1、新增功能探针联动处置、心跳在线检测
2、syslog-consumer模块拆分 syslog-consumer-rule模块实现日志数据消费、解析、泛化入库。
This commit is contained in:
@@ -1,4 +1,4 @@
|
||||
#Server Configuration
|
||||
#Server Configuration [192.168.4.26]
|
||||
server.port=8189
|
||||
server.servlet.context-path=/syslogserve
|
||||
#server.address=0.0.0.0
|
||||
@@ -12,26 +12,32 @@ syslog.udp.port=514
|
||||
syslog.max.frame.length=262144
|
||||
syslog.buffer.size=1000
|
||||
syslog.sm4.generateKey=f79548ab6fa8a304fc0115e17230358a
|
||||
|
||||
# APP Service Configuration
|
||||
app.service.device_id=1
|
||||
app.service.device_name=honeypot
|
||||
app.service.vendor=changting
|
||||
app.service.product_name=diting
|
||||
#采集探针ID
|
||||
app.service.device_collect_id=${DEVICE_COLLECT_ID:1}
|
||||
# syslog message data_type
|
||||
app.service.data_type=json
|
||||
#采集探针ID
|
||||
app.service.device_collect_id=${DEVICE_COLLECT_ID:1}
|
||||
app.service.version=${APP_SERVICE_VER:V1.0.0-20260509}
|
||||
app.service.device_collect_name=${DEVICE_COLLECT_NAME:DevCollect-01}
|
||||
|
||||
# kafka Configuration
|
||||
spring.kafka.producer.bootstrap-servers=192.168.222.130:9092
|
||||
spring.kafka.producer.topic =test-topic
|
||||
|
||||
|
||||
spring.kafka.producer.bootstrap-servers=192.168.4.26:9092
|
||||
spring.kafka.producer.topic =agent-01-syslog-topic
|
||||
# kafka Configuration 新增优化配置
|
||||
spring.kafka.producer.properties.retries=10
|
||||
spring.kafka.producer.properties.retry.backoff.ms=500
|
||||
spring.kafka.producer.properties.connections.max.idle.ms=600000
|
||||
spring.kafka.producer.properties.socket.keepalive.enable=true
|
||||
spring.kafka.producer.properties.request.timeout.ms=30000
|
||||
spring.kafka.producer.properties.delivery.timeout.ms=120000
|
||||
#database Configuration
|
||||
spring.datasource.url=jdbc:postgresql://117.72.68.72:54329/ecosys
|
||||
spring.datasource.url=jdbc:postgresql://192.168.4.26:5432/ecosys
|
||||
spring.datasource.username=postgres
|
||||
spring.datasource.password=TnLanWaidYSwTSG5
|
||||
spring.datasource.password=caZ2TcmXNSW8L2Ap
|
||||
spring.datasource.driver-class-name=org.postgresql.Driver
|
||||
|
||||
# mybatis Configuration
|
||||
@@ -39,44 +45,30 @@ mybatis.mapper-locations=classpath:mapper/*.xml
|
||||
mybatis.type-aliases-package=com.common.entity
|
||||
mybatis.configuration.map-underscore-to-camel-case=true
|
||||
|
||||
# 开发环境缓存配置
|
||||
spring.redis.host=localhost
|
||||
# 生产环境缓存配置
|
||||
spring.redis.host=192.168.4.26
|
||||
spring.redis.port=6379
|
||||
# 密码(如果没有设置密码,可以省略)
|
||||
spring.redis.password=
|
||||
spring.redis.password=123456
|
||||
spring.redis.database=0
|
||||
spring.redis.timeout=2000
|
||||
spring.redis.timeout=5000
|
||||
#spring.redis.password=${REDIS_PASSWORD:default_prod_password}
|
||||
|
||||
spring.redis.lettuce.pool.max-active=8
|
||||
spring.redis.lettuce.pool.max-wait=-1
|
||||
spring.redis.lettuce.pool.max-idle=8
|
||||
spring.redis.lettuce.pool.min-idle=0
|
||||
# 开发环境缓存时间较短,方便调试
|
||||
spring.cache.redis.time-to-live=600000
|
||||
|
||||
|
||||
#防火墙封堵配置
|
||||
# 是否启用真实封堵(false时仅打印日志,用于测试)
|
||||
firewall.enabled=true
|
||||
# iptables命令路径(通常为 /usr/sbin/iptables)
|
||||
firewall.iptables-path=/usr/sbin/iptables
|
||||
# 封堵链(常用 INPUT 或 FORWARD)
|
||||
firewall.chain=INPUT
|
||||
# 封堵策略(DROP 或 REJECT)
|
||||
firewall.target=DROP
|
||||
# 可选:API访问密钥(若为空则不校验)
|
||||
firewall.api-key=your-secure-api-key
|
||||
spring.redis.lettuce.pool.max-active=20
|
||||
spring.redis.lettuce.pool.max-wait=5000
|
||||
spring.redis.lettuce.pool.max-idle=10
|
||||
spring.redis.lettuce.pool.min-idle=5
|
||||
|
||||
# 生产环境缓存时间较长
|
||||
spring.cache.redis.time-to-live=3600000
|
||||
|
||||
# 黑名单API配置
|
||||
blacklist.api.url= https://103.43.84.11/api/v3/Objects/Blacklist
|
||||
blacklist.api.username=apt-admin103
|
||||
blacklist.api.password=C9W2xYgfc%SN1
|
||||
|
||||
# 白名单API配置
|
||||
whitelist.api.url=https://103.43.84.11/api/v3/Policies/GlobalWhitelist
|
||||
whitelist.api.username=apt-admin103
|
||||
whitelist.api.password=C9W2xYgfc%SN1
|
||||
whitelist.api.url=https://103.43.84.11/api/v3/Policies/GlobalWhitelist
|
||||
|
||||
|
||||
# ============================================
|
||||
# 探针联动配置
|
||||
@@ -84,8 +76,25 @@ whitelist.api.password=C9W2xYgfc%SN1
|
||||
# 是否启用联动功能
|
||||
interlocking.enabled=true
|
||||
# syslog-consumer API基础URL(安全平台外网映射地址)
|
||||
interlocking.api.base-url=http://localhost:8089/xdrservice/interlocking
|
||||
interlocking.api.base-url=http://192.168.4.26:8089/xdrservice/interlocking
|
||||
# API-KEY认证(32位,需与syslog-consumer配置一致)
|
||||
interlocking.api-key=a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6
|
||||
# 定时任务执行间隔(毫秒),默认30秒
|
||||
interlocking.schedule.interval=30000
|
||||
|
||||
# ============================================
|
||||
# 探针心跳配置
|
||||
# ============================================
|
||||
# 是否启用心跳
|
||||
probe.heartbeat.enabled=true
|
||||
# 心跳发送间隔(秒)
|
||||
probe.heartbeat.interval-seconds=60
|
||||
# 心跳发送初始延迟(毫秒)
|
||||
probe.heartbeat.initial-delay-ms=5000
|
||||
# 平台端心跳接收接口URL
|
||||
probe.platform.api-url=http://192.168.4.26:8089/xdrservice/interlocking/probe/heartbeat
|
||||
|
||||
# ============================================
|
||||
# 定时任务配置
|
||||
# ============================================
|
||||
spring.task.scheduling.pool.size=5
|
||||
|
||||
Reference in New Issue
Block a user