24 lines
4.0 KiB
Plaintext
24 lines
4.0 KiB
Plaintext
2026-03-09 18:21:20.224 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final
|
|
2026-03-09 18:21:20.224 [main] INFO com.SyslogServeMainApp - Starting SyslogServeMainApp using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 10428 (E:\GIT_GOSAME\ai-security-xdr\haobang-security-xdr\syslog-serve\target\classes started by chenc in E:\GIT_GOSAME\ai-security-xdr\haobang-security-xdr)
|
|
2026-03-09 18:21:20.234 [main] INFO com.SyslogServeMainApp - No active profile set, falling back to 1 default profile: "default"
|
|
2026-03-09 18:21:22.016 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
|
|
2026-03-09 18:21:22.021 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode.
|
|
2026-03-09 18:21:22.197 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 163 ms. Found 0 Redis repository interfaces.
|
|
2026-03-09 18:21:22.765 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8189 (http)
|
|
2026-03-09 18:21:22.771 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8189"]
|
|
2026-03-09 18:21:22.771 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat]
|
|
2026-03-09 18:21:22.771 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65]
|
|
2026-03-09 18:21:23.163 [main] INFO o.a.c.c.C.[.[.[/syslogserve] - Initializing Spring embedded WebApplicationContext
|
|
2026-03-09 18:21:23.163 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 2858 ms
|
|
2026-03-09 18:21:27.379 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8189"]
|
|
2026-03-09 18:21:27.389 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8189 (http) with context path '/syslogserve'
|
|
2026-03-09 18:21:27.401 [main] INFO com.SyslogServeMainApp - Started SyslogServeMainApp in 7.592 seconds (JVM running for 12.693)
|
|
2026-03-09 18:21:27.437 [main] INFO com.SyslogServeMainApp - Application SyslogServer start !
|
|
2026-03-09 18:21:27.437 [main] INFO com.netty.SyslogServer - Starting Syslog server with TCP port 514 and UDP port 514
|
|
2026-03-09 18:21:27.959 [pool-3-thread-2] INFO com.netty.SyslogServer - TCP Syslog server started on port 514
|
|
2026-03-09 18:21:27.959 [pool-3-thread-1] INFO com.netty.SyslogServer - UDP Syslog server started on port 514
|
|
2026-03-09 18:21:27.960 [main] INFO com.netty.SyslogServer - Both TCP and UDP Syslog servers are running
|
|
2026-03-09 18:21:32.274 [nioEventLoopGroup-5-1] INFO com.netty.SyslogMessageHandler - Received syslog from 192.168.1.19:55610: <0> 2026-01-12T14:37:53+08:00 ubuntu log_forward[3419]: {"flow_id": 1028204815001825, "serial_num": "CJFBT92", "src_ip": "120.238.245.132", "src_port": 60838, "dest_ip": "211.136.192.6", "dest_port": 53, "proto": "UDP", "app_proto": "dns", "direction": "CTS", "attacker_ip": "120.238.245.132", "victim_ip": "211.136.192.6", "rule_id": "0x20001e", "rule_name": "???????????DNS???????", "attack_type": "???????", "severity": "1", "bulletin": "??????????????????????????????????", "detail_info": "????????????????DNSLOG?????????", "vuln_type": "???????", "vuln_desc": "????????????????DNSLOG?????????", "vuln_harm": "????????????????DNSLOG?????????", "tags": "dnslog", "cnnvd_id": null, "cve_id": null, "killchain": "??????", "enable": "????", "attack_result": "???", "attack_method": "???", "site_app": null, "code_language": "???", "att_ck": "TA0002", "timestamp": "2026-01-12T14:37:53.588+0800", "custom": "{}", "feature_field": "", "feature_payload": "", "": null, "payload": "SQkBAAABAAAAAAAAB3BvbGxpbmcHb2FzdGlmeQNjb20AAAEAAQ==", "packet_size": 37, "pcap_file": ""}
|
|
2026-03-09 18:21:32.533 [nioEventLoopGroup-5-1] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
|
|
2026-03-09 18:21:33.099 [nioEventLoopGroup-5-1] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed.
|