2026-01-10 13:27:26.100 [main] INFO com.syslogApplication - Starting syslogApplication using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 12944 (E:\GIT_GOSAME\haobang-security-xdr\syslog-consumer\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr) 2026-01-10 13:27:26.104 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final 2026-01-10 13:27:26.108 [main] INFO com.syslogApplication - No active profile set, falling back to 1 default profile: "default" 2026-01-10 13:27:28.693 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 13:27:28.693 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Elasticsearch repositories in DEFAULT mode. 2026-01-10 13:27:29.287 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 588 ms. Found 1 Elasticsearch repository interfaces. 2026-01-10 13:27:29.294 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 13:27:29.294 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Reactive Elasticsearch repositories in DEFAULT mode. 2026-01-10 13:27:29.457 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Reactive Elasticsearch - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Reactive Elasticsearch repository, consider annotating your entities with one of these annotations: org.springframework.data.elasticsearch.annotations.Document (preferred), or consider extending one of the following types with your repository: org.springframework.data.elasticsearch.repository.ReactiveElasticsearchRepository 2026-01-10 13:27:29.457 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 161 ms. Found 0 Reactive Elasticsearch repository interfaces. 2026-01-10 13:27:29.479 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 13:27:29.479 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode. 2026-01-10 13:27:29.655 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Redis repository, consider annotating your entities with one of these annotations: org.springframework.data.redis.core.RedisHash (preferred), or consider extending one of the following types with your repository: org.springframework.data.keyvalue.repository.KeyValueRepository 2026-01-10 13:27:29.655 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 163 ms. Found 0 Redis repository interfaces. 2026-01-10 13:27:30.440 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8089 (http) 2026-01-10 13:27:30.451 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8089"] 2026-01-10 13:27:30.451 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat] 2026-01-10 13:27:30.451 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65] 2026-01-10 13:27:30.727 [main] INFO o.a.c.c.C.[.[.[/xdrservice] - Initializing Spring embedded WebApplicationContext 2026-01-10 13:27:30.727 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 4552 ms 2026-01-10 13:27:30.777 [main] INFO o.s.b.f.a.AutowiredAnnotationBeanPostProcessor - Autowired annotation is not supported on static fields: private static com.common.service.DmColumnService com.syslogApplication.dmColumnService 2026-01-10 13:27:33.588 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes 2026-01-10 13:27:33.860 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.insert] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Insert] 2026-01-10 13:27:33.875 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.update] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Update] 2026-01-10 13:27:33.907 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.deleteById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.DeleteById] 2026-01-10 13:27:33.910 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.selectById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.SelectById] 2026-01-10 13:27:33.960 [main] ERROR c.b.m.core.MybatisConfiguration - mapper[com.common.mapper.SecExceptionAlgorithmMapper.findById] is ignored, because it exists, maybe from xml file 2026-01-10 13:27:38.866 [main] INFO c.c.service.AccessLogAlertService - 初始化AccessLogAlertService,上次处理时间: 2026-01-10T13:25:38.866 2026-01-10 13:27:38.882 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting... 2026-01-10 13:27:39.100 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed. 2026-01-10 13:27:39.131 [main] INFO c.c.service.AccessLogAlertService - 加载了 2 个启用的算法配置 2026-01-10 13:27:39.940 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes 2026-01-10 13:27:40.248 [main] INFO com.common.util.MyBatisUtil - MyBatis 初始化成功 2026-01-10 13:27:41.102 [main] INFO org.quartz.impl.StdSchedulerFactory - Using default implementation for ThreadExecutor 2026-01-10 13:27:41.112 [main] INFO o.quartz.core.SchedulerSignalerImpl - Initialized Scheduler Signaller of type: class org.quartz.core.SchedulerSignalerImpl 2026-01-10 13:27:41.112 [main] INFO org.quartz.core.QuartzScheduler - Quartz Scheduler v.2.3.2 created. 2026-01-10 13:27:41.112 [main] INFO org.quartz.simpl.RAMJobStore - RAMJobStore initialized. 2026-01-10 13:27:41.112 [main] INFO org.quartz.core.QuartzScheduler - Scheduler meta-data: Quartz Scheduler (v2.3.2) 'quartzScheduler' with instanceId 'NON_CLUSTERED' Scheduler class: 'org.quartz.core.QuartzScheduler' - running locally. NOT STARTED. Currently in standby mode. Number of jobs executed: 0 Using thread pool 'org.quartz.simpl.SimpleThreadPool' - with 10 threads. Using job-store 'org.quartz.simpl.RAMJobStore' - which does not support persistence. and is not clustered. 2026-01-10 13:27:41.112 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler 'quartzScheduler' initialized from an externally provided properties instance. 2026-01-10 13:27:41.112 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler version: 2.3.2 2026-01-10 13:27:41.112 [main] INFO org.quartz.core.QuartzScheduler - JobFactory set to: org.springframework.scheduling.quartz.SpringBeanJobFactory@1de78f97 2026-01-10 13:27:41.285 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0 2026-01-10 13:27:41.285 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53 2026-01-10 13:27:41.285 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768022861284 2026-01-10 13:27:41.303 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0 2026-01-10 13:27:41.303 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53 2026-01-10 13:27:41.304 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768022861303 2026-01-10 13:27:41.304 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8089"] 2026-01-10 13:27:41.320 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8089 (http) with context path '/xdrservice' 2026-01-10 13:27:41.320 [main] INFO o.s.s.quartz.SchedulerFactoryBean - Starting Quartz Scheduler now 2026-01-10 13:27:41.320 [main] INFO org.quartz.core.QuartzScheduler - Scheduler quartzScheduler_$_NON_CLUSTERED started. 2026-01-10 13:27:41.338 [main] INFO com.syslogApplication - Started syslogApplication in 15.567 seconds (JVM running for 20.706) 2026-01-10 13:27:43.685 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - agent-syslog-group: partitions assigned: [] 2026-01-10 13:27:43.685 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - agent-syslog-group: partitions assigned: [] 2026-01-10 13:28:00.008 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:28:00.008 [scheduling-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:28:00.027 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:28:00.027 [scheduling-3] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:28:00.003晚于默认保留时间2026-01-03T13:28:00.027,使用默认时间 2026-01-10 13:28:00.038 [scheduling-1] INFO c.c.service.AccessLogAlertService - 加载了 2 个启用的算法配置 2026-01-10 13:28:00.039 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 2 个启用的算法配置 2026-01-10 13:28:00.044 [scheduling-3] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:28:00.027天前的日志,共删除0条 2026-01-10 13:28:00.057 [scheduling-3] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:28:00.367 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:2,耗时:340ms 2026-01-10 13:28:00.367 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:28:00.367 2026-01-10 13:28:00.369 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:28:00.369 2026-01-10 13:28:00.396 [scheduling-1] INFO c.c.service.AccessLogAlertService - 获取到 938 条新的日志数据,时间范围: 2026-01-10T13:25:38.866 到 2026-01-10T13:28:00.039 2026-01-10 13:28:00.396 [scheduling-1] INFO c.c.service.AccessLogAlertService - 开始处理算法: Webshell 算法 (ID: 2004037120094425090) 2026-01-10 13:28:00.475 [log-processor-1] INFO c.c.service.AccessLogAlertService - 获取到 942 条新的日志数据,时间范围: 2026-01-10T13:25:38.866 到 2026-01-10T13:28:00.039 2026-01-10 13:28:00.475 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始处理算法: Webshell 算法 (ID: 2004037120094425090) 2026-01-10 13:28:02.619 [log-processor-1] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785) at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711) at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602) at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275) at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153) at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122) at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke() at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:793) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763) at org.springframework.aop.interceptor.AsyncExecutionInterceptor.lambda$invoke$0(AsyncExecutionInterceptor.java:115) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.net.ConnectException: Connection refused: connect at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:589) at sun.net.NetworkClient.doConnect(NetworkClient.java:175) at sun.net.www.http.HttpClient.openServer(HttpClient.java:432) at sun.net.www.http.HttpClient.openServer(HttpClient.java:527) at sun.net.www.http.HttpClient.(HttpClient.java:211) at sun.net.www.http.HttpClient.New(HttpClient.java:308) at sun.net.www.http.HttpClient.New(HttpClient.java:326) at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032) at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966) at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109) at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93) at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776) ... 15 common frames omitted 2026-01-10 13:28:02.619 [scheduling-1] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785) at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711) at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602) at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275) at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153) at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122) at com.common.service.AccessLogAlertService.safeProcessTask(AccessLogAlertService.java:387) at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke() at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386) at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85) at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704) at com.common.service.AccessLogAlertService$$EnhancerBySpringCGLIB$$b85131f2.safeProcessTask() at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84) at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:95) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.net.ConnectException: Connection refused: connect at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:589) at sun.net.NetworkClient.doConnect(NetworkClient.java:175) at sun.net.www.http.HttpClient.openServer(HttpClient.java:432) at sun.net.www.http.HttpClient.openServer(HttpClient.java:527) at sun.net.www.http.HttpClient.(HttpClient.java:211) at sun.net.www.http.HttpClient.New(HttpClient.java:308) at sun.net.www.http.HttpClient.New(HttpClient.java:326) at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032) at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966) at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109) at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93) at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776) ... 26 common frames omitted 2026-01-10 13:28:02.623 [log-processor-1] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应 2026-01-10 13:28:02.623 [scheduling-1] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应 2026-01-10 13:28:02.623 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法1111 (ID: 2004133377664204801) 2026-01-10 13:28:02.623 [scheduling-1] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法1111 (ID: 2004133377664204801) 2026-01-10 13:28:03.611 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 4,已更新: 1 2026-01-10 13:28:03.611 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 3244ms 2026-01-10 13:28:04.729 [scheduling-1] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/outtoin_php]: I/O error on POST request for "http://192.168.4.33:5001/outtoin_php": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/outtoin_php": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785) at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711) at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602) at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275) at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153) at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122) at com.common.service.AccessLogAlertService.safeProcessTask(AccessLogAlertService.java:387) at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke() at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386) at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85) at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704) at com.common.service.AccessLogAlertService$$EnhancerBySpringCGLIB$$b85131f2.safeProcessTask() at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84) at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:95) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.net.ConnectException: Connection refused: connect at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:589) at sun.net.NetworkClient.doConnect(NetworkClient.java:175) at sun.net.www.http.HttpClient.openServer(HttpClient.java:432) at sun.net.www.http.HttpClient.openServer(HttpClient.java:527) at sun.net.www.http.HttpClient.(HttpClient.java:211) at sun.net.www.http.HttpClient.New(HttpClient.java:308) at sun.net.www.http.HttpClient.New(HttpClient.java:326) at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032) at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966) at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109) at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93) at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776) ... 26 common frames omitted 2026-01-10 13:28:04.739 [scheduling-1] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/outtoin_php - 无响应 2026-01-10 13:28:04.739 [scheduling-1] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T13:28:00.039 开始处理 2026-01-10 13:28:04.746 [log-processor-1] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/outtoin_php]: I/O error on POST request for "http://192.168.4.33:5001/outtoin_php": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/outtoin_php": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785) at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711) at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602) at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275) at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153) at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122) at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke() at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:793) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763) at org.springframework.aop.interceptor.AsyncExecutionInterceptor.lambda$invoke$0(AsyncExecutionInterceptor.java:115) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.net.ConnectException: Connection refused: connect at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:589) at sun.net.NetworkClient.doConnect(NetworkClient.java:175) at sun.net.www.http.HttpClient.openServer(HttpClient.java:432) at sun.net.www.http.HttpClient.openServer(HttpClient.java:527) at sun.net.www.http.HttpClient.(HttpClient.java:211) at sun.net.www.http.HttpClient.New(HttpClient.java:308) at sun.net.www.http.HttpClient.New(HttpClient.java:326) at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032) at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966) at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109) at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93) at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776) ... 15 common frames omitted 2026-01-10 13:28:04.754 [log-processor-1] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/outtoin_php - 无响应 2026-01-10 13:28:04.754 [log-processor-1] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T13:28:00.039 开始处理 2026-01-10 13:29:00.009 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:29:00.013 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:29:00.003晚于默认保留时间2026-01-03T13:29:00.013,使用默认时间 2026-01-10 13:29:00.026 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:29:00.013天前的日志,共删除0条 2026-01-10 13:29:00.035 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:29:00.318 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:2,耗时:309ms 2026-01-10 13:29:00.318 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:29:00.318 2026-01-10 13:29:00.318 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:29:00.318 2026-01-10 13:29:03.556 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 4,已更新: 1 2026-01-10 13:29:03.556 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 3238ms 2026-01-10 13:34:08.884 [main] INFO com.syslogApplication - Starting syslogApplication using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 22388 (E:\GIT_GOSAME\haobang-security-xdr\syslog-consumer\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr) 2026-01-10 13:34:08.887 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final 2026-01-10 13:34:08.889 [main] INFO com.syslogApplication - No active profile set, falling back to 1 default profile: "default" 2026-01-10 13:34:11.245 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 13:34:11.247 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Elasticsearch repositories in DEFAULT mode. 2026-01-10 13:34:11.934 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 681 ms. Found 1 Elasticsearch repository interfaces. 2026-01-10 13:34:11.934 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 13:34:11.934 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Reactive Elasticsearch repositories in DEFAULT mode. 2026-01-10 13:34:12.025 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Reactive Elasticsearch - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Reactive Elasticsearch repository, consider annotating your entities with one of these annotations: org.springframework.data.elasticsearch.annotations.Document (preferred), or consider extending one of the following types with your repository: org.springframework.data.elasticsearch.repository.ReactiveElasticsearchRepository 2026-01-10 13:34:12.025 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 86 ms. Found 0 Reactive Elasticsearch repository interfaces. 2026-01-10 13:34:12.031 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 13:34:12.031 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode. 2026-01-10 13:34:12.152 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Redis repository, consider annotating your entities with one of these annotations: org.springframework.data.redis.core.RedisHash (preferred), or consider extending one of the following types with your repository: org.springframework.data.keyvalue.repository.KeyValueRepository 2026-01-10 13:34:12.152 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 112 ms. Found 0 Redis repository interfaces. 2026-01-10 13:34:12.700 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8089 (http) 2026-01-10 13:34:12.706 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8089"] 2026-01-10 13:34:12.706 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat] 2026-01-10 13:34:12.706 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65] 2026-01-10 13:34:12.902 [main] INFO o.a.c.c.C.[.[.[/xdrservice] - Initializing Spring embedded WebApplicationContext 2026-01-10 13:34:12.902 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 3923 ms 2026-01-10 13:34:12.945 [main] INFO o.s.b.f.a.AutowiredAnnotationBeanPostProcessor - Autowired annotation is not supported on static fields: private static com.common.service.DmColumnService com.syslogApplication.dmColumnService 2026-01-10 13:34:15.402 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes 2026-01-10 13:34:15.623 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.insert] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Insert] 2026-01-10 13:34:15.634 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.update] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Update] 2026-01-10 13:34:15.659 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.deleteById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.DeleteById] 2026-01-10 13:34:15.664 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.selectById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.SelectById] 2026-01-10 13:34:15.701 [main] ERROR c.b.m.core.MybatisConfiguration - mapper[com.common.mapper.SecExceptionAlgorithmMapper.findById] is ignored, because it exists, maybe from xml file 2026-01-10 13:34:19.854 [main] INFO c.c.service.AccessLogAlertService - 初始化AccessLogAlertService,上次处理时间: 2026-01-10T13:32:19.854 2026-01-10 13:34:19.874 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting... 2026-01-10 13:34:20.472 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed. 2026-01-10 13:34:20.572 [main] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:34:21.190 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes 2026-01-10 13:34:21.459 [main] INFO com.common.util.MyBatisUtil - MyBatis 初始化成功 2026-01-10 13:34:22.148 [main] INFO org.quartz.impl.StdSchedulerFactory - Using default implementation for ThreadExecutor 2026-01-10 13:34:22.153 [main] INFO o.quartz.core.SchedulerSignalerImpl - Initialized Scheduler Signaller of type: class org.quartz.core.SchedulerSignalerImpl 2026-01-10 13:34:22.153 [main] INFO org.quartz.core.QuartzScheduler - Quartz Scheduler v.2.3.2 created. 2026-01-10 13:34:22.153 [main] INFO org.quartz.simpl.RAMJobStore - RAMJobStore initialized. 2026-01-10 13:34:22.153 [main] INFO org.quartz.core.QuartzScheduler - Scheduler meta-data: Quartz Scheduler (v2.3.2) 'quartzScheduler' with instanceId 'NON_CLUSTERED' Scheduler class: 'org.quartz.core.QuartzScheduler' - running locally. NOT STARTED. Currently in standby mode. Number of jobs executed: 0 Using thread pool 'org.quartz.simpl.SimpleThreadPool' - with 10 threads. Using job-store 'org.quartz.simpl.RAMJobStore' - which does not support persistence. and is not clustered. 2026-01-10 13:34:22.153 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler 'quartzScheduler' initialized from an externally provided properties instance. 2026-01-10 13:34:22.153 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler version: 2.3.2 2026-01-10 13:34:22.153 [main] INFO org.quartz.core.QuartzScheduler - JobFactory set to: org.springframework.scheduling.quartz.SpringBeanJobFactory@4c18b432 2026-01-10 13:34:22.288 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0 2026-01-10 13:34:22.288 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53 2026-01-10 13:34:22.288 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768023262287 2026-01-10 13:34:22.300 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0 2026-01-10 13:34:22.300 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53 2026-01-10 13:34:22.300 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768023262300 2026-01-10 13:34:22.300 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8089"] 2026-01-10 13:34:22.314 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8089 (http) with context path '/xdrservice' 2026-01-10 13:34:22.315 [main] INFO o.s.s.quartz.SchedulerFactoryBean - Starting Quartz Scheduler now 2026-01-10 13:34:22.315 [main] INFO org.quartz.core.QuartzScheduler - Scheduler quartzScheduler_$_NON_CLUSTERED started. 2026-01-10 13:34:22.325 [main] INFO com.syslogApplication - Started syslogApplication in 13.911 seconds (JVM running for 17.788) 2026-01-10 13:34:24.501 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:24.501 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:24.502 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:24.502 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:26.667 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:26.667 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:26.667 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:26.668 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:28.841 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:28.841 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:28.841 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:28.841 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:31.078 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:31.079 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:31.131 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:31.131 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:33.568 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:33.568 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:33.652 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:33.652 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:36.327 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:36.327 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:36.596 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:36.596 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:39.418 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:39.418 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:39.545 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:39.545 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:42.599 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:42.599 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:42.716 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:42.716 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:45.607 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:45.607 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:45.917 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:45.917 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:48.857 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:48.857 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:34:48.933 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available. 2026-01-10 13:34:48.933 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected 2026-01-10 13:37:22.456 [main] INFO com.syslogApplication - Starting syslogApplication using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 28304 (E:\GIT_GOSAME\haobang-security-xdr\syslog-consumer\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr) 2026-01-10 13:37:22.456 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final 2026-01-10 13:37:22.462 [main] INFO com.syslogApplication - No active profile set, falling back to 1 default profile: "default" 2026-01-10 13:37:24.921 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 13:37:24.923 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Elasticsearch repositories in DEFAULT mode. 2026-01-10 13:37:25.427 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 500 ms. Found 1 Elasticsearch repository interfaces. 2026-01-10 13:37:25.433 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 13:37:25.434 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Reactive Elasticsearch repositories in DEFAULT mode. 2026-01-10 13:37:25.530 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Reactive Elasticsearch - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Reactive Elasticsearch repository, consider annotating your entities with one of these annotations: org.springframework.data.elasticsearch.annotations.Document (preferred), or consider extending one of the following types with your repository: org.springframework.data.elasticsearch.repository.ReactiveElasticsearchRepository 2026-01-10 13:37:25.530 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 96 ms. Found 0 Reactive Elasticsearch repository interfaces. 2026-01-10 13:37:25.543 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 13:37:25.544 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode. 2026-01-10 13:37:25.674 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Redis repository, consider annotating your entities with one of these annotations: org.springframework.data.redis.core.RedisHash (preferred), or consider extending one of the following types with your repository: org.springframework.data.keyvalue.repository.KeyValueRepository 2026-01-10 13:37:25.674 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 123 ms. Found 0 Redis repository interfaces. 2026-01-10 13:37:26.366 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8089 (http) 2026-01-10 13:37:26.375 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8089"] 2026-01-10 13:37:26.375 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat] 2026-01-10 13:37:26.375 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65] 2026-01-10 13:37:26.607 [main] INFO o.a.c.c.C.[.[.[/xdrservice] - Initializing Spring embedded WebApplicationContext 2026-01-10 13:37:26.607 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 4071 ms 2026-01-10 13:37:26.664 [main] INFO o.s.b.f.a.AutowiredAnnotationBeanPostProcessor - Autowired annotation is not supported on static fields: private static com.common.service.DmColumnService com.syslogApplication.dmColumnService 2026-01-10 13:37:29.183 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes 2026-01-10 13:37:29.471 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.insert] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Insert] 2026-01-10 13:37:29.485 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.update] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Update] 2026-01-10 13:37:29.515 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.deleteById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.DeleteById] 2026-01-10 13:37:29.519 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.selectById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.SelectById] 2026-01-10 13:37:29.559 [main] ERROR c.b.m.core.MybatisConfiguration - mapper[com.common.mapper.SecExceptionAlgorithmMapper.findById] is ignored, because it exists, maybe from xml file 2026-01-10 13:37:33.821 [main] INFO c.c.service.AccessLogAlertService - 初始化AccessLogAlertService,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:37:33.836 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting... 2026-01-10 13:37:34.436 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed. 2026-01-10 13:37:34.537 [main] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:37:35.447 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes 2026-01-10 13:37:35.554 [main] INFO com.common.util.MyBatisUtil - MyBatis 初始化成功 2026-01-10 13:37:36.442 [main] INFO org.quartz.impl.StdSchedulerFactory - Using default implementation for ThreadExecutor 2026-01-10 13:37:36.455 [main] INFO o.quartz.core.SchedulerSignalerImpl - Initialized Scheduler Signaller of type: class org.quartz.core.SchedulerSignalerImpl 2026-01-10 13:37:36.455 [main] INFO org.quartz.core.QuartzScheduler - Quartz Scheduler v.2.3.2 created. 2026-01-10 13:37:36.456 [main] INFO org.quartz.simpl.RAMJobStore - RAMJobStore initialized. 2026-01-10 13:37:36.456 [main] INFO org.quartz.core.QuartzScheduler - Scheduler meta-data: Quartz Scheduler (v2.3.2) 'quartzScheduler' with instanceId 'NON_CLUSTERED' Scheduler class: 'org.quartz.core.QuartzScheduler' - running locally. NOT STARTED. Currently in standby mode. Number of jobs executed: 0 Using thread pool 'org.quartz.simpl.SimpleThreadPool' - with 10 threads. Using job-store 'org.quartz.simpl.RAMJobStore' - which does not support persistence. and is not clustered. 2026-01-10 13:37:36.456 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler 'quartzScheduler' initialized from an externally provided properties instance. 2026-01-10 13:37:36.456 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler version: 2.3.2 2026-01-10 13:37:36.456 [main] INFO org.quartz.core.QuartzScheduler - JobFactory set to: org.springframework.scheduling.quartz.SpringBeanJobFactory@43f50bfe 2026-01-10 13:37:36.628 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0 2026-01-10 13:37:36.629 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53 2026-01-10 13:37:36.629 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768023456627 2026-01-10 13:37:36.645 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0 2026-01-10 13:37:36.647 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53 2026-01-10 13:37:36.647 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768023456645 2026-01-10 13:37:36.649 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8089"] 2026-01-10 13:37:36.662 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8089 (http) with context path '/xdrservice' 2026-01-10 13:37:36.662 [main] INFO o.s.s.quartz.SchedulerFactoryBean - Starting Quartz Scheduler now 2026-01-10 13:37:36.662 [main] INFO org.quartz.core.QuartzScheduler - Scheduler quartzScheduler_$_NON_CLUSTERED started. 2026-01-10 13:37:36.681 [main] INFO com.syslogApplication - Started syslogApplication in 14.581 seconds (JVM running for 19.802) 2026-01-10 13:37:37.161 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: [] 2026-01-10 13:37:37.188 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: [test-topic-0] 2026-01-10 13:38:00.019 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:38:00.019 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:38:00.108 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:38:00.010晚于默认保留时间2026-01-03T13:38:00.108,使用默认时间 2026-01-10 13:38:00.194 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:38:00.198 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:38:00.202 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:38:00.108天前的日志,共删除0条 2026-01-10 13:38:00.287 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:38:00.374 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:38:00.463 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:89ms 2026-01-10 13:38:00.463 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:38:00.463 2026-01-10 13:38:00.469 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:38:00.469 2026-01-10 13:38:00.637 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:38:00.639 [log-processor-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:38:00.974 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:38:00.975 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 510ms 2026-01-10 13:38:58.615 [http-nio-8089-exec-1] INFO o.s.web.servlet.DispatcherServlet - Initializing Servlet 'dispatcherServlet' 2026-01-10 13:38:58.616 [http-nio-8089-exec-1] INFO o.s.web.servlet.DispatcherServlet - Completed initialization in 1 ms 2026-01-10 13:38:58.863 [http-nio-8089-exec-1] INFO com.controllers.SyslogPushController - 收到syslog发送请求: SyslogRequest{ip='192.168.0.103', port=514, logContent='<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}', protocol='TCP', facility='USER', severity='INFO'} 2026-01-10 13:38:58.863 [http-nio-8089-exec-1] INFO com.common.service.SyslogService - 开始发送syslog消息: IP=192.168.0.103, Port=514 2026-01-10 13:38:58.864 [http-nio-8089-exec-1] INFO com.common.service.SyslogService - TCP Syslog消息发送成功: 192.168.0.103:514 2026-01-10 13:38:58.864 [http-nio-8089-exec-1] INFO com.controllers.SyslogPushController - Syslog消息发送成功: IP=192.168.0.103, Port=514 2026-01-10 13:39:00.090 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:39:00.093 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:39:00.010晚于默认保留时间2026-01-03T13:39:00.093,使用默认时间 2026-01-10 13:39:00.173 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:83ms 2026-01-10 13:39:00.173 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:39:00.173 2026-01-10 13:39:00.173 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:39:00.173 2026-01-10 13:39:00.178 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:39:00.093天前的日志,共删除0条 2026-01-10 13:39:00.272 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:39:00.633 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:39:00.633 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 460ms 2026-01-10 13:40:00.010 [scheduling-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:40:00.011 [log-processor-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:40:00.092 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:40:00.010晚于默认保留时间2026-01-03T13:40:00.092,使用默认时间 2026-01-10 13:40:00.095 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:40:00.173 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:40:00.092天前的日志,共删除0条 2026-01-10 13:40:00.179 [log-processor-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:40:00.182 [scheduling-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:40:00.184 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:89ms 2026-01-10 13:40:00.185 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:40:00.185 2026-01-10 13:40:00.185 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:40:00.185 2026-01-10 13:40:00.256 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:40:00.300 [log-processor-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:40:00.307 [scheduling-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:40:00.709 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:40:00.710 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 525ms 2026-01-10 13:41:00.004 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 13:35:00,结束时间:2026-01-10 13:40:00 2026-01-10 13:41:00.010 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T13:35 - 2026-01-10T13:40 2026-01-10 13:41:00.086 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:41:00.003晚于默认保留时间2026-01-03T13:41:00.086,使用默认时间 2026-01-10 13:41:00.089 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:41:00.168 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:41:00.086天前的日志,共删除0条 2026-01-10 13:41:00.178 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:89ms 2026-01-10 13:41:00.178 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:41:00.178 2026-01-10 13:41:00.178 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:41:00.178 2026-01-10 13:41:00.184 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 13:41:00.184 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 13:41:00.185 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T13:35 - 2026-01-10T13:40 2026-01-10 13:41:00.250 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:41:00.277 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 13:41:00.277 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 13:41:00.278 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 13:41:00.662 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:41:00.662 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 484ms 2026-01-10 13:42:00.010 [scheduling-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:42:00.010 [log-processor-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:42:00.092 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:42:00.095 [scheduling-8] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:42:00.010晚于默认保留时间2026-01-03T13:42:00.095,使用默认时间 2026-01-10 13:42:00.175 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:83ms 2026-01-10 13:42:00.175 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:42:00.175 2026-01-10 13:42:00.175 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:42:00.175 2026-01-10 13:42:00.178 [log-processor-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:42:00.180 [scheduling-8] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:42:00.095天前的日志,共删除0条 2026-01-10 13:42:00.181 [scheduling-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:42:00.263 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:42:00.316 [log-processor-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:42:00.320 [scheduling-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:42:00.629 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:42:00.629 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 454ms 2026-01-10 13:43:00.085 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:43:00.088 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:43:00.005晚于默认保留时间2026-01-03T13:43:00.088,使用默认时间 2026-01-10 13:43:00.171 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:86ms 2026-01-10 13:43:00.172 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:43:00.171 2026-01-10 13:43:00.172 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:43:00.172 2026-01-10 13:43:00.173 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:43:00.088天前的日志,共删除0条 2026-01-10 13:43:00.255 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:43:00.713 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:43:00.713 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 541ms 2026-01-10 13:44:00.012 [scheduling-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:44:00.012 [log-processor-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:44:00.089 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:44:00.012晚于默认保留时间2026-01-03T13:44:00.089,使用默认时间 2026-01-10 13:44:00.097 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:44:00.176 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:44:00.089天前的日志,共删除0条 2026-01-10 13:44:00.178 [log-processor-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:44:00.183 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:86ms 2026-01-10 13:44:00.183 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:44:00.183 2026-01-10 13:44:00.183 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:44:00.183 2026-01-10 13:44:00.183 [scheduling-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:44:00.257 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:44:00.315 [log-processor-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:44:00.321 [scheduling-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:44:00.716 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:44:00.716 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 533ms 2026-01-10 13:45:00.092 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:45:00.011晚于默认保留时间2026-01-03T13:45:00.092,使用默认时间 2026-01-10 13:45:00.095 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:45:00.174 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:45:00.092天前的日志,共删除0条 2026-01-10 13:45:00.183 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:88ms 2026-01-10 13:45:00.183 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:45:00.183 2026-01-10 13:45:00.183 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:45:00.183 2026-01-10 13:45:00.255 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:45:00.671 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:45:00.671 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 488ms 2026-01-10 13:46:00.014 [scheduling-7] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:46:00.014 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 13:40:00,结束时间:2026-01-10 13:45:00 2026-01-10 13:46:00.014 [scheduling-1] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T13:40 - 2026-01-10T13:45 2026-01-10 13:46:00.014 [log-processor-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:46:00.098 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:46:00.014晚于默认保留时间2026-01-03T13:46:00.098,使用默认时间 2026-01-10 13:46:00.099 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:46:00.177 [scheduling-7] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:46:00.181 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:46:00.098天前的日志,共删除0条 2026-01-10 13:46:00.191 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:92ms 2026-01-10 13:46:00.191 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:46:00.191 2026-01-10 13:46:00.192 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:46:00.192 2026-01-10 13:46:00.224 [scheduling-1] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 13:46:00.224 [scheduling-1] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 13:46:00.224 [scheduling-1] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T13:40 - 2026-01-10T13:45 2026-01-10 13:46:00.263 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:46:00.312 [scheduling-1] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 13:46:00.312 [scheduling-1] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 13:46:00.313 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 13:46:00.519 [log-processor-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:46:00.614 [scheduling-7] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:46:00.736 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:46:00.736 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 545ms 2026-01-10 13:46:00.898 [log-processor-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:47:00.096 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:47:00.097 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:47:00.010晚于默认保留时间2026-01-03T13:47:00.097,使用默认时间 2026-01-10 13:47:00.183 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:47:00.097天前的日志,共删除0条 2026-01-10 13:47:00.183 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:87ms 2026-01-10 13:47:00.183 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:47:00.183 2026-01-10 13:47:00.183 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:47:00.183 2026-01-10 13:47:00.268 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:47:00.693 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:47:00.693 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 510ms 2026-01-10 13:48:00.010 [scheduling-10] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:48:00.010 [log-processor-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:48:00.092 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:48:00.010晚于默认保留时间2026-01-03T13:48:00.092,使用默认时间 2026-01-10 13:48:00.096 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:48:00.174 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:48:00.092天前的日志,共删除0条 2026-01-10 13:48:00.177 [log-processor-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:48:00.177 [scheduling-10] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:48:00.182 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:86ms 2026-01-10 13:48:00.182 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:48:00.182 2026-01-10 13:48:00.182 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:48:00.182 2026-01-10 13:48:00.254 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:48:00.325 [log-processor-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:48:00.692 [scheduling-10] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:48:00.702 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:48:00.703 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 521ms 2026-01-10 13:49:00.091 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:49:00.010晚于默认保留时间2026-01-03T13:49:00.091,使用默认时间 2026-01-10 13:49:00.096 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:49:00.175 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:49:00.091天前的日志,共删除0条 2026-01-10 13:49:00.183 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:87ms 2026-01-10 13:49:00.183 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:49:00.183 2026-01-10 13:49:00.183 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:49:00.183 2026-01-10 13:49:00.255 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:49:00.753 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:49:00.753 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 570ms 2026-01-10 13:50:00.012 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:50:00.013 [log-processor-7] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:50:00.093 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:50:00.105 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:50:00.012晚于默认保留时间2026-01-03T13:50:00.105,使用默认时间 2026-01-10 13:50:00.176 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:83ms 2026-01-10 13:50:00.177 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:50:00.177 2026-01-10 13:50:00.177 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:50:00.177 2026-01-10 13:50:00.182 [log-processor-7] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:50:00.187 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:50:00.214 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:50:00.105天前的日志,共删除0条 2026-01-10 13:50:00.297 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:50:00.317 [log-processor-7] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:50:00.394 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:50:00.683 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:50:00.683 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 506ms 2026-01-10 13:51:00.008 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 13:45:00,结束时间:2026-01-10 13:50:00 2026-01-10 13:51:00.008 [scheduling-5] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T13:45 - 2026-01-10T13:50 2026-01-10 13:51:00.093 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:51:00.094 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:51:00.008晚于默认保留时间2026-01-03T13:51:00.094,使用默认时间 2026-01-10 13:51:00.168 [scheduling-5] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 13:51:00.168 [scheduling-5] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 13:51:00.168 [scheduling-5] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T13:45 - 2026-01-10T13:50 2026-01-10 13:51:00.176 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:83ms 2026-01-10 13:51:00.176 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:51:00.094天前的日志,共删除0条 2026-01-10 13:51:00.176 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:51:00.176 2026-01-10 13:51:00.176 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:51:00.176 2026-01-10 13:51:00.253 [scheduling-5] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 13:51:00.253 [scheduling-5] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 13:51:00.253 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 13:51:00.265 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:51:00.684 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:51:00.684 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 508ms 2026-01-10 13:52:00.009 [scheduling-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:52:00.010 [log-processor-8] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:52:00.094 [scheduling-8] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:52:00.009晚于默认保留时间2026-01-03T13:52:00.094,使用默认时间 2026-01-10 13:52:00.095 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:52:00.175 [scheduling-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:52:00.176 [log-processor-8] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:52:00.179 [scheduling-8] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:52:00.094天前的日志,共删除0条 2026-01-10 13:52:00.183 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:88ms 2026-01-10 13:52:00.183 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:52:00.183 2026-01-10 13:52:00.183 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:52:00.183 2026-01-10 13:52:00.263 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:52:00.308 [scheduling-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:52:00.393 [log-processor-8] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:52:00.663 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:52:00.663 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 480ms 2026-01-10 13:53:00.094 [scheduling-8] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:53:00.009晚于默认保留时间2026-01-03T13:53:00.094,使用默认时间 2026-01-10 13:53:00.094 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:53:00.180 [scheduling-8] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:53:00.094天前的日志,共删除0条 2026-01-10 13:53:00.184 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:90ms 2026-01-10 13:53:00.184 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:53:00.184 2026-01-10 13:53:00.184 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:53:00.184 2026-01-10 13:53:00.264 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:53:00.682 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:53:00.683 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 499ms 2026-01-10 13:53:58.080 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:53:58.080 [log-processor-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 13:53:58.163 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:53:58.080晚于默认保留时间2026-01-03T13:53:58.163,使用默认时间 2026-01-10 13:53:58.164 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 13:53:58.243 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:53:58.163天前的日志,共删除0条 2026-01-10 13:53:58.245 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:53:58.250 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:86ms 2026-01-10 13:53:58.250 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:53:58.250 2026-01-10 13:53:58.251 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:53:58.251 2026-01-10 13:53:58.251 [log-processor-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 13:53:58.324 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 13:53:58.492 [log-processor-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:53:58.697 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 13:53:58.697 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 446ms 2026-01-10 13:53:58.737 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 13:59:54.078 [HikariPool-1 housekeeper] WARN com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Thread starvation or clock leap detected (housekeeper delta=5m51s169ms755µs800ns). 2026-01-10 14:00:21.164 [scheduling-7] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:00:21.164 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 13:55:00,结束时间:2026-01-10 14:00:00 2026-01-10 14:00:21.164 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T13:55 - 2026-01-10T14:00 2026-01-10 14:00:21.164 [log-processor-10] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:00:26.187 [log-processor-10] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@7c2603ab (This connection has been closed.). Possibly consider using a shorter maxLifetime value. 2026-01-10 14:00:26.187 [scheduling-8] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@296964cd (This connection has been closed.). Possibly consider using a shorter maxLifetime value. 2026-01-10 14:00:26.187 [scheduling-7] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@5da1fd68 (This connection has been closed.). Possibly consider using a shorter maxLifetime value. 2026-01-10 14:00:26.187 [scheduling-4] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@7e34d60 (This connection has been closed.). Possibly consider using a shorter maxLifetime value. 2026-01-10 14:00:26.187 [scheduling-9] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@654d837b (This connection has been closed.). Possibly consider using a shorter maxLifetime value. 2026-01-10 14:00:31.199 [scheduling-9] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@a4c44d (This connection has been closed.). Possibly consider using a shorter maxLifetime value. 2026-01-10 14:00:31.199 [log-processor-10] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@6722cb96 (This connection has been closed.). Possibly consider using a shorter maxLifetime value. 2026-01-10 14:00:31.199 [scheduling-4] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@510720d2 (This connection has been closed.). Possibly consider using a shorter maxLifetime value. 2026-01-10 14:00:31.199 [scheduling-8] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@818833a (This connection has been closed.). Possibly consider using a shorter maxLifetime value. 2026-01-10 14:00:31.199 [scheduling-7] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@32621718 (This connection has been closed.). Possibly consider using a shorter maxLifetime value. 2026-01-10 14:00:31.284 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:00:21.164晚于默认保留时间2026-01-03T14:00:31.284,使用默认时间 2026-01-10 14:00:31.285 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:00:31.368 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:00:31.284天前的日志,共删除0条 2026-01-10 14:00:31.370 [scheduling-7] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:00:31.370 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:00:31.370 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:00:31.370 [log-processor-10] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:00:31.370 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T13:55 - 2026-01-10T14:00 2026-01-10 14:00:31.373 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:88ms 2026-01-10 14:00:31.373 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:00:31.373 2026-01-10 14:00:31.373 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:00:31.373 2026-01-10 14:00:31.452 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:00:31.459 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:00:31.459 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:00:31.459 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 10 秒 2026-01-10 14:00:31.790 [scheduling-7] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:00:31.795 [log-processor-10] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:00:31.905 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:00:31.905 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 532ms 2026-01-10 14:01:00.001 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 13:55:00,结束时间:2026-01-10 14:00:00 2026-01-10 14:01:00.001 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T13:55 - 2026-01-10T14:00 2026-01-10 14:01:00.087 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:01:00.001晚于默认保留时间2026-01-03T14:01:00.087,使用默认时间 2026-01-10 14:01:00.102 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:01:00.172 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:01:00.087天前的日志,共删除0条 2026-01-10 14:01:00.173 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:01:00.173 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:01:00.173 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T13:55 - 2026-01-10T14:00 2026-01-10 14:01:00.191 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:89ms 2026-01-10 14:01:00.192 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:01:00.192 2026-01-10 14:01:00.192 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:01:00.192 2026-01-10 14:01:00.256 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:01:00.266 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:01:00.266 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:01:00.266 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 14:01:00.678 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:01:00.678 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 486ms 2026-01-10 14:02:00.009 [scheduling-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:02:00.010 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:02:00.095 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:02:00.009晚于默认保留时间2026-01-03T14:02:00.095,使用默认时间 2026-01-10 14:02:00.095 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:02:00.180 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:02:00.095天前的日志,共删除0条 2026-01-10 14:02:00.180 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:02:00.181 [scheduling-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:02:00.187 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:92ms 2026-01-10 14:02:00.187 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:02:00.187 2026-01-10 14:02:00.187 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:02:00.187 2026-01-10 14:02:00.265 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:02:00.666 [log-processor-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:02:00.666 [scheduling-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:02:00.715 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:02:00.715 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 528ms 2026-01-10 14:03:00.088 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:03:00.088 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:03:00.003晚于默认保留时间2026-01-03T14:03:00.088,使用默认时间 2026-01-10 14:03:00.175 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:03:00.088天前的日志,共删除0条 2026-01-10 14:03:00.176 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:88ms 2026-01-10 14:03:00.176 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:03:00.176 2026-01-10 14:03:00.176 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:03:00.176 2026-01-10 14:03:00.263 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:03:00.752 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:03:00.752 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 576ms 2026-01-10 14:04:00.003 [scheduling-8] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:04:00.003 [log-processor-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:04:00.093 [scheduling-5] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:04:00.003晚于默认保留时间2026-01-03T14:04:00.093,使用默认时间 2026-01-10 14:04:00.174 [scheduling-8] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:04:00.174 [log-processor-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:04:00.180 [scheduling-5] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:04:00.093天前的日志,共删除0条 2026-01-10 14:04:00.268 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:04:00.300 [log-processor-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:04:00.300 [scheduling-8] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:04:00.372 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:04:00.467 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:95ms 2026-01-10 14:04:00.468 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:04:00.468 2026-01-10 14:04:00.468 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:04:00.468 2026-01-10 14:04:00.952 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:04:00.952 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 484ms 2026-01-10 14:05:00.087 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:05:00.001晚于默认保留时间2026-01-03T14:05:00.087,使用默认时间 2026-01-10 14:05:00.120 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:05:00.170 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:05:00.087天前的日志,共删除0条 2026-01-10 14:05:00.211 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:91ms 2026-01-10 14:05:00.212 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:05:00.212 2026-01-10 14:05:00.212 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:05:00.212 2026-01-10 14:05:00.255 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:05:01.063 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:05:01.063 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 851ms 2026-01-10 14:06:00.004 [scheduling-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:06:00.004 [log-processor-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:06:00.004 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 14:00:00,结束时间:2026-01-10 14:05:00 2026-01-10 14:06:00.004 [scheduling-5] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:00 - 2026-01-10T14:05 2026-01-10 14:06:00.092 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:06:00.109 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:06:00.004晚于默认保留时间2026-01-03T14:06:00.109,使用默认时间 2026-01-10 14:06:00.171 [scheduling-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:06:00.171 [log-processor-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:06:00.180 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:88ms 2026-01-10 14:06:00.180 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:06:00.180 2026-01-10 14:06:00.180 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:06:00.180 2026-01-10 14:06:00.208 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:06:00.109天前的日志,共删除0条 2026-01-10 14:06:00.208 [scheduling-5] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:06:00.208 [scheduling-5] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:06:00.209 [scheduling-5] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:00 - 2026-01-10T14:05 2026-01-10 14:06:00.293 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:06:00.293 [scheduling-5] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:06:00.293 [scheduling-5] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:06:00.297 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 14:06:00.315 [log-processor-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:06:00.316 [scheduling-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:06:00.674 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:06:00.674 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 494ms 2026-01-10 14:07:00.090 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:07:00.090 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:07:00.003晚于默认保留时间2026-01-03T14:07:00.090,使用默认时间 2026-01-10 14:07:00.178 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:07:00.090天前的日志,共删除0条 2026-01-10 14:07:00.178 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:88ms 2026-01-10 14:07:00.179 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:07:00.179 2026-01-10 14:07:00.179 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:07:00.179 2026-01-10 14:07:00.263 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:07:00.695 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:07:00.695 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 516ms 2026-01-10 14:08:00.002 [scheduling-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:08:00.002 [log-processor-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:08:00.096 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:08:00.096 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:08:00.002晚于默认保留时间2026-01-03T14:08:00.096,使用默认时间 2026-01-10 14:08:00.170 [scheduling-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:08:00.170 [log-processor-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:08:00.181 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:08:00.096天前的日志,共删除0条 2026-01-10 14:08:00.184 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:0,耗时:88ms 2026-01-10 14:08:00.185 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:08:00.185 2026-01-10 14:08:00.185 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:08:00.185 2026-01-10 14:08:00.271 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:08:00.310 [log-processor-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:08:00.311 [scheduling-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:08:00.636 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:08:00.636 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 451ms 2026-01-10 14:08:50.215 [http-nio-8089-exec-3] INFO com.controllers.SyslogPushController - 收到syslog发送请求: SyslogRequest{ip='192.168.0.103', port=514, logContent='<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}', protocol='TCP', facility='USER', severity='INFO'} 2026-01-10 14:08:50.215 [http-nio-8089-exec-3] INFO com.common.service.SyslogService - 开始发送syslog消息: IP=192.168.0.103, Port=514 2026-01-10 14:08:50.219 [http-nio-8089-exec-3] INFO com.common.service.SyslogService - TCP Syslog消息发送成功: 192.168.0.103:514 2026-01-10 14:08:50.219 [http-nio-8089-exec-3] INFO com.controllers.SyslogPushController - Syslog消息发送成功: IP=192.168.0.103, Port=514 2026-01-10 14:08:56.198 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO c.Modules.NormalData.SysLogProcessor - 开始处理批次消息,数量: 1 2026-01-10 14:08:56.198 [log-processor-5] INFO c.Modules.NormalData.SysLogProcessor - 收到syslogmessage:[receive_time=20260110140855438 device_id=248 device_name=开发环境设备-HOME vendor=HFish data_type=json device_collect_id=1]<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"} 2026-01-10 14:09:00.088 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:09:00.002晚于默认保留时间2026-01-03T14:09:00.088,使用默认时间 2026-01-10 14:09:00.107 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:09:00.178 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:09:00.088天前的日志,共删除0条 2026-01-10 14:09:00.262 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:09:00.297 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:190ms 2026-01-10 14:09:00.297 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:09:00.297 2026-01-10 14:09:00.297 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:09:00.297 2026-01-10 14:09:00.740 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:09:00.740 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 443ms 2026-01-10 14:09:01.651 [log-processor-5] WARN c.c.service.LogDataFilterService - 泛化规则-数据过滤规则为空,默认不处理! 2026-01-10 14:10:19.341 [scheduling-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:10:19.341 [HikariPool-1 housekeeper] WARN com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Thread starvation or clock leap detected (housekeeper delta=1m25s115ms628µs300ns). 2026-01-10 14:10:19.341 [log-processor-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:10:19.346 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN c.Modules.NormalData.SysLogProcessor - 批次处理超时,已处理: 0/1 2026-01-10 14:10:20.390 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:10:19.341晚于默认保留时间2026-01-03T14:10:20.390,使用默认时间 2026-01-10 14:10:20.390 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:10:20.562 [scheduling-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:10:20.562 [log-processor-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:10:20.688 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:10:20.390天前的日志,共删除0条 2026-01-10 14:10:37.594 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:10:37.594 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:17204ms 2026-01-10 14:10:37.594 [log-processor-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:10:37.594 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:10:37.594 2026-01-10 14:10:37.595 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:10:37.595 2026-01-10 14:10:40.009 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: [test-topic-0] 2026-01-10 14:10:40.017 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] ERROR o.a.k.c.c.i.ConsumerCoordinator - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Offset commit failed on partition test-topic-0 at offset 477: The coordinator is not aware of this member. 2026-01-10 14:10:40.021 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] ERROR o.s.k.l.KafkaMessageListenerContainer - Consumer exception java.lang.IllegalStateException: This error handler cannot process 'org.apache.kafka.clients.consumer.CommitFailedException's; no record information is available at org.springframework.kafka.listener.DefaultErrorHandler.handleOtherException(DefaultErrorHandler.java:157) at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.handleConsumerException(KafkaMessageListenerContainer.java:1812) at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.run(KafkaMessageListenerContainer.java:1301) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266) at java.util.concurrent.FutureTask.run(FutureTask.java) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.kafka.clients.consumer.CommitFailedException: Commit cannot be completed since the group has already rebalanced and assigned the partitions to another member. This means that the time between subsequent calls to poll() was longer than the configured max.poll.interval.ms, which typically implies that the poll loop is spending too much time message processing. You can address this either by increasing max.poll.interval.ms or by reducing the maximum size of batches returned in poll() with max.poll.records. at org.apache.kafka.clients.consumer.internals.ConsumerCoordinator$OffsetCommitResponseHandler.handle(ConsumerCoordinator.java:1441) at org.apache.kafka.clients.consumer.internals.ConsumerCoordinator$OffsetCommitResponseHandler.handle(ConsumerCoordinator.java:1341) at org.apache.kafka.clients.consumer.internals.AbstractCoordinator$CoordinatorResponseHandler.onSuccess(AbstractCoordinator.java:1260) at org.apache.kafka.clients.consumer.internals.AbstractCoordinator$CoordinatorResponseHandler.onSuccess(AbstractCoordinator.java:1235) at org.apache.kafka.clients.consumer.internals.RequestFuture$1.onSuccess(RequestFuture.java:206) at org.apache.kafka.clients.consumer.internals.RequestFuture.fireSuccess(RequestFuture.java:169) at org.apache.kafka.clients.consumer.internals.RequestFuture.complete(RequestFuture.java:129) at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient$RequestFutureCompletionHandler.fireCompletion(ConsumerNetworkClient.java:617) at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.firePendingCompletedRequests(ConsumerNetworkClient.java:427) at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:312) at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:230) at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:214) at org.apache.kafka.clients.consumer.internals.ConsumerCoordinator.commitOffsetsSync(ConsumerCoordinator.java:1174) at org.apache.kafka.clients.consumer.KafkaConsumer.commitSync(KafkaConsumer.java:1502) at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doCommitSync(KafkaMessageListenerContainer.java:3062) at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.commitSync(KafkaMessageListenerContainer.java:3057) at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.commitIfNecessary(KafkaMessageListenerContainer.java:3043) at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.processCommits(KafkaMessageListenerContainer.java:2835) at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.pollAndInvoke(KafkaMessageListenerContainer.java:1329) at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.run(KafkaMessageListenerContainer.java:1255) ... 4 common frames omitted 2026-01-10 14:10:40.021 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions lost: [test-topic-0] 2026-01-10 14:10:40.033 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions revoked: [test-topic-0] 2026-01-10 14:10:40.078 [scheduling-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821 2026-01-10 14:10:40.486 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:10:40.487 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 2893ms 2026-01-10 14:10:40.514 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO c.Modules.NormalData.SysLogProcessor - 开始处理批次消息,数量: 1 2026-01-10 14:10:40.514 [log-processor-7] INFO c.Modules.NormalData.SysLogProcessor - 收到syslogmessage:[receive_time=20260110140855438 device_id=248 device_name=开发环境设备-HOME vendor=HFish data_type=json device_collect_id=1]<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"} 2026-01-10 14:10:40.565 [log-processor-7] WARN c.c.service.LogDataFilterService - 泛化规则-数据过滤规则为空,默认不处理! 2026-01-10 14:10:55.526 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO c.Modules.NormalData.SysLogProcessor - 批次处理完成,总数: 1 2026-01-10 14:10:55.549 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions revoked: [test-topic-0] 2026-01-10 14:10:55.564 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: [] 2026-01-10 14:10:55.570 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: [test-topic-0] 2026-01-10 14:11:00.002 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 14:05:00,结束时间:2026-01-10 14:10:00 2026-01-10 14:11:00.002 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:05 - 2026-01-10T14:10 2026-01-10 14:11:00.085 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:11:00.002晚于默认保留时间2026-01-03T14:11:00.085,使用默认时间 2026-01-10 14:11:00.088 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:11:00.171 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:11:00.085天前的日志,共删除0条 2026-01-10 14:11:00.171 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:11:00.171 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:11:00.171 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:05 - 2026-01-10T14:10 2026-01-10 14:11:00.256 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:11:00.256 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:11:00.256 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 14:11:00.575 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:487ms 2026-01-10 14:11:00.575 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:11:00.575 2026-01-10 14:11:00.575 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:11:00.575 2026-01-10 14:11:00.847 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:11:01.055 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:11:01.055 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 480ms 2026-01-10 14:12:00.012 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:12:00.012 [log-processor-8] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:12:00.096 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:12:00.011晚于默认保留时间2026-01-03T14:12:00.096,使用默认时间 2026-01-10 14:12:00.133 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:12:00.180 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:12:00.096天前的日志,共删除0条 2026-01-10 14:12:00.180 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:12:00.183 [log-processor-8] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:12:00.263 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:12:00.295 [scheduling-2] INFO c.c.service.AccessLogAlertService - 获取到 2 条新的日志数据,时间范围: 2026-01-10T13:35:33.821 到 2026-01-10T14:12:00.180 2026-01-10 14:12:00.297 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法3 (ID: 2004083121877696514) 2026-01-10 14:12:00.307 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:174ms 2026-01-10 14:12:00.307 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:12:00.307 2026-01-10 14:12:00.307 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:12:00.307 2026-01-10 14:12:00.625 [log-processor-8] INFO c.c.service.AccessLogAlertService - 获取到 2 条新的日志数据,时间范围: 2026-01-10T13:35:33.821 到 2026-01-10T14:12:00.183 2026-01-10 14:12:00.625 [log-processor-8] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法3 (ID: 2004083121877696514) 2026-01-10 14:12:00.784 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:12:00.784 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 477ms 2026-01-10 14:12:02.417 [scheduling-2] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785) at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711) at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602) at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275) at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153) at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122) at com.common.service.AccessLogAlertService.safeProcessTask(AccessLogAlertService.java:387) at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke() at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386) at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85) at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704) at com.common.service.AccessLogAlertService$$EnhancerBySpringCGLIB$$a38bc9af.safeProcessTask() at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84) at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:95) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266) at java.util.concurrent.FutureTask.run(FutureTask.java) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.net.ConnectException: Connection refused: connect at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:589) at sun.net.NetworkClient.doConnect(NetworkClient.java:175) at sun.net.www.http.HttpClient.openServer(HttpClient.java:432) at sun.net.www.http.HttpClient.openServer(HttpClient.java:527) at sun.net.www.http.HttpClient.(HttpClient.java:211) at sun.net.www.http.HttpClient.New(HttpClient.java:308) at sun.net.www.http.HttpClient.New(HttpClient.java:326) at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032) at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966) at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109) at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93) at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776) ... 27 common frames omitted 2026-01-10 14:12:02.421 [scheduling-2] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应 2026-01-10 14:12:02.421 [scheduling-2] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T14:12:00.180 开始处理 2026-01-10 14:12:02.728 [log-processor-8] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785) at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711) at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602) at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275) at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153) at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122) at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke() at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:793) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763) at org.springframework.aop.interceptor.AsyncExecutionInterceptor.lambda$invoke$0(AsyncExecutionInterceptor.java:115) at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266) at java.util.concurrent.FutureTask.run(FutureTask.java) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.net.ConnectException: Connection refused: connect at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:589) at sun.net.NetworkClient.doConnect(NetworkClient.java:175) at sun.net.www.http.HttpClient.openServer(HttpClient.java:432) at sun.net.www.http.HttpClient.openServer(HttpClient.java:527) at sun.net.www.http.HttpClient.(HttpClient.java:211) at sun.net.www.http.HttpClient.New(HttpClient.java:308) at sun.net.www.http.HttpClient.New(HttpClient.java:326) at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032) at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966) at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109) at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93) at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776) ... 16 common frames omitted 2026-01-10 14:12:02.744 [log-processor-8] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应 2026-01-10 14:12:02.744 [log-processor-8] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T14:12:00.183 开始处理 2026-01-10 14:13:00.092 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:13:00.097 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:13:00.007晚于默认保留时间2026-01-03T14:13:00.097,使用默认时间 2026-01-10 14:13:00.183 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:13:00.097天前的日志,共删除0条 2026-01-10 14:13:00.267 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:176ms 2026-01-10 14:13:00.267 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:13:00.267 2026-01-10 14:13:00.267 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:13:00.267 2026-01-10 14:13:00.268 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:13:00.753 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:13:00.753 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 486ms 2026-01-10 14:14:00.005 [scheduling-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:14:00.005 [log-processor-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:14:00.092 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:14:00.094 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:14:00.005晚于默认保留时间2026-01-03T14:14:00.094,使用默认时间 2026-01-10 14:14:00.179 [log-processor-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:14:00.179 [scheduling-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:14:00.181 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:14:00.094天前的日志,共删除0条 2026-01-10 14:14:00.264 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:172ms 2026-01-10 14:14:00.265 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:14:00.265 2026-01-10 14:14:00.265 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:14:00.265 2026-01-10 14:14:00.265 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:14:00.415 [scheduling-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:14:00.627 [log-processor-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:14:00.779 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:14:00.779 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 514ms 2026-01-10 14:15:00.094 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:15:00.095 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:15:00.009晚于默认保留时间2026-01-03T14:15:00.095,使用默认时间 2026-01-10 14:15:00.181 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:15:00.095天前的日志,共删除0条 2026-01-10 14:15:00.261 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:167ms 2026-01-10 14:15:00.261 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:15:00.261 2026-01-10 14:15:00.261 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:15:00.261 2026-01-10 14:15:00.267 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:15:01.087 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:15:01.087 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 826ms 2026-01-10 14:16:00.010 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:16:00.011 [log-processor-10] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:16:00.011 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 14:10:00,结束时间:2026-01-10 14:15:00 2026-01-10 14:16:00.011 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:10 - 2026-01-10T14:15 2026-01-10 14:16:00.095 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:16:00.095 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:16:00.010晚于默认保留时间2026-01-03T14:16:00.095,使用默认时间 2026-01-10 14:16:00.180 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:16:00.095天前的日志,共删除0条 2026-01-10 14:16:00.181 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:16:00.181 [log-processor-10] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:16:00.263 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:16:00.264 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:169ms 2026-01-10 14:16:00.264 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:16:00.264 2026-01-10 14:16:00.264 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:16:00.264 2026-01-10 14:16:00.320 [log-processor-10] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:16:00.320 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:16:00.477 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:16:00.478 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:16:00.478 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:10 - 2026-01-10T14:15 2026-01-10 14:16:00.564 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:16:00.564 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:16:00.564 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 14:16:00.740 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:16:00.740 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 476ms 2026-01-10 14:17:00.091 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:17:00.006晚于默认保留时间2026-01-03T14:17:00.091,使用默认时间 2026-01-10 14:17:00.091 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:17:00.175 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:17:00.091天前的日志,共删除0条 2026-01-10 14:17:00.261 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:17:00.267 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:176ms 2026-01-10 14:17:00.267 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:17:00.267 2026-01-10 14:17:00.267 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:17:00.267 2026-01-10 14:17:00.725 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:17:00.726 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 459ms 2026-01-10 14:18:00.002 [scheduling-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:18:00.002 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:18:00.087 [scheduling-5] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:18:00.002晚于默认保留时间2026-01-03T14:18:00.087,使用默认时间 2026-01-10 14:18:00.172 [scheduling-5] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:18:00.087天前的日志,共删除0条 2026-01-10 14:18:00.175 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:18:00.256 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:18:00.328 [log-processor-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:18:00.382 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:18:00.468 [scheduling-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:18:00.555 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:173ms 2026-01-10 14:18:00.555 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:18:00.555 2026-01-10 14:18:00.555 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:18:00.555 2026-01-10 14:18:00.625 [scheduling-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:18:01.081 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:18:01.081 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 526ms 2026-01-10 14:19:00.096 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:19:00.097 [scheduling-5] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:19:00.013晚于默认保留时间2026-01-03T14:19:00.097,使用默认时间 2026-01-10 14:19:00.186 [scheduling-5] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:19:00.097天前的日志,共删除0条 2026-01-10 14:19:00.271 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:175ms 2026-01-10 14:19:00.271 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:19:00.271 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:19:00.271 2026-01-10 14:19:00.271 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:19:00.271 2026-01-10 14:19:00.757 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:19:00.757 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 486ms 2026-01-10 14:20:00.000 [scheduling-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:20:00.016 [log-processor-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:20:00.084 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:20:00.101 [scheduling-3] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:20:00.016晚于默认保留时间2026-01-03T14:20:00.101,使用默认时间 2026-01-10 14:20:00.174 [scheduling-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:20:00.184 [log-processor-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:20:00.189 [scheduling-3] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:20:00.101天前的日志,共删除0条 2026-01-10 14:20:00.254 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:170ms 2026-01-10 14:20:00.254 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:20:00.254 2026-01-10 14:20:00.254 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:20:00.254 2026-01-10 14:20:00.276 [scheduling-3] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:20:00.418 [scheduling-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:20:00.421 [log-processor-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:20:00.723 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:20:00.723 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 469ms 2026-01-10 14:21:00.002 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 14:15:00,结束时间:2026-01-10 14:20:00 2026-01-10 14:21:00.003 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:15 - 2026-01-10T14:20 2026-01-10 14:21:00.089 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:21:00.002晚于默认保留时间2026-01-03T14:21:00.089,使用默认时间 2026-01-10 14:21:00.103 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:21:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:21:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:21:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:15 - 2026-01-10T14:20 2026-01-10 14:21:00.174 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:21:00.089天前的日志,共删除0条 2026-01-10 14:21:00.261 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:21:00.262 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:21:00.262 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:21:00.262 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 14:21:00.281 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:178ms 2026-01-10 14:21:00.281 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:21:00.281 2026-01-10 14:21:00.281 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:21:00.281 2026-01-10 14:21:00.766 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:21:00.766 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 485ms 2026-01-10 14:22:00.014 [scheduling-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:22:00.014 [log-processor-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:22:00.097 [scheduling-5] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:22:00.014晚于默认保留时间2026-01-03T14:22:00.097,使用默认时间 2026-01-10 14:22:00.097 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:22:00.182 [log-processor-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:22:00.182 [scheduling-5] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:22:00.097天前的日志,共删除0条 2026-01-10 14:22:00.265 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:22:00.277 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:180ms 2026-01-10 14:22:00.277 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:22:00.277 2026-01-10 14:22:00.277 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:22:00.277 2026-01-10 14:22:00.418 [log-processor-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:22:00.766 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:22:00.766 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 489ms 2026-01-10 14:22:00.771 [scheduling-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:22:00.890 [scheduling-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:23:00.088 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:23:00.089 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:23:00.004晚于默认保留时间2026-01-03T14:23:00.089,使用默认时间 2026-01-10 14:23:00.176 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:23:00.089天前的日志,共删除0条 2026-01-10 14:23:00.258 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:170ms 2026-01-10 14:23:00.258 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:23:00.258 2026-01-10 14:23:00.258 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:23:00.258 2026-01-10 14:23:00.261 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:23:01.079 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:23:01.079 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 821ms 2026-01-10 14:24:00.008 [log-processor-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:24:00.008 [scheduling-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:24:00.090 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:24:00.090 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:24:00.008晚于默认保留时间2026-01-03T14:24:00.090,使用默认时间 2026-01-10 14:24:00.175 [log-processor-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:24:00.178 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:24:00.090天前的日志,共删除0条 2026-01-10 14:24:00.263 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:173ms 2026-01-10 14:24:00.263 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:24:00.263 2026-01-10 14:24:00.263 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:24:00.263 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:24:00.263 2026-01-10 14:24:00.406 [log-processor-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:24:00.468 [scheduling-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:24:00.703 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:24:00.703 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 440ms 2026-01-10 14:24:00.714 [scheduling-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183 2026-01-10 14:25:00.094 [scheduling-6] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:25:00.010晚于默认保留时间2026-01-03T14:25:00.094,使用默认时间 2026-01-10 14:25:00.096 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:25:00.179 [scheduling-6] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:25:00.094天前的日志,共删除0条 2026-01-10 14:25:00.262 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:25:00.273 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:177ms 2026-01-10 14:25:00.273 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:25:00.273 2026-01-10 14:25:00.273 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:25:00.273 2026-01-10 14:25:00.829 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:25:00.829 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 556ms 2026-01-10 14:25:15.949 [http-nio-8089-exec-5] INFO com.controllers.SyslogPushController - 收到syslog发送请求: SyslogRequest{ip='192.168.0.103', port=514, logContent='<0> 2026-01-10T13:47:27+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T13:47:27.249503+0800","flow_id":767115114538067,"community_id":"fFU2gDB2+pyUS6xQpAqqLdPLG4k=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"192.168.2.81","src_port":51018,"dest_ip":"120.241.131.42","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":423808413,"tcp_ack_sequence":3371175627,"ether":{},"host":"szextshort.weixin.qq.com","host_md5":"d7745538302ebc766b77ca8a4f3dd735","uri":"/mmtls/1abfe317","uri_md5":"e889825636e4d22b1d364b6bd6400ad5","agent":"MicroMessenger Client","referer":"","method":"POST","protocol":"HTTP/1.1","req_content_type":"application/octet-stream","request_headers":"accept: */*\r\ncache-control: no-cache\r\nconnection: Keep-Alive\r\ncontent-length: 2579\r\ncontent-type: application/octet-stream\r\nHost: szextshort.weixin.qq.com\r\nUpgrade: mmtls\r\nUser-Agent: MicroMessenger Client\r\n","rsp_content_type":"","response_headers":""}', protocol='TCP', facility='USER', severity='INFO'} 2026-01-10 14:25:15.949 [http-nio-8089-exec-5] INFO com.common.service.SyslogService - 开始发送syslog消息: IP=192.168.0.103, Port=514 2026-01-10 14:25:15.950 [http-nio-8089-exec-5] INFO com.common.service.SyslogService - TCP Syslog消息发送成功: 192.168.0.103:514 2026-01-10 14:25:15.950 [http-nio-8089-exec-5] INFO com.controllers.SyslogPushController - Syslog消息发送成功: IP=192.168.0.103, Port=514 2026-01-10 14:25:16.513 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO c.Modules.NormalData.SysLogProcessor - 开始处理批次消息,数量: 1 2026-01-10 14:25:16.513 [log-processor-6] INFO c.Modules.NormalData.SysLogProcessor - 收到syslogmessage:[receive_time=20260110142515957 device_id=248 device_name=开发环境设备-HOME vendor=HFish data_type=json device_collect_id=1]<0> 2026-01-10T13:47:27+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T13:47:27.249503+0800","flow_id":767115114538067,"community_id":"fFU2gDB2+pyUS6xQpAqqLdPLG4k=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"192.168.2.81","src_port":51018,"dest_ip":"120.241.131.42","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":423808413,"tcp_ack_sequence":3371175627,"ether":{},"host":"szextshort.weixin.qq.com","host_md5":"d7745538302ebc766b77ca8a4f3dd735","uri":"/mmtls/1abfe317","uri_md5":"e889825636e4d22b1d364b6bd6400ad5","agent":"MicroMessenger Client","referer":"","method":"POST","protocol":"HTTP/1.1","req_content_type":"application/octet-stream","request_headers":"accept: */*\r\ncache-control: no-cache\r\nconnection: Keep-Alive\r\ncontent-length: 2579\r\ncontent-type: application/octet-stream\r\nHost: szextshort.weixin.qq.com\r\nUpgrade: mmtls\r\nUser-Agent: MicroMessenger Client\r\n","rsp_content_type":"","response_headers":""} 2026-01-10 14:25:16.554 [log-processor-6] WARN c.c.service.LogDataFilterService - 泛化规则-数据过滤规则为空,默认不处理! 2026-01-10 14:25:17.148 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO c.Modules.NormalData.SysLogProcessor - 批次处理完成,总数: 1 2026-01-10 14:26:00.002 [scheduling-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:26:00.002 [log-processor-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:26:00.002 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 14:20:00,结束时间:2026-01-10 14:25:00 2026-01-10 14:26:00.003 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:20 - 2026-01-10T14:25 2026-01-10 14:26:00.086 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:26:00.086 [scheduling-5] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:26:00.002晚于默认保留时间2026-01-03T14:26:00.086,使用默认时间 2026-01-10 14:26:00.172 [scheduling-5] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:26:00.086天前的日志,共删除0条 2026-01-10 14:26:00.172 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:26:00.172 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:26:00.172 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:20 - 2026-01-10T14:25 2026-01-10 14:26:00.172 [log-processor-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:26:00.172 [scheduling-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:26:00.252 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:26:00.258 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:172ms 2026-01-10 14:26:00.258 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:26:00.258 2026-01-10 14:26:00.259 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:26:00.259 2026-01-10 14:26:00.259 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:26:00.259 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:26:00.259 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 14:26:00.323 [log-processor-5] INFO c.c.service.AccessLogAlertService - 获取到 1 条新的日志数据,时间范围: 2026-01-10T14:12:00.183 到 2026-01-10T14:26:00.172 2026-01-10 14:26:00.323 [log-processor-5] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法3 (ID: 2004083121877696514) 2026-01-10 14:26:00.414 [scheduling-4] INFO c.c.service.AccessLogAlertService - 获取到 1 条新的日志数据,时间范围: 2026-01-10T14:12:00.183 到 2026-01-10T14:26:00.172 2026-01-10 14:26:00.414 [scheduling-4] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法3 (ID: 2004083121877696514) 2026-01-10 14:26:00.773 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:26:00.773 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 514ms 2026-01-10 14:26:02.434 [log-processor-5] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785) at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711) at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602) at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275) at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153) at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122) at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke() at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:793) at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163) at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763) at org.springframework.aop.interceptor.AsyncExecutionInterceptor.lambda$invoke$0(AsyncExecutionInterceptor.java:115) at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266) at java.util.concurrent.FutureTask.run(FutureTask.java) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.net.ConnectException: Connection refused: connect at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:589) at sun.net.NetworkClient.doConnect(NetworkClient.java:175) at sun.net.www.http.HttpClient.openServer(HttpClient.java:432) at sun.net.www.http.HttpClient.openServer(HttpClient.java:527) at sun.net.www.http.HttpClient.(HttpClient.java:211) at sun.net.www.http.HttpClient.New(HttpClient.java:308) at sun.net.www.http.HttpClient.New(HttpClient.java:326) at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032) at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966) at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109) at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93) at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776) ... 16 common frames omitted 2026-01-10 14:26:02.449 [log-processor-5] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应 2026-01-10 14:26:02.449 [log-processor-5] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T14:26:00.172 开始处理 2026-01-10 14:26:02.528 [scheduling-4] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785) at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711) at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602) at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275) at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153) at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122) at com.common.service.AccessLogAlertService.safeProcessTask(AccessLogAlertService.java:387) at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke() at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218) at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386) at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85) at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704) at com.common.service.AccessLogAlertService$$EnhancerBySpringCGLIB$$a38bc9af.safeProcessTask() at sun.reflect.GeneratedMethodAccessor147.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84) at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54) at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:95) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266) at java.util.concurrent.FutureTask.run(FutureTask.java) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.net.ConnectException: Connection refused: connect at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method) at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85) at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350) at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206) at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392) at java.net.Socket.connect(Socket.java:589) at sun.net.NetworkClient.doConnect(NetworkClient.java:175) at sun.net.www.http.HttpClient.openServer(HttpClient.java:432) at sun.net.www.http.HttpClient.openServer(HttpClient.java:527) at sun.net.www.http.HttpClient.(HttpClient.java:211) at sun.net.www.http.HttpClient.New(HttpClient.java:308) at sun.net.www.http.HttpClient.New(HttpClient.java:326) at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202) at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032) at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966) at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109) at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62) at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93) at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77) at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48) at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66) at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776) ... 26 common frames omitted 2026-01-10 14:26:02.543 [scheduling-4] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应 2026-01-10 14:26:02.543 [scheduling-4] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T14:26:00.172 开始处理 2026-01-10 14:27:00.097 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:27:00.097 [scheduling-8] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:27:00.013晚于默认保留时间2026-01-03T14:27:00.097,使用默认时间 2026-01-10 14:27:00.181 [scheduling-8] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:27:00.097天前的日志,共删除0条 2026-01-10 14:27:00.265 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:27:00.270 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:173ms 2026-01-10 14:27:00.270 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:27:00.270 2026-01-10 14:27:00.270 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:27:00.270 2026-01-10 14:27:00.748 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:27:00.748 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 478ms 2026-01-10 14:28:00.002 [scheduling-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:28:00.002 [log-processor-7] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:28:00.085 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:28:00.085 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:28:00.002晚于默认保留时间2026-01-03T14:28:00.085,使用默认时间 2026-01-10 14:28:00.172 [scheduling-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:28:00.173 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:28:00.085天前的日志,共删除0条 2026-01-10 14:28:00.173 [log-processor-7] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:28:00.257 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:172ms 2026-01-10 14:28:00.257 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:28:00.257 2026-01-10 14:28:00.257 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:28:00.257 2026-01-10 14:28:00.257 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:28:00.322 [scheduling-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:28:00.415 [log-processor-7] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:28:00.725 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:28:00.725 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 468ms 2026-01-10 14:29:00.089 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:29:00.089 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:29:00.003晚于默认保留时间2026-01-03T14:29:00.089,使用默认时间 2026-01-10 14:29:00.172 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:29:00.089天前的日志,共删除0条 2026-01-10 14:29:00.262 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:29:00.262 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:173ms 2026-01-10 14:29:00.262 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:29:00.262 2026-01-10 14:29:00.262 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:29:00.262 2026-01-10 14:29:00.715 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:29:00.715 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 453ms 2026-01-10 14:30:00.009 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:30:00.009 [log-processor-8] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:30:00.093 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:30:00.094 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:30:00.009晚于默认保留时间2026-01-03T14:30:00.094,使用默认时间 2026-01-10 14:30:00.179 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:30:00.094天前的日志,共删除0条 2026-01-10 14:30:00.179 [log-processor-8] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:30:00.179 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:30:00.263 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:170ms 2026-01-10 14:30:00.263 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:30:00.263 2026-01-10 14:30:00.263 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:30:00.263 2026-01-10 14:30:00.264 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:30:00.329 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:30:00.624 [log-processor-8] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:30:00.726 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:30:00.727 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 464ms 2026-01-10 14:31:00.011 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 14:25:00,结束时间:2026-01-10 14:30:00 2026-01-10 14:31:00.011 [scheduling-10] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:25 - 2026-01-10T14:30 2026-01-10 14:31:00.095 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:31:00.275 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:180ms 2026-01-10 14:31:00.275 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:31:00.275 2026-01-10 14:31:00.275 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:31:00.275 2026-01-10 14:31:00.480 [scheduling-10] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:31:00.480 [scheduling-10] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:31:00.481 [scheduling-10] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:25 - 2026-01-10T14:30 2026-01-10 14:31:00.569 [scheduling-10] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:31:00.569 [scheduling-10] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:31:00.569 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 14:31:00.774 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:31:00.774 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 499ms 2026-01-10 14:31:05.022 [scheduling-4] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@7cb5b9e1 (This connection has been closed.). Possibly consider using a shorter maxLifetime value. 2026-01-10 14:31:05.395 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:31:00.011晚于默认保留时间2026-01-03T14:31:05.395,使用默认时间 2026-01-10 14:31:05.480 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:31:05.395天前的日志,共删除0条 2026-01-10 14:31:05.563 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:32:00.005 [scheduling-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:32:00.005 [log-processor-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:32:00.087 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:32:00.005晚于默认保留时间2026-01-03T14:32:00.087,使用默认时间 2026-01-10 14:32:00.088 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:32:00.171 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:32:00.087天前的日志,共删除0条 2026-01-10 14:32:00.178 [log-processor-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:32:00.179 [scheduling-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:32:00.254 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:32:00.256 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:168ms 2026-01-10 14:32:00.257 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:32:00.257 2026-01-10 14:32:00.257 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:32:00.257 2026-01-10 14:32:00.653 [log-processor-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:32:00.653 [scheduling-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:32:00.694 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:32:00.694 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 437ms 2026-01-10 14:33:00.090 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:33:00.008晚于默认保留时间2026-01-03T14:33:00.090,使用默认时间 2026-01-10 14:33:00.091 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:33:00.173 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:33:00.090天前的日志,共删除0条 2026-01-10 14:33:00.255 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:33:00.260 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:169ms 2026-01-10 14:33:00.260 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:33:00.260 2026-01-10 14:33:00.260 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:33:00.260 2026-01-10 14:33:00.763 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:33:00.763 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 503ms 2026-01-10 14:34:00.002 [scheduling-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:34:00.002 [log-processor-10] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:34:00.086 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:34:00.002晚于默认保留时间2026-01-03T14:34:00.086,使用默认时间 2026-01-10 14:34:00.087 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:34:00.169 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:34:00.086天前的日志,共删除0条 2026-01-10 14:34:00.174 [log-processor-10] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:34:00.176 [scheduling-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:34:00.244 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:34:00.257 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:170ms 2026-01-10 14:34:00.257 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:34:00.257 2026-01-10 14:34:00.257 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:34:00.257 2026-01-10 14:34:00.295 [log-processor-10] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:34:00.299 [scheduling-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:34:00.724 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:34:00.724 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 467ms 2026-01-10 14:35:00.102 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:35:00.018晚于默认保留时间2026-01-03T14:35:00.102,使用默认时间 2026-01-10 14:35:00.102 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:35:00.186 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:35:00.102天前的日志,共删除0条 2026-01-10 14:35:00.270 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:35:00.275 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:173ms 2026-01-10 14:35:00.275 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:35:00.275 2026-01-10 14:35:00.275 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:35:00.275 2026-01-10 14:35:00.800 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:35:00.800 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 525ms 2026-01-10 14:36:00.002 [scheduling-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:36:00.002 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:36:00.002 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 14:30:00,结束时间:2026-01-10 14:35:00 2026-01-10 14:36:00.003 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:30 - 2026-01-10T14:35 2026-01-10 14:36:00.088 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:36:00.002晚于默认保留时间2026-01-03T14:36:00.088,使用默认时间 2026-01-10 14:36:00.104 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:36:00.173 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:36:00.088天前的日志,共删除0条 2026-01-10 14:36:00.174 [scheduling-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:36:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:36:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:36:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:30 - 2026-01-10T14:35 2026-01-10 14:36:00.255 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:36:00.263 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:36:00.263 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:36:00.263 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 14:36:00.282 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:178ms 2026-01-10 14:36:00.282 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:36:00.282 2026-01-10 14:36:00.282 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:36:00.282 2026-01-10 14:36:00.307 [scheduling-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:36:00.471 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:36:00.765 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:36:00.766 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 484ms 2026-01-10 14:36:00.900 [log-processor-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:37:00.093 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:37:00.013晚于默认保留时间2026-01-03T14:37:00.093,使用默认时间 2026-01-10 14:37:00.093 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:37:00.178 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:37:00.093天前的日志,共删除0条 2026-01-10 14:37:00.259 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:37:00.573 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:480ms 2026-01-10 14:37:00.573 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:37:00.573 2026-01-10 14:37:00.573 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:37:00.573 2026-01-10 14:37:01.144 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:37:01.145 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 572ms 2026-01-10 14:38:00.012 [scheduling-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:38:00.012 [log-processor-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:38:00.095 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:38:00.095 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:38:00.012晚于默认保留时间2026-01-03T14:38:00.095,使用默认时间 2026-01-10 14:38:00.178 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:38:00.095天前的日志,共删除0条 2026-01-10 14:38:00.179 [log-processor-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:38:00.180 [scheduling-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:38:00.262 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:38:00.262 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:167ms 2026-01-10 14:38:00.262 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:38:00.262 2026-01-10 14:38:00.262 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:38:00.262 2026-01-10 14:38:00.320 [log-processor-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:38:00.320 [scheduling-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:38:00.755 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:38:00.755 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 493ms 2026-01-10 14:39:00.095 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:39:00.011晚于默认保留时间2026-01-03T14:39:00.095,使用默认时间 2026-01-10 14:39:00.096 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:39:00.179 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:39:00.095天前的日志,共删除0条 2026-01-10 14:39:00.262 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:166ms 2026-01-10 14:39:00.262 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:39:00.262 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:39:00.262 2026-01-10 14:39:00.262 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:39:00.262 2026-01-10 14:39:00.713 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:39:00.714 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 452ms 2026-01-10 14:40:00.013 [scheduling-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:40:00.013 [log-processor-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:40:00.104 [scheduling-6] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:40:00.013晚于默认保留时间2026-01-03T14:40:00.104,使用默认时间 2026-01-10 14:40:00.105 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:40:00.176 [log-processor-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:40:00.178 [scheduling-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:40:00.190 [scheduling-6] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:40:00.104天前的日志,共删除0条 2026-01-10 14:40:00.274 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:40:00.274 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:169ms 2026-01-10 14:40:00.274 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:40:00.274 2026-01-10 14:40:00.274 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:40:00.274 2026-01-10 14:40:00.281 [log-processor-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:40:00.536 [scheduling-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:40:00.747 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:40:00.747 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 473ms 2026-01-10 14:41:00.013 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 14:35:00,结束时间:2026-01-10 14:40:00 2026-01-10 14:41:00.013 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:35 - 2026-01-10T14:40 2026-01-10 14:41:00.095 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:41:00.097 [scheduling-6] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:41:00.013晚于默认保留时间2026-01-03T14:41:00.097,使用默认时间 2026-01-10 14:41:00.179 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:41:00.179 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:41:00.179 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:35 - 2026-01-10T14:40 2026-01-10 14:41:00.180 [scheduling-6] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:41:00.097天前的日志,共删除0条 2026-01-10 14:41:00.262 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:41:00.262 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:167ms 2026-01-10 14:41:00.262 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:41:00.262 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:41:00.262 2026-01-10 14:41:00.262 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 14:41:00.262 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:41:00.262 2026-01-10 14:41:00.265 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:41:00.698 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:41:00.698 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 436ms 2026-01-10 14:42:00.001 [log-processor-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:42:00.001 [scheduling-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:42:00.081 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:42:00.001晚于默认保留时间2026-01-03T14:42:00.081,使用默认时间 2026-01-10 14:42:00.101 [scheduling-9] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:42:00.161 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:42:00.081天前的日志,共删除0条 2026-01-10 14:42:00.166 [log-processor-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:42:00.166 [scheduling-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:42:00.240 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:42:00.271 [scheduling-9] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:170ms 2026-01-10 14:42:00.271 [scheduling-9] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:42:00.271 2026-01-10 14:42:00.272 [scheduling-9] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:42:00.272 2026-01-10 14:42:00.272 [log-processor-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:42:00.272 [scheduling-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:42:00.748 [scheduling-9] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:42:00.749 [scheduling-9] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 478ms 2026-01-10 14:43:00.091 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:43:00.095 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:43:00.010晚于默认保留时间2026-01-03T14:43:00.095,使用默认时间 2026-01-10 14:43:00.179 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:43:00.095天前的日志,共删除0条 2026-01-10 14:43:00.262 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:171ms 2026-01-10 14:43:00.262 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:43:00.262 2026-01-10 14:43:00.262 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:43:00.262 2026-01-10 14:43:00.263 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:43:00.724 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:43:00.724 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 462ms 2026-01-10 14:44:00.010 [scheduling-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:44:00.011 [log-processor-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:44:00.093 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:44:00.097 [scheduling-6] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:44:00.011晚于默认保留时间2026-01-03T14:44:00.097,使用默认时间 2026-01-10 14:44:00.177 [scheduling-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:44:00.183 [scheduling-6] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:44:00.097天前的日志,共删除0条 2026-01-10 14:44:00.183 [log-processor-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:44:00.253 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:160ms 2026-01-10 14:44:00.253 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:44:00.253 2026-01-10 14:44:00.253 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:44:00.253 2026-01-10 14:44:00.266 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:44:00.320 [scheduling-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:44:00.413 [log-processor-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:44:00.756 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:44:00.756 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 503ms 2026-01-10 14:45:00.084 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:45:00.002晚于默认保留时间2026-01-03T14:45:00.084,使用默认时间 2026-01-10 14:45:00.085 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:45:00.166 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:45:00.084天前的日志,共删除0条 2026-01-10 14:45:00.247 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:45:00.260 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:175ms 2026-01-10 14:45:00.260 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:45:00.260 2026-01-10 14:45:00.260 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:45:00.260 2026-01-10 14:45:01.026 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:45:01.026 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 766ms 2026-01-10 14:46:00.001 [scheduling-7] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:46:00.001 [log-processor-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:46:00.001 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行,开始时间:2026-01-10 14:40:00,结束时间:2026-01-10 14:45:00 2026-01-10 14:46:00.001 [scheduling-9] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:40 - 2026-01-10T14:45 2026-01-10 14:46:00.103 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:46:00.167 [scheduling-7] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:46:00.171 [scheduling-9] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:46:00.171 [scheduling-9] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:46:00.171 [log-processor-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:46:00.171 [scheduling-9] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:40 - 2026-01-10T14:45 2026-01-10 14:46:00.256 [scheduling-9] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组 2026-01-10 14:46:00.256 [scheduling-9] INFO com.common.service.DataExtractor - 没有需要处理的数据 2026-01-10 14:46:00.256 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成,耗时: 0 秒 2026-01-10 14:46:00.279 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:176ms 2026-01-10 14:46:00.279 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:46:00.279 2026-01-10 14:46:00.279 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:46:00.279 2026-01-10 14:46:00.394 [scheduling-8] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:46:00.001晚于默认保留时间2026-01-03T14:46:00.394,使用默认时间 2026-01-10 14:46:00.407 [log-processor-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:46:00.475 [scheduling-8] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:46:00.394天前的日志,共删除0条 2026-01-10 14:46:00.559 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:46:00.630 [scheduling-7] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172 2026-01-10 14:46:00.798 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:46:00.798 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 519ms 2026-01-10 14:46:57.053 [main] INFO com.syslogApplication - Starting syslogApplication using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 29532 (E:\GIT_GOSAME\haobang-security-xdr\syslog-consumer\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr) 2026-01-10 14:46:57.053 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final 2026-01-10 14:46:57.058 [main] INFO com.syslogApplication - No active profile set, falling back to 1 default profile: "default" 2026-01-10 14:47:00.045 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 14:47:00.045 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Elasticsearch repositories in DEFAULT mode. 2026-01-10 14:47:00.496 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 444 ms. Found 1 Elasticsearch repository interfaces. 2026-01-10 14:47:00.500 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 14:47:00.500 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Reactive Elasticsearch repositories in DEFAULT mode. 2026-01-10 14:47:00.596 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Reactive Elasticsearch - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Reactive Elasticsearch repository, consider annotating your entities with one of these annotations: org.springframework.data.elasticsearch.annotations.Document (preferred), or consider extending one of the following types with your repository: org.springframework.data.elasticsearch.repository.ReactiveElasticsearchRepository 2026-01-10 14:47:00.597 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 93 ms. Found 0 Reactive Elasticsearch repository interfaces. 2026-01-10 14:47:00.621 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode 2026-01-10 14:47:00.623 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode. 2026-01-10 14:47:00.724 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Redis repository, consider annotating your entities with one of these annotations: org.springframework.data.redis.core.RedisHash (preferred), or consider extending one of the following types with your repository: org.springframework.data.keyvalue.repository.KeyValueRepository 2026-01-10 14:47:00.724 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 94 ms. Found 0 Redis repository interfaces. 2026-01-10 14:47:01.438 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8089 (http) 2026-01-10 14:47:01.445 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8089"] 2026-01-10 14:47:01.445 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat] 2026-01-10 14:47:01.446 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65] 2026-01-10 14:47:01.674 [main] INFO o.a.c.c.C.[.[.[/xdrservice] - Initializing Spring embedded WebApplicationContext 2026-01-10 14:47:01.674 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 4533 ms 2026-01-10 14:47:01.728 [main] INFO o.s.b.f.a.AutowiredAnnotationBeanPostProcessor - Autowired annotation is not supported on static fields: private static com.common.service.DmColumnService com.syslogApplication.dmColumnService 2026-01-10 14:47:04.308 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes 2026-01-10 14:47:04.626 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.insert] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Insert] 2026-01-10 14:47:04.642 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.update] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Update] 2026-01-10 14:47:04.665 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.deleteById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.DeleteById] 2026-01-10 14:47:04.682 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.selectById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.SelectById] 2026-01-10 14:47:04.730 [main] ERROR c.b.m.core.MybatisConfiguration - mapper[com.common.mapper.SecExceptionAlgorithmMapper.findById] is ignored, because it exists, maybe from xml file 2026-01-10 14:47:09.423 [main] INFO c.c.service.AccessLogAlertService - 初始化AccessLogAlertService,上次处理时间: 2026-01-10T14:45:09.423 2026-01-10 14:47:09.448 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting... 2026-01-10 14:47:10.068 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed. 2026-01-10 14:47:10.178 [main] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:47:11.197 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes 2026-01-10 14:47:11.323 [main] INFO com.common.util.MyBatisUtil - MyBatis 初始化成功 2026-01-10 14:47:12.312 [main] INFO org.quartz.impl.StdSchedulerFactory - Using default implementation for ThreadExecutor 2026-01-10 14:47:12.320 [main] INFO o.quartz.core.SchedulerSignalerImpl - Initialized Scheduler Signaller of type: class org.quartz.core.SchedulerSignalerImpl 2026-01-10 14:47:12.320 [main] INFO org.quartz.core.QuartzScheduler - Quartz Scheduler v.2.3.2 created. 2026-01-10 14:47:12.320 [main] INFO org.quartz.simpl.RAMJobStore - RAMJobStore initialized. 2026-01-10 14:47:12.320 [main] INFO org.quartz.core.QuartzScheduler - Scheduler meta-data: Quartz Scheduler (v2.3.2) 'quartzScheduler' with instanceId 'NON_CLUSTERED' Scheduler class: 'org.quartz.core.QuartzScheduler' - running locally. NOT STARTED. Currently in standby mode. Number of jobs executed: 0 Using thread pool 'org.quartz.simpl.SimpleThreadPool' - with 10 threads. Using job-store 'org.quartz.simpl.RAMJobStore' - which does not support persistence. and is not clustered. 2026-01-10 14:47:12.320 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler 'quartzScheduler' initialized from an externally provided properties instance. 2026-01-10 14:47:12.320 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler version: 2.3.2 2026-01-10 14:47:12.320 [main] INFO org.quartz.core.QuartzScheduler - JobFactory set to: org.springframework.scheduling.quartz.SpringBeanJobFactory@481f2acb 2026-01-10 14:47:12.481 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0 2026-01-10 14:47:12.481 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53 2026-01-10 14:47:12.481 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768027632481 2026-01-10 14:47:12.500 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0 2026-01-10 14:47:12.500 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53 2026-01-10 14:47:12.500 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768027632500 2026-01-10 14:47:12.502 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8089"] 2026-01-10 14:47:12.514 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8089 (http) with context path '/xdrservice' 2026-01-10 14:47:12.514 [main] INFO o.s.s.quartz.SchedulerFactoryBean - Starting Quartz Scheduler now 2026-01-10 14:47:12.514 [main] INFO org.quartz.core.QuartzScheduler - Scheduler quartzScheduler_$_NON_CLUSTERED started. 2026-01-10 14:47:12.527 [main] INFO com.syslogApplication - Started syslogApplication in 15.978 seconds (JVM running for 21.192) 2026-01-10 14:47:27.968 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: [] 2026-01-10 14:47:27.981 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: [test-topic-0] 2026-01-10 14:48:00.016 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:48:00.016 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务 2026-01-10 14:48:00.104 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:48:00.194 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:48:00.194 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置 2026-01-10 14:48:00.287 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:183ms 2026-01-10 14:48:00.287 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:48:00.287 2026-01-10 14:48:00.290 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:48:00.290 2026-01-10 14:48:00.401 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:48:00.006晚于默认保留时间2026-01-03T14:48:00.401,使用默认时间 2026-01-10 14:48:00.485 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:48:00.401天前的日志,共删除0条 2026-01-10 14:48:00.569 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:48:00.666 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:45:09.423 2026-01-10 14:48:00.666 [log-processor-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:45:09.423 2026-01-10 14:48:00.797 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:48:00.797 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 510ms 2026-01-10 14:48:21.353 [http-nio-8089-exec-1] INFO o.s.web.servlet.DispatcherServlet - Initializing Servlet 'dispatcherServlet' 2026-01-10 14:48:21.356 [http-nio-8089-exec-1] INFO o.s.web.servlet.DispatcherServlet - Completed initialization in 3 ms 2026-01-10 14:48:21.557 [http-nio-8089-exec-1] INFO com.controllers.SyslogPushController - 收到syslog发送请求: SyslogRequest{ip='192.168.0.103', port=514, logContent='<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}', protocol='TCP', facility='USER', severity='INFO'} 2026-01-10 14:48:21.558 [http-nio-8089-exec-1] INFO com.common.service.SyslogService - 开始发送syslog消息: IP=192.168.0.103, Port=514 2026-01-10 14:48:21.559 [http-nio-8089-exec-1] INFO com.common.service.SyslogService - TCP Syslog消息发送成功: 192.168.0.103:514 2026-01-10 14:48:21.559 [http-nio-8089-exec-1] INFO com.controllers.SyslogPushController - Syslog消息发送成功: IP=192.168.0.103, Port=514 2026-01-10 14:48:21.989 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO c.Modules.NormalData.SysLogProcessor - 开始处理批次消息,数量: 1 2026-01-10 14:48:21.991 [log-processor-2] INFO c.Modules.NormalData.SysLogProcessor - 收到syslogmessage:[receive_time=20260110144821572 device_id=248 device_name=开发环境设备-HOME vendor=HFish data_type=json device_collect_id=1]<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"} 2026-01-10 14:48:27.681 [log-processor-2] WARN c.c.service.LogDataFilterService - 泛化规则-数据过滤规则为空,默认不处理! 2026-01-10 14:48:45.272 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO c.Modules.NormalData.SysLogProcessor - 批次处理完成,总数: 1 2026-01-10 14:49:00.096 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务... 2026-01-10 14:49:00.096 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:49:00.012晚于默认保留时间2026-01-03T14:49:00.096,使用默认时间 2026-01-10 14:49:00.185 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:49:00.096天前的日志,共删除0条 2026-01-10 14:49:00.267 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成,删除0条2天前的日志 2026-01-10 14:49:00.283 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成,处理设备数:1,耗时:187ms 2026-01-10 14:49:00.283 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:49:00.283 2026-01-10 14:49:00.283 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:49:00.283 2026-01-10 14:49:00.813 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48,已更新: 1 2026-01-10 14:49:00.813 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 530ms