabled= true
-# ��������룩 - Ĭ��10��
+# 检查间隔（秒） - 默认10秒
 analysis.realtime.check-interval-seconds: 10
 
 
 
 # ============================================
-# ̽������API����
+# 探针联动API配置
 # ============================================
-# API-KEY��֤��32λ������ʹ��������ɵ���Կ��
+# API-KEY认证（32位，建议使用随机生成的密钥）
 interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
-# API�ӿڻ���URL����syslog-serve���ã�
-interlocking.api.base-url=http://192.168.222.131:8089/xdrservice/interlocking
+# API接口基础URL（供syslog-serve调用）
+interlocking.api.base-url=http://localhost:8089/xdrservice/interlocking
 
 # ============================================
-# �澯�����������
+# 告警健康检查配置
 # ============================================
-# �澯����������ֵ��Сʱ��
-alarm.health-check.alarm-hours=2
-# �澯��־����������ֵ��Сʱ��
-alarm.health-check.alarm-visit-hours=4
-# �Ƿ����ö�ʱѲ��
+# 告警表无数据阈值（小时）
+alarm.health-check.alarm-hours=4
+# 告警日志表无数据阈值（小时）
+alarm.health-check.alarm-visit-hours=2
+# 是否启用定时巡检
 alarm.health-check.enabled=true
 
-
 # ============================================
-# ̽�������������
+# 探针心跳检测配置
 # ============================================
-# �Ƿ������������
+# 是否启用心跳检测
 probe.heartbeat.enabled=true
-# ̽��������ֵ�����ӣ���������ʱ��δ�յ��������ж�Ϊ����
+# 探针离线阈值（分钟），超过此时间未收到心跳则判定为离线
 probe.heartbeat.offline-threshold-minutes=10
-# ״̬���Cron����ʽ��Ĭ��ÿ10���ӣ�
+# 状态检查Cron表达式（默认每10分钟）
 probe.status.check.cron=0 */10 * * * ?
-# ̽���⻧ID
+# 探针租户ID
 probe.heartbeat.tenant-id=000000
-# ������ʷ��������
+# 心跳历史保留天数
 probe.heartbeat.history.keep-days=10
-# �Ƿ�������ʷ����
+# 是否启用历史清理
 probe.heartbeat.history.cleanup-enabled=true
-# ��ʷ����Cron����ʽ��Ĭ��ÿ���賿1�㣩
-probe.history.cleanup.cron=0 0 1 * * ?
\ No newline at end of file
+# 历史清理Cron表达式（默认每天凌晨1点）
+probe.history.cleanup.cron=0 0 1 * * ?
+
+# Jackson 配置 — 修复达梦 JDBC 驱动循环引用导致 JSON 序列化 StackOverflow
+spring.jackson.serialization.fail-on-self-references=false
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/application-pre-nw.properties b/haobang-security-dm/syslog-consumer/src/main/resources/application-pre-nw.properties
index e0060c9..0e5812c 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/application-pre-nw.properties
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/application-pre-nw.properties
@@ -26,7 +26,7 @@ influxdb.batch.size=1000
 influxdb.flush.interval=1000
 influxdb.retry.attempts=3
 influxdb.retry.delay=1000
-# InfluxDB 2.7 ���ӳ�ʱ����
+# InfluxDB 2.7 连接超时配置
 influxdb.connection.timeout=30s
 influxdb.connection.read-timeout=30s
 influxdb.connection.write-timeout=60s
@@ -37,15 +37,15 @@ app.metrics.enabled=true
 
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://10.150 81.209:5432/ecosys
-spring.datasource.username=postgres
+spring.datasource.url=jdbc:dm://192.163.4.99:5237/DM_ecosys
+spring.datasource.username=SYSDBA
 spring.datasource.password=caZ2TcmXNSW8L2Ap
-spring.datasource.driver-class-name=org.postgresql.Driver
-
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
-#mybatis handler ��
+#mybatis handler 类
 mybatis.configuration.default-statement-timeout=30
 mybatis.configuration.default-fetch-size=1000
 mybatis.configuration.map-underscore-to-camel-case=true
@@ -72,23 +72,23 @@ spring.kafka.listener.concurrency= 2
 spring.kafka.listener.type=batch
 
 
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
 
-# ����������������
+# 生产环境缓存配置
 spring.redis.host=192.168.4.26
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=123456
 spring.redis.database=0
 spring.redis.timeout=5000
@@ -99,10 +99,10 @@ spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
 
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
 
-# Ӧ�ô���������
+# 应用处理器配置
 app.processor.thread-pool.core-pool-size=10
 app.processor.thread-pool.max-pool-size=20
 app.processor.thread-pool.queue-capacity=2000
@@ -111,20 +111,20 @@ app.processor.batch-size=100
 app.processor.process-timeout-ms=30000
 
 
-# ���� Elasticsearch
-# Elasticsearch���ӵ�ַ
+# 配置 Elasticsearch
+# Elasticsearch连接地址
 spring.elasticsearch.uris=http://192.168.1.174:9200
-# ���� Elasticsearch �û���
+# 配置 Elasticsearch 用户名
 spring.elasticsearch.username=CONTAINER_NAME
-# ���� Elasticsearch ����
+# 配置 Elasticsearch 密码
 spring.elasticsearch.password=t2NZCiajmdazxBrF
-# ���ӳ�ʱʱ��
+# 连接超时时间
 spring.elasticsearch.connection-timeout=10s
-# Socket ��ʱʱ��
+# Socket 超时时间
 spring.elasticsearch.socket-timeout=30s
 
 
-# ETL����
+# ETL配置
 etl.batch.page-size=1000
 etl.batch.insert-batch-size=500
 etl.schedule.cron=0 0 2 * * ?
@@ -138,51 +138,53 @@ spring.datasource.hikari.minimum-idle=5
 spring.datasource.hikari.connection-timeout=30000
 spring.datasource.hikari.idle-timeout=600000
 spring.datasource.hikari.max-lifetime=900000
-spring.datasource.hikari.connection-test-query=SELECT 1
+spring.datasource.hikari.connection-test-query=SELECT 1 FROM DUAL
 spring.datasource.hikari.validation-timeout=5000
 spring.datasource.hikari.leak-detection-threshold=30000          
 spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer
 spring.datasource.hikari.auto-commit=false
-spring.datasource.hikari.schema=public
 
 
-# ����������������
+# 关联分析规则配置
 analysis.realtime.enabled= true
-# ��������룩 - Ĭ��10��
+# 检查间隔（秒） - 默认10秒
 analysis.realtime.check-interval-seconds: 10
 
 # ============================================
-# ̽������API����
+# 探针联动API配置
 # ============================================
-# API-KEY��֤��32λ������ʹ��������ɵ���Կ��
+# API-KEY认证（32位，建议使用随机生成的密钥）
 interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
-# API�ӿڻ���URL����syslog-serve���ã�
+# API接口基础URL（供syslog-serve调用）
 interlocking.api.base-url=http://10.150 81.210:8089/xdrservice/interlocking
 
 # ============================================
-# �澯�����������
+# 告警健康检查配置
 # ============================================
-# �澯����������ֵ��Сʱ��
+# 告警表无数据阈值（小时）
 alarm.health-check.alarm-hours=2
-# �澯��־����������ֵ��Сʱ��
+# 告警日志表无数据阈值（小时）
 alarm.health-check.alarm-visit-hours=4
-# �Ƿ����ö�ʱѲ��
+# 是否启用定时巡检
 alarm.health-check.enabled=true
 
 # ============================================
-# ̽�������������
+# 探针心跳检测配置
 # ============================================
-# �Ƿ������������
+# 是否启用心跳检测
 probe.heartbeat.enabled=true
-# ̽��������ֵ�����ӣ���������ʱ��δ�յ��������ж�Ϊ����
+# 探针离线阈值（分钟），超过此时间未收到心跳则判定为离线
 probe.heartbeat.offline-threshold-minutes=10
-# ״̬���Cron����ʽ��Ĭ��ÿ10���ӣ�
+# 状态检查Cron表达式（默认每10分钟）
 probe.status.check.cron=0 */10 * * * ?
-# ̽���⻧ID
+# 探针租户ID
 probe.heartbeat.tenant-id=000000
-# ������ʷ��������
+# 心跳历史保留天数
 probe.heartbeat.history.keep-days=10
-# �Ƿ�������ʷ����
+# 是否启用历史清理
 probe.heartbeat.history.cleanup-enabled=true
-# ��ʷ����Cron����ʽ��Ĭ��ÿ���賿1�㣩
-probe.history.cleanup.cron=0 0 1 * * ?
\ No newline at end of file
+# 历史清理Cron表达式（默认每天凌晨1点）
+probe.history.cleanup.cron=0 0 1 * * ?
+
+# Jackson 配置 — 修复达梦 JDBC 驱动循环引用导致 JSON 序列化 StackOverflow
+spring.jackson.serialization.fail-on-self-references=false
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/application-prod-zc.properties b/haobang-security-dm/syslog-consumer/src/main/resources/application-prod-zc.properties
index 597fdfa..fe53bf5 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/application-prod-zc.properties
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/application-prod-zc.properties
@@ -25,7 +25,7 @@ influxdb.batch.size=1000
 influxdb.flush.interval=1000
 influxdb.retry.attempts=3
 influxdb.retry.delay=1000
-# InfluxDB 2.7 ���ӳ�ʱ����
+# InfluxDB 2.7 连接超时配置
 influxdb.connection.timeout=30s
 influxdb.connection.read-timeout=30s
 influxdb.connection.write-timeout=60s
@@ -36,16 +36,17 @@ app.metrics.enabled=true
 
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://10.11.2.141:5432/ecosys
-spring.datasource.username=ecosys
-spring.datasource.password=wsYDPjrpNZPrkPrR
-spring.datasource.driver-class-name=org.postgresql.Driver
+spring.datasource.url=jdbc:dm://192.168.4.99:5237
+spring.datasource.username=SYSDBA
+spring.datasource.password=caZ2TcmXNSW8L2Ap
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
 
-#mybatis handler ��
+#mybatis handler 类
 mybatis.configuration.default-statement-timeout=30
 mybatis.configuration.default-fetch-size=1000
 mybatis.configuration.map-underscore-to-camel-case=true
@@ -73,23 +74,23 @@ spring.kafka.listener.ack-mode= manual
 spring.kafka.listener.concurrency= 2  
 spring.kafka.listener.type=batch
 
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
 
-# ����������������
+# 生产环境缓存配置
 spring.redis.host=10.11.2.142
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=redis_edP6N6
 spring.redis.database=0
 spring.redis.timeout=5000
@@ -99,10 +100,10 @@ spring.redis.lettuce.pool.max-active=20
 spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
 
-# Ӧ�ô���������
+# 应用处理器配置
 app.processor.thread-pool.core-pool-size=10
 app.processor.thread-pool.max-pool-size=20
 app.processor.thread-pool.queue-capacity=2000
@@ -110,20 +111,20 @@ app.processor.thread-pool.keep-alive-seconds=60
 app.processor.batch-size=100
 app.processor.process-timeout-ms=30000
 
-# ���� Elasticsearch
-# Elasticsearch���ӵ�ַ
+# 配置 Elasticsearch
+# Elasticsearch连接地址
 spring.elasticsearch.uris=http://192.168.1.174:9200
-# ���� Elasticsearch �û���
+# 配置 Elasticsearch 用户名
 spring.elasticsearch.username=CONTAINER_NAME
-# ���� Elasticsearch ����
+# 配置 Elasticsearch 密码
 spring.elasticsearch.password=t2NZCiajmdazxBrF
-# ���ӳ�ʱʱ��
+# 连接超时时间
 spring.elasticsearch.connection-timeout=10s
-# Socket ��ʱʱ��
+# Socket 超时时间
 spring.elasticsearch.socket-timeout=30s
 
 
-# ETL����
+# ETL配置
 etl.batch.page-size=1000
 etl.batch.insert-batch-size=500
 etl.schedule.cron=0 0 2 * * ?
@@ -137,15 +138,14 @@ spring.datasource.hikari.minimum-idle=5
 spring.datasource.hikari.connection-timeout=30000
 spring.datasource.hikari.idle-timeout=600000
 spring.datasource.hikari.max-lifetime=900000
-spring.datasource.hikari.connection-test-query=SELECT 1
+spring.datasource.hikari.connection-test-query=SELECT 1 FROM DUAL
 spring.datasource.hikari.validation-timeout=5000
 spring.datasource.hikari.leak-detection-threshold=30000          
 spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer
 spring.datasource.hikari.auto-commit=false
-spring.datasource.hikari.schema=public
 
 
-# ����������������
+# 关联分析规则配置
 analysis.realtime.enabled= true
-# ��������룩 - Ĭ��10��
+# 检查间隔（秒） - 默认10秒
 analysis.realtime.check-interval-seconds: 10
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/application-prod.properties b/haobang-security-dm/syslog-consumer/src/main/resources/application-prod.properties
index ec93600..ffb5c5e 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/application-prod.properties
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/application-prod.properties
@@ -18,15 +18,15 @@ syslog.buffer.size=1000
 syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
 
 # InfluxDB 2.7 Configuration
-influxdb.url=http://192.168.4.26:8087
-influxdb.token=LFjXZyRxTf1V84oN-wwjhSjS4qIK-ZMoHzQJB67ir3qHNSBVJbMcTkPuNmM0cNxvzFEDWLYNzrz1VJKMitY5hw==
+influxdb.url=http://192.168.4.99:8087
+influxdb.token=JsUyvU8vhQEFlMM_el4Drm87fyh707IhwJNsPBucPghSdbVmdQ-UvmPcyP5NTzWxsRfEz0T51Rw4ebZUuUrmZg==
 influxdb.org=influxdb
 influxdb.bucket=yelangbucket
 influxdb.batch.size=1000
 influxdb.flush.interval=1000
 influxdb.retry.attempts=3
 influxdb.retry.delay=1000
-# InfluxDB 2.7 ���ӳ�ʱ����
+# InfluxDB 2.7 连接超时配置
 influxdb.connection.timeout=30s
 influxdb.connection.read-timeout=30s
 influxdb.connection.write-timeout=60s
@@ -37,15 +37,15 @@ app.metrics.enabled=true
 
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://192.168.4.26:5432/ecosys
-spring.datasource.username=postgres
+spring.datasource.url=jdbc:dm://192.168.4.99:5237
+spring.datasource.username=SYSDBA
 spring.datasource.password=caZ2TcmXNSW8L2Ap
-spring.datasource.driver-class-name=org.postgresql.Driver
-
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
-#mybatis handler ��
+#mybatis handler 类
 mybatis.configuration.default-statement-timeout=30
 mybatis.configuration.default-fetch-size=1000
 mybatis.configuration.map-underscore-to-camel-case=true
@@ -54,7 +54,7 @@ mybatis-plus.configuration.map-underscore-to-camel-case=true
 mybatis-plus.type-handlers-package=com.Modules.etl.handler
 
 # kafka Configuration
-spring.kafka.consumer.bootstrap-servers=192.168.4.26:9092
+spring.kafka.consumer.bootstrap-servers=192.168.4.99:9092
 spring.kafka.consumer.group-id=agent-syslog-group
 spring.kafka.consumer.auto-offset-reset=latest
 spring.kafka.consumer.enable-auto-commit=false 
@@ -72,24 +72,24 @@ spring.kafka.listener.concurrency= 2
 spring.kafka.listener.type=batch
 
 
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
 
-# ����������������
-spring.redis.host=192.168.4.26
+# 生产环境缓存配置
+spring.redis.host=192.168.4.99
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
-spring.redis.password=123456
+# 密码（如果没有设置密码，可以省略）
+spring.redis.password=redis_GdGWte
 spring.redis.database=0
 spring.redis.timeout=5000
 #spring.redis.password=${REDIS_PASSWORD:default_prod_password}
@@ -99,10 +99,10 @@ spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
 
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
 
-# Ӧ�ô���������
+# 应用处理器配置
 app.processor.thread-pool.core-pool-size=10
 app.processor.thread-pool.max-pool-size=20
 app.processor.thread-pool.queue-capacity=2000
@@ -111,20 +111,20 @@ app.processor.batch-size=100
 app.processor.process-timeout-ms=30000
 
 
-# ���� Elasticsearch
-# Elasticsearch���ӵ�ַ
+# 配置 Elasticsearch
+# Elasticsearch连接地址
 spring.elasticsearch.uris=http://192.168.1.174:9200
-# ���� Elasticsearch �û���
+# 配置 Elasticsearch 用户名
 spring.elasticsearch.username=CONTAINER_NAME
-# ���� Elasticsearch ����
+# 配置 Elasticsearch 密码
 spring.elasticsearch.password=t2NZCiajmdazxBrF
-# ���ӳ�ʱʱ��
+# 连接超时时间
 spring.elasticsearch.connection-timeout=10s
-# Socket ��ʱʱ��
+# Socket 超时时间
 spring.elasticsearch.socket-timeout=30s
 
 
-# ETL����
+# ETL配置
 etl.batch.page-size=1000
 etl.batch.insert-batch-size=500
 etl.schedule.cron=0 0 2 * * ?
@@ -138,51 +138,53 @@ spring.datasource.hikari.minimum-idle=5
 spring.datasource.hikari.connection-timeout=30000
 spring.datasource.hikari.idle-timeout=600000
 spring.datasource.hikari.max-lifetime=900000
-spring.datasource.hikari.connection-test-query=SELECT 1
+spring.datasource.hikari.connection-test-query=SELECT 1 FROM DUAL
 spring.datasource.hikari.validation-timeout=5000
 spring.datasource.hikari.leak-detection-threshold=30000          
 spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer
 spring.datasource.hikari.auto-commit=false
-spring.datasource.hikari.schema=public
 
 
-# ����������������
+# 关联分析规则配置
 analysis.realtime.enabled= true
-# ��������룩 - Ĭ��10��
+# 检查间隔（秒） - 默认10秒
 analysis.realtime.check-interval-seconds: 10
 
 # ============================================
-# ̽������API����
+# 探针联动API配置
 # ============================================
-# API-KEY��֤��32λ������ʹ��������ɵ���Կ��
+# API-KEY认证（32位，建议使用随机生成的密钥）
 interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
-# API�ӿڻ���URL����syslog-serve���ã�
-interlocking.api.base-url=http://localhost:8089/xdrservice/interlocking
+# API接口基础URL（供syslog-serve调用）
+interlocking.api.base-url=http://192.168.4.99:8089/xdrservice/interlocking
 
 # ============================================
-# �澯�����������
+# 告警健康检查配置
 # ============================================
-# �澯����������ֵ��Сʱ��
+# 告警表无数据阈值（小时）
 alarm.health-check.alarm-hours=2
-# �澯��־����������ֵ��Сʱ��
+# 告警日志表无数据阈值（小时）
 alarm.health-check.alarm-visit-hours=4
-# �Ƿ����ö�ʱѲ��
+# 是否启用定时巡检
 alarm.health-check.enabled=true
 
 # ============================================
-# ̽�������������
+# 探针心跳检测配置
 # ============================================
-# �Ƿ������������
+# 是否启用心跳检测
 probe.heartbeat.enabled=true
-# ̽��������ֵ�����ӣ���������ʱ��δ�յ��������ж�Ϊ����
+# 探针离线阈值（分钟），超过此时间未收到心跳则判定为离线
 probe.heartbeat.offline-threshold-minutes=10
-# ״̬���Cron����ʽ��Ĭ��ÿ10���ӣ�
+# 状态检查Cron表达式（默认每10分钟）
 probe.status.check.cron=0 */10 * * * ?
-# ̽���⻧ID
+# 探针租户ID
 probe.heartbeat.tenant-id=000000
-# ������ʷ��������
+# 心跳历史保留天数
 probe.heartbeat.history.keep-days=10
-# �Ƿ�������ʷ����
+# 是否启用历史清理
 probe.heartbeat.history.cleanup-enabled=true
-# ��ʷ����Cron����ʽ��Ĭ��ÿ���賿1�㣩
-probe.history.cleanup.cron=0 0 1 * * ?
\ No newline at end of file
+# 历史清理Cron表达式（默认每天凌晨1点）
+probe.history.cleanup.cron=0 0 1 * * ?
+
+# Jackson 配置 — 修复达梦 JDBC 驱动循环引用导致 JSON 序列化 StackOverflow
+spring.jackson.serialization.fail-on-self-references=false
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/application-test.properties b/haobang-security-dm/syslog-consumer/src/main/resources/application-test.properties
index 4cfb03b..0274086 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/application-test.properties
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/application-test.properties
@@ -33,10 +33,11 @@ app.metrics.enabled=true
 
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://192.168.4.32:5432/ecosys
-spring.datasource.username=user_eSER8N
-spring.datasource.password=password_QCYKj6
-spring.datasource.driver-class-name=org.postgresql.Driver
+spring.datasource.url=jdbc:dm://192.163.4.99:5237/DM_ecosys
+spring.datasource.username=SYSDBA
+spring.datasource.password=caZ2TcmXNSW8L2Ap
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
@@ -54,23 +55,23 @@ spring.kafka.consumer.topic=agent-syslog-topic
 
 
 
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
 
-# ����������������
+# 生产环境缓存配置
 spring.redis.host=192.168.4.32
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=redis_edP6N6
 spring.redis.database=0
 spring.redis.timeout=5000
@@ -81,5 +82,5 @@ spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
 
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/application.properties b/haobang-security-dm/syslog-consumer/src/main/resources/application.properties
index 57af480..ffb5c5e 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/application.properties
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/application.properties
@@ -7,7 +7,8 @@ server.error.include-message=always
 server.error.include-binding-errors=always
 
 #run.environment:  dev|test|pro
-server.run.environment=dev
+server.run.environment=pro
+
 
 # Syslog Server Configuration
 syslog.tcp.port=514
@@ -15,16 +16,17 @@ syslog.udp.port=514
 syslog.max.frame.length=65536
 syslog.buffer.size=1000
 syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
+
 # InfluxDB 2.7 Configuration
-influxdb.url=http://192.168.222.131:8086
-influxdb.token=3Tvu-IZWtaY03UDkbUDlufD0kxn85keo9LhYQcv2Cxk0LJmXqqHkNVrO664DbaJAYwoGI7UIg904KqZC7Q_ZFA==
-influxdb.org=yelang
+influxdb.url=http://192.168.4.99:8087
+influxdb.token=JsUyvU8vhQEFlMM_el4Drm87fyh707IhwJNsPBucPghSdbVmdQ-UvmPcyP5NTzWxsRfEz0T51Rw4ebZUuUrmZg==
+influxdb.org=influxdb
 influxdb.bucket=yelangbucket
 influxdb.batch.size=1000
 influxdb.flush.interval=1000
 influxdb.retry.attempts=3
 influxdb.retry.delay=1000
-# InfluxDB 2.7 ���ӳ�ʱ����
+# InfluxDB 2.7 连接超时配置
 influxdb.connection.timeout=30s
 influxdb.connection.read-timeout=30s
 influxdb.connection.write-timeout=60s
@@ -35,71 +37,72 @@ app.metrics.enabled=true
 
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://117.72.68.72:54329/ecosys
-spring.datasource.username=postgres
-spring.datasource.password=TnLanWaidYSwTSG5
-spring.datasource.driver-class-name=org.postgresql.Driver
-
+spring.datasource.url=jdbc:dm://192.168.4.99:5237
+spring.datasource.username=SYSDBA
+spring.datasource.password=caZ2TcmXNSW8L2Ap
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
-
-#mybatis handler ��
+#mybatis handler 类
 mybatis.configuration.default-statement-timeout=30
 mybatis.configuration.default-fetch-size=1000
 mybatis.configuration.map-underscore-to-camel-case=true
 mybatis.type-handlers-package=com.Modules.etl.handler
 mybatis-plus.configuration.map-underscore-to-camel-case=true
 mybatis-plus.type-handlers-package=com.Modules.etl.handler
+
 # kafka Configuration
-spring.kafka.consumer.bootstrap-servers=192.168.222.130:9092
-spring.kafka.consumer.group-id=test-group-app
+spring.kafka.consumer.bootstrap-servers=192.168.4.99:9092
+spring.kafka.consumer.group-id=agent-syslog-group
 spring.kafka.consumer.auto-offset-reset=latest
 spring.kafka.consumer.enable-auto-commit=false 
 spring.kafka.consumer.auto-commit-interval=1000
-spring.kafka.consumer.topic=test-topic
+spring.kafka.consumer.topic=agent-syslog-topic
+
 
 spring.kafka.consumer.max-poll-records=1000
 spring.kafka.consumer.properties.max.poll.interval.ms=300000
 spring.kafka.consumer.properties.session.timeout.ms=45000
 
-#spring.kafka.consumer.key-deserializer: org.apache.kafka.common.serialization.StringDeserializer
-#spring.kafka.consumer.value-deserializer: org.apache.kafka.common.serialization.StringDeserializer
 spring.kafka.consumer.fetch-min-size= 1048576
 spring.kafka.listener.ack-mode= manual
 spring.kafka.listener.concurrency= 2  
 spring.kafka.listener.type=batch
 
 
-# ��ʱ��������
+# 定时任务配置
 spring.task.scheduling.pool.size=10
 
-# ��־����
+# 日志配置
 logging.level.com.common.schedule=INFO
 logging.level.com.common.service=INFO
 
-# �������������
+# 分区表检查配置
 partition.check.tomorrow.enabled=true
 partition.check.future.days=7
 partition.auto.create=true
 
-# ����������������
-spring.redis.host=localhost
+
+# 生产环境缓存配置
+spring.redis.host=192.168.4.99
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
-spring.redis.password=
+# 密码（如果没有设置密码，可以省略）
+spring.redis.password=redis_GdGWte
 spring.redis.database=0
-spring.redis.timeout=2000
+spring.redis.timeout=5000
+#spring.redis.password=${REDIS_PASSWORD:default_prod_password}
 
-spring.redis.lettuce.pool.max-active=8
-spring.redis.lettuce.pool.max-wait=-1
-spring.redis.lettuce.pool.max-idle=8
-spring.redis.lettuce.pool.min-idle=0
-# ������������ʱ��϶̣��������
-spring.cache.redis.time-to-live=600000
+spring.redis.lettuce.pool.max-active=20
+spring.redis.lettuce.pool.max-wait=5000
+spring.redis.lettuce.pool.max-idle=10
+spring.redis.lettuce.pool.min-idle=5
 
+# 生产环境缓存时间较长
+spring.cache.redis.time-to-live=3600000
 
-# Ӧ�ô���������
+# 应用处理器配置
 app.processor.thread-pool.core-pool-size=10
 app.processor.thread-pool.max-pool-size=20
 app.processor.thread-pool.queue-capacity=2000
@@ -108,20 +111,20 @@ app.processor.batch-size=100
 app.processor.process-timeout-ms=30000
 
 
-# ���� Elasticsearch
-# Elasticsearch���ӵ�ַ
+# 配置 Elasticsearch
+# Elasticsearch连接地址
 spring.elasticsearch.uris=http://192.168.1.174:9200
-# ���� Elasticsearch �û���
+# 配置 Elasticsearch 用户名
 spring.elasticsearch.username=CONTAINER_NAME
-# ���� Elasticsearch ����
+# 配置 Elasticsearch 密码
 spring.elasticsearch.password=t2NZCiajmdazxBrF
-# ���ӳ�ʱʱ��
+# 连接超时时间
 spring.elasticsearch.connection-timeout=10s
-# Socket ��ʱʱ��
+# Socket 超时时间
 spring.elasticsearch.socket-timeout=30s
 
 
-# ETL����
+# ETL配置
 etl.batch.page-size=1000
 etl.batch.insert-batch-size=500
 etl.schedule.cron=0 0 2 * * ?
@@ -135,52 +138,53 @@ spring.datasource.hikari.minimum-idle=5
 spring.datasource.hikari.connection-timeout=30000
 spring.datasource.hikari.idle-timeout=600000
 spring.datasource.hikari.max-lifetime=900000
-spring.datasource.hikari.connection-test-query=SELECT 1
+spring.datasource.hikari.connection-test-query=SELECT 1 FROM DUAL
 spring.datasource.hikari.validation-timeout=5000
 spring.datasource.hikari.leak-detection-threshold=30000          
 spring.datasource.hikari.pool-name=HikariPool-SyslogConsumer
 spring.datasource.hikari.auto-commit=false
-spring.datasource.hikari.schema=public
 
-# ����������������
+
+# 关联分析规则配置
 analysis.realtime.enabled= true
-# ��������룩 - Ĭ��10��
+# 检查间隔（秒） - 默认10秒
 analysis.realtime.check-interval-seconds: 10
 
-
-
 # ============================================
-# ̽������API����
+# 探针联动API配置
 # ============================================
-# API-KEY��֤��32λ������ʹ��������ɵ���Կ��
+# API-KEY认证（32位，建议使用随机生成的密钥）
 interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
-# API�ӿڻ���URL����syslog-serve���ã�
-interlocking.api.base-url=http://localhost:8089/xdrservice/interlocking
+# API接口基础URL（供syslog-serve调用）
+interlocking.api.base-url=http://192.168.4.99:8089/xdrservice/interlocking
 
 # ============================================
-# �澯�����������
+# 告警健康检查配置
 # ============================================
-# �澯����������ֵ��Сʱ��
-alarm.health-check.alarm-hours=4
-# �澯��־����������ֵ��Сʱ��
-alarm.health-check.alarm-visit-hours=2
-# �Ƿ����ö�ʱѲ��
+# 告警表无数据阈值（小时）
+alarm.health-check.alarm-hours=2
+# 告警日志表无数据阈值（小时）
+alarm.health-check.alarm-visit-hours=4
+# 是否启用定时巡检
 alarm.health-check.enabled=true
 
 # ============================================
-# ̽�������������
+# 探针心跳检测配置
 # ============================================
-# �Ƿ������������
+# 是否启用心跳检测
 probe.heartbeat.enabled=true
-# ̽��������ֵ�����ӣ���������ʱ��δ�յ��������ж�Ϊ����
+# 探针离线阈值（分钟），超过此时间未收到心跳则判定为离线
 probe.heartbeat.offline-threshold-minutes=10
-# ״̬���Cron����ʽ��Ĭ��ÿ10���ӣ�
+# 状态检查Cron表达式（默认每10分钟）
 probe.status.check.cron=0 */10 * * * ?
-# ̽���⻧ID
+# 探针租户ID
 probe.heartbeat.tenant-id=000000
-# ������ʷ��������
+# 心跳历史保留天数
 probe.heartbeat.history.keep-days=10
-# �Ƿ�������ʷ����
+# 是否启用历史清理
 probe.heartbeat.history.cleanup-enabled=true
-# ��ʷ����Cron����ʽ��Ĭ��ÿ���賿1�㣩
-probe.history.cleanup.cron=0 0 1 * * ?
\ No newline at end of file
+# 历史清理Cron表达式（默认每天凌晨1点）
+probe.history.cleanup.cron=0 0 1 * * ?
+
+# Jackson 配置 — 修复达梦 JDBC 驱动循环引用导致 JSON 序列化 StackOverflow
+spring.jackson.serialization.fail-on-self-references=false
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/logback.xml b/haobang-security-dm/syslog-consumer/src/main/resources/logback.xml
index 596186a..ef4c9d3 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/logback.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/logback.xml
@@ -7,9 +7,9 @@
     </appender>
 
     <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
-        <file>logs/syslog-consumer.log</file>
+        <file>logs/syslog-consumer-dm.log</file>
         <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-            <fileNamePattern>logs/syslog-consumer.%d{yyyy-MM-dd}.log</fileNamePattern>
+            <fileNamePattern>logs/syslog-consumer-dm.%d{yyyy-MM-dd}.log</fileNamePattern>
 
             <!-- 保留的日志文件的最大天数 -->
             <maxHistory>1</maxHistory>
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisAnalysisRuleMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisAnalysisRuleMapper.xml
index 9402d7e..c09d908 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisAnalysisRuleMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisAnalysisRuleMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisAnalysisRuleMapper">
 
@@ -53,7 +53,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_analysis_rule
-        WHERE rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id =#{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
     </select>
 
@@ -62,7 +62,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_analysis_rule
-        WHERE rule_id = #{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id = #{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
     </select>
 
@@ -70,11 +70,11 @@
     <update id="updateTaskStatus">
         UPDATE analysis_analysis_rule
         SET task_status = #{taskStatus},
-            update_time = NOW()
+            update_time = SYSDATE
         <if test="updateBy != null">
             ,update_by = #{updateBy}
         </if>
-        WHERE rule_id = #{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id = #{ruleId, jdbcType=OTHER}
     </update>
 
 </mapper>
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisFieldMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisFieldMapper.xml
index 9416648..45df145 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisFieldMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisFieldMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisFieldMapper">
 
@@ -42,7 +42,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_field
-        WHERE rule_id = #{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id = #{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
         ORDER BY id ASC
     </select>
@@ -52,7 +52,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_field
-        WHERE rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id =#{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
         AND type IN ('measure', 'calc')
         ORDER BY id ASC
@@ -63,7 +63,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_field
-        WHERE rule_id = #{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id = #{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
         AND type = 'dimension'
         ORDER BY id ASC
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisFilterMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisFilterMapper.xml
index b8f9dd6..c98190c 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisFilterMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisFilterMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisFilterMapper">
 
@@ -13,9 +13,9 @@
         <result column="column_desc" property="columnDesc" jdbcType="VARCHAR"/>
         <result column="data_type" property="dataType" jdbcType="VARCHAR"/>
         <result column="fn" property="fn" jdbcType="VARCHAR"/>
-        <result column="arguments" property="arguments" jdbcType="OTHER"/>
+        <result column="arguments" property="arguments" jdbcType="VARCHAR"/>
         <result column="operator" property="operator" jdbcType="VARCHAR"/>
-        <result column="value" property="value" jdbcType="OTHER"/>
+        <result column="value" property="value" jdbcType="VARCHAR"/>
         <result column="base_type" property="baseType" jdbcType="INTEGER"/>
         <result column="category_id" property="categoryId" jdbcType="INTEGER"/>
         <result column="create_dept" property="createDept" jdbcType="BIGINT"/>
@@ -42,7 +42,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_filter
-        WHERE rule_id  =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id  =#{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
     </select>
 
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByColumnMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByColumnMapper.xml
index 64048ae..a5de79f 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByColumnMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByColumnMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisGroupByColumnMapper">
 
@@ -44,7 +44,7 @@
         create_time, update_time, create_by, update_by, remark,
         tenant_id, rule_id, group_id, field_id, sort
         FROM analysis_group_by_column
-        WHERE rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id =#{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
         ORDER BY sort ASC
     </select>
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByHavingMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByHavingMapper.xml
index ca3cdb1..8cd682a 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByHavingMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByHavingMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisGroupByHavingMapper">
 
@@ -13,9 +13,9 @@
         <result column="column_desc" property="columnDesc" jdbcType="VARCHAR"/>
         <result column="data_type" property="dataType" jdbcType="VARCHAR"/>
         <result column="fn" property="fn" jdbcType="VARCHAR"/>
-        <result column="arguments" property="arguments" jdbcType="OTHER"/>
+        <result column="arguments" property="arguments" jdbcType="VARCHAR"/>
         <result column="operator" property="operator" jdbcType="VARCHAR"/>
-        <result column="value" property="value" jdbcType="OTHER"/>
+        <result column="value" property="value" jdbcType="VARCHAR"/>
         <result column="base_type" property="baseType" jdbcType="INTEGER"/>
         <result column="category_id" property="categoryId" jdbcType="INTEGER"/>
         <result column="create_dept" property="createDept" jdbcType="BIGINT"/>
@@ -53,7 +53,7 @@
         h.update_time, h.create_by, h.update_by, h.remark, h.tenant_id
         FROM analysis_group_by_having h
         INNER JOIN analysis_group_by g ON h.group_by_id = g.id
-        WHERE g.rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE g.rule_id =#{ruleId, jdbcType=OTHER}
         AND h.del_flag = '0'
         AND g.del_flag = '0'
         ORDER BY h.id ASC
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByMapper.xml
index 1e426e8..f9d0bba 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisGroupByMapper.xml
@@ -1,10 +1,10 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisGroupByMapper">
 
     <resultMap id="BaseResultMap" type="com.common.entity.AnalysisGroupBy">
         <id column="id" property="id" jdbcType="BIGINT"/>
-        <result column="rule_id" property="ruleId" jdbcType="OTHER"/>
+        <result column="rule_id" property="ruleId" jdbcType="VARCHAR"/>
         <result column="group_type" property="groupType" jdbcType="INTEGER"/>
         <result column="window_type" property="windowType" jdbcType="VARCHAR"/>
         <result column="create_dept" property="createDept" jdbcType="BIGINT"/>
@@ -33,7 +33,7 @@
         SELECT
             <include refid="Base_Column_List"/>
         FROM analysis_group_by
-        WHERE rule_id = #{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id = #{ruleId, jdbcType=OTHER}
           AND del_flag = '0'
     </select>
 
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisTaskHistoryMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisTaskHistoryMapper.xml
index 10eb841..99dccbe 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisTaskHistoryMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisTaskHistoryMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisTaskHistoryMapper">
 
@@ -33,7 +33,7 @@
         INSERT INTO analysis_task_history (
         <include refid="Base_Column_List"/>
         ) VALUES (
-        #{id}, #{ruleId}::uuid, #{startTime}, #{endTime}, #{durationTime}, #{progressPercent},
+        #{id}, #{ruleId}, #{startTime}, #{endTime}, #{durationTime}, #{progressPercent},
         #{inputCount}, #{outputCount}, #{status}, #{createDept}, #{delFlag},
         #{createTime}, #{updateTime}, #{createBy}, #{updateBy}, #{remark}, #{tenantId}
         )
@@ -48,7 +48,7 @@
         input_count = #{inputCount},
         output_count = #{outputCount},
         status = #{status},
-        update_time = NOW()
+        update_time = SYSDATE
         <if test="remark != null">
             ,remark = #{remark}
         </if>
@@ -60,7 +60,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_task_history
-        WHERE rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id =#{ruleId, jdbcType=OTHER}
         AND del_flag = '0'
         ORDER BY create_time DESC
         <if test="limit != null and limit > 0">
@@ -73,7 +73,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_task_history
-        WHERE rule_id =#{ruleId, jdbcType=OTHER}::uuid
+        WHERE rule_id =#{ruleId, jdbcType=OTHER}
         AND status = #{status}
         AND del_flag = '0'
         ORDER BY create_time DESC
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisWhereConditionMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisWhereConditionMapper.xml
index 541bebb..8b65090 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisWhereConditionMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/AnalysisWhereConditionMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.AnalysisWhereConditionMapper">
 
@@ -29,7 +29,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_where_condition
-        WHERE rule_id = #{ruleId}::uuid
+        WHERE rule_id = #{ruleId}
         AND del_flag = '0'
         ORDER BY seq_num ASC
     </select>
@@ -39,7 +39,7 @@
         SELECT
         <include refid="Base_Column_List"/>
         FROM analysis_where_condition
-        WHERE rule_id = #{ruleId}::uuid
+        WHERE rule_id = #{ruleId}
         AND (parent_cond_id IS NULL OR parent_cond_id = 0)
         AND del_flag = '0'
         ORDER BY seq_num ASC
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DeviceDeviceMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DeviceDeviceMapper.xml
index e6f8c47..97558fc 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DeviceDeviceMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DeviceDeviceMapper.xml
@@ -46,11 +46,11 @@
 
     <!-- 基础查询列 -->
     <sql id="Base_Column_List">
-        id, created_at::timestamp , updated_at::timestamp, deleted_at::timestamp, name, ip, device_group, device_type,
-        vendor, product_name, organization_id, last_receive_time::timestamp, agent_id, detail_id,
-        control_agent_id, license_start_time::timestamp, license_end_time::timestamp, is_monitoring,
+        id, created_at, updated_at, deleted_at, name, ip, device_group, device_type,
+        vendor, product_name, organization_id, last_receive_time, agent_id, detail_id,
+        control_agent_id, license_start_time, license_end_time, is_monitoring,
         security_scope_id, owner_id, ssh_config_id, status, created_by_id, decode_type,
-        miss_policy, tenant_id, create_time::timestamp, update_time::timestamp, create_by, update_by, del_flag,
+        miss_policy, tenant_id, create_time, update_time, create_by, update_by, del_flag,
         manager_name, today_parse_count, today_non_log_count, create_dept, device_collect_id
     </sql>
 
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DeviceReceiveLogMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DeviceReceiveLogMapper.xml
index e07532e..d4ff680 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DeviceReceiveLogMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DeviceReceiveLogMapper.xml
@@ -26,10 +26,10 @@
             receive_time_str,
             syslog_message
         ) VALUES (
-            COALESCE(#{createdAt}, NOW() AT TIME ZONE 'utc'),
+            COALESCE(#{createdAt}, SYSDATE),
             #{deviceCollectId},
             #{deviceId},
-            #{deviceIp}::inet,
+            #{deviceIp},
             #{receiveTime},
             #{receiveTimeStr},
             #{syslogMessage}
@@ -49,10 +49,10 @@
         ) VALUES
         <foreach collection="list" item="item" separator=",">
             (
-            COALESCE(#{item.createdAt}, NOW() AT TIME ZONE 'utc'),
+            COALESCE(#{item.createdAt}, SYSDATE),
             #{item.deviceCollectId},
             #{item.deviceId},
-            #{item.deviceIp}::inet,
+            #{item.deviceIp},
             #{item.receiveTime},
             #{item.receiveTimeStr},
             #{item.syslogMessage}
@@ -80,10 +80,10 @@
         ORDER BY receive_time DESC
     </select>
 
-    <!-- 根据IP地址查询（使用PostgreSQL的inet操作符） -->
+    <!-- 根据IP地址查询 -->
     <select id="selectByDeviceIp" resultMap="BaseResultMap">
         SELECT * FROM device_receive_log
-        WHERE device_ip >>= #{deviceIp}::inet
+        WHERE device_ip = #{deviceIp}
         ORDER BY receive_time DESC
     </select>
 
@@ -105,7 +105,7 @@
                 AND device_collect_id = #{deviceCollectId}
             </if>
             <if test="deviceIp != null and deviceIp != ''">
-                AND device_ip >>= #{deviceIp}::inet
+                AND device_ip = #{deviceIp}
             </if>
             <if test="receiveTime != null">
                 AND receive_time >= #{receiveTime}
@@ -128,7 +128,7 @@
                 AND device_collect_id = #{deviceCollectId}
             </if>
             <if test="deviceIp != null and deviceIp != ''">
-                AND device_ip >>= #{deviceIp}::inet
+                AND device_ip = #{deviceIp}
             </if>
             <if test="receiveTime != null">
                 AND receive_time >= #{receiveTime}
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DmColumnMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DmColumnMapper.xml
index c72ee92..2eadc56 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DmColumnMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DmColumnMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8" ?>
+<?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 
@@ -65,13 +65,13 @@
 
 
     <select id="findById" parameterType="java.lang.Long" resultMap="BaseResultMap">
-         SELECT Id, created_at::timestamp as created_at ,
-          updated_at::timestamp as updated_at , deleted_at::timestamp as deleted_at , name, display_name,
+         SELECT Id, created_at as created_at ,
+          updated_at as updated_at , deleted_at as deleted_at , name, display_name,
         storage_data_type, business_data_type, is_built_in, is_hidden,
         is_not_normalizable, is_required, category_id, custom_asset_category_id,
         is_virtual, table_id, asset_table_id, column_set_id, base_type,
-        user_task_id, created_by_id, create_dept, create_by, create_time::timestamp as create_time ,
-        update_by, update_time::timestamp as update_time
+        user_task_id, created_by_id, create_dept, create_by, create_time as create_time ,
+        update_by, update_time as update_time
          FROM dm_column
         WHERE   id = #{id} AND deleted_at IS NULL
     </select>
@@ -80,13 +80,13 @@
     <!-- 查询全部正常字段-->
 
     <select id="selectAllNormal" parameterType="java.lang.Long" resultType="java.util.LinkedHashMap">
-     SELECT Id, created_at::timestamp as created_at ,
-          updated_at::timestamp as updated_at , deleted_at::timestamp as deleted_at , name, display_name,
+     SELECT Id, created_at as created_at ,
+          updated_at as updated_at , deleted_at as deleted_at , name, display_name,
         storage_data_type, business_data_type, is_built_in, is_hidden,
         is_not_normalizable, is_required, category_id, custom_asset_category_id,
         is_virtual, table_id, asset_table_id, column_set_id, base_type,
-        user_task_id, created_by_id, create_dept, create_by, create_time::timestamp as create_time ,
-        update_by, update_time::timestamp as update_time
+        user_task_id, created_by_id, create_dept, create_by, create_time as create_time ,
+        update_by, update_time as update_time
          FROM dm_column
     where  deleted_at is  null and id  in ( select  distinct column_id  from dm_field_table_column  where   deleted_at is null
     )
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DmNormalizeRuleMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DmNormalizeRuleMapper.xml
index 17b945a..8004a95 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DmNormalizeRuleMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/DmNormalizeRuleMapper.xml
@@ -16,7 +16,7 @@
         <result column="data_type" property="dataType" />
         <result column="field_cate_id" property="fieldCateId" />
         <result column="log_parsed" property="logParsed" />
-        <result column="sample_logs" property="sampleLogs" typeHandler="org.apache.ibatis.type.ArrayTypeHandler" />
+        <result column="sample_logs" property="sampleLogs" typeHandler="com.Modules.etl.handler.ArrayStringTypeHandler" />
         <result column="is_data_merge_enabled" property="isDataMergeEnabled" />
         <result column="data_merge_interval" property="dataMergeInterval" />
         <result column="data_merge_time_unit" property="dataMergeTimeUnit" />
@@ -51,12 +51,12 @@
 
         SELECT
         id,
-        created_at::timestamp as created_at,  <!-- 转换为 timestamp -->
-        updated_at::timestamp as updated_at,
-        deleted_at::timestamp as deleted_at,
-        first_data_saved_at::timestamp as first_data_saved_at,
-        create_time::timestamp as create_time,
-        update_time::timestamp as update_time,
+        created_at,
+        updated_at,
+        deleted_at,
+        first_data_saved_at,
+        create_time,
+        update_time,
         name, display_name, description, is_built_in, is_running,
         data_type, field_cate_id, log_parsed, sample_logs,
         is_data_merge_enabled, data_merge_interval, data_merge_time_unit,
@@ -74,12 +74,12 @@
 
         SELECT
         id,
-        created_at::timestamp as created_at,  <!-- 转换为 timestamp -->
-        updated_at::timestamp as updated_at,
-        deleted_at::timestamp as deleted_at,
-        first_data_saved_at::timestamp as first_data_saved_at,
-        create_time::timestamp as create_time,
-        update_time::timestamp as update_time,
+        created_at,
+        updated_at,
+        deleted_at,
+        first_data_saved_at,
+        create_time,
+        update_time,
         name, display_name, description, is_built_in, is_running,
         data_type, field_cate_id, log_parsed, sample_logs,
         is_data_merge_enabled, data_merge_interval, data_merge_time_unit,
@@ -113,7 +113,7 @@
             <if test="dataType != null">data_type = #{dataType},</if>
             <if test="fieldCateId != null">field_cate_id = #{fieldCateId},</if>
             <if test="logParsed != null">log_parsed = #{logParsed},</if>
-            <if test="sampleLogs != null">sample_logs = #{sampleLogs, typeHandler=org.apache.ibatis.type.ArrayTypeHandler},</if>
+            <if test="sampleLogs != null">sample_logs = #{sampleLogs, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler},</if>
             <if test="isDataMergeEnabled != null">is_data_merge_enabled = #{isDataMergeEnabled},</if>
             <if test="dataMergeInterval != null">data_merge_interval = #{dataMergeInterval},</if>
             <if test="dataMergeTimeUnit != null">data_merge_time_unit = #{dataMergeTimeUnit},</if>
@@ -142,7 +142,7 @@
             <if test="dataType != null">data_type = #{dataType},</if>
             <if test="fieldCateId != null">field_cate_id = #{fieldCateId},</if>
             <if test="logParsed != null">log_parsed = #{logParsed},</if>
-            <if test="sampleLogs != null">sample_logs = #{sampleLogs, typeHandler=org.apache.ibatis.type.ArrayTypeHandler},</if>
+            <if test="sampleLogs != null">sample_logs = #{sampleLogs, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler},</if>
             <if test="isDataMergeEnabled != null">is_data_merge_enabled = #{isDataMergeEnabled},</if>
             <if test="dataMergeInterval != null">data_merge_interval = #{dataMergeInterval},</if>
             <if test="dataMergeTimeUnit != null">data_merge_time_unit = #{dataMergeTimeUnit},</if>
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNonNormalMessageMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNonNormalMessageMapper.xml
index 510de01..b88d6c6 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNonNormalMessageMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNonNormalMessageMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8"?>
+<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.SyslogNonNormalMessageMapper">
 
@@ -118,7 +118,7 @@
         WHERE del_flag = '0'
         AND (
         <foreach collection="ids" item="id" index="index" separator=" OR ">
-            (id = #{id} AND created_at = #{createdAts[${index}]}::timestamptz)
+            (id = #{id} AND created_at = #{createdAts[${index}]})
         </foreach>
         )
     </select>
@@ -137,7 +137,7 @@
     <update id="updateBatchDelFlag">
         UPDATE syslog_non_normal_message
         SET del_flag = '1',
-        update_time = NOW()
+        update_time = SYSDATE
         WHERE id IN
         <foreach collection="messages" item="item" open="(" separator="," close=")">
             #{item.id}
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNormalAlarmMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNormalAlarmMapper.xml
index 004a2b3..7d22699 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNormalAlarmMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNormalAlarmMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8" ?>
+<?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.SyslogNormalAlarmMapper">
@@ -406,9 +406,9 @@
             <if test="dataMap.container_name != null">#{dataMap.container_name},</if>
             <if test="dataMap.container_id != null">#{dataMap.container_id},</if>
             <if test="dataMap.http_resp_server != null">#{dataMap.http_resp_server},</if>
-            <if test="dataMap.srcip_id != null">#{dataMap.srcip_id}::int8,</if>
-            <if test="dataMap.cdnip != null">#{dataMap.cdnip}::inet,</if>
-            <if test="dataMap.natip != null">#{dataMap.natip}::inet,</if>
+            <if test="dataMap.srcip_id != null">#{dataMap.srcip_id},</if>
+            <if test="dataMap.cdnip != null">#{dataMap.cdnip},</if>
+            <if test="dataMap.natip != null">#{dataMap.natip},</if>
             <if test="dataMap.mail_sender != null">#{dataMap.mail_sender},</if>
             <if test="dataMap.mail_receiver != null">#{dataMap.mail_receiver},</if>
             <if test="dataMap.vpn_mac != null">#{dataMap.vpn_mac},</if>
@@ -439,8 +439,8 @@
             <if test="dataMap.print_time != null">#{dataMap.print_time},</if>
             <if test="dataMap.printer != null">#{dataMap.printer},</if>
             <if test="dataMap.printer_type != null">#{dataMap.printer_type},</if>
-            <if test="dataMap.print_pages != null">#{dataMap.print_pages}::int8,</if>
-            <if test="dataMap.print_copies != null">#{dataMap.print_copies}::int8,</if>
+            <if test="dataMap.print_pages != null">#{dataMap.print_pages},</if>
+            <if test="dataMap.print_copies != null">#{dataMap.print_copies},</if>
             <if test="dataMap.src_device != null">#{dataMap.src_device},</if>
             <if test="dataMap.dst_device != null">#{dataMap.dst_device},</if>
             <if test="dataMap.src_file != null">#{dataMap.src_file},</if>
@@ -457,18 +457,18 @@
             <if test="dataMap.env != null">#{dataMap.env},</if>
             <if test="dataMap.brute_force_service != null">#{dataMap.brute_force_service},</if>
             <if test="dataMap.vuirs_name != null">#{dataMap.vuirs_name},</if>
-            <if test="dataMap.http_req_length != null">#{dataMap.http_req_length}::int8,</if>
+            <if test="dataMap.http_req_length != null">#{dataMap.http_req_length},</if>
             <if test="dataMap.http_req_content_type != null">#{dataMap.http_req_content_type},</if>
-            <if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port}::inet,</if>
-            <if test="dataMap.tc_labels != null">#{dataMap.tc_labels}::inet,</if>
+            <if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port},</if>
+            <if test="dataMap.tc_labels != null">#{dataMap.tc_labels},</if>
             <if test="dataMap.http_resp_content_type != null">#{dataMap.http_resp_content_type},</if>
             <if test="dataMap.dns_msg_type != null">#{dataMap.dns_msg_type},</if>
             <if test="dataMap.dns_answer_length != null">#{dataMap.dns_answer_length},</if>
             <if test="dataMap.dns_ioc != null">#{dataMap.dns_ioc},</if>
-            <if test="dataMap.tx_bytes != null">#{dataMap.tx_bytes}::double precision,</if>
-            <if test="dataMap.rx_bytes != null">#{dataMap.rx_bytes}::double precision,</if>
-            <if test="dataMap.all_bytes != null">#{dataMap.all_bytes}::double precision,</if>
-            <if test="dataMap.duration_time != null">#{dataMap.duration_time}::int8,</if>
+            <if test="dataMap.tx_bytes != null">#{dataMap.tx_bytes},</if>
+            <if test="dataMap.rx_bytes != null">#{dataMap.rx_bytes},</if>
+            <if test="dataMap.all_bytes != null">#{dataMap.all_bytes},</if>
+            <if test="dataMap.duration_time != null">#{dataMap.duration_time},</if>
             <if test="dataMap.mail_attach_name != null">#{dataMap.mail_attach_name},</if>
             <if test="dataMap.mail_subject != null">#{dataMap.mail_subject},</if>
             <if test="dataMap.mail_message != null">#{dataMap.mail_message},</if>
@@ -488,27 +488,27 @@
             <if test="dataMap.src_ip_apt != null">#{dataMap.src_ip_apt},</if>
             <if test="dataMap.srcip_name != null">#{dataMap.srcip_name},</if>
             <if test="dataMap.tc_client != null">#{dataMap.tc_client},</if>
-            <if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id}::int8,</if>
+            <if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id},</if>
             <if test="dataMap.dest_ip_intranetip != null">#{dataMap.dest_ip_intranetip},</if>
             <if test="dataMap.dest_ip_ioc != null">#{dataMap.dest_ip_ioc},</if>
-            <if test="dataMap.desip_id != null">#{dataMap.desip_id}::int8,</if>
+            <if test="dataMap.desip_id != null">#{dataMap.desip_id},</if>
             <if test="dataMap.desip_name != null">#{dataMap.desip_name},</if>
-            <if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip}::inet,</if>
-            <if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id}::int8,</if>
+            <if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip},</if>
+            <if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id},</if>
             <if test="dataMap.origin_confidence != null">#{dataMap.origin_confidence},</if>
             <if test="dataMap.origin_malscore != null">#{dataMap.origin_malscore},</if>
             <if test="dataMap.attacker_icampaign != null">#{dataMap.attacker_icampaign},</if>
-            <if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id}::int8,</if>
-            <if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id}::int8,</if>
-            <if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id}::int8,</if>
-            <if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id}::int8,</if>
+            <if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id},</if>
+            <if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id},</if>
+            <if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id},</if>
+            <if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id},</if>
             <if test="dataMap.logout_time != null">#{dataMap.logout_time},</if>
             <if test="dataMap.http_req_line != null">#{dataMap.http_req_line},</if>
             <if test="dataMap.desip_security_scope_id != null">#{dataMap.desip_security_scope_id},</if>
             <if test="dataMap.srcip_security_scope_id != null">#{dataMap.srcip_security_scope_id},</if>
-            <if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length}::int8,</if>
+            <if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length},</if>
             <if test="dataMap.tc_attack_type != null">#{dataMap.tc_attack_type},</if>
-            <if test="dataMap.tc_realip != null">#{dataMap.tc_realip}::inet,</if>
+            <if test="dataMap.tc_realip != null">#{dataMap.tc_realip},</if>
             <if test="dataMap.attacker_ip_lists != null">#{dataMap.attacker_ip_lists},</if>
             <if test="dataMap.login_password != null">#{dataMap.login_password},</if>
             <if test="dataMap.detail != null">#{dataMap.detail},</if>
@@ -525,12 +525,12 @@
             <if test="dataMap.login_abnormal_type != null">#{dataMap.login_abnormal_type},</if>
             <if test="dataMap.file_tag != null">#{dataMap.file_tag},</if>
             <if test="dataMap.file_platform != null">#{dataMap.file_platform},</if>
-            <if test="dataMap.target_ip != null">#{dataMap.target_ip}::inet,</if>
+            <if test="dataMap.target_ip != null">#{dataMap.target_ip},</if>
             <if test="dataMap.collect_date != null">#{dataMap.collect_date},</if>
-            <if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip}::inet,</if>
-            <if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip}::inet,</if>
-            <if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip}::inet,</if>
-            <if test="dataMap.http_status_code != null">#{dataMap.http_status_code}::int8,</if>
+            <if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip},</if>
+            <if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip},</if>
+            <if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip},</if>
+            <if test="dataMap.http_status_code != null">#{dataMap.http_status_code},</if>
             <if test="dataMap.device_domian != null">#{dataMap.device_domian},</if>
             <if test="dataMap.src_ip_str != null">#{dataMap.src_ip_str},</if>
             <if test="dataMap.src_port_str != null">#{dataMap.src_port_str},</if>
@@ -576,28 +576,28 @@
             <if test="dataMap.origin_agent_name != null">#{dataMap.origin_agent_name},</if>
             <if test="dataMap.origin_work_group != null">#{dataMap.origin_work_group},</if>
             <if test="dataMap.origin_asset_group != null">#{dataMap.origin_asset_group},</if>
-            <if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port}::int8,</if>
-            <if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip}::inet,</if>
-            <if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip}::inet,</if>
-            <if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip}::inet,</if>
-            <if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr}::inet,</if>
-            <if test="dataMap.agent_id != null">#{dataMap.agent_id}::int8,</if>
+            <if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port},</if>
+            <if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip},</if>
+            <if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip},</if>
+            <if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip},</if>
+            <if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr},</if>
+            <if test="dataMap.agent_id != null">#{dataMap.agent_id},</if>
             <if test="dataMap.agent_name != null">#{dataMap.agent_name},</if>
             <if test="dataMap.tc_title != null">#{dataMap.tc_title},</if>
             <if test="dataMap.log_id != null">#{dataMap.log_id},</if>
             <if test="dataMap.event_date != null">#{dataMap.event_date},</if>
             <if test="dataMap.event_time_ts != null">#{dataMap.event_time_ts},</if>
-            <if test="dataMap.event_level != null">#{dataMap.event_level}::int ,</if>
-            <if test="dataMap.src_ip != null">#{dataMap.src_ip}::inet,</if>
+            <if test="dataMap.event_level != null">#{dataMap.event_level},</if>
+            <if test="dataMap.src_ip != null">#{dataMap.src_ip},</if>
             <if test="dataMap.src_port != null">#{dataMap.src_port}::BIGINT ,</if>
-            <if test="dataMap.dest_ip != null">#{dataMap.dest_ip}::inet,</if>
+            <if test="dataMap.dest_ip != null">#{dataMap.dest_ip},</if>
             <if test="dataMap.dest_port != null">#{dataMap.dest_port}::BIGINT,</if>
             <if test="dataMap.event_time != null">#{dataMap.event_time},</if>
             <if test="dataMap.attacker_country != null">#{dataMap.attacker_country},</if>
             <if test="dataMap.src_mac != null">#{dataMap.src_mac},</if>
             <if test="dataMap.dest_mac != null">#{dataMap.dest_mac},</if>
             <if test="dataMap.proto != null">#{dataMap.proto},</if>
-            <if test="dataMap.dev_id != null">#{dataMap.dev_id}::int8,</if>
+            <if test="dataMap.dev_id != null">#{dataMap.dev_id},</if>
             <if test="dataMap.created_time != null">#{dataMap.created_time},</if>
             <if test="dataMap.src_country != null">#{dataMap.src_country},</if>
             <if test="dataMap.src_country_code != null">#{dataMap.src_country_code},</if>
@@ -621,20 +621,20 @@
             <if test="dataMap.end_time != null">#{dataMap.end_time},</if>
             <if test="dataMap.file_created_time != null">#{dataMap.file_created_time},</if>
             <if test="dataMap.file_modified_time != null">#{dataMap.file_modified_time},</if>
-            <if test="dataMap.tc_miguan_scan_port != null">#{dataMap.tc_miguan_scan_port}::inet,</if>
+            <if test="dataMap.tc_miguan_scan_port != null">#{dataMap.tc_miguan_scan_port},</if>
             <if test="dataMap.process_path != null">#{dataMap.process_path},</if>
             <if test="dataMap.parent_process_path != null">#{dataMap.parent_process_path},</if>
             <if test="dataMap.gname != null">#{dataMap.gname},</if>
             <if test="dataMap.exe_name != null">#{dataMap.exe_name},</if>
             <if test="dataMap.exe_path != null">#{dataMap.exe_path},</if>
             <if test="dataMap.login_time != null">#{dataMap.login_time},</if>
-            <if test="dataMap.login_times != null">#{dataMap.login_times}::int8,</if>
+            <if test="dataMap.login_times != null">#{dataMap.login_times},</if>
             <if test="dataMap.check_item != null">#{dataMap.check_item},</if>
             <if test="dataMap.check_type != null">#{dataMap.check_type},</if>
-            <if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip}::inet,</if>
-            <if test="dataMap.attacker_port != null">#{dataMap.attacker_port}::int8,</if>
-            <if test="dataMap.victim_ip != null">#{dataMap.victim_ip}::inet,</if>
-            <if test="dataMap.victim_port != null">#{dataMap.victim_port}::int8,</if>
+            <if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip},</if>
+            <if test="dataMap.attacker_port != null">#{dataMap.attacker_port},</if>
+            <if test="dataMap.victim_ip != null">#{dataMap.victim_ip},</if>
+            <if test="dataMap.victim_port != null">#{dataMap.victim_port},</if>
             <if test="dataMap.attacker_city != null">#{dataMap.attacker_city},</if>
             <if test="dataMap.attacker_lon != null">#{dataMap.attacker_lon},</if>
             <if test="dataMap.attacker_lat != null">#{dataMap.attacker_lat},</if>
@@ -660,7 +660,7 @@
             <if test="dataMap.file_ssdeep != null">#{dataMap.file_ssdeep},</if>
             <if test="dataMap.victim_country_code != null">#{dataMap.victim_country_code},</if>
             <if test="dataMap.http_xff_ip != null">#{dataMap.http_xff_ip},</if>
-            <if test="dataMap.tc_miguan_class != null">#{dataMap.tc_miguan_class}::inet,</if>
+            <if test="dataMap.tc_miguan_class != null">#{dataMap.tc_miguan_class},</if>
             <if test="dataMap.pid != null">#{dataMap.pid},</if>
             <if test="dataMap.ppid != null">#{dataMap.ppid},</if>
             <if test="dataMap.process_name != null">#{dataMap.process_name},</if>
@@ -687,35 +687,35 @@
             <if test="dataMap.dest_city != null">#{dataMap.dest_city},</if>
             <if test="dataMap.dest_lon != null">#{dataMap.dest_lon},</if>
             <if test="dataMap.dest_lat != null">#{dataMap.dest_lat},</if>
-            <if test="dataMap.event_category != null">#{dataMap.event_category}::int4,</if>
-            <if test="dataMap.attack_result != null">#{dataMap.attack_result}::int4,</if>
-            <if test="dataMap.probe_ip != null">#{dataMap.probe_ip}::inet,</if>
-            <if test="dataMap.device_ip != null">#{dataMap.device_ip}::inet,</if>
+            <if test="dataMap.event_category != null">#{dataMap.event_category},</if>
+            <if test="dataMap.attack_result != null">#{dataMap.attack_result},</if>
+            <if test="dataMap.probe_ip != null">#{dataMap.probe_ip},</if>
+            <if test="dataMap.device_ip != null">#{dataMap.device_ip},</if>
             <if test="dataMap.device_manufacturer != null">#{dataMap.device_manufacturer},</if>
             <if test="dataMap.device_name != null">#{dataMap.device_name},</if>
             <if test="dataMap.product_name != null">#{dataMap.product_name},</if>
             <if test="dataMap.__id != null">#{dataMap.__id},</if>
-            <if test="dataMap.__count != null">#{dataMap.__count}::int8,</if>
+            <if test="dataMap.__count != null">#{dataMap.__count},</if>
             <if test="dataMap.__count_reason != null">#{dataMap.__count_reason},</if>
-            <if test="dataMap.event_type != null">#{dataMap.event_type}::int,</if>
+            <if test="dataMap.event_type != null">#{dataMap.event_type},</if>
             <if test="dataMap.protocol != null">#{dataMap.protocol},</if>
             <if test="dataMap.shell_cmd != null">#{dataMap.shell_cmd},</if>
             <if test="dataMap.parent_name != null">#{dataMap.parent_name},</if>
             <if test="dataMap.host_file_path != null">#{dataMap.host_file_path},</if>
             <if test="dataMap.uid != null">#{dataMap.uid},</if>
-            <if test="dataMap.fall != null">#{dataMap.fall}::int4,</if>
-            <if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip}::inet,</if>
-            <if test="dataMap.dev_type != null">#{dataMap.dev_type}::int4,</if>
-            <if test="dataMap.collect_method != null">#{dataMap.collect_method}::int4,</if>
-            <if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id}::int4,</if>
-            <if test="dataMap.device_type != null">#{dataMap.device_type}::int4,</if>
-            <if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip}::inet,</if>
-            <if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name}::inet,</if>
-            <if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages}::int8,</if>
-            <if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes}::int8,</if>
-            <if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate}::int8,</if>
-            <if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate}::int8,</if>
-            <if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate}::int8,</if>
+            <if test="dataMap.fall != null">#{dataMap.fall},</if>
+            <if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip},</if>
+            <if test="dataMap.dev_type != null">#{dataMap.dev_type},</if>
+            <if test="dataMap.collect_method != null">#{dataMap.collect_method},</if>
+            <if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id},</if>
+            <if test="dataMap.device_type != null">#{dataMap.device_type},</if>
+            <if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip},</if>
+            <if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name},</if>
+            <if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages},</if>
+            <if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes},</if>
+            <if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate},</if>
+            <if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate},</if>
+            <if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate},</if>
             <if test="dataMap.apt_orgname != null">#{dataMap.apt_orgname},</if>
             <if test="dataMap.apt_orgmsg != null">#{dataMap.apt_orgmsg},</if>
             <if test="dataMap.mail_message_id != null">#{dataMap.mail_message_id},</if>
@@ -725,18 +725,18 @@
             <if test="dataMap.mail_url != null">#{dataMap.mail_url},</if>
             <if test="dataMap.mail_cc != null">#{dataMap.mail_cc},</if>
             <if test="dataMap.algorithm != null">#{dataMap.algorithm},</if>
-            <if test="dataMap.miningpool_ip != null">#{dataMap.miningpool_ip}::inet,</if>
+            <if test="dataMap.miningpool_ip != null">#{dataMap.miningpool_ip},</if>
             <if test="dataMap.process_md5 != null">#{dataMap.process_md5},</if>
             <if test="dataMap.pprocess_md5 != null">#{dataMap.pprocess_md5},</if>
             <if test="dataMap.source_servername != null">#{dataMap.source_servername},</if>
             <if test="dataMap.origin_source_servername != null">#{dataMap.origin_source_servername},</if>
             <if test="dataMap.mail_filename != null">#{dataMap.mail_filename},</if>
             <if test="dataMap.dst_upload_appname != null">#{dataMap.dst_upload_appname},</if>
-            <if test="dataMap.target_port != null">#{dataMap.target_port}::int8,</if>
+            <if test="dataMap.target_port != null">#{dataMap.target_port},</if>
             <if test="dataMap.gid != null">#{dataMap.gid},</if>
             <if test="dataMap.origin_uid != null">#{dataMap.origin_uid},</if>
             <if test="dataMap.origin_gid != null">#{dataMap.origin_gid},</if>
-            <if test="dataMap.target_ports != null">#{dataMap.target_ports}::int8,</if>
+            <if test="dataMap.target_ports != null">#{dataMap.target_ports},</if>
             <if test="dataMap.tc_miguan_name1 != null">#{dataMap.tc_miguan_name1},</if>
             <if test="dataMap.tc_miguan_class1 != null">#{dataMap.tc_miguan_class1},</if>
             <if test="dataMap.etl_time != null">#{dataMap.etl_time},</if>
@@ -744,7 +744,7 @@
             <if test="dataMap.desip_security_scope != null">#{dataMap.desip_security_scope},</if>
             <if test="dataMap.srcip_security_scope != null">#{dataMap.srcip_security_scope},</if>
             <if test="dataMap.collect_time_ts != null">#{dataMap.collect_time_ts},</if>
-            <if test="dataMap.tc_miguan_scan_port1 != null">#{dataMap.tc_miguan_scan_port1}::inet,</if>
+            <if test="dataMap.tc_miguan_scan_port1 != null">#{dataMap.tc_miguan_scan_port1},</if>
             <if test="dataMap.src_dev_name != null">#{dataMap.src_dev_name},</if>
             <if test="dataMap.collect_protocol != null">#{dataMap.collect_protocol},</if>
             <if test="dataMap.destination_system_type != null">#{dataMap.destination_system_type},</if>
diff --git a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNormalDataMapper.xml b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNormalDataMapper.xml
index 9d60d7c..bf7ceac 100644
--- a/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNormalDataMapper.xml
+++ b/haobang-security-dm/syslog-consumer/src/main/resources/mapper/SyslogNormalDataMapper.xml
@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8" ?>
+<?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
         "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.common.mapper.SyslogNormalDataMapper">
@@ -57,6 +57,7 @@
             id,
             created_at,
             log_time,
+            device_id,
             device_ip,
             dest_ip,
             dest_port,
@@ -541,9 +542,9 @@
             <if test="dataMap.container_name != null">#{dataMap.container_name},</if>
             <if test="dataMap.container_id != null">#{dataMap.container_id},</if>
             <if test="dataMap.http_resp_server != null">#{dataMap.http_resp_server},</if>
-            <if test="dataMap.srcip_id != null">#{dataMap.srcip_id}::int8,</if>
-            <if test="dataMap.cdnip != null">#{dataMap.cdnip}::inet,</if>
-            <if test="dataMap.natip != null">#{dataMap.natip}::inet,</if>
+            <if test="dataMap.srcip_id != null">#{dataMap.srcip_id},</if>
+            <if test="dataMap.cdnip != null">#{dataMap.cdnip},</if>
+            <if test="dataMap.natip != null">#{dataMap.natip},</if>
             <if test="dataMap.mail_sender != null">#{dataMap.mail_sender},</if>
             <if test="dataMap.mail_receiver != null">#{dataMap.mail_receiver},</if>
             <if test="dataMap.vpn_mac != null">#{dataMap.vpn_mac},</if>
@@ -574,8 +575,8 @@
             <if test="dataMap.print_time != null">#{dataMap.print_time},</if>
             <if test="dataMap.printer != null">#{dataMap.printer},</if>
             <if test="dataMap.printer_type != null">#{dataMap.printer_type},</if>
-            <if test="dataMap.print_pages != null">#{dataMap.print_pages}::int8,</if>
-            <if test="dataMap.print_copies != null">#{dataMap.print_copies}::int8,</if>
+            <if test="dataMap.print_pages != null">#{dataMap.print_pages},</if>
+            <if test="dataMap.print_copies != null">#{dataMap.print_copies},</if>
             <if test="dataMap.src_device != null">#{dataMap.src_device},</if>
             <if test="dataMap.dst_device != null">#{dataMap.dst_device},</if>
             <if test="dataMap.src_file != null">#{dataMap.src_file},</if>
@@ -592,18 +593,18 @@
             <if test="dataMap.env != null">#{dataMap.env},</if>
             <if test="dataMap.brute_force_service != null">#{dataMap.brute_force_service},</if>
             <if test="dataMap.vuirs_name != null">#{dataMap.vuirs_name},</if>
-            <if test="dataMap.http_req_length != null">#{dataMap.http_req_length}::int8,</if>
+            <if test="dataMap.http_req_length != null">#{dataMap.http_req_length},</if>
             <if test="dataMap.http_req_content_type != null">#{dataMap.http_req_content_type},</if>
-            <if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port}::inet,</if>
-            <if test="dataMap.tc_labels != null">#{dataMap.tc_labels}::inet,</if>
+            <if test="dataMap.tc_scan_port != null">#{dataMap.tc_scan_port},</if>
+            <if test="dataMap.tc_labels != null">#{dataMap.tc_labels},</if>
             <if test="dataMap.http_resp_content_type != null">#{dataMap.http_resp_content_type},</if>
             <if test="dataMap.dns_msg_type != null">#{dataMap.dns_msg_type},</if>
             <if test="dataMap.dns_answer_length != null">#{dataMap.dns_answer_length},</if>
             <if test="dataMap.dns_ioc != null">#{dataMap.dns_ioc},</if>
-            <if test="dataMap.tx_bytes != null">#{dataMap.tx_bytes}::double precision,</if>
-            <if test="dataMap.rx_bytes != null">#{dataMap.rx_bytes}::double precision,</if>
-            <if test="dataMap.all_bytes != null">#{dataMap.all_bytes}::double precision,</if>
-            <if test="dataMap.duration_time != null">#{dataMap.duration_time}::int8,</if>
+            <if test="dataMap.tx_bytes != null">#{dataMap.tx_bytes},</if>
+            <if test="dataMap.rx_bytes != null">#{dataMap.rx_bytes},</if>
+            <if test="dataMap.all_bytes != null">#{dataMap.all_bytes},</if>
+            <if test="dataMap.duration_time != null">#{dataMap.duration_time},</if>
             <if test="dataMap.mail_attach_name != null">#{dataMap.mail_attach_name},</if>
             <if test="dataMap.mail_subject != null">#{dataMap.mail_subject},</if>
             <if test="dataMap.mail_message != null">#{dataMap.mail_message},</if>
@@ -623,27 +624,27 @@
             <if test="dataMap.src_ip_apt != null">#{dataMap.src_ip_apt},</if>
             <if test="dataMap.srcip_name != null">#{dataMap.srcip_name},</if>
             <if test="dataMap.tc_client != null">#{dataMap.tc_client},</if>
-            <if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id}::int8,</if>
+            <if test="dataMap.srcip_organization_id != null">#{dataMap.srcip_organization_id},</if>
             <if test="dataMap.dest_ip_intranetip != null">#{dataMap.dest_ip_intranetip},</if>
             <if test="dataMap.dest_ip_ioc != null">#{dataMap.dest_ip_ioc},</if>
-            <if test="dataMap.desip_id != null">#{dataMap.desip_id}::int8,</if>
+            <if test="dataMap.desip_id != null">#{dataMap.desip_id},</if>
             <if test="dataMap.desip_name != null">#{dataMap.desip_name},</if>
-            <if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip}::inet,</if>
-            <if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id}::int8,</if>
+            <if test="dataMap.tc_hostip != null">#{dataMap.tc_hostip},</if>
+            <if test="dataMap.desip_organization_id != null">#{dataMap.desip_organization_id},</if>
             <if test="dataMap.origin_confidence != null">#{dataMap.origin_confidence},</if>
             <if test="dataMap.origin_malscore != null">#{dataMap.origin_malscore},</if>
             <if test="dataMap.attacker_icampaign != null">#{dataMap.attacker_icampaign},</if>
-            <if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id}::int8,</if>
-            <if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id}::int8,</if>
-            <if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id}::int8,</if>
-            <if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id}::int8,</if>
+            <if test="dataMap.attacker_host_asset_id != null">#{dataMap.attacker_host_asset_id},</if>
+            <if test="dataMap.attacker_organization_id != null">#{dataMap.attacker_organization_id},</if>
+            <if test="dataMap.victim_host_asset_id != null">#{dataMap.victim_host_asset_id},</if>
+            <if test="dataMap.victim_organization_id != null">#{dataMap.victim_organization_id},</if>
             <if test="dataMap.logout_time != null">#{dataMap.logout_time},</if>
             <if test="dataMap.http_req_line != null">#{dataMap.http_req_line},</if>
             <if test="dataMap.desip_security_scope_id != null">#{dataMap.desip_security_scope_id},</if>
             <if test="dataMap.srcip_security_scope_id != null">#{dataMap.srcip_security_scope_id},</if>
-            <if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length}::int8,</if>
+            <if test="dataMap.http_resp_length != null">#{dataMap.http_resp_length},</if>
             <if test="dataMap.tc_attack_type != null">#{dataMap.tc_attack_type},</if>
-            <if test="dataMap.tc_realip != null">#{dataMap.tc_realip}::inet,</if>
+            <if test="dataMap.tc_realip != null">#{dataMap.tc_realip},</if>
             <if test="dataMap.attacker_ip_lists != null">#{dataMap.attacker_ip_lists},</if>
             <if test="dataMap.login_password != null">#{dataMap.login_password},</if>
             <if test="dataMap.detail != null">#{dataMap.detail},</if>
@@ -660,12 +661,12 @@
             <if test="dataMap.login_abnormal_type != null">#{dataMap.login_abnormal_type},</if>
             <if test="dataMap.file_tag != null">#{dataMap.file_tag},</if>
             <if test="dataMap.file_platform != null">#{dataMap.file_platform},</if>
-            <if test="dataMap.target_ip != null">#{dataMap.target_ip}::inet,</if>
+            <if test="dataMap.target_ip != null">#{dataMap.target_ip},</if>
             <if test="dataMap.collect_date != null">#{dataMap.collect_date},</if>
-            <if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip}::inet,</if>
-            <if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip}::inet,</if>
-            <if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip}::inet,</if>
-            <if test="dataMap.http_status_code != null">#{dataMap.http_status_code}::int8,</if>
+            <if test="dataMap.tc_client_ip != null">#{dataMap.tc_client_ip},</if>
+            <if test="dataMap.tc_server_ip != null">#{dataMap.tc_server_ip},</if>
+            <if test="dataMap.tc_externalip != null">#{dataMap.tc_externalip},</if>
+            <if test="dataMap.http_status_code != null">#{dataMap.http_status_code},</if>
             <if test="dataMap.device_domian != null">#{dataMap.device_domian},</if>
             <if test="dataMap.src_ip_str != null">#{dataMap.src_ip_str},</if>
             <if test="dataMap.src_port_str != null">#{dataMap.src_port_str},</if>
@@ -711,28 +712,28 @@
             <if test="dataMap.origin_agent_name != null">#{dataMap.origin_agent_name},</if>
             <if test="dataMap.origin_work_group != null">#{dataMap.origin_work_group},</if>
             <if test="dataMap.origin_asset_group != null">#{dataMap.origin_asset_group},</if>
-            <if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port}::int8,</if>
-            <if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip}::inet,</if>
-            <if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip}::inet,</if>
-            <if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip}::inet,</if>
-            <if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr}::inet,</if>
-            <if test="dataMap.agent_id != null">#{dataMap.agent_id}::int8,</if>
+            <if test="dataMap.origin_local_port != null">#{dataMap.origin_local_port},</if>
+            <if test="dataMap.origin_agent_ip != null">#{dataMap.origin_agent_ip},</if>
+            <if test="dataMap.origin_internal_ip != null">#{dataMap.origin_internal_ip},</if>
+            <if test="dataMap.origin_external_ip != null">#{dataMap.origin_external_ip},</if>
+            <if test="dataMap.origin_local_addr != null">#{dataMap.origin_local_addr},</if>
+            <if test="dataMap.agent_id != null">#{dataMap.agent_id},</if>
             <if test="dataMap.agent_name != null">#{dataMap.agent_name},</if>
             <if test="dataMap.tc_title != null">#{dataMap.tc_title},</if>
             <if test="dataMap.log_id != null">#{dataMap.log_id},</if>
             <if test="dataMap.event_date != null">#{dataMap.event_date},</if>
             <if test="dataMap.event_time_ts != null">#{dataMap.event_time_ts},</if>
-            <if test="dataMap.event_level != null">#{dataMap.event_level}::int ,</if>
-            <if test="dataMap.src_ip != null">#{dataMap.src_ip}::inet,</if>
+            <if test="dataMap.event_level != null">#{dataMap.event_level},</if>
+            <if test="dataMap.src_ip != null">#{dataMap.src_ip},</if>
             <if test="dataMap.src_port != null">#{dataMap.src_port}::BIGINT ,</if>
-            <if test="dataMap.dest_ip != null">#{dataMap.dest_ip}::inet,</if>
+            <if test="dataMap.dest_ip != null">#{dataMap.dest_ip},</if>
             <if test="dataMap.dest_port != null">#{dataMap.dest_port}::BIGINT,</if>
             <if test="dataMap.event_time != null">#{dataMap.event_time},</if>
             <if test="dataMap.attacker_country != null">#{dataMap.attacker_country},</if>
             <if test="dataMap.src_mac != null">#{dataMap.src_mac},</if>
             <if test="dataMap.dest_mac != null">#{dataMap.dest_mac},</if>
             <if test="dataMap.proto != null">#{dataMap.proto},</if>
-            <if test="dataMap.dev_id != null">#{dataMap.dev_id}::int8,</if>
+            <if test="dataMap.dev_id != null">#{dataMap.dev_id},</if>
             <if test="dataMap.created_time != null">#{dataMap.created_time},</if>
             <if test="dataMap.src_country != null">#{dataMap.src_country},</if>
             <if test="dataMap.src_country_code != null">#{dataMap.src_country_code},</if>
@@ -756,20 +757,20 @@
             <if test="dataMap.end_time != null">#{dataMap.end_time},</if>
             <if test="dataMap.file_created_time != null">#{dataMap.file_created_time},</if>
             <if test="dataMap.file_modified_time != null">#{dataMap.file_modified_time},</if>
-            <if test="dataMap.tc_miguan_scan_port != null">#{dataMap.tc_miguan_scan_port}::inet,</if>
+            <if test="dataMap.tc_miguan_scan_port != null">#{dataMap.tc_miguan_scan_port},</if>
             <if test="dataMap.process_path != null">#{dataMap.process_path},</if>
             <if test="dataMap.parent_process_path != null">#{dataMap.parent_process_path},</if>
             <if test="dataMap.gname != null">#{dataMap.gname},</if>
             <if test="dataMap.exe_name != null">#{dataMap.exe_name},</if>
             <if test="dataMap.exe_path != null">#{dataMap.exe_path},</if>
             <if test="dataMap.login_time != null">#{dataMap.login_time},</if>
-            <if test="dataMap.login_times != null">#{dataMap.login_times}::int8,</if>
+            <if test="dataMap.login_times != null">#{dataMap.login_times},</if>
             <if test="dataMap.check_item != null">#{dataMap.check_item},</if>
             <if test="dataMap.check_type != null">#{dataMap.check_type},</if>
-            <if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip}::inet,</if>
-            <if test="dataMap.attacker_port != null">#{dataMap.attacker_port}::int8,</if>
-            <if test="dataMap.victim_ip != null">#{dataMap.victim_ip}::inet,</if>
-            <if test="dataMap.victim_port != null">#{dataMap.victim_port}::int8,</if>
+            <if test="dataMap.attacker_ip != null">#{dataMap.attacker_ip},</if>
+            <if test="dataMap.attacker_port != null">#{dataMap.attacker_port},</if>
+            <if test="dataMap.victim_ip != null">#{dataMap.victim_ip},</if>
+            <if test="dataMap.victim_port != null">#{dataMap.victim_port},</if>
             <if test="dataMap.attacker_city != null">#{dataMap.attacker_city},</if>
             <if test="dataMap.attacker_lon != null">#{dataMap.attacker_lon},</if>
             <if test="dataMap.attacker_lat != null">#{dataMap.attacker_lat},</if>
@@ -795,7 +796,7 @@
             <if test="dataMap.file_ssdeep != null">#{dataMap.file_ssdeep},</if>
             <if test="dataMap.victim_country_code != null">#{dataMap.victim_country_code},</if>
             <if test="dataMap.http_xff_ip != null">#{dataMap.http_xff_ip},</if>
-            <if test="dataMap.tc_miguan_class != null">#{dataMap.tc_miguan_class}::inet,</if>
+            <if test="dataMap.tc_miguan_class != null">#{dataMap.tc_miguan_class},</if>
             <if test="dataMap.pid != null">#{dataMap.pid},</if>
             <if test="dataMap.ppid != null">#{dataMap.ppid},</if>
             <if test="dataMap.process_name != null">#{dataMap.process_name},</if>
@@ -822,35 +823,35 @@
             <if test="dataMap.dest_city != null">#{dataMap.dest_city},</if>
             <if test="dataMap.dest_lon != null">#{dataMap.dest_lon},</if>
             <if test="dataMap.dest_lat != null">#{dataMap.dest_lat},</if>
-            <if test="dataMap.event_category != null">#{dataMap.event_category}::int4,</if>
-            <if test="dataMap.attack_result != null">#{dataMap.attack_result}::int4,</if>
-            <if test="dataMap.probe_ip != null">#{dataMap.probe_ip}::inet,</if>
-            <if test="dataMap.device_ip != null">#{dataMap.device_ip}::inet,</if>
+            <if test="dataMap.event_category != null">#{dataMap.event_category},</if>
+            <if test="dataMap.attack_result != null">#{dataMap.attack_result},</if>
+            <if test="dataMap.probe_ip != null">#{dataMap.probe_ip},</if>
+            <if test="dataMap.device_ip != null">#{dataMap.device_ip},</if>
             <if test="dataMap.device_manufacturer != null">#{dataMap.device_manufacturer},</if>
             <if test="dataMap.device_name != null">#{dataMap.device_name},</if>
             <if test="dataMap.product_name != null">#{dataMap.product_name},</if>
             <if test="dataMap.__id != null">#{dataMap.__id},</if>
-            <if test="dataMap.__count != null">#{dataMap.__count}::int8,</if>
+            <if test="dataMap.__count != null">#{dataMap.__count},</if>
             <if test="dataMap.__count_reason != null">#{dataMap.__count_reason},</if>
-            <if test="dataMap.event_type != null">#{dataMap.event_type}::int,</if>
+            <if test="dataMap.event_type != null">#{dataMap.event_type},</if>
             <if test="dataMap.protocol != null">#{dataMap.protocol},</if>
             <if test="dataMap.shell_cmd != null">#{dataMap.shell_cmd},</if>
             <if test="dataMap.parent_name != null">#{dataMap.parent_name},</if>
             <if test="dataMap.host_file_path != null">#{dataMap.host_file_path},</if>
             <if test="dataMap.uid != null">#{dataMap.uid},</if>
-            <if test="dataMap.fall != null">#{dataMap.fall}::int4,</if>
-            <if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip}::inet,</if>
-            <if test="dataMap.dev_type != null">#{dataMap.dev_type}::int4,</if>
-            <if test="dataMap.collect_method != null">#{dataMap.collect_method}::int4,</if>
-            <if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id}::int4,</if>
-            <if test="dataMap.device_type != null">#{dataMap.device_type}::int4,</if>
-            <if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip}::inet,</if>
-            <if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name}::inet,</if>
-            <if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages}::int8,</if>
-            <if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes}::int8,</if>
-            <if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate}::int8,</if>
-            <if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate}::int8,</if>
-            <if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate}::int8,</if>
+            <if test="dataMap.fall != null">#{dataMap.fall},</if>
+            <if test="dataMap.tc_miguan_server_ip != null">#{dataMap.tc_miguan_server_ip},</if>
+            <if test="dataMap.dev_type != null">#{dataMap.dev_type},</if>
+            <if test="dataMap.collect_method != null">#{dataMap.collect_method},</if>
+            <if test="dataMap.field_cate_id != null">#{dataMap.field_cate_id},</if>
+            <if test="dataMap.device_type != null">#{dataMap.device_type},</if>
+            <if test="dataMap.tc_miguan_client_ip != null">#{dataMap.tc_miguan_client_ip},</if>
+            <if test="dataMap.tc_miguan_name != null">#{dataMap.tc_miguan_name},</if>
+            <if test="dataMap.origin_total_packages != null">#{dataMap.origin_total_packages},</if>
+            <if test="dataMap.origin_total_bytes != null">#{dataMap.origin_total_bytes},</if>
+            <if test="dataMap.origin_peak_packages_rate != null">#{dataMap.origin_peak_packages_rate},</if>
+            <if test="dataMap.origin_peak_bytes_rate != null">#{dataMap.origin_peak_bytes_rate},</if>
+            <if test="dataMap.origin_peak_flows_rate != null">#{dataMap.origin_peak_flows_rate},</if>
             <if test="dataMap.apt_orgname != null">#{dataMap.apt_orgname},</if>
             <if test="dataMap.apt_orgmsg != null">#{dataMap.apt_orgmsg},</if>
             <if test="dataMap.mail_message_id != null">#{dataMap.mail_message_id},</if>
@@ -860,18 +861,18 @@
             <if test="dataMap.mail_url != null">#{dataMap.mail_url},</if>
             <if test="dataMap.mail_cc != null">#{dataMap.mail_cc},</if>
             <if test="dataMap.algorithm != null">#{dataMap.algorithm},</if>
-            <if test="dataMap.miningpool_ip != null">#{dataMap.miningpool_ip}::inet,</if>
+            <if test="dataMap.miningpool_ip != null">#{dataMap.miningpool_ip},</if>
             <if test="dataMap.process_md5 != null">#{dataMap.process_md5},</if>
             <if test="dataMap.pprocess_md5 != null">#{dataMap.pprocess_md5},</if>
             <if test="dataMap.source_servername != null">#{dataMap.source_servername},</if>
             <if test="dataMap.origin_source_servername != null">#{dataMap.origin_source_servername},</if>
             <if test="dataMap.mail_filename != null">#{dataMap.mail_filename},</if>
             <if test="dataMap.dst_upload_appname != null">#{dataMap.dst_upload_appname},</if>
-            <if test="dataMap.target_port != null">#{dataMap.target_port}::int8,</if>
+            <if test="dataMap.target_port != null">#{dataMap.target_port},</if>
             <if test="dataMap.gid != null">#{dataMap.gid},</if>
             <if test="dataMap.origin_uid != null">#{dataMap.origin_uid},</if>
             <if test="dataMap.origin_gid != null">#{dataMap.origin_gid},</if>
-            <if test="dataMap.target_ports != null">#{dataMap.target_ports}::int8,</if>
+            <if test="dataMap.target_ports != null">#{dataMap.target_ports},</if>
             <if test="dataMap.tc_miguan_name1 != null">#{dataMap.tc_miguan_name1},</if>
             <if test="dataMap.tc_miguan_class1 != null">#{dataMap.tc_miguan_class1},</if>
             <if test="dataMap.etl_time != null">#{dataMap.etl_time},</if>
@@ -879,7 +880,7 @@
             <if test="dataMap.desip_security_scope != null">#{dataMap.desip_security_scope},</if>
             <if test="dataMap.srcip_security_scope != null">#{dataMap.srcip_security_scope},</if>
             <if test="dataMap.collect_time_ts != null">#{dataMap.collect_time_ts},</if>
-            <if test="dataMap.tc_miguan_scan_port1 != null">#{dataMap.tc_miguan_scan_port1}::inet,</if>
+            <if test="dataMap.tc_miguan_scan_port1 != null">#{dataMap.tc_miguan_scan_port1},</if>
             <if test="dataMap.src_dev_name != null">#{dataMap.src_dev_name},</if>
             <if test="dataMap.collect_protocol != null">#{dataMap.collect_protocol},</if>
             <if test="dataMap.destination_system_type != null">#{dataMap.destination_system_type},</if>
diff --git a/haobang-security-dm/syslog-serve/docker_run.txt b/haobang-security-dm/syslog-serve/docker_run.txt
index 31dfaac..423a31f 100644
--- a/haobang-security-dm/syslog-serve/docker_run.txt
+++ b/haobang-security-dm/syslog-serve/docker_run.txt
@@ -8,13 +8,15 @@ cd /opt/syslog/docker/serve
 --docker build -f /opt/syslog/docker/serve/Dockerfile -t syslog-serve:v1.0
 --���docker image�ļ� (Dockerfile ��ǰĿ¼��
 docker build -t syslog-serve:v1.X.X  .
+docker build -t syslog-serve-dm:v1.2.X  .
 
 --2.�鿴����������
 docker ps -a
 
 --3.���docker image�ļ� (Dockerfile ��ǰĿ¼��
 docker build -t syslog-serve:v1.X.X  .
-
+--dameng
+docker build -t syslog-serve-dm:v1.2.X  .
 
 --4.ֹͣ���� ��ɾ��
 docker stop   ct-syslog-serve  &&  docker  rm ct-syslog-serve
@@ -22,8 +24,8 @@ docker rmi 
 
 
 --5.����docker �ļ�
-docker run --restart unless-stopped -e TZ=Asia/Shanghai  -d --name ct-syslog-serve -p 514:514 -p 8189:8189 -v /home/syslog/logs:/app/logs --privileged=true   syslog-serve:v1.X.X
-docker run --restart unless-stopped -e TZ=Asia/Shanghai  -d --name ct-syslog-serve -p 514:514/udp -p 514:514/tcp -p 8189:8189 -v /home/syslog/logs:/app/logs --privileged=true   syslog-serve:v1.X.X
+docker run --restart unless-stopped -e TZ=Asia/Shanghai  -d --name  syslog-serve-dm -p 514:514 -p 8189:8189 -v /home/syslog/logs:/app/logs --privileged=true   syslog-serve-dm:v1.X.X
+docker run --restart unless-stopped -e TZ=Asia/Shanghai  -d --name syslog-serve-dm -p 514:514/udp -p 514:514/tcp -p 8189:8189 -v /home/syslog/logs:/app/logs --privileged=true   syslog-serve-dm:v1.X.X
 
 ZC CMD��
 docker run --restart unless-stopped -e TZ=Asia/Shanghai  -d --name ct-syslog-serve -p 514:514 -p 8189:8189 -v /data/syslog/logs:/app/logs --privileged=true   syslog-serve:v1.X.X
diff --git a/haobang-security-dm/syslog-serve/pom.xml b/haobang-security-dm/syslog-serve/pom.xml
index 1b962fa..0a0f98d 100644
--- a/haobang-security-dm/syslog-serve/pom.xml
+++ b/haobang-security-dm/syslog-serve/pom.xml
@@ -122,12 +122,21 @@
             <version>${mybatis.version}</version>
         </dependency>
 
-        <!-- PostgreSQL驱动 -->
+        <!-- PostgreSQL驱动（已切换至达梦数据库，保留备用） -->
+        <!--
         <dependency>
             <groupId>org.postgresql</groupId>
             <artifactId>postgresql</artifactId>
             <version>${postgresql.version}</version>
         </dependency>
+        -->
+        
+        <!-- 达梦数据库驱动 JDK1.8 -->
+        <dependency>
+            <groupId>com.dameng</groupId>
+            <artifactId>DmJdbcDriver18</artifactId>
+            <version>8.1.2.141</version>
+        </dependency>
 
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
diff --git a/haobang-security-dm/syslog-serve/src/main/java/com/config/CacheConfig.java b/haobang-security-dm/syslog-serve/src/main/java/com/config/CacheConfig.java
index 7599012..e2408cd 100644
--- a/haobang-security-dm/syslog-serve/src/main/java/com/config/CacheConfig.java
+++ b/haobang-security-dm/syslog-serve/src/main/java/com/config/CacheConfig.java
@@ -13,11 +13,21 @@ import org.springframework.context.annotation.Configuration;
 import java.time.Duration;
 import java.util.Collections;
 import org.springframework.cache.annotation.EnableCaching;
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanDescription;
+import com.fasterxml.jackson.databind.JsonSerializer;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationConfig;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.jsontype.TypeSerializer;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+import com.fasterxml.jackson.databind.ser.BeanSerializerModifier;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import com.fasterxml.jackson.databind.jsontype.BasicPolymorphicTypeValidator;
 import com.fasterxml.jackson.databind.jsontype.PolymorphicTypeValidator;
 
+import java.io.IOException;
+
 @Configuration
 @EnableCaching  // 启用缓存
 public class CacheConfig {
@@ -35,6 +45,33 @@ public class CacheConfig {
         // 禁用将日期序列化为时间戳
         mapper.disable(com.fasterxml.jackson.databind.SerializationFeature.WRITE_DATES_AS_TIMESTAMPS);
 
+        // 注册达梦 JDBC 安全序列化器 — 拦截 dm.jdbc.* 类，直接返回 null 防止循环引用 StackOverflow
+        SimpleModule dmSafeModule = new SimpleModule("dm-safe");
+        dmSafeModule.setSerializerModifier(new BeanSerializerModifier() {
+            @Override
+            public JsonSerializer<?> modifySerializer(SerializationConfig config,
+                                                       BeanDescription beanDesc,
+                                                       JsonSerializer<?> serializer) {
+                if (beanDesc.getBeanClass().getName().startsWith("dm.jdbc.")) {
+                    return new JsonSerializer<Object>() {
+                        @Override
+                        public void serialize(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers) throws IOException {
+                            gen.writeNull();
+                        }
+
+                        @Override
+                        public void serializeWithType(Object value, JsonGenerator gen,
+                                            SerializerProvider serializers, TypeSerializer typeSer) throws IOException {
+                            gen.writeNull();
+                        }
+                    };
+                }
+                return serializer;
+            }
+        });
+        mapper.registerModule(dmSafeModule);
+
         // 启用类型信息，解决 LinkedHashMap 转换问题
         PolymorphicTypeValidator ptv = BasicPolymorphicTypeValidator.builder()
                 .allowIfSubType("com.common.entity.")    // 允许你的实体类包
@@ -50,7 +87,6 @@ public class CacheConfig {
                 ObjectMapper.DefaultTyping.NON_FINAL,
                 com.fasterxml.jackson.annotation.JsonTypeInfo.As.PROPERTY
         );
-
         return mapper;
     }
 
diff --git a/haobang-security-dm/syslog-serve/src/main/java/com/config/RedisConfig.java b/haobang-security-dm/syslog-serve/src/main/java/com/config/RedisConfig.java
index fb208c1..857f510 100644
--- a/haobang-security-dm/syslog-serve/src/main/java/com/config/RedisConfig.java
+++ b/haobang-security-dm/syslog-serve/src/main/java/com/config/RedisConfig.java
@@ -1,4 +1,13 @@
 package com.config;
+import com.fasterxml.jackson.core.JsonGenerator;
+import com.fasterxml.jackson.databind.BeanDescription;
+import com.fasterxml.jackson.databind.JsonSerializer;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationConfig;
+import com.fasterxml.jackson.databind.SerializerProvider;
+import com.fasterxml.jackson.databind.jsontype.TypeSerializer;
+import com.fasterxml.jackson.databind.module.SimpleModule;
+import com.fasterxml.jackson.databind.ser.BeanSerializerModifier;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -7,7 +16,7 @@ import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer;
 import org.springframework.data.redis.serializer.StringRedisSerializer;
 
-import com.fasterxml.jackson.databind.ObjectMapper;
+import java.io.IOException;
  @Configuration
 public class RedisConfig {
 
@@ -22,6 +31,32 @@ public class RedisConfig {
 
          ObjectMapper mapper = new ObjectMapper();
          mapper.registerModule(new JavaTimeModule());
+         // 注册达梦 JDBC 安全序列化器 — 拦截 dm.jdbc.* 类，直接返回 null 防止循环引用 StackOverflow
+         SimpleModule dmSafeModule = new SimpleModule("dm-safe");
+         dmSafeModule.setSerializerModifier(new BeanSerializerModifier() {
+             @Override
+             public JsonSerializer<?> modifySerializer(SerializationConfig config,
+                                                        BeanDescription beanDesc,
+                                                        JsonSerializer<?> serializer) {
+                 if (beanDesc.getBeanClass().getName().startsWith("dm.jdbc.")) {
+                     return new JsonSerializer<Object>() {
+                         @Override
+                         public void serialize(Object value, JsonGenerator gen,
+                                             SerializerProvider serializers) throws IOException {
+                             gen.writeNull();
+                         }
+
+                         @Override
+                         public void serializeWithType(Object value, JsonGenerator gen,
+                                             SerializerProvider serializers, TypeSerializer typeSer) throws IOException {
+                             gen.writeNull();
+                         }
+                     };
+                 }
+                 return serializer;
+             }
+         });
+         mapper.registerModule(dmSafeModule);
          mapper.activateDefaultTyping(
                  mapper.getPolymorphicTypeValidator(),
                  ObjectMapper.DefaultTyping.NON_FINAL
diff --git a/haobang-security-dm/syslog-serve/src/main/java/com/haobang/config/AppConfig.java b/haobang-security-dm/syslog-serve/src/main/java/com/haobang/config/AppConfig.java
index 730d0c5..50b08be 100644
--- a/haobang-security-dm/syslog-serve/src/main/java/com/haobang/config/AppConfig.java
+++ b/haobang-security-dm/syslog-serve/src/main/java/com/haobang/config/AppConfig.java
@@ -4,6 +4,7 @@ import com.typesafe.config.Config;
 import com.typesafe.config.ConfigFactory;
 import java.io.File;
 import com.typesafe.config.ConfigValueFactory;
+import java.nio.charset.Charset;
 
 import java.util.Map;
 public class AppConfig {
@@ -101,6 +102,17 @@ public class AppConfig {
         return config.getInt("syslog.buffer.size");
     }
 
+    /**
+     * syslog 消息字符编码，默认 GBK（国内安全设备普遍使用 GBK）
+     * 配置示例: syslog.charset=GBK
+     */
+    public static Charset getSyslogCharset() {
+        if (config.hasPath("syslog.charset")) {
+            return Charset.forName(config.getString("syslog.charset"));
+        }
+        return Charset.forName("GBK");
+    }
+
     // app service  配置
     public static String getAppServieDeviceId() {
         return config.getString("app.service.device_id");
diff --git a/haobang-security-dm/syslog-serve/src/main/java/com/haobang/interlocking/InterlockingService.java b/haobang-security-dm/syslog-serve/src/main/java/com/haobang/interlocking/InterlockingService.java
index 3cb3e97..9ff226c 100644
--- a/haobang-security-dm/syslog-serve/src/main/java/com/haobang/interlocking/InterlockingService.java
+++ b/haobang-security-dm/syslog-serve/src/main/java/com/haobang/interlocking/InterlockingService.java
@@ -54,9 +54,9 @@ public class InterlockingService {
 
     /**
      * 定时任务：检查并执行待处理的封禁指令
-     * 每30秒执行一次
+     * 每60秒执行一次
      */
-    @Scheduled(fixedDelay = 30000)
+    @Scheduled(fixedDelay = 60000)
     public void processPendingCommands() {
         if (!interlockingEnabled) {
             return;
diff --git a/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogMessageHandler.java b/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogMessageHandler.java
index e5a0416..2803269 100644
--- a/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogMessageHandler.java
+++ b/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogMessageHandler.java
@@ -7,6 +7,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.net.InetSocketAddress;
+import java.nio.charset.Charset;
 import com.kafka.kafkaProducer;
 import com.Modules.Device.DeviceProcess;
 import com.haobang.util.Sm4Util;
@@ -16,6 +17,7 @@ import com.haobang.config.AppConfig;
  */
 public class SyslogMessageHandler extends SimpleChannelInboundHandler<Object> {
     private static final Logger logger = LoggerFactory.getLogger(SyslogMessageHandler.class);
+    private static final Charset SYSLOG_CHARSET = AppConfig.getSyslogCharset();
 
     @Override
     protected void channelRead0(ChannelHandlerContext ctx, Object msg) throws Exception {
@@ -27,7 +29,7 @@ public class SyslogMessageHandler extends SimpleChannelInboundHandler<Object> {
         if (msg instanceof DatagramPacket) {
             // UDP 消息处理
             DatagramPacket packet = (DatagramPacket) msg;
-            message = packet.content().toString(io.netty.util.CharsetUtil.UTF_8);
+            message = packet.content().toString(SYSLOG_CHARSET);
             source_ip=packet.sender().getAddress().getHostAddress();
             source_port=packet.sender().getPort();
             source = packet.sender().getAddress().getHostAddress() + ":" + packet.sender().getPort();
diff --git a/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogTcpChannelInitializer.java b/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogTcpChannelInitializer.java
index 44ec9f3..696b992 100644
--- a/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogTcpChannelInitializer.java
+++ b/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogTcpChannelInitializer.java
@@ -9,13 +9,14 @@ import io.netty.handler.codec.DelimiterBasedFrameDecoder;
 import io.netty.handler.codec.Delimiters;
 import io.netty.handler.codec.string.StringDecoder;
 import io.netty.handler.codec.string.StringEncoder;
-import io.netty.util.CharsetUtil;
+import java.nio.charset.Charset;
 
 /**
  * TCP 通道初始化器
  */
 public class SyslogTcpChannelInitializer extends ChannelInitializer<SocketChannel> {
     private static final int MAX_FRAME_LENGTH = AppConfig.getSyslogMaxFrameLength();
+    private static final Charset SYSLOG_CHARSET = AppConfig.getSyslogCharset();
 
     @Override
     protected void initChannel(SocketChannel ch) throws Exception {
@@ -26,9 +27,9 @@ public class SyslogTcpChannelInitializer extends ChannelInitializer<SocketChanne
                 MAX_FRAME_LENGTH,
                 Delimiters.lineDelimiter()));
 
-        // 添加字符串解码器和编码器
-        pipeline.addLast("decoder", new StringDecoder(CharsetUtil.UTF_8));
-        pipeline.addLast("encoder", new StringEncoder(CharsetUtil.UTF_8));
+        // 添加字符串解码器和编码器（使用可配置的字符集）
+        pipeline.addLast("decoder", new StringDecoder(SYSLOG_CHARSET));
+        pipeline.addLast("encoder", new StringEncoder(SYSLOG_CHARSET));
 
         // 添加业务处理器
         pipeline.addLast("handler", new SyslogMessageHandler());
diff --git a/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogUdpChannelInitializer.java b/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogUdpChannelInitializer.java
index 04be298..718337a 100644
--- a/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogUdpChannelInitializer.java
+++ b/haobang-security-dm/syslog-serve/src/main/java/com/netty/SyslogUdpChannelInitializer.java
@@ -1,23 +1,26 @@
 package com.netty;
 
+import com.haobang.config.AppConfig;
 import io.netty.channel.ChannelInitializer;
 import io.netty.channel.ChannelPipeline;
 import io.netty.channel.socket.DatagramChannel;
 import io.netty.handler.codec.string.StringDecoder;
 import io.netty.handler.codec.string.StringEncoder;
-import io.netty.util.CharsetUtil;
+import java.nio.charset.Charset;
 
 /**
  * UDP 通道初始化器
  */
 public class SyslogUdpChannelInitializer extends ChannelInitializer<DatagramChannel> {
+    private static final Charset SYSLOG_CHARSET = AppConfig.getSyslogCharset();
+
     @Override
     protected void initChannel(DatagramChannel ch) throws Exception {
         ChannelPipeline pipeline = ch.pipeline();
 
-        // 添加字符串解码器和编码器
-        pipeline.addLast("decoder", new StringDecoder(CharsetUtil.UTF_8));
-        pipeline.addLast("encoder", new StringEncoder(CharsetUtil.UTF_8));
+        // 添加字符串解码器和编码器（使用可配置的字符集）
+        pipeline.addLast("decoder", new StringDecoder(SYSLOG_CHARSET));
+        pipeline.addLast("encoder", new StringEncoder(SYSLOG_CHARSET));
 
         // 添加业务处理器
         pipeline.addLast("handler", new SyslogMessageHandler());
diff --git a/haobang-security-dm/syslog-serve/src/main/resources/application-dev.properties b/haobang-security-dm/syslog-serve/src/main/resources/application-dev.properties
index 83c2e14..c316fea 100644
--- a/haobang-security-dm/syslog-serve/src/main/resources/application-dev.properties
+++ b/haobang-security-dm/syslog-serve/src/main/resources/application-dev.properties
@@ -11,6 +11,8 @@ syslog.tcp.port=514
 syslog.udp.port=514
 syslog.max.frame.length=262144
 syslog.buffer.size=1000
+# syslog 消息字符编码，国内安全设备普遍使用 GBK，如需 UTF-8 改为 syslog.charset=UTF-8
+syslog.charset=GBK
 syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
 
 # APP Service Configuration
@@ -18,15 +20,17 @@ app.service.device_id=1
 app.service.device_name=honeypot
 app.service.vendor=changting
 app.service.product_name=diting
-#�ɼ�̽��ID
+#采集探针ID
 app.service.device_collect_id=${DEVICE_COLLECT_ID:1}
+app.service.version=${APP_SERVICE_VER:V1.0.0-20260527} 
+app.service.device_collect_name=${DEVICE_COLLECT_NAME:DevCollect-01} 
 # syslog message data_type
 app.service.data_type=json
 
 # kafka Configuration
-spring.kafka.producer.bootstrap-servers=192.168.222.130:9092
+spring.kafka.producer.bootstrap-servers=192.168.4.99:9092
 spring.kafka.producer.topic =${KAFKA_PRODUCER_TOPIC:agent-syslog-topic}
-# kafka  Configuration �����Ż�����
+# kafka  Configuration 新增优化配置
 spring.kafka.producer.properties.retries=10
 spring.kafka.producer.properties.retry.backoff.ms=500
 spring.kafka.producer.properties.connections.max.idle.ms=600000
@@ -35,20 +39,21 @@ spring.kafka.producer.properties.request.timeout.ms=30000
 spring.kafka.producer.properties.delivery.timeout.ms=120000
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://117.72.68.72:54329/ecosys
-spring.datasource.username=postgres
-spring.datasource.password=TnLanWaidYSwTSG5
-spring.datasource.driver-class-name=org.postgresql.Driver
+spring.datasource.url=jdbc:dm://192.168.4.99:5237
+spring.datasource.username=SYSDBA
+spring.datasource.password=caZ2TcmXNSW8L2Ap
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
 mybatis.configuration.map-underscore-to-camel-case=true
 
-# ����������������
-spring.redis.host=192.168.222.131
+# 开发环境缓存配置
+spring.redis.host=localhost
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=
 spring.redis.database=0
 spring.redis.timeout=2000
@@ -57,44 +62,44 @@ spring.redis.lettuce.pool.max-active=8
 spring.redis.lettuce.pool.max-wait=-1
 spring.redis.lettuce.pool.max-idle=8
 spring.redis.lettuce.pool.min-idle=0
-# ������������ʱ��϶̣��������
+# 开发环境缓存时间较短，方便调试
 spring.cache.redis.time-to-live=600000
 
-# ������API����
+# 黑名单API配置
 blacklist.api.url= https://103.43.84.11/api/v3/Objects/Blacklist
 blacklist.api.username=apt-admin103
 blacklist.api.password=C9W2xYgfc%SN1
 
-# ������API����
+# 白名单API配置
 whitelist.api.url=https://103.43.84.11/api/v3/Policies/GlobalWhitelist
 # ============================================
-# ̽����������
+# 探针联动配置
 # ============================================
-# �Ƿ�������������
+# 是否启用联动功能
 interlocking.enabled=true
-# syslog-consumer API����URL����ȫƽ̨����ӳ���ַ��
-interlocking.api.base-url=http://192.168.222.131:8089/xdrservice/interlocking
-# API-KEY��֤��32λ������syslog-consumer����һ�£�
+# syslog-consumer API基础URL（安全平台外网映射地址）
+interlocking.api.base-url=http://localhost:8089/xdrservice/interlocking
+# API-KEY认证（32位，需与syslog-consumer配置一致）
 interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
-# ��ʱ����ִ�м�������룩��Ĭ��30��
+# 定时任务执行间隔（毫秒），默认30秒
 interlocking.schedule.interval=30000
 
 # ============================================
-# ̽����������
+# 探针心跳配置
 # ============================================
-# �Ƿ���������
+# 是否启用心跳
 probe.heartbeat.enabled=true
-# �������ͼ�����룩
+# 心跳发送间隔（秒）
 probe.heartbeat.interval-seconds=60
-# �������ͳ�ʼ�ӳ٣����룩
+# 心跳发送初始延迟（毫秒）
 probe.heartbeat.initial-delay-ms=5000
 
-# ƽ̨���������սӿ�URL
-probe.platform.api-url=http://192.168.222.131:8089/xdrservice/interlocking/probe/heartbeat
-# ƽ̨API Key
+# 平台端心跳接收接口URL
+probe.platform.api-url=http://localhost:8089/xdrservice/interlocking/probe/heartbeat
+# 平台API Key
 probe.platform.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
 
 # ============================================
-# ��ʱ��������
+# 定时任务配置
 # ============================================
 spring.task.scheduling.pool.size=5
diff --git a/haobang-security-dm/syslog-serve/src/main/resources/application-prod-zc.properties b/haobang-security-dm/syslog-serve/src/main/resources/application-prod-zc.properties
index 9574fec..08fb189 100644
--- a/haobang-security-dm/syslog-serve/src/main/resources/application-prod-zc.properties
+++ b/haobang-security-dm/syslog-serve/src/main/resources/application-prod-zc.properties
@@ -11,6 +11,8 @@ syslog.tcp.port=514
 syslog.udp.port=514
 syslog.max.frame.length=262144
 syslog.buffer.size=1000
+# syslog 消息字符编码，国内安全设备普遍使用 GBK，如需 UTF-8 改为 syslog.charset=UTF-8
+syslog.charset=GBK
 
 # APP Service Configuration
 app.service.device_id=1
@@ -19,7 +21,7 @@ app.service.vendor=changting
 app.service.product_name=diting
 # syslog message data_type
 app.service.data_type=json
-#�ɼ�̽��ID
+#采集探针ID
 #app.service.device_collect_id=${DEVICE_COLLECT_ID:2}
 app.service.device_collect_id=${DEVICE_COLLECT_ID:1}
 
@@ -28,20 +30,21 @@ spring.kafka.producer.bootstrap-servers=10.11.2.142:9092
 spring.kafka.producer.topic =agent-syslog-topic
 
 #database Configuration
-spring.datasource.url=jdbc:postgresql://10.11.2.141:5432/ecosys
-spring.datasource.username=ecosys
-spring.datasource.password=wsYDPjrpNZPrkPrR
-spring.datasource.driver-class-name=org.postgresql.Driver
+spring.datasource.url=jdbc:dm://192.163.4.99:5237/DM_ecosys
+spring.datasource.username=SYSDBA
+spring.datasource.password=caZ2TcmXNSW8L2Ap
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=public
 
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
 mybatis.configuration.map-underscore-to-camel-case=true
 
-# ����������������
+# 生产环境缓存配置
 spring.redis.host=10.11.2.142
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=redis_edP6N6
 spring.redis.database=0
 spring.redis.timeout=5000
@@ -52,5 +55,5 @@ spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
 
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
\ No newline at end of file
diff --git a/haobang-security-dm/syslog-serve/src/main/resources/application-prod.properties b/haobang-security-dm/syslog-serve/src/main/resources/application-prod.properties
index 7ef9192..6da6d00 100644
--- a/haobang-security-dm/syslog-serve/src/main/resources/application-prod.properties
+++ b/haobang-security-dm/syslog-serve/src/main/resources/application-prod.properties
@@ -11,6 +11,8 @@ syslog.tcp.port=514
 syslog.udp.port=514
 syslog.max.frame.length=262144
 syslog.buffer.size=1000
+# syslog 消息字符编码，国内安全设备普遍使用 GBK，如需 UTF-8 改为 syslog.charset=UTF-8
+syslog.charset=GBK
 syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
 # APP Service Configuration
 app.service.device_id=1
@@ -19,15 +21,15 @@ app.service.vendor=changting
 app.service.product_name=diting
 # syslog message data_type
 app.service.data_type=json
-#�ɼ�̽��ID
+#采集探针ID
 app.service.device_collect_id=${DEVICE_COLLECT_ID:1}
-app.service.version=${APP_SERVICE_VER:V1.0.0-20260509} 
+app.service.version=${APP_SERVICE_VER:V1.0.0-20260527} 
 app.service.device_collect_name=${DEVICE_COLLECT_NAME:DevCollect-01} 
 
 # kafka Configuration
-spring.kafka.producer.bootstrap-servers=192.168.4.26:9092
+spring.kafka.producer.bootstrap-servers=192.168.4.99:9092
 spring.kafka.producer.topic =agent-01-syslog-topic
-# kafka  Configuration �����Ż�����
+# kafka  Configuration 新增优化配置
 spring.kafka.producer.properties.retries=10
 spring.kafka.producer.properties.retry.backoff.ms=500
 spring.kafka.producer.properties.connections.max.idle.ms=600000
@@ -35,20 +37,21 @@ spring.kafka.producer.properties.socket.keepalive.enable=true
 spring.kafka.producer.properties.request.timeout.ms=30000
 spring.kafka.producer.properties.delivery.timeout.ms=120000
 #database Configuration
-spring.datasource.url=jdbc:postgresql://192.168.4.26:5432/ecosys
-spring.datasource.username=postgres
+spring.datasource.url=jdbc:dm://192.163.4.99:5237
+spring.datasource.username=SYSDBA
 spring.datasource.password=caZ2TcmXNSW8L2Ap
-spring.datasource.driver-class-name=org.postgresql.Driver
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
 mybatis.configuration.map-underscore-to-camel-case=true
 
-# ����������������
-spring.redis.host=192.168.4.26
+# 生产环境缓存配置
+spring.redis.host=192.168.4.99
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=123456
 spring.redis.database=0
 spring.redis.timeout=5000
@@ -59,42 +62,42 @@ spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
 
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
 
-# ������API����
+# 黑名单API配置
 blacklist.api.url= https://103.43.84.11/api/v3/Objects/Blacklist
 blacklist.api.username=apt-admin103
 blacklist.api.password=C9W2xYgfc%SN1
-# ������API����
+# 白名单API配置
 whitelist.api.url=https://103.43.84.11/api/v3/Policies/GlobalWhitelist 
 
 
 # ============================================
-# ̽����������
+# 探针联动配置
 # ============================================
-# �Ƿ�������������
+# 是否启用联动功能
 interlocking.enabled=true
-# syslog-consumer API����URL����ȫƽ̨����ӳ���ַ��
-interlocking.api.base-url=http://192.168.4.26:8089/xdrservice/interlocking
-# API-KEY��֤��32λ������syslog-consumer����һ�£�
+# syslog-consumer API基础URL（安全平台外网映射地址）
+interlocking.api.base-url=http://192.168.4.99:8089/xdrservice/interlocking
+# API-KEY认证（32位，需与syslog-consumer配置一致）
 interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
-# ��ʱ����ִ�м�������룩��Ĭ��30��
+# 定时任务执行间隔（毫秒），默认30秒
 interlocking.schedule.interval=30000
 
 # ============================================
-# ̽����������
+# 探针心跳配置
 # ============================================
-# �Ƿ���������
+# 是否启用心跳
 probe.heartbeat.enabled=true
-# �������ͼ�����룩
+# 心跳发送间隔（秒）
 probe.heartbeat.interval-seconds=60
-# �������ͳ�ʼ�ӳ٣����룩
+# 心跳发送初始延迟（毫秒）
 probe.heartbeat.initial-delay-ms=5000
-# ƽ̨���������սӿ�URL
-probe.platform.api-url=http://192.168.4.26:8089/xdrservice/interlocking/probe/heartbeat
+# 平台端心跳接收接口URL
+probe.platform.api-url=http://192.168.4.99:8089/xdrservice/interlocking/probe/heartbeat
 
 # ============================================
-# ��ʱ��������
+# 定时任务配置
 # ============================================
 spring.task.scheduling.pool.size=5
diff --git a/haobang-security-dm/syslog-serve/src/main/resources/application-test.properties b/haobang-security-dm/syslog-serve/src/main/resources/application-test.properties
index 434691b..d7c4daf 100644
--- a/haobang-security-dm/syslog-serve/src/main/resources/application-test.properties
+++ b/haobang-security-dm/syslog-serve/src/main/resources/application-test.properties
@@ -11,6 +11,8 @@ syslog.tcp.port=514
 syslog.udp.port=514
 syslog.max.frame.length=262144
 syslog.buffer.size=1000
+# syslog 消息字符编码，国内安全设备普遍使用 GBK，如需 UTF-8 改为 syslog.charset=UTF-8
+syslog.charset=GBK
 syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
 # APP Service Configuration
 app.service.device_id=1
@@ -19,14 +21,14 @@ app.service.vendor=changting
 app.service.product_name=diting
 # syslog message data_type
 app.service.data_type=json
-#�ɼ�̽��ID
+#采集探针ID
 app.service.device_collect_id=${DEVICE_COLLECT_ID:7}
 app.service.version=${APP_SERVICE_VER:V1.0.0-20260509}
 
 # kafka Configuration
 spring.kafka.producer.bootstrap-servers=${KAFKA_PRODUCER_SERVERS:120.238.245.132:32718}
 spring.kafka.producer.topic =${KAFKA_PRODUCER_TOPIC:agent-syslog-topic}
-# kafka  Configuration �����Ż�����
+# kafka  Configuration 新增优化配置
 spring.kafka.producer.properties.retries=10
 spring.kafka.producer.properties.retry.backoff.ms=500
 spring.kafka.producer.properties.connections.max.idle.ms=600000
@@ -34,20 +36,21 @@ spring.kafka.producer.properties.socket.keepalive.enable=true
 spring.kafka.producer.properties.request.timeout.ms=30000
 spring.kafka.producer.properties.delivery.timeout.ms=120000
 #database Configuration
-spring.datasource.url=jdbc:postgresql://120.238.245.132:31777/ecosys
-spring.datasource.username=postgres
+spring.datasource.url=jdbc:dm://192.163.4.99:5237
+spring.datasource.username=SYSDBA
 spring.datasource.password=caZ2TcmXNSW8L2Ap
-spring.datasource.driver-class-name=org.postgresql.Driver
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
 mybatis.configuration.map-underscore-to-camel-case=true
 
-# ����������������
+# 生产环境缓存配置
 spring.redis.host=localhost
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=
 spring.redis.database=0
 spring.redis.timeout=5000
@@ -58,27 +61,27 @@ spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
 
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
 
-# ������API����
+# 黑名单API配置
 blacklist.api.url= https://103.43.84.11/api/v3/Objects/Blacklist
 blacklist.api.username=apt-admin103
 blacklist.api.password=C9W2xYgfc%SN1
 
-# ������API����
+# 白名单API配置
 whitelist.api.url=https://103.43.84.11/api/v3/Policies/GlobalWhitelist
 whitelist.api.username=apt-admin103
 whitelist.api.password=C9W2xYgfc%SN1
 
 # ============================================
-# ̽����������
+# 探针联动配置
 # ============================================
-# �Ƿ�������������
+# 是否启用联动功能
 interlocking.enabled=true
-# syslog-consumer API����URL����ȫƽ̨����ӳ���ַ��
+# syslog-consumer API基础URL（安全平台外网映射地址）
 interlocking.api.base-url=http://120.238.245.132:32720/xdrservice/interlocking
-# API-KEY��֤��32λ������syslog-consumer����һ�£�
+# API-KEY认证（32位，需与syslog-consumer配置一致）
 interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
-# ��ʱ����ִ�м�������룩��Ĭ��30��
+# 定时任务执行间隔（毫秒），默认30秒
 interlocking.schedule.interval=30000
diff --git a/haobang-security-dm/syslog-serve/src/main/resources/application.properties b/haobang-security-dm/syslog-serve/src/main/resources/application.properties
index 7ef9192..6da6d00 100644
--- a/haobang-security-dm/syslog-serve/src/main/resources/application.properties
+++ b/haobang-security-dm/syslog-serve/src/main/resources/application.properties
@@ -11,6 +11,8 @@ syslog.tcp.port=514
 syslog.udp.port=514
 syslog.max.frame.length=262144
 syslog.buffer.size=1000
+# syslog 消息字符编码，国内安全设备普遍使用 GBK，如需 UTF-8 改为 syslog.charset=UTF-8
+syslog.charset=GBK
 syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
 # APP Service Configuration
 app.service.device_id=1
@@ -19,15 +21,15 @@ app.service.vendor=changting
 app.service.product_name=diting
 # syslog message data_type
 app.service.data_type=json
-#�ɼ�̽��ID
+#采集探针ID
 app.service.device_collect_id=${DEVICE_COLLECT_ID:1}
-app.service.version=${APP_SERVICE_VER:V1.0.0-20260509} 
+app.service.version=${APP_SERVICE_VER:V1.0.0-20260527} 
 app.service.device_collect_name=${DEVICE_COLLECT_NAME:DevCollect-01} 
 
 # kafka Configuration
-spring.kafka.producer.bootstrap-servers=192.168.4.26:9092
+spring.kafka.producer.bootstrap-servers=192.168.4.99:9092
 spring.kafka.producer.topic =agent-01-syslog-topic
-# kafka  Configuration �����Ż�����
+# kafka  Configuration 新增优化配置
 spring.kafka.producer.properties.retries=10
 spring.kafka.producer.properties.retry.backoff.ms=500
 spring.kafka.producer.properties.connections.max.idle.ms=600000
@@ -35,20 +37,21 @@ spring.kafka.producer.properties.socket.keepalive.enable=true
 spring.kafka.producer.properties.request.timeout.ms=30000
 spring.kafka.producer.properties.delivery.timeout.ms=120000
 #database Configuration
-spring.datasource.url=jdbc:postgresql://192.168.4.26:5432/ecosys
-spring.datasource.username=postgres
+spring.datasource.url=jdbc:dm://192.163.4.99:5237
+spring.datasource.username=SYSDBA
 spring.datasource.password=caZ2TcmXNSW8L2Ap
-spring.datasource.driver-class-name=org.postgresql.Driver
+spring.datasource.driver-class-name=dm.jdbc.driver.DmDriver
+spring.datasource.hikari.schema=\"PUBLIC\"
 
 # mybatis Configuration
 mybatis.mapper-locations=classpath:mapper/*.xml
 mybatis.type-aliases-package=com.common.entity
 mybatis.configuration.map-underscore-to-camel-case=true
 
-# ����������������
-spring.redis.host=192.168.4.26
+# 生产环境缓存配置
+spring.redis.host=192.168.4.99
 spring.redis.port=6379
-# ���루���û���������룬����ʡ�ԣ�
+# 密码（如果没有设置密码，可以省略）
 spring.redis.password=123456
 spring.redis.database=0
 spring.redis.timeout=5000
@@ -59,42 +62,42 @@ spring.redis.lettuce.pool.max-wait=5000
 spring.redis.lettuce.pool.max-idle=10
 spring.redis.lettuce.pool.min-idle=5
 
-# ������������ʱ��ϳ�
+# 生产环境缓存时间较长
 spring.cache.redis.time-to-live=3600000
 
-# ������API����
+# 黑名单API配置
 blacklist.api.url= https://103.43.84.11/api/v3/Objects/Blacklist
 blacklist.api.username=apt-admin103
 blacklist.api.password=C9W2xYgfc%SN1
-# ������API����
+# 白名单API配置
 whitelist.api.url=https://103.43.84.11/api/v3/Policies/GlobalWhitelist 
 
 
 # ============================================
-# ̽����������
+# 探针联动配置
 # ============================================
-# �Ƿ�������������
+# 是否启用联动功能
 interlocking.enabled=true
-# syslog-consumer API����URL����ȫƽ̨����ӳ���ַ��
-interlocking.api.base-url=http://192.168.4.26:8089/xdrservice/interlocking
-# API-KEY��֤��32λ������syslog-consumer����һ�£�
+# syslog-consumer API基础URL（安全平台外网映射地址）
+interlocking.api.base-url=http://192.168.4.99:8089/xdrservice/interlocking
+# API-KEY认证（32位，需与syslog-consumer配置一致）
 interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
-# ��ʱ����ִ�м�������룩��Ĭ��30��
+# 定时任务执行间隔（毫秒），默认30秒
 interlocking.schedule.interval=30000
 
 # ============================================
-# ̽����������
+# 探针心跳配置
 # ============================================
-# �Ƿ���������
+# 是否启用心跳
 probe.heartbeat.enabled=true
-# �������ͼ�����룩
+# 心跳发送间隔（秒）
 probe.heartbeat.interval-seconds=60
-# �������ͳ�ʼ�ӳ٣����룩
+# 心跳发送初始延迟（毫秒）
 probe.heartbeat.initial-delay-ms=5000
-# ƽ̨���������սӿ�URL
-probe.platform.api-url=http://192.168.4.26:8089/xdrservice/interlocking/probe/heartbeat
+# 平台端心跳接收接口URL
+probe.platform.api-url=http://192.168.4.99:8089/xdrservice/interlocking/probe/heartbeat
 
 # ============================================
-# ��ʱ��������
+# 定时任务配置
 # ============================================
 spring.task.scheduling.pool.size=5
diff --git a/haobang-security-dm/syslog-serve/src/main/resources/logback.xml b/haobang-security-dm/syslog-serve/src/main/resources/logback.xml
index 0b4ad03..f90779a 100644
--- a/haobang-security-dm/syslog-serve/src/main/resources/logback.xml
+++ b/haobang-security-dm/syslog-serve/src/main/resources/logback.xml
@@ -14,10 +14,10 @@
 
     <!-- 文件输出，每天滚动 -->
     <appender name="FILE" class="ch.qos.logback.core.rolling.RollingFileAppender">
-        <file>logs/syslog-serve.log</file>
+        <file>logs/syslog-serve-dm.log</file>
         <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
             <!-- 每天滚动 -->
-            <fileNamePattern>logs/syslog-serve.%d{yyyy-MM-dd}.log</fileNamePattern>
+            <fileNamePattern>logs/syslog-serve-dm.%d{yyyy-MM-dd}.log</fileNamePattern>
             <!-- 保留的日志文件的最大天数 -->
             <maxHistory>1</maxHistory>
             <!-- 所有归档日志文件的总大小上限 -->
diff --git a/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceDeviceMapper.xml b/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceDeviceMapper.xml
index e6f8c47..97558fc 100644
--- a/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceDeviceMapper.xml
+++ b/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceDeviceMapper.xml
@@ -46,11 +46,11 @@
 
     <!-- 基础查询列 -->
     <sql id="Base_Column_List">
-        id, created_at::timestamp , updated_at::timestamp, deleted_at::timestamp, name, ip, device_group, device_type,
-        vendor, product_name, organization_id, last_receive_time::timestamp, agent_id, detail_id,
-        control_agent_id, license_start_time::timestamp, license_end_time::timestamp, is_monitoring,
+        id, created_at, updated_at, deleted_at, name, ip, device_group, device_type,
+        vendor, product_name, organization_id, last_receive_time, agent_id, detail_id,
+        control_agent_id, license_start_time, license_end_time, is_monitoring,
         security_scope_id, owner_id, ssh_config_id, status, created_by_id, decode_type,
-        miss_policy, tenant_id, create_time::timestamp, update_time::timestamp, create_by, update_by, del_flag,
+        miss_policy, tenant_id, create_time, update_time, create_by, update_by, del_flag,
         manager_name, today_parse_count, today_non_log_count, create_dept, device_collect_id
     </sql>
 
diff --git a/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceReceiveLogMapper.xml b/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceReceiveLogMapper.xml
index 28163b7..d86df55 100644
--- a/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceReceiveLogMapper.xml
+++ b/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceReceiveLogMapper.xml
@@ -28,10 +28,10 @@
             syslog_message,
             push_success
         ) VALUES (
-            COALESCE(#{createdAt}, NOW() AT TIME ZONE 'utc'),
+            COALESCE(#{createdAt}, SYSDATE),
             #{deviceCollectId},
             #{deviceId},
-            #{deviceIp}::inet,
+            #{deviceIp},
             #{receiveTime},
             #{receiveTimeStr},
             #{syslogMessage},
@@ -53,10 +53,10 @@
         ) VALUES
         <foreach collection="list" item="item" separator=",">
             (
-            COALESCE(#{item.createdAt}, NOW() AT TIME ZONE 'utc'),
+            COALESCE(#{item.createdAt}, SYSDATE),
             #{item.deviceCollectId},
             #{item.deviceId},
-            #{item.deviceIp}::inet,
+            #{item.deviceIp},
             #{item.receiveTime},
             #{item.receiveTimeStr},
             #{item.syslogMessage},
@@ -85,10 +85,10 @@
         ORDER BY receive_time DESC
     </select>
 
-    <!-- 根据IP地址查询（使用PostgreSQL的inet操作符） -->
+    <!-- 根据IP地址查询 -->
     <select id="selectByDeviceIp" resultMap="BaseResultMap">
         SELECT * FROM device_receive_log
-        WHERE device_ip >>= #{deviceIp}::inet
+        WHERE device_ip = #{deviceIp}
         ORDER BY receive_time DESC
     </select>
 
@@ -110,7 +110,7 @@
                 AND device_collect_id = #{deviceCollectId}
             </if>
             <if test="deviceIp != null and deviceIp != ''">
-                AND device_ip >>= #{deviceIp}::inet
+                AND device_ip = #{deviceIp}
             </if>
             <if test="receiveTime != null">
                 AND receive_time >= #{receiveTime}
@@ -136,7 +136,7 @@
                 AND device_collect_id = #{deviceCollectId}
             </if>
             <if test="deviceIp != null and deviceIp != ''">
-                AND device_ip >>= #{deviceIp}::inet
+                AND device_ip = #{deviceIp}
             </if>
             <if test="receiveTime != null">
                 AND receive_time >= #{receiveTime}
diff --git a/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceUnknownMapper.xml b/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceUnknownMapper.xml
index 846e881..c610ec9 100644
--- a/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceUnknownMapper.xml
+++ b/haobang-security-dm/syslog-serve/src/main/resources/mapper/DeviceUnknownMapper.xml
@@ -31,10 +31,10 @@
             network_protocol,
             source_method
         ) VALUES (
-            COALESCE(#{createdAt}, NOW() AT TIME ZONE 'utc'),
+            COALESCE(#{createdAt}, SYSDATE),
             #{deviceCollectId},
             #{deviceCollectName},
-            #{deviceIp}::inet,
+            #{deviceIp},
             #{firstTime},
             #{lastTime},
             #{organizationId},
@@ -58,10 +58,10 @@
         ) VALUES
         <foreach collection="devices" item="device" separator=",">
             (
-            COALESCE(#{device.createdAt}, NOW() AT TIME ZONE 'utc'),
+            COALESCE(#{device.createdAt}, SYSDATE),
             #{device.deviceCollectId},
             #{device.deviceCollectName},
-            #{device.deviceIp}::inet,
+            #{device.deviceIp},
             #{device.firstTime},
             #{device.lastTime},
             #{device.organizationId},
@@ -78,7 +78,7 @@
             created_at,
             device_collect_id,
             device_collect_name,
-            device_ip::text as device_ip,
+            device_ip,
             first_time,
             last_time,
             organization_id,
@@ -95,14 +95,14 @@
             created_at,
             device_collect_id,
             device_collect_name,
-            device_ip::text as device_ip,
+            device_ip,
             first_time,
             last_time,
             organization_id,
             network_protocol,
             source_method
         FROM device_unknown
-        WHERE device_ip = #{deviceIp}::inet
+        WHERE device_ip = #{deviceIp}
         ORDER BY last_time DESC
     </select>
 
@@ -113,7 +113,7 @@
             created_at,
             device_collect_id,
             device_collect_name,
-            device_ip::text as device_ip,
+            device_ip,
             first_time,
             last_time,
             organization_id,
@@ -131,7 +131,7 @@
             created_at,
             device_collect_id,
             device_collect_name,
-            device_ip::text as device_ip,
+            device_ip,
             first_time,
             last_time,
             organization_id,
@@ -148,7 +148,7 @@
             created_at,
             device_collect_id,
             device_collect_name,
-            device_ip::text as device_ip,
+            device_ip,
             first_time,
             last_time,
             organization_id,
@@ -167,7 +167,7 @@
         created_at,
         device_collect_id,
         device_collect_name,
-        device_ip::text as device_ip,
+        device_ip,
         first_time,
         last_time,
         organization_id,
@@ -179,10 +179,10 @@
                 AND device_collect_id = #{deviceCollectId}
             </if>
             <if test="deviceCollectName != null and deviceCollectName != ''">
-                AND device_collect_name ILIKE CONCAT('%', #{deviceCollectName}, '%')
+                AND UPPER(device_collect_name) LIKE UPPER(CONCAT('%', #{deviceCollectName}, '%'))
             </if>
             <if test="deviceIp != null and deviceIp != ''">
-                AND device_ip = #{deviceIp}::inet
+                AND device_ip = #{deviceIp}
             </if>
             <if test="organizationId != null">
                 AND organization_id = #{organizationId}
@@ -214,7 +214,7 @@
                 device_collect_name = #{deviceCollectName},
             </if>
             <if test="deviceIp != null and deviceIp != ''">
-                device_ip = #{deviceIp}::inet,
+                device_ip = #{deviceIp},
             </if>
             <if test="firstTime != null">
                 first_time = #{firstTime},
@@ -268,10 +268,10 @@
                 AND device_collect_id = #{deviceCollectId}
             </if>
             <if test="deviceCollectName != null and deviceCollectName != ''">
-                AND device_collect_name ILIKE CONCAT('%', #{deviceCollectName}, '%')
+                AND UPPER(device_collect_name) LIKE UPPER(CONCAT('%', #{deviceCollectName}, '%'))
             </if>
             <if test="deviceIp != null and deviceIp != ''">
-                AND device_ip = #{deviceIp}::inet
+                AND device_ip = #{deviceIp}
             </if>
             <if test="organizationId != null">
                 AND organization_id = #{organizationId}