1、修改算子运算结果后入库BUG

2、根据设备ID获取设备IP、设备厂商、设备名称信息补全标准化表 3、完善告警表字段内容：syslog_normal_alarm: http_url ->alarm: victim_web_url
2026-01-26 15:20:46 +08:00
parent 6603c6f4a1
commit cf6b89ea94
23 changed files with 1941 additions and 52 deletions
--- a/haobang-security-xdr/syslog-consumer/src/main/java/com/common/mapper/AlarmVisitMapper.java
+++ b/haobang-security-xdr/syslog-consumer/src/main/java/com/common/mapper/AlarmVisitMapper.java
@@ -18,11 +18,11 @@ public interface AlarmVisitMapper {
    @Insert({"<script>",
            "INSERT INTO alarm_visit (",
            "id, created_at, alarm_name, alarm_level, alarm_type, ",
-            "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, ",
+            "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, victim_web_url, ",
            "device_id, comment,origin_log_ids,log_start_at, log_end_at, http_status, ",
            "attack_port, victim_port, attack_method, etl_time, log_count, ",
            "attack_chain_phase, disposition_advice, attack_direction, ",
-            "judged_state, disposed_state, attack_result, fall, payload, " ,
+            "judged_state, disposed_state, attack_result, fall, payload,   " ,
            "http_req_header  , http_req_body,http_resp_header , http_resp_body ",
            ") VALUES ",
            "<foreach collection='list' item='item' separator=','>",
@@ -30,6 +30,7 @@ public interface AlarmVisitMapper {
            "#{item.alarmType}, #{item.alarmMajorType}, #{item.alarmMinorType}, #{item.alarmAreaId}, ",
            "#{item.attackIp, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, ",
            "#{item.victimIp, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, ",
+            "#{item.victimWebUrl, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, ",
            "#{item.deviceId, typeHandler=com.Modules.etl.handler.ArrayIntegerTypeHandler}, ",
            "#{item.comment}, " ,
            "#{item.originLogIds, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, ",
@@ -54,7 +55,7 @@ public interface AlarmVisitMapper {
     */
    @Insert("INSERT INTO alarm_visit (" +
            "id, created_at, alarm_name, alarm_level, alarm_type, " +
-            "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, " +
+            "alarm_major_type, alarm_minor_type,alarm_area_id, attack_ip, victim_ip, victim_web_url,  " +
            "device_id, comment,origin_log_ids, log_start_at, log_end_at, http_status, " +
            "attack_port, victim_port, attack_method, etl_time, log_count, " +
            "attack_chain_phase, disposition_advice, attack_direction, " +
@@ -65,6 +66,7 @@ public interface AlarmVisitMapper {
            "#{alarmType}, #{alarmMajorType}, #{alarmMinorType}, #{alarmAreaId}, " +
            "#{attackIp, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, " +
            "#{victimIp, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, " +
+            "#{victimWebUrl, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, "+
            "#{deviceId, typeHandler=com.Modules.etl.handler.ArrayIntegerTypeHandler}, " +
            "#{comment}, " +
            "#{originLogIds, typeHandler=com.Modules.etl.handler.ArrayStringTypeHandler}, " +