nanChen/ai-security-xdr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cf6b89ea943a80deccdf850b8bc8d9a37518607b
ai-security-xdr/haobang-security-xdr/logs/syslog-consumer.log
nanChen 6603c6f4a1 初次提交代码
2026-01-11 15:33:22 +08:00

1757 lines
246 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
2026-01-10 13:27:26.100 [main] INFO com.syslogApplication - Starting syslogApplication using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 12944 (E:\GIT_GOSAME\haobang-security-xdr\syslog-consumer\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr)
2026-01-10 13:27:26.104 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final
2026-01-10 13:27:26.108 [main] INFO com.syslogApplication - No active profile set, falling back to 1 default profile: "default"
2026-01-10 13:27:28.693 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 13:27:28.693 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Elasticsearch repositories in DEFAULT mode.
2026-01-10 13:27:29.287 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 588 ms. Found 1 Elasticsearch repository interfaces.
2026-01-10 13:27:29.294 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 13:27:29.294 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Reactive Elasticsearch repositories in DEFAULT mode.
2026-01-10 13:27:29.457 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Reactive Elasticsearch - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Reactive Elasticsearch repository, consider annotating your entities with one of these annotations: org.springframework.data.elasticsearch.annotations.Document (preferred), or consider extending one of the following types with your repository: org.springframework.data.elasticsearch.repository.ReactiveElasticsearchRepository
2026-01-10 13:27:29.457 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 161 ms. Found 0 Reactive Elasticsearch repository interfaces.
2026-01-10 13:27:29.479 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 13:27:29.479 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode.
2026-01-10 13:27:29.655 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Redis repository, consider annotating your entities with one of these annotations: org.springframework.data.redis.core.RedisHash (preferred), or consider extending one of the following types with your repository: org.springframework.data.keyvalue.repository.KeyValueRepository
2026-01-10 13:27:29.655 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 163 ms. Found 0 Redis repository interfaces.
2026-01-10 13:27:30.440 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8089 (http)
2026-01-10 13:27:30.451 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8089"]
2026-01-10 13:27:30.451 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat]
2026-01-10 13:27:30.451 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65]
2026-01-10 13:27:30.727 [main] INFO o.a.c.c.C.[.[.[/xdrservice] - Initializing Spring embedded WebApplicationContext
2026-01-10 13:27:30.727 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 4552 ms
2026-01-10 13:27:30.777 [main] INFO o.s.b.f.a.AutowiredAnnotationBeanPostProcessor - Autowired annotation is not supported on static fields: private static com.common.service.DmColumnService com.syslogApplication.dmColumnService
2026-01-10 13:27:33.588 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes
2026-01-10 13:27:33.860 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.insert] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Insert]
2026-01-10 13:27:33.875 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.update] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Update]
2026-01-10 13:27:33.907 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.deleteById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.DeleteById]
2026-01-10 13:27:33.910 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.selectById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.SelectById]
2026-01-10 13:27:33.960 [main] ERROR c.b.m.core.MybatisConfiguration - mapper[com.common.mapper.SecExceptionAlgorithmMapper.findById] is ignored, because it exists, maybe from xml file
2026-01-10 13:27:38.866 [main] INFO c.c.service.AccessLogAlertService - 初始化AccessLogAlertService上次处理时间: 2026-01-10T13:25:38.866
2026-01-10 13:27:38.882 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
2026-01-10 13:27:39.100 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed.
2026-01-10 13:27:39.131 [main] INFO c.c.service.AccessLogAlertService - 加载了 2 个启用的算法配置
2026-01-10 13:27:39.940 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes
2026-01-10 13:27:40.248 [main] INFO com.common.util.MyBatisUtil - MyBatis 初始化成功
2026-01-10 13:27:41.102 [main] INFO org.quartz.impl.StdSchedulerFactory - Using default implementation for ThreadExecutor
2026-01-10 13:27:41.112 [main] INFO o.quartz.core.SchedulerSignalerImpl - Initialized Scheduler Signaller of type: class org.quartz.core.SchedulerSignalerImpl
2026-01-10 13:27:41.112 [main] INFO org.quartz.core.QuartzScheduler - Quartz Scheduler v.2.3.2 created.
2026-01-10 13:27:41.112 [main] INFO org.quartz.simpl.RAMJobStore - RAMJobStore initialized.
2026-01-10 13:27:41.112 [main] INFO org.quartz.core.QuartzScheduler - Scheduler meta-data: Quartz Scheduler (v2.3.2) 'quartzScheduler' with instanceId 'NON_CLUSTERED'
Scheduler class: 'org.quartz.core.QuartzScheduler' - running locally.
NOT STARTED.
Currently in standby mode.
Number of jobs executed: 0
Using thread pool 'org.quartz.simpl.SimpleThreadPool' - with 10 threads.
Using job-store 'org.quartz.simpl.RAMJobStore' - which does not support persistence. and is not clustered.
2026-01-10 13:27:41.112 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler 'quartzScheduler' initialized from an externally provided properties instance.
2026-01-10 13:27:41.112 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler version: 2.3.2
2026-01-10 13:27:41.112 [main] INFO org.quartz.core.QuartzScheduler - JobFactory set to: org.springframework.scheduling.quartz.SpringBeanJobFactory@1de78f97
2026-01-10 13:27:41.285 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0
2026-01-10 13:27:41.285 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53
2026-01-10 13:27:41.285 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768022861284
2026-01-10 13:27:41.303 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0
2026-01-10 13:27:41.303 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53
2026-01-10 13:27:41.304 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768022861303
2026-01-10 13:27:41.304 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8089"]
2026-01-10 13:27:41.320 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8089 (http) with context path '/xdrservice'
2026-01-10 13:27:41.320 [main] INFO o.s.s.quartz.SchedulerFactoryBean - Starting Quartz Scheduler now
2026-01-10 13:27:41.320 [main] INFO org.quartz.core.QuartzScheduler - Scheduler quartzScheduler_$_NON_CLUSTERED started.
2026-01-10 13:27:41.338 [main] INFO com.syslogApplication - Started syslogApplication in 15.567 seconds (JVM running for 20.706)
2026-01-10 13:27:43.685 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - agent-syslog-group: partitions assigned: []
2026-01-10 13:27:43.685 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - agent-syslog-group: partitions assigned: []
2026-01-10 13:28:00.008 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:28:00.008 [scheduling-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:28:00.027 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:28:00.027 [scheduling-3] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:28:00.003晚于默认保留时间2026-01-03T13:28:00.027,使用默认时间
2026-01-10 13:28:00.038 [scheduling-1] INFO c.c.service.AccessLogAlertService - 加载了 2 个启用的算法配置
2026-01-10 13:28:00.039 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 2 个启用的算法配置
2026-01-10 13:28:00.044 [scheduling-3] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:28:00.027天前的日志共删除0条
2026-01-10 13:28:00.057 [scheduling-3] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:28:00.367 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数2耗时340ms
2026-01-10 13:28:00.367 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:28:00.367
2026-01-10 13:28:00.369 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:28:00.369
2026-01-10 13:28:00.396 [scheduling-1] INFO c.c.service.AccessLogAlertService - 获取到 938 条新的日志数据,时间范围: 2026-01-10T13:25:38.866 到 2026-01-10T13:28:00.039
2026-01-10 13:28:00.396 [scheduling-1] INFO c.c.service.AccessLogAlertService - 开始处理算法: Webshell 算法 (ID: 2004037120094425090)
2026-01-10 13:28:00.475 [log-processor-1] INFO c.c.service.AccessLogAlertService - 获取到 942 条新的日志数据,时间范围: 2026-01-10T13:25:38.866 到 2026-01-10T13:28:00.039
2026-01-10 13:28:00.475 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始处理算法: Webshell 算法 (ID: 2004037120094425090)
2026-01-10 13:28:02.619 [log-processor-1] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602)
at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275)
at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153)
at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122)
at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:793)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763)
at org.springframework.aop.interceptor.AsyncExecutionInterceptor.lambda$invoke$0(AsyncExecutionInterceptor.java:115)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:211)
at sun.net.www.http.HttpClient.New(HttpClient.java:308)
at sun.net.www.http.HttpClient.New(HttpClient.java:326)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109)
at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776)
... 15 common frames omitted
2026-01-10 13:28:02.619 [scheduling-1] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602)
at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275)
at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153)
at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122)
at com.common.service.AccessLogAlertService.safeProcessTask(AccessLogAlertService.java:387)
at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.common.service.AccessLogAlertService$$EnhancerBySpringCGLIB$$b85131f2.safeProcessTask(<generated>)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84)
at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54)
at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:95)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:211)
at sun.net.www.http.HttpClient.New(HttpClient.java:308)
at sun.net.www.http.HttpClient.New(HttpClient.java:326)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109)
at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776)
... 26 common frames omitted
2026-01-10 13:28:02.623 [log-processor-1] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应
2026-01-10 13:28:02.623 [scheduling-1] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应
2026-01-10 13:28:02.623 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法1111 (ID: 2004133377664204801)
2026-01-10 13:28:02.623 [scheduling-1] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法1111 (ID: 2004133377664204801)
2026-01-10 13:28:03.611 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 4已更新: 1
2026-01-10 13:28:03.611 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 3244ms
2026-01-10 13:28:04.729 [scheduling-1] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/outtoin_php]: I/O error on POST request for "http://192.168.4.33:5001/outtoin_php": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/outtoin_php": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602)
at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275)
at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153)
at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122)
at com.common.service.AccessLogAlertService.safeProcessTask(AccessLogAlertService.java:387)
at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.common.service.AccessLogAlertService$$EnhancerBySpringCGLIB$$b85131f2.safeProcessTask(<generated>)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84)
at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54)
at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:95)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:211)
at sun.net.www.http.HttpClient.New(HttpClient.java:308)
at sun.net.www.http.HttpClient.New(HttpClient.java:326)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109)
at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776)
... 26 common frames omitted
2026-01-10 13:28:04.739 [scheduling-1] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/outtoin_php - 无响应
2026-01-10 13:28:04.739 [scheduling-1] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T13:28:00.039 开始处理
2026-01-10 13:28:04.746 [log-processor-1] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/outtoin_php]: I/O error on POST request for "http://192.168.4.33:5001/outtoin_php": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/outtoin_php": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602)
at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275)
at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153)
at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122)
at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:793)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763)
at org.springframework.aop.interceptor.AsyncExecutionInterceptor.lambda$invoke$0(AsyncExecutionInterceptor.java:115)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:211)
at sun.net.www.http.HttpClient.New(HttpClient.java:308)
at sun.net.www.http.HttpClient.New(HttpClient.java:326)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109)
at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776)
... 15 common frames omitted
2026-01-10 13:28:04.754 [log-processor-1] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/outtoin_php - 无响应
2026-01-10 13:28:04.754 [log-processor-1] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T13:28:00.039 开始处理
2026-01-10 13:29:00.009 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:29:00.013 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:29:00.003晚于默认保留时间2026-01-03T13:29:00.013,使用默认时间
2026-01-10 13:29:00.026 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:29:00.013天前的日志共删除0条
2026-01-10 13:29:00.035 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:29:00.318 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数2耗时309ms
2026-01-10 13:29:00.318 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:29:00.318
2026-01-10 13:29:00.318 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:29:00.318
2026-01-10 13:29:03.556 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 4已更新: 1
2026-01-10 13:29:03.556 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 3238ms
2026-01-10 13:34:08.884 [main] INFO com.syslogApplication - Starting syslogApplication using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 22388 (E:\GIT_GOSAME\haobang-security-xdr\syslog-consumer\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr)
2026-01-10 13:34:08.887 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final
2026-01-10 13:34:08.889 [main] INFO com.syslogApplication - No active profile set, falling back to 1 default profile: "default"
2026-01-10 13:34:11.245 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 13:34:11.247 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Elasticsearch repositories in DEFAULT mode.
2026-01-10 13:34:11.934 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 681 ms. Found 1 Elasticsearch repository interfaces.
2026-01-10 13:34:11.934 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 13:34:11.934 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Reactive Elasticsearch repositories in DEFAULT mode.
2026-01-10 13:34:12.025 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Reactive Elasticsearch - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Reactive Elasticsearch repository, consider annotating your entities with one of these annotations: org.springframework.data.elasticsearch.annotations.Document (preferred), or consider extending one of the following types with your repository: org.springframework.data.elasticsearch.repository.ReactiveElasticsearchRepository
2026-01-10 13:34:12.025 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 86 ms. Found 0 Reactive Elasticsearch repository interfaces.
2026-01-10 13:34:12.031 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 13:34:12.031 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode.
2026-01-10 13:34:12.152 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Redis repository, consider annotating your entities with one of these annotations: org.springframework.data.redis.core.RedisHash (preferred), or consider extending one of the following types with your repository: org.springframework.data.keyvalue.repository.KeyValueRepository
2026-01-10 13:34:12.152 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 112 ms. Found 0 Redis repository interfaces.
2026-01-10 13:34:12.700 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8089 (http)
2026-01-10 13:34:12.706 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8089"]
2026-01-10 13:34:12.706 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat]
2026-01-10 13:34:12.706 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65]
2026-01-10 13:34:12.902 [main] INFO o.a.c.c.C.[.[.[/xdrservice] - Initializing Spring embedded WebApplicationContext
2026-01-10 13:34:12.902 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 3923 ms
2026-01-10 13:34:12.945 [main] INFO o.s.b.f.a.AutowiredAnnotationBeanPostProcessor - Autowired annotation is not supported on static fields: private static com.common.service.DmColumnService com.syslogApplication.dmColumnService
2026-01-10 13:34:15.402 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes
2026-01-10 13:34:15.623 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.insert] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Insert]
2026-01-10 13:34:15.634 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.update] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Update]
2026-01-10 13:34:15.659 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.deleteById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.DeleteById]
2026-01-10 13:34:15.664 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.selectById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.SelectById]
2026-01-10 13:34:15.701 [main] ERROR c.b.m.core.MybatisConfiguration - mapper[com.common.mapper.SecExceptionAlgorithmMapper.findById] is ignored, because it exists, maybe from xml file
2026-01-10 13:34:19.854 [main] INFO c.c.service.AccessLogAlertService - 初始化AccessLogAlertService上次处理时间: 2026-01-10T13:32:19.854
2026-01-10 13:34:19.874 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
2026-01-10 13:34:20.472 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed.
2026-01-10 13:34:20.572 [main] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:34:21.190 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes
2026-01-10 13:34:21.459 [main] INFO com.common.util.MyBatisUtil - MyBatis 初始化成功
2026-01-10 13:34:22.148 [main] INFO org.quartz.impl.StdSchedulerFactory - Using default implementation for ThreadExecutor
2026-01-10 13:34:22.153 [main] INFO o.quartz.core.SchedulerSignalerImpl - Initialized Scheduler Signaller of type: class org.quartz.core.SchedulerSignalerImpl
2026-01-10 13:34:22.153 [main] INFO org.quartz.core.QuartzScheduler - Quartz Scheduler v.2.3.2 created.
2026-01-10 13:34:22.153 [main] INFO org.quartz.simpl.RAMJobStore - RAMJobStore initialized.
2026-01-10 13:34:22.153 [main] INFO org.quartz.core.QuartzScheduler - Scheduler meta-data: Quartz Scheduler (v2.3.2) 'quartzScheduler' with instanceId 'NON_CLUSTERED'
Scheduler class: 'org.quartz.core.QuartzScheduler' - running locally.
NOT STARTED.
Currently in standby mode.
Number of jobs executed: 0
Using thread pool 'org.quartz.simpl.SimpleThreadPool' - with 10 threads.
Using job-store 'org.quartz.simpl.RAMJobStore' - which does not support persistence. and is not clustered.
2026-01-10 13:34:22.153 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler 'quartzScheduler' initialized from an externally provided properties instance.
2026-01-10 13:34:22.153 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler version: 2.3.2
2026-01-10 13:34:22.153 [main] INFO org.quartz.core.QuartzScheduler - JobFactory set to: org.springframework.scheduling.quartz.SpringBeanJobFactory@4c18b432
2026-01-10 13:34:22.288 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0
2026-01-10 13:34:22.288 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53
2026-01-10 13:34:22.288 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768023262287
2026-01-10 13:34:22.300 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0
2026-01-10 13:34:22.300 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53
2026-01-10 13:34:22.300 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768023262300
2026-01-10 13:34:22.300 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8089"]
2026-01-10 13:34:22.314 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8089 (http) with context path '/xdrservice'
2026-01-10 13:34:22.315 [main] INFO o.s.s.quartz.SchedulerFactoryBean - Starting Quartz Scheduler now
2026-01-10 13:34:22.315 [main] INFO org.quartz.core.QuartzScheduler - Scheduler quartzScheduler_$_NON_CLUSTERED started.
2026-01-10 13:34:22.325 [main] INFO com.syslogApplication - Started syslogApplication in 13.911 seconds (JVM running for 17.788)
2026-01-10 13:34:24.501 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:24.501 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:24.502 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:24.502 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:26.667 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:26.667 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:26.667 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:26.668 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:28.841 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:28.841 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:28.841 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:28.841 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:31.078 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:31.079 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:31.131 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:31.131 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:33.568 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:33.568 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:33.652 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:33.652 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:36.327 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:36.327 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:36.596 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:36.596 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:39.418 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:39.418 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:39.545 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:39.545 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:42.599 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:42.599 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:42.716 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:42.716 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:45.607 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:45.607 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:45.917 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:45.917 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:48.857 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:48.857 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-2, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:34:48.933 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Connection to node -1 (/192.168.222.130:9092) could not be established. Broker may not be available.
2026-01-10 13:34:48.933 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN o.apache.kafka.clients.NetworkClient - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Bootstrap broker 192.168.222.130:9092 (id: -1 rack: null) disconnected
2026-01-10 13:37:22.456 [main] INFO com.syslogApplication - Starting syslogApplication using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 28304 (E:\GIT_GOSAME\haobang-security-xdr\syslog-consumer\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr)
2026-01-10 13:37:22.456 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final
2026-01-10 13:37:22.462 [main] INFO com.syslogApplication - No active profile set, falling back to 1 default profile: "default"
2026-01-10 13:37:24.921 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 13:37:24.923 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Elasticsearch repositories in DEFAULT mode.
2026-01-10 13:37:25.427 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 500 ms. Found 1 Elasticsearch repository interfaces.
2026-01-10 13:37:25.433 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 13:37:25.434 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Reactive Elasticsearch repositories in DEFAULT mode.
2026-01-10 13:37:25.530 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Reactive Elasticsearch - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Reactive Elasticsearch repository, consider annotating your entities with one of these annotations: org.springframework.data.elasticsearch.annotations.Document (preferred), or consider extending one of the following types with your repository: org.springframework.data.elasticsearch.repository.ReactiveElasticsearchRepository
2026-01-10 13:37:25.530 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 96 ms. Found 0 Reactive Elasticsearch repository interfaces.
2026-01-10 13:37:25.543 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 13:37:25.544 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode.
2026-01-10 13:37:25.674 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Redis repository, consider annotating your entities with one of these annotations: org.springframework.data.redis.core.RedisHash (preferred), or consider extending one of the following types with your repository: org.springframework.data.keyvalue.repository.KeyValueRepository
2026-01-10 13:37:25.674 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 123 ms. Found 0 Redis repository interfaces.
2026-01-10 13:37:26.366 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8089 (http)
2026-01-10 13:37:26.375 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8089"]
2026-01-10 13:37:26.375 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat]
2026-01-10 13:37:26.375 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65]
2026-01-10 13:37:26.607 [main] INFO o.a.c.c.C.[.[.[/xdrservice] - Initializing Spring embedded WebApplicationContext
2026-01-10 13:37:26.607 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 4071 ms
2026-01-10 13:37:26.664 [main] INFO o.s.b.f.a.AutowiredAnnotationBeanPostProcessor - Autowired annotation is not supported on static fields: private static com.common.service.DmColumnService com.syslogApplication.dmColumnService
2026-01-10 13:37:29.183 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes
2026-01-10 13:37:29.471 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.insert] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Insert]
2026-01-10 13:37:29.485 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.update] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Update]
2026-01-10 13:37:29.515 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.deleteById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.DeleteById]
2026-01-10 13:37:29.519 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.selectById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.SelectById]
2026-01-10 13:37:29.559 [main] ERROR c.b.m.core.MybatisConfiguration - mapper[com.common.mapper.SecExceptionAlgorithmMapper.findById] is ignored, because it exists, maybe from xml file
2026-01-10 13:37:33.821 [main] INFO c.c.service.AccessLogAlertService - 初始化AccessLogAlertService上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:37:33.836 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
2026-01-10 13:37:34.436 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed.
2026-01-10 13:37:34.537 [main] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:37:35.447 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes
2026-01-10 13:37:35.554 [main] INFO com.common.util.MyBatisUtil - MyBatis 初始化成功
2026-01-10 13:37:36.442 [main] INFO org.quartz.impl.StdSchedulerFactory - Using default implementation for ThreadExecutor
2026-01-10 13:37:36.455 [main] INFO o.quartz.core.SchedulerSignalerImpl - Initialized Scheduler Signaller of type: class org.quartz.core.SchedulerSignalerImpl
2026-01-10 13:37:36.455 [main] INFO org.quartz.core.QuartzScheduler - Quartz Scheduler v.2.3.2 created.
2026-01-10 13:37:36.456 [main] INFO org.quartz.simpl.RAMJobStore - RAMJobStore initialized.
2026-01-10 13:37:36.456 [main] INFO org.quartz.core.QuartzScheduler - Scheduler meta-data: Quartz Scheduler (v2.3.2) 'quartzScheduler' with instanceId 'NON_CLUSTERED'
Scheduler class: 'org.quartz.core.QuartzScheduler' - running locally.
NOT STARTED.
Currently in standby mode.
Number of jobs executed: 0
Using thread pool 'org.quartz.simpl.SimpleThreadPool' - with 10 threads.
Using job-store 'org.quartz.simpl.RAMJobStore' - which does not support persistence. and is not clustered.
2026-01-10 13:37:36.456 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler 'quartzScheduler' initialized from an externally provided properties instance.
2026-01-10 13:37:36.456 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler version: 2.3.2
2026-01-10 13:37:36.456 [main] INFO org.quartz.core.QuartzScheduler - JobFactory set to: org.springframework.scheduling.quartz.SpringBeanJobFactory@43f50bfe
2026-01-10 13:37:36.628 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0
2026-01-10 13:37:36.629 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53
2026-01-10 13:37:36.629 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768023456627
2026-01-10 13:37:36.645 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0
2026-01-10 13:37:36.647 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53
2026-01-10 13:37:36.647 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768023456645
2026-01-10 13:37:36.649 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8089"]
2026-01-10 13:37:36.662 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8089 (http) with context path '/xdrservice'
2026-01-10 13:37:36.662 [main] INFO o.s.s.quartz.SchedulerFactoryBean - Starting Quartz Scheduler now
2026-01-10 13:37:36.662 [main] INFO org.quartz.core.QuartzScheduler - Scheduler quartzScheduler_$_NON_CLUSTERED started.
2026-01-10 13:37:36.681 [main] INFO com.syslogApplication - Started syslogApplication in 14.581 seconds (JVM running for 19.802)
2026-01-10 13:37:37.161 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: []
2026-01-10 13:37:37.188 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: [test-topic-0]
2026-01-10 13:38:00.019 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:38:00.019 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:38:00.108 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:38:00.010晚于默认保留时间2026-01-03T13:38:00.108,使用默认时间
2026-01-10 13:38:00.194 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:38:00.198 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:38:00.202 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:38:00.108天前的日志共删除0条
2026-01-10 13:38:00.287 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:38:00.374 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:38:00.463 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时89ms
2026-01-10 13:38:00.463 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:38:00.463
2026-01-10 13:38:00.469 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:38:00.469
2026-01-10 13:38:00.637 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:38:00.639 [log-processor-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:38:00.974 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:38:00.975 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 510ms
2026-01-10 13:38:58.615 [http-nio-8089-exec-1] INFO o.s.web.servlet.DispatcherServlet - Initializing Servlet 'dispatcherServlet'
2026-01-10 13:38:58.616 [http-nio-8089-exec-1] INFO o.s.web.servlet.DispatcherServlet - Completed initialization in 1 ms
2026-01-10 13:38:58.863 [http-nio-8089-exec-1] INFO com.controllers.SyslogPushController - 收到syslog发送请求: SyslogRequest{ip='192.168.0.103', port=514, logContent='<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}', protocol='TCP', facility='USER', severity='INFO'}
2026-01-10 13:38:58.863 [http-nio-8089-exec-1] INFO com.common.service.SyslogService - 开始发送syslog消息: IP=192.168.0.103, Port=514
2026-01-10 13:38:58.864 [http-nio-8089-exec-1] INFO com.common.service.SyslogService - TCP Syslog消息发送成功: 192.168.0.103:514
2026-01-10 13:38:58.864 [http-nio-8089-exec-1] INFO com.controllers.SyslogPushController - Syslog消息发送成功: IP=192.168.0.103, Port=514
2026-01-10 13:39:00.090 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:39:00.093 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:39:00.010晚于默认保留时间2026-01-03T13:39:00.093,使用默认时间
2026-01-10 13:39:00.173 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时83ms
2026-01-10 13:39:00.173 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:39:00.173
2026-01-10 13:39:00.173 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:39:00.173
2026-01-10 13:39:00.178 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:39:00.093天前的日志共删除0条
2026-01-10 13:39:00.272 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:39:00.633 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:39:00.633 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 460ms
2026-01-10 13:40:00.010 [scheduling-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:40:00.011 [log-processor-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:40:00.092 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:40:00.010晚于默认保留时间2026-01-03T13:40:00.092,使用默认时间
2026-01-10 13:40:00.095 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:40:00.173 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:40:00.092天前的日志共删除0条
2026-01-10 13:40:00.179 [log-processor-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:40:00.182 [scheduling-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:40:00.184 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时89ms
2026-01-10 13:40:00.185 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:40:00.185
2026-01-10 13:40:00.185 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:40:00.185
2026-01-10 13:40:00.256 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:40:00.300 [log-processor-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:40:00.307 [scheduling-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:40:00.709 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:40:00.710 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 525ms
2026-01-10 13:41:00.004 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 13:35:00,结束时间2026-01-10 13:40:00
2026-01-10 13:41:00.010 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T13:35 - 2026-01-10T13:40
2026-01-10 13:41:00.086 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:41:00.003晚于默认保留时间2026-01-03T13:41:00.086,使用默认时间
2026-01-10 13:41:00.089 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:41:00.168 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:41:00.086天前的日志共删除0条
2026-01-10 13:41:00.178 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时89ms
2026-01-10 13:41:00.178 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:41:00.178
2026-01-10 13:41:00.178 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:41:00.178
2026-01-10 13:41:00.184 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 13:41:00.184 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 13:41:00.185 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T13:35 - 2026-01-10T13:40
2026-01-10 13:41:00.250 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:41:00.277 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 13:41:00.277 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 13:41:00.278 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 13:41:00.662 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:41:00.662 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 484ms
2026-01-10 13:42:00.010 [scheduling-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:42:00.010 [log-processor-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:42:00.092 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:42:00.095 [scheduling-8] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:42:00.010晚于默认保留时间2026-01-03T13:42:00.095,使用默认时间
2026-01-10 13:42:00.175 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时83ms
2026-01-10 13:42:00.175 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:42:00.175
2026-01-10 13:42:00.175 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:42:00.175
2026-01-10 13:42:00.178 [log-processor-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:42:00.180 [scheduling-8] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:42:00.095天前的日志共删除0条
2026-01-10 13:42:00.181 [scheduling-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:42:00.263 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:42:00.316 [log-processor-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:42:00.320 [scheduling-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:42:00.629 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:42:00.629 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 454ms
2026-01-10 13:43:00.085 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:43:00.088 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:43:00.005晚于默认保留时间2026-01-03T13:43:00.088,使用默认时间
2026-01-10 13:43:00.171 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时86ms
2026-01-10 13:43:00.172 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:43:00.171
2026-01-10 13:43:00.172 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:43:00.172
2026-01-10 13:43:00.173 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:43:00.088天前的日志共删除0条
2026-01-10 13:43:00.255 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:43:00.713 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:43:00.713 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 541ms
2026-01-10 13:44:00.012 [scheduling-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:44:00.012 [log-processor-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:44:00.089 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:44:00.012晚于默认保留时间2026-01-03T13:44:00.089,使用默认时间
2026-01-10 13:44:00.097 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:44:00.176 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:44:00.089天前的日志共删除0条
2026-01-10 13:44:00.178 [log-processor-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:44:00.183 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时86ms
2026-01-10 13:44:00.183 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:44:00.183
2026-01-10 13:44:00.183 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:44:00.183
2026-01-10 13:44:00.183 [scheduling-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:44:00.257 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:44:00.315 [log-processor-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:44:00.321 [scheduling-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:44:00.716 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:44:00.716 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 533ms
2026-01-10 13:45:00.092 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:45:00.011晚于默认保留时间2026-01-03T13:45:00.092,使用默认时间
2026-01-10 13:45:00.095 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:45:00.174 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:45:00.092天前的日志共删除0条
2026-01-10 13:45:00.183 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时88ms
2026-01-10 13:45:00.183 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:45:00.183
2026-01-10 13:45:00.183 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:45:00.183
2026-01-10 13:45:00.255 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:45:00.671 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:45:00.671 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 488ms
2026-01-10 13:46:00.014 [scheduling-7] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:46:00.014 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 13:40:00,结束时间2026-01-10 13:45:00
2026-01-10 13:46:00.014 [scheduling-1] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T13:40 - 2026-01-10T13:45
2026-01-10 13:46:00.014 [log-processor-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:46:00.098 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:46:00.014晚于默认保留时间2026-01-03T13:46:00.098,使用默认时间
2026-01-10 13:46:00.099 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:46:00.177 [scheduling-7] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:46:00.181 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:46:00.098天前的日志共删除0条
2026-01-10 13:46:00.191 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时92ms
2026-01-10 13:46:00.191 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:46:00.191
2026-01-10 13:46:00.192 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:46:00.192
2026-01-10 13:46:00.224 [scheduling-1] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 13:46:00.224 [scheduling-1] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 13:46:00.224 [scheduling-1] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T13:40 - 2026-01-10T13:45
2026-01-10 13:46:00.263 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:46:00.312 [scheduling-1] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 13:46:00.312 [scheduling-1] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 13:46:00.313 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 13:46:00.519 [log-processor-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:46:00.614 [scheduling-7] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:46:00.736 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:46:00.736 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 545ms
2026-01-10 13:46:00.898 [log-processor-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:47:00.096 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:47:00.097 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:47:00.010晚于默认保留时间2026-01-03T13:47:00.097,使用默认时间
2026-01-10 13:47:00.183 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:47:00.097天前的日志共删除0条
2026-01-10 13:47:00.183 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时87ms
2026-01-10 13:47:00.183 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:47:00.183
2026-01-10 13:47:00.183 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:47:00.183
2026-01-10 13:47:00.268 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:47:00.693 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:47:00.693 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 510ms
2026-01-10 13:48:00.010 [scheduling-10] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:48:00.010 [log-processor-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:48:00.092 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:48:00.010晚于默认保留时间2026-01-03T13:48:00.092,使用默认时间
2026-01-10 13:48:00.096 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:48:00.174 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:48:00.092天前的日志共删除0条
2026-01-10 13:48:00.177 [log-processor-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:48:00.177 [scheduling-10] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:48:00.182 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时86ms
2026-01-10 13:48:00.182 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:48:00.182
2026-01-10 13:48:00.182 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:48:00.182
2026-01-10 13:48:00.254 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:48:00.325 [log-processor-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:48:00.692 [scheduling-10] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:48:00.702 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:48:00.703 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 521ms
2026-01-10 13:49:00.091 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:49:00.010晚于默认保留时间2026-01-03T13:49:00.091,使用默认时间
2026-01-10 13:49:00.096 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:49:00.175 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:49:00.091天前的日志共删除0条
2026-01-10 13:49:00.183 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时87ms
2026-01-10 13:49:00.183 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:49:00.183
2026-01-10 13:49:00.183 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:49:00.183
2026-01-10 13:49:00.255 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:49:00.753 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:49:00.753 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 570ms
2026-01-10 13:50:00.012 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:50:00.013 [log-processor-7] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:50:00.093 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:50:00.105 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:50:00.012晚于默认保留时间2026-01-03T13:50:00.105,使用默认时间
2026-01-10 13:50:00.176 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时83ms
2026-01-10 13:50:00.177 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:50:00.177
2026-01-10 13:50:00.177 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:50:00.177
2026-01-10 13:50:00.182 [log-processor-7] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:50:00.187 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:50:00.214 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:50:00.105天前的日志共删除0条
2026-01-10 13:50:00.297 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:50:00.317 [log-processor-7] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:50:00.394 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:50:00.683 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:50:00.683 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 506ms
2026-01-10 13:51:00.008 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 13:45:00,结束时间2026-01-10 13:50:00
2026-01-10 13:51:00.008 [scheduling-5] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T13:45 - 2026-01-10T13:50
2026-01-10 13:51:00.093 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:51:00.094 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:51:00.008晚于默认保留时间2026-01-03T13:51:00.094,使用默认时间
2026-01-10 13:51:00.168 [scheduling-5] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 13:51:00.168 [scheduling-5] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 13:51:00.168 [scheduling-5] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T13:45 - 2026-01-10T13:50
2026-01-10 13:51:00.176 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时83ms
2026-01-10 13:51:00.176 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:51:00.094天前的日志共删除0条
2026-01-10 13:51:00.176 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:51:00.176
2026-01-10 13:51:00.176 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:51:00.176
2026-01-10 13:51:00.253 [scheduling-5] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 13:51:00.253 [scheduling-5] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 13:51:00.253 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 13:51:00.265 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:51:00.684 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:51:00.684 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 508ms
2026-01-10 13:52:00.009 [scheduling-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:52:00.010 [log-processor-8] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:52:00.094 [scheduling-8] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:52:00.009晚于默认保留时间2026-01-03T13:52:00.094,使用默认时间
2026-01-10 13:52:00.095 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:52:00.175 [scheduling-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:52:00.176 [log-processor-8] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:52:00.179 [scheduling-8] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:52:00.094天前的日志共删除0条
2026-01-10 13:52:00.183 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时88ms
2026-01-10 13:52:00.183 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:52:00.183
2026-01-10 13:52:00.183 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:52:00.183
2026-01-10 13:52:00.263 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:52:00.308 [scheduling-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:52:00.393 [log-processor-8] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:52:00.663 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:52:00.663 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 480ms
2026-01-10 13:53:00.094 [scheduling-8] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:53:00.009晚于默认保留时间2026-01-03T13:53:00.094,使用默认时间
2026-01-10 13:53:00.094 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:53:00.180 [scheduling-8] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:53:00.094天前的日志共删除0条
2026-01-10 13:53:00.184 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时90ms
2026-01-10 13:53:00.184 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:53:00.184
2026-01-10 13:53:00.184 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:53:00.184
2026-01-10 13:53:00.264 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:53:00.682 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:53:00.683 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 499ms
2026-01-10 13:53:58.080 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:53:58.080 [log-processor-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 13:53:58.163 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T13:53:58.080晚于默认保留时间2026-01-03T13:53:58.163,使用默认时间
2026-01-10 13:53:58.164 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 13:53:58.243 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T13:53:58.163天前的日志共删除0条
2026-01-10 13:53:58.245 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:53:58.250 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时86ms
2026-01-10 13:53:58.250 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T13:53:58.250
2026-01-10 13:53:58.251 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T13:53:58.251
2026-01-10 13:53:58.251 [log-processor-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 13:53:58.324 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 13:53:58.492 [log-processor-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:53:58.697 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 13:53:58.697 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 446ms
2026-01-10 13:53:58.737 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 13:59:54.078 [HikariPool-1 housekeeper] WARN com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Thread starvation or clock leap detected (housekeeper delta=5m51s169ms755µs800ns).
2026-01-10 14:00:21.164 [scheduling-7] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:00:21.164 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 13:55:00,结束时间2026-01-10 14:00:00
2026-01-10 14:00:21.164 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T13:55 - 2026-01-10T14:00
2026-01-10 14:00:21.164 [log-processor-10] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:00:26.187 [log-processor-10] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@7c2603ab (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
2026-01-10 14:00:26.187 [scheduling-8] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@296964cd (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
2026-01-10 14:00:26.187 [scheduling-7] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@5da1fd68 (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
2026-01-10 14:00:26.187 [scheduling-4] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@7e34d60 (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
2026-01-10 14:00:26.187 [scheduling-9] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@654d837b (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
2026-01-10 14:00:31.199 [scheduling-9] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@a4c44d (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
2026-01-10 14:00:31.199 [log-processor-10] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@6722cb96 (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
2026-01-10 14:00:31.199 [scheduling-4] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@510720d2 (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
2026-01-10 14:00:31.199 [scheduling-8] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@818833a (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
2026-01-10 14:00:31.199 [scheduling-7] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@32621718 (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
2026-01-10 14:00:31.284 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:00:21.164晚于默认保留时间2026-01-03T14:00:31.284,使用默认时间
2026-01-10 14:00:31.285 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:00:31.368 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:00:31.284天前的日志共删除0条
2026-01-10 14:00:31.370 [scheduling-7] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:00:31.370 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:00:31.370 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:00:31.370 [log-processor-10] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:00:31.370 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T13:55 - 2026-01-10T14:00
2026-01-10 14:00:31.373 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时88ms
2026-01-10 14:00:31.373 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:00:31.373
2026-01-10 14:00:31.373 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:00:31.373
2026-01-10 14:00:31.452 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:00:31.459 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:00:31.459 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:00:31.459 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 10 秒
2026-01-10 14:00:31.790 [scheduling-7] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:00:31.795 [log-processor-10] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:00:31.905 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:00:31.905 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 532ms
2026-01-10 14:01:00.001 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 13:55:00,结束时间2026-01-10 14:00:00
2026-01-10 14:01:00.001 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T13:55 - 2026-01-10T14:00
2026-01-10 14:01:00.087 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:01:00.001晚于默认保留时间2026-01-03T14:01:00.087,使用默认时间
2026-01-10 14:01:00.102 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:01:00.172 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:01:00.087天前的日志共删除0条
2026-01-10 14:01:00.173 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:01:00.173 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:01:00.173 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T13:55 - 2026-01-10T14:00
2026-01-10 14:01:00.191 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时89ms
2026-01-10 14:01:00.192 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:01:00.192
2026-01-10 14:01:00.192 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:01:00.192
2026-01-10 14:01:00.256 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:01:00.266 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:01:00.266 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:01:00.266 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 14:01:00.678 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:01:00.678 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 486ms
2026-01-10 14:02:00.009 [scheduling-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:02:00.010 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:02:00.095 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:02:00.009晚于默认保留时间2026-01-03T14:02:00.095,使用默认时间
2026-01-10 14:02:00.095 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:02:00.180 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:02:00.095天前的日志共删除0条
2026-01-10 14:02:00.180 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:02:00.181 [scheduling-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:02:00.187 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时92ms
2026-01-10 14:02:00.187 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:02:00.187
2026-01-10 14:02:00.187 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:02:00.187
2026-01-10 14:02:00.265 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:02:00.666 [log-processor-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:02:00.666 [scheduling-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:02:00.715 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:02:00.715 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 528ms
2026-01-10 14:03:00.088 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:03:00.088 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:03:00.003晚于默认保留时间2026-01-03T14:03:00.088,使用默认时间
2026-01-10 14:03:00.175 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:03:00.088天前的日志共删除0条
2026-01-10 14:03:00.176 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时88ms
2026-01-10 14:03:00.176 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:03:00.176
2026-01-10 14:03:00.176 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:03:00.176
2026-01-10 14:03:00.263 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:03:00.752 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:03:00.752 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 576ms
2026-01-10 14:04:00.003 [scheduling-8] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:04:00.003 [log-processor-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:04:00.093 [scheduling-5] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:04:00.003晚于默认保留时间2026-01-03T14:04:00.093,使用默认时间
2026-01-10 14:04:00.174 [scheduling-8] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:04:00.174 [log-processor-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:04:00.180 [scheduling-5] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:04:00.093天前的日志共删除0条
2026-01-10 14:04:00.268 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:04:00.300 [log-processor-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:04:00.300 [scheduling-8] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:04:00.372 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:04:00.467 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时95ms
2026-01-10 14:04:00.468 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:04:00.468
2026-01-10 14:04:00.468 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:04:00.468
2026-01-10 14:04:00.952 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:04:00.952 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 484ms
2026-01-10 14:05:00.087 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:05:00.001晚于默认保留时间2026-01-03T14:05:00.087,使用默认时间
2026-01-10 14:05:00.120 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:05:00.170 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:05:00.087天前的日志共删除0条
2026-01-10 14:05:00.211 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时91ms
2026-01-10 14:05:00.212 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:05:00.212
2026-01-10 14:05:00.212 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:05:00.212
2026-01-10 14:05:00.255 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:05:01.063 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:05:01.063 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 851ms
2026-01-10 14:06:00.004 [scheduling-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:06:00.004 [log-processor-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:06:00.004 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 14:00:00,结束时间2026-01-10 14:05:00
2026-01-10 14:06:00.004 [scheduling-5] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:00 - 2026-01-10T14:05
2026-01-10 14:06:00.092 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:06:00.109 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:06:00.004晚于默认保留时间2026-01-03T14:06:00.109,使用默认时间
2026-01-10 14:06:00.171 [scheduling-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:06:00.171 [log-processor-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:06:00.180 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时88ms
2026-01-10 14:06:00.180 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:06:00.180
2026-01-10 14:06:00.180 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:06:00.180
2026-01-10 14:06:00.208 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:06:00.109天前的日志共删除0条
2026-01-10 14:06:00.208 [scheduling-5] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:06:00.208 [scheduling-5] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:06:00.209 [scheduling-5] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:00 - 2026-01-10T14:05
2026-01-10 14:06:00.293 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:06:00.293 [scheduling-5] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:06:00.293 [scheduling-5] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:06:00.297 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 14:06:00.315 [log-processor-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:06:00.316 [scheduling-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:06:00.674 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:06:00.674 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 494ms
2026-01-10 14:07:00.090 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:07:00.090 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:07:00.003晚于默认保留时间2026-01-03T14:07:00.090,使用默认时间
2026-01-10 14:07:00.178 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:07:00.090天前的日志共删除0条
2026-01-10 14:07:00.178 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时88ms
2026-01-10 14:07:00.179 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:07:00.179
2026-01-10 14:07:00.179 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:07:00.179
2026-01-10 14:07:00.263 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:07:00.695 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:07:00.695 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 516ms
2026-01-10 14:08:00.002 [scheduling-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:08:00.002 [log-processor-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:08:00.096 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:08:00.096 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:08:00.002晚于默认保留时间2026-01-03T14:08:00.096,使用默认时间
2026-01-10 14:08:00.170 [scheduling-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:08:00.170 [log-processor-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:08:00.181 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:08:00.096天前的日志共删除0条
2026-01-10 14:08:00.184 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数0耗时88ms
2026-01-10 14:08:00.185 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:08:00.185
2026-01-10 14:08:00.185 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:08:00.185
2026-01-10 14:08:00.271 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:08:00.310 [log-processor-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:08:00.311 [scheduling-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:08:00.636 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:08:00.636 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 451ms
2026-01-10 14:08:50.215 [http-nio-8089-exec-3] INFO com.controllers.SyslogPushController - 收到syslog发送请求: SyslogRequest{ip='192.168.0.103', port=514, logContent='<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}', protocol='TCP', facility='USER', severity='INFO'}
2026-01-10 14:08:50.215 [http-nio-8089-exec-3] INFO com.common.service.SyslogService - 开始发送syslog消息: IP=192.168.0.103, Port=514
2026-01-10 14:08:50.219 [http-nio-8089-exec-3] INFO com.common.service.SyslogService - TCP Syslog消息发送成功: 192.168.0.103:514
2026-01-10 14:08:50.219 [http-nio-8089-exec-3] INFO com.controllers.SyslogPushController - Syslog消息发送成功: IP=192.168.0.103, Port=514
2026-01-10 14:08:56.198 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO c.Modules.NormalData.SysLogProcessor - 开始处理批次消息,数量: 1
2026-01-10 14:08:56.198 [log-processor-5] INFO c.Modules.NormalData.SysLogProcessor - 收到syslogmessage[receive_time=20260110140855438 device_id=248 device_name=开发环境设备-HOME vendor=HFish data_type=json device_collect_id=1]<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}
2026-01-10 14:09:00.088 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:09:00.002晚于默认保留时间2026-01-03T14:09:00.088,使用默认时间
2026-01-10 14:09:00.107 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:09:00.178 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:09:00.088天前的日志共删除0条
2026-01-10 14:09:00.262 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:09:00.297 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时190ms
2026-01-10 14:09:00.297 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:09:00.297
2026-01-10 14:09:00.297 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:09:00.297
2026-01-10 14:09:00.740 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:09:00.740 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 443ms
2026-01-10 14:09:01.651 [log-processor-5] WARN c.c.service.LogDataFilterService - 泛化规则-数据过滤规则为空,默认不处理!
2026-01-10 14:10:19.341 [scheduling-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:10:19.341 [HikariPool-1 housekeeper] WARN com.zaxxer.hikari.pool.HikariPool - HikariPool-1 - Thread starvation or clock leap detected (housekeeper delta=1m25s115ms628µs300ns).
2026-01-10 14:10:19.341 [log-processor-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:10:19.346 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] WARN c.Modules.NormalData.SysLogProcessor - 批次处理超时,已处理: 0/1
2026-01-10 14:10:20.390 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:10:19.341晚于默认保留时间2026-01-03T14:10:20.390,使用默认时间
2026-01-10 14:10:20.390 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:10:20.562 [scheduling-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:10:20.562 [log-processor-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:10:20.688 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:10:20.390天前的日志共删除0条
2026-01-10 14:10:37.594 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:10:37.594 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时17204ms
2026-01-10 14:10:37.594 [log-processor-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:10:37.594 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:10:37.594
2026-01-10 14:10:37.595 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:10:37.595
2026-01-10 14:10:40.009 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: [test-topic-0]
2026-01-10 14:10:40.017 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] ERROR o.a.k.c.c.i.ConsumerCoordinator - [Consumer clientId=consumer-test-group-app-1, groupId=test-group-app] Offset commit failed on partition test-topic-0 at offset 477: The coordinator is not aware of this member.
2026-01-10 14:10:40.021 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] ERROR o.s.k.l.KafkaMessageListenerContainer - Consumer exception
java.lang.IllegalStateException: This error handler cannot process 'org.apache.kafka.clients.consumer.CommitFailedException's; no record information is available
at org.springframework.kafka.listener.DefaultErrorHandler.handleOtherException(DefaultErrorHandler.java:157)
at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.handleConsumerException(KafkaMessageListenerContainer.java:1812)
at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.run(KafkaMessageListenerContainer.java:1301)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266)
at java.util.concurrent.FutureTask.run(FutureTask.java)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.kafka.clients.consumer.CommitFailedException: Commit cannot be completed since the group has already rebalanced and assigned the partitions to another member. This means that the time between subsequent calls to poll() was longer than the configured max.poll.interval.ms, which typically implies that the poll loop is spending too much time message processing. You can address this either by increasing max.poll.interval.ms or by reducing the maximum size of batches returned in poll() with max.poll.records.
at org.apache.kafka.clients.consumer.internals.ConsumerCoordinator$OffsetCommitResponseHandler.handle(ConsumerCoordinator.java:1441)
at org.apache.kafka.clients.consumer.internals.ConsumerCoordinator$OffsetCommitResponseHandler.handle(ConsumerCoordinator.java:1341)
at org.apache.kafka.clients.consumer.internals.AbstractCoordinator$CoordinatorResponseHandler.onSuccess(AbstractCoordinator.java:1260)
at org.apache.kafka.clients.consumer.internals.AbstractCoordinator$CoordinatorResponseHandler.onSuccess(AbstractCoordinator.java:1235)
at org.apache.kafka.clients.consumer.internals.RequestFuture$1.onSuccess(RequestFuture.java:206)
at org.apache.kafka.clients.consumer.internals.RequestFuture.fireSuccess(RequestFuture.java:169)
at org.apache.kafka.clients.consumer.internals.RequestFuture.complete(RequestFuture.java:129)
at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient$RequestFutureCompletionHandler.fireCompletion(ConsumerNetworkClient.java:617)
at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.firePendingCompletedRequests(ConsumerNetworkClient.java:427)
at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:312)
at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:230)
at org.apache.kafka.clients.consumer.internals.ConsumerNetworkClient.poll(ConsumerNetworkClient.java:214)
at org.apache.kafka.clients.consumer.internals.ConsumerCoordinator.commitOffsetsSync(ConsumerCoordinator.java:1174)
at org.apache.kafka.clients.consumer.KafkaConsumer.commitSync(KafkaConsumer.java:1502)
at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doCommitSync(KafkaMessageListenerContainer.java:3062)
at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.commitSync(KafkaMessageListenerContainer.java:3057)
at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.commitIfNecessary(KafkaMessageListenerContainer.java:3043)
at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.processCommits(KafkaMessageListenerContainer.java:2835)
at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.pollAndInvoke(KafkaMessageListenerContainer.java:1329)
at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.run(KafkaMessageListenerContainer.java:1255)
... 4 common frames omitted
2026-01-10 14:10:40.021 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions lost: [test-topic-0]
2026-01-10 14:10:40.033 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions revoked: [test-topic-0]
2026-01-10 14:10:40.078 [scheduling-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T13:35:33.821
2026-01-10 14:10:40.486 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:10:40.487 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 2893ms
2026-01-10 14:10:40.514 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO c.Modules.NormalData.SysLogProcessor - 开始处理批次消息,数量: 1
2026-01-10 14:10:40.514 [log-processor-7] INFO c.Modules.NormalData.SysLogProcessor - 收到syslogmessage[receive_time=20260110140855438 device_id=248 device_name=开发环境设备-HOME vendor=HFish data_type=json device_collect_id=1]<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}
2026-01-10 14:10:40.565 [log-processor-7] WARN c.c.service.LogDataFilterService - 泛化规则-数据过滤规则为空,默认不处理!
2026-01-10 14:10:55.526 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO c.Modules.NormalData.SysLogProcessor - 批次处理完成,总数: 1
2026-01-10 14:10:55.549 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions revoked: [test-topic-0]
2026-01-10 14:10:55.564 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: []
2026-01-10 14:10:55.570 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: [test-topic-0]
2026-01-10 14:11:00.002 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 14:05:00,结束时间2026-01-10 14:10:00
2026-01-10 14:11:00.002 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:05 - 2026-01-10T14:10
2026-01-10 14:11:00.085 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:11:00.002晚于默认保留时间2026-01-03T14:11:00.085,使用默认时间
2026-01-10 14:11:00.088 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:11:00.171 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:11:00.085天前的日志共删除0条
2026-01-10 14:11:00.171 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:11:00.171 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:11:00.171 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:05 - 2026-01-10T14:10
2026-01-10 14:11:00.256 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:11:00.256 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:11:00.256 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 14:11:00.575 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时487ms
2026-01-10 14:11:00.575 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:11:00.575
2026-01-10 14:11:00.575 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:11:00.575
2026-01-10 14:11:00.847 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:11:01.055 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:11:01.055 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 480ms
2026-01-10 14:12:00.012 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:12:00.012 [log-processor-8] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:12:00.096 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:12:00.011晚于默认保留时间2026-01-03T14:12:00.096,使用默认时间
2026-01-10 14:12:00.133 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:12:00.180 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:12:00.096天前的日志共删除0条
2026-01-10 14:12:00.180 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:12:00.183 [log-processor-8] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:12:00.263 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:12:00.295 [scheduling-2] INFO c.c.service.AccessLogAlertService - 获取到 2 条新的日志数据,时间范围: 2026-01-10T13:35:33.821 到 2026-01-10T14:12:00.180
2026-01-10 14:12:00.297 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法3 (ID: 2004083121877696514)
2026-01-10 14:12:00.307 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时174ms
2026-01-10 14:12:00.307 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:12:00.307
2026-01-10 14:12:00.307 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:12:00.307
2026-01-10 14:12:00.625 [log-processor-8] INFO c.c.service.AccessLogAlertService - 获取到 2 条新的日志数据,时间范围: 2026-01-10T13:35:33.821 到 2026-01-10T14:12:00.183
2026-01-10 14:12:00.625 [log-processor-8] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法3 (ID: 2004083121877696514)
2026-01-10 14:12:00.784 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:12:00.784 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 477ms
2026-01-10 14:12:02.417 [scheduling-2] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602)
at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275)
at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153)
at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122)
at com.common.service.AccessLogAlertService.safeProcessTask(AccessLogAlertService.java:387)
at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.common.service.AccessLogAlertService$$EnhancerBySpringCGLIB$$a38bc9af.safeProcessTask(<generated>)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84)
at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54)
at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:95)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266)
at java.util.concurrent.FutureTask.run(FutureTask.java)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:211)
at sun.net.www.http.HttpClient.New(HttpClient.java:308)
at sun.net.www.http.HttpClient.New(HttpClient.java:326)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109)
at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776)
... 27 common frames omitted
2026-01-10 14:12:02.421 [scheduling-2] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应
2026-01-10 14:12:02.421 [scheduling-2] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T14:12:00.180 开始处理
2026-01-10 14:12:02.728 [log-processor-8] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602)
at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275)
at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153)
at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122)
at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:793)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763)
at org.springframework.aop.interceptor.AsyncExecutionInterceptor.lambda$invoke$0(AsyncExecutionInterceptor.java:115)
at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266)
at java.util.concurrent.FutureTask.run(FutureTask.java)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:211)
at sun.net.www.http.HttpClient.New(HttpClient.java:308)
at sun.net.www.http.HttpClient.New(HttpClient.java:326)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109)
at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776)
... 16 common frames omitted
2026-01-10 14:12:02.744 [log-processor-8] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应
2026-01-10 14:12:02.744 [log-processor-8] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T14:12:00.183 开始处理
2026-01-10 14:13:00.092 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:13:00.097 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:13:00.007晚于默认保留时间2026-01-03T14:13:00.097,使用默认时间
2026-01-10 14:13:00.183 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:13:00.097天前的日志共删除0条
2026-01-10 14:13:00.267 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时176ms
2026-01-10 14:13:00.267 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:13:00.267
2026-01-10 14:13:00.267 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:13:00.267
2026-01-10 14:13:00.268 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:13:00.753 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:13:00.753 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 486ms
2026-01-10 14:14:00.005 [scheduling-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:14:00.005 [log-processor-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:14:00.092 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:14:00.094 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:14:00.005晚于默认保留时间2026-01-03T14:14:00.094,使用默认时间
2026-01-10 14:14:00.179 [log-processor-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:14:00.179 [scheduling-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:14:00.181 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:14:00.094天前的日志共删除0条
2026-01-10 14:14:00.264 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时172ms
2026-01-10 14:14:00.265 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:14:00.265
2026-01-10 14:14:00.265 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:14:00.265
2026-01-10 14:14:00.265 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:14:00.415 [scheduling-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:14:00.627 [log-processor-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:14:00.779 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:14:00.779 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 514ms
2026-01-10 14:15:00.094 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:15:00.095 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:15:00.009晚于默认保留时间2026-01-03T14:15:00.095,使用默认时间
2026-01-10 14:15:00.181 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:15:00.095天前的日志共删除0条
2026-01-10 14:15:00.261 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时167ms
2026-01-10 14:15:00.261 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:15:00.261
2026-01-10 14:15:00.261 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:15:00.261
2026-01-10 14:15:00.267 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:15:01.087 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:15:01.087 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 826ms
2026-01-10 14:16:00.010 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:16:00.011 [log-processor-10] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:16:00.011 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 14:10:00,结束时间2026-01-10 14:15:00
2026-01-10 14:16:00.011 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:10 - 2026-01-10T14:15
2026-01-10 14:16:00.095 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:16:00.095 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:16:00.010晚于默认保留时间2026-01-03T14:16:00.095,使用默认时间
2026-01-10 14:16:00.180 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:16:00.095天前的日志共删除0条
2026-01-10 14:16:00.181 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:16:00.181 [log-processor-10] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:16:00.263 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:16:00.264 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时169ms
2026-01-10 14:16:00.264 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:16:00.264
2026-01-10 14:16:00.264 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:16:00.264
2026-01-10 14:16:00.320 [log-processor-10] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:16:00.320 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:16:00.477 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:16:00.478 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:16:00.478 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:10 - 2026-01-10T14:15
2026-01-10 14:16:00.564 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:16:00.564 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:16:00.564 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 14:16:00.740 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:16:00.740 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 476ms
2026-01-10 14:17:00.091 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:17:00.006晚于默认保留时间2026-01-03T14:17:00.091,使用默认时间
2026-01-10 14:17:00.091 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:17:00.175 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:17:00.091天前的日志共删除0条
2026-01-10 14:17:00.261 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:17:00.267 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时176ms
2026-01-10 14:17:00.267 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:17:00.267
2026-01-10 14:17:00.267 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:17:00.267
2026-01-10 14:17:00.725 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:17:00.726 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 459ms
2026-01-10 14:18:00.002 [scheduling-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:18:00.002 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:18:00.087 [scheduling-5] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:18:00.002晚于默认保留时间2026-01-03T14:18:00.087,使用默认时间
2026-01-10 14:18:00.172 [scheduling-5] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:18:00.087天前的日志共删除0条
2026-01-10 14:18:00.175 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:18:00.256 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:18:00.328 [log-processor-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:18:00.382 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:18:00.468 [scheduling-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:18:00.555 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时173ms
2026-01-10 14:18:00.555 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:18:00.555
2026-01-10 14:18:00.555 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:18:00.555
2026-01-10 14:18:00.625 [scheduling-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:18:01.081 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:18:01.081 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 526ms
2026-01-10 14:19:00.096 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:19:00.097 [scheduling-5] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:19:00.013晚于默认保留时间2026-01-03T14:19:00.097,使用默认时间
2026-01-10 14:19:00.186 [scheduling-5] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:19:00.097天前的日志共删除0条
2026-01-10 14:19:00.271 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时175ms
2026-01-10 14:19:00.271 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:19:00.271 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:19:00.271
2026-01-10 14:19:00.271 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:19:00.271
2026-01-10 14:19:00.757 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:19:00.757 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 486ms
2026-01-10 14:20:00.000 [scheduling-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:20:00.016 [log-processor-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:20:00.084 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:20:00.101 [scheduling-3] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:20:00.016晚于默认保留时间2026-01-03T14:20:00.101,使用默认时间
2026-01-10 14:20:00.174 [scheduling-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:20:00.184 [log-processor-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:20:00.189 [scheduling-3] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:20:00.101天前的日志共删除0条
2026-01-10 14:20:00.254 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时170ms
2026-01-10 14:20:00.254 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:20:00.254
2026-01-10 14:20:00.254 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:20:00.254
2026-01-10 14:20:00.276 [scheduling-3] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:20:00.418 [scheduling-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:20:00.421 [log-processor-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:20:00.723 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:20:00.723 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 469ms
2026-01-10 14:21:00.002 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 14:15:00,结束时间2026-01-10 14:20:00
2026-01-10 14:21:00.003 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:15 - 2026-01-10T14:20
2026-01-10 14:21:00.089 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:21:00.002晚于默认保留时间2026-01-03T14:21:00.089,使用默认时间
2026-01-10 14:21:00.103 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:21:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:21:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:21:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:15 - 2026-01-10T14:20
2026-01-10 14:21:00.174 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:21:00.089天前的日志共删除0条
2026-01-10 14:21:00.261 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:21:00.262 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:21:00.262 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:21:00.262 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 14:21:00.281 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时178ms
2026-01-10 14:21:00.281 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:21:00.281
2026-01-10 14:21:00.281 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:21:00.281
2026-01-10 14:21:00.766 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:21:00.766 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 485ms
2026-01-10 14:22:00.014 [scheduling-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:22:00.014 [log-processor-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:22:00.097 [scheduling-5] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:22:00.014晚于默认保留时间2026-01-03T14:22:00.097,使用默认时间
2026-01-10 14:22:00.097 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:22:00.182 [log-processor-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:22:00.182 [scheduling-5] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:22:00.097天前的日志共删除0条
2026-01-10 14:22:00.265 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:22:00.277 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时180ms
2026-01-10 14:22:00.277 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:22:00.277
2026-01-10 14:22:00.277 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:22:00.277
2026-01-10 14:22:00.418 [log-processor-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:22:00.766 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:22:00.766 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 489ms
2026-01-10 14:22:00.771 [scheduling-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:22:00.890 [scheduling-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:23:00.088 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:23:00.089 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:23:00.004晚于默认保留时间2026-01-03T14:23:00.089,使用默认时间
2026-01-10 14:23:00.176 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:23:00.089天前的日志共删除0条
2026-01-10 14:23:00.258 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时170ms
2026-01-10 14:23:00.258 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:23:00.258
2026-01-10 14:23:00.258 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:23:00.258
2026-01-10 14:23:00.261 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:23:01.079 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:23:01.079 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 821ms
2026-01-10 14:24:00.008 [log-processor-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:24:00.008 [scheduling-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:24:00.090 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:24:00.090 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:24:00.008晚于默认保留时间2026-01-03T14:24:00.090,使用默认时间
2026-01-10 14:24:00.175 [log-processor-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:24:00.178 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:24:00.090天前的日志共删除0条
2026-01-10 14:24:00.263 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时173ms
2026-01-10 14:24:00.263 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:24:00.263
2026-01-10 14:24:00.263 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:24:00.263 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:24:00.263
2026-01-10 14:24:00.406 [log-processor-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:24:00.468 [scheduling-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:24:00.703 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:24:00.703 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 440ms
2026-01-10 14:24:00.714 [scheduling-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:12:00.183
2026-01-10 14:25:00.094 [scheduling-6] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:25:00.010晚于默认保留时间2026-01-03T14:25:00.094,使用默认时间
2026-01-10 14:25:00.096 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:25:00.179 [scheduling-6] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:25:00.094天前的日志共删除0条
2026-01-10 14:25:00.262 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:25:00.273 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时177ms
2026-01-10 14:25:00.273 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:25:00.273
2026-01-10 14:25:00.273 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:25:00.273
2026-01-10 14:25:00.829 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:25:00.829 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 556ms
2026-01-10 14:25:15.949 [http-nio-8089-exec-5] INFO com.controllers.SyslogPushController - 收到syslog发送请求: SyslogRequest{ip='192.168.0.103', port=514, logContent='<0> 2026-01-10T13:47:27+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T13:47:27.249503+0800","flow_id":767115114538067,"community_id":"fFU2gDB2+pyUS6xQpAqqLdPLG4k=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"192.168.2.81","src_port":51018,"dest_ip":"120.241.131.42","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":423808413,"tcp_ack_sequence":3371175627,"ether":{},"host":"szextshort.weixin.qq.com","host_md5":"d7745538302ebc766b77ca8a4f3dd735","uri":"/mmtls/1abfe317","uri_md5":"e889825636e4d22b1d364b6bd6400ad5","agent":"MicroMessenger Client","referer":"","method":"POST","protocol":"HTTP/1.1","req_content_type":"application/octet-stream","request_headers":"accept: */*\r\ncache-control: no-cache\r\nconnection: Keep-Alive\r\ncontent-length: 2579\r\ncontent-type: application/octet-stream\r\nHost: szextshort.weixin.qq.com\r\nUpgrade: mmtls\r\nUser-Agent: MicroMessenger Client\r\n","rsp_content_type":"","response_headers":""}', protocol='TCP', facility='USER', severity='INFO'}
2026-01-10 14:25:15.949 [http-nio-8089-exec-5] INFO com.common.service.SyslogService - 开始发送syslog消息: IP=192.168.0.103, Port=514
2026-01-10 14:25:15.950 [http-nio-8089-exec-5] INFO com.common.service.SyslogService - TCP Syslog消息发送成功: 192.168.0.103:514
2026-01-10 14:25:15.950 [http-nio-8089-exec-5] INFO com.controllers.SyslogPushController - Syslog消息发送成功: IP=192.168.0.103, Port=514
2026-01-10 14:25:16.513 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO c.Modules.NormalData.SysLogProcessor - 开始处理批次消息,数量: 1
2026-01-10 14:25:16.513 [log-processor-6] INFO c.Modules.NormalData.SysLogProcessor - 收到syslogmessage[receive_time=20260110142515957 device_id=248 device_name=开发环境设备-HOME vendor=HFish data_type=json device_collect_id=1]<0> 2026-01-10T13:47:27+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T13:47:27.249503+0800","flow_id":767115114538067,"community_id":"fFU2gDB2+pyUS6xQpAqqLdPLG4k=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"192.168.2.81","src_port":51018,"dest_ip":"120.241.131.42","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":423808413,"tcp_ack_sequence":3371175627,"ether":{},"host":"szextshort.weixin.qq.com","host_md5":"d7745538302ebc766b77ca8a4f3dd735","uri":"/mmtls/1abfe317","uri_md5":"e889825636e4d22b1d364b6bd6400ad5","agent":"MicroMessenger Client","referer":"","method":"POST","protocol":"HTTP/1.1","req_content_type":"application/octet-stream","request_headers":"accept: */*\r\ncache-control: no-cache\r\nconnection: Keep-Alive\r\ncontent-length: 2579\r\ncontent-type: application/octet-stream\r\nHost: szextshort.weixin.qq.com\r\nUpgrade: mmtls\r\nUser-Agent: MicroMessenger Client\r\n","rsp_content_type":"","response_headers":""}
2026-01-10 14:25:16.554 [log-processor-6] WARN c.c.service.LogDataFilterService - 泛化规则-数据过滤规则为空,默认不处理!
2026-01-10 14:25:17.148 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO c.Modules.NormalData.SysLogProcessor - 批次处理完成,总数: 1
2026-01-10 14:26:00.002 [scheduling-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:26:00.002 [log-processor-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:26:00.002 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 14:20:00,结束时间2026-01-10 14:25:00
2026-01-10 14:26:00.003 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:20 - 2026-01-10T14:25
2026-01-10 14:26:00.086 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:26:00.086 [scheduling-5] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:26:00.002晚于默认保留时间2026-01-03T14:26:00.086,使用默认时间
2026-01-10 14:26:00.172 [scheduling-5] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:26:00.086天前的日志共删除0条
2026-01-10 14:26:00.172 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:26:00.172 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:26:00.172 [scheduling-2] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:20 - 2026-01-10T14:25
2026-01-10 14:26:00.172 [log-processor-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:26:00.172 [scheduling-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:26:00.252 [scheduling-5] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:26:00.258 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时172ms
2026-01-10 14:26:00.258 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:26:00.258
2026-01-10 14:26:00.259 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:26:00.259
2026-01-10 14:26:00.259 [scheduling-2] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:26:00.259 [scheduling-2] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:26:00.259 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 14:26:00.323 [log-processor-5] INFO c.c.service.AccessLogAlertService - 获取到 1 条新的日志数据,时间范围: 2026-01-10T14:12:00.183 到 2026-01-10T14:26:00.172
2026-01-10 14:26:00.323 [log-processor-5] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法3 (ID: 2004083121877696514)
2026-01-10 14:26:00.414 [scheduling-4] INFO c.c.service.AccessLogAlertService - 获取到 1 条新的日志数据,时间范围: 2026-01-10T14:12:00.183 到 2026-01-10T14:26:00.172
2026-01-10 14:26:00.414 [scheduling-4] INFO c.c.service.AccessLogAlertService - 开始处理算法: 测试算法3 (ID: 2004083121877696514)
2026-01-10 14:26:00.773 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:26:00.773 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 514ms
2026-01-10 14:26:02.434 [log-processor-5] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602)
at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275)
at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153)
at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122)
at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:793)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:163)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.proceed(CglibAopProxy.java:763)
at org.springframework.aop.interceptor.AsyncExecutionInterceptor.lambda$invoke$0(AsyncExecutionInterceptor.java:115)
at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266)
at java.util.concurrent.FutureTask.run(FutureTask.java)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:211)
at sun.net.www.http.HttpClient.New(HttpClient.java:308)
at sun.net.www.http.HttpClient.New(HttpClient.java:326)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109)
at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776)
... 16 common frames omitted
2026-01-10 14:26:02.449 [log-processor-5] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应
2026-01-10 14:26:02.449 [log-processor-5] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T14:26:00.172 开始处理
2026-01-10 14:26:02.528 [scheduling-4] ERROR c.c.service.AccessLogAlertService - 调用算法API异常 [URL: http://192.168.4.33:5001/Webshell]: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
org.springframework.web.client.ResourceAccessException: I/O error on POST request for "http://192.168.4.33:5001/Webshell": Connection refused: connect; nested exception is java.net.ConnectException: Connection refused: connect
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:785)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:711)
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:602)
at com.common.service.AccessLogAlertService.callAlgorithmApi(AccessLogAlertService.java:275)
at com.common.service.AccessLogAlertService.processAlgorithm(AccessLogAlertService.java:153)
at com.common.service.AccessLogAlertService.processAccessLogAlert(AccessLogAlertService.java:122)
at com.common.service.AccessLogAlertService.safeProcessTask(AccessLogAlertService.java:387)
at com.common.service.AccessLogAlertService$$FastClassBySpringCGLIB$$4807ae0a.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)
at org.springframework.aop.framework.CglibAopProxy.invokeMethod(CglibAopProxy.java:386)
at org.springframework.aop.framework.CglibAopProxy.access$000(CglibAopProxy.java:85)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:704)
at com.common.service.AccessLogAlertService$$EnhancerBySpringCGLIB$$a38bc9af.safeProcessTask(<generated>)
at sun.reflect.GeneratedMethodAccessor147.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.scheduling.support.ScheduledMethodRunnable.run(ScheduledMethodRunnable.java:84)
at org.springframework.scheduling.support.DelegatingErrorHandlingRunnable.run(DelegatingErrorHandlingRunnable.java:54)
at org.springframework.scheduling.concurrent.ReschedulingRunnable.run(ReschedulingRunnable.java:95)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run$$$capture(FutureTask.java:266)
at java.util.concurrent.FutureTask.run(FutureTask.java)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.waitForConnect(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:85)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:172)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:589)
at sun.net.NetworkClient.doConnect(NetworkClient.java:175)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:432)
at sun.net.www.http.HttpClient.openServer(HttpClient.java:527)
at sun.net.www.http.HttpClient.<init>(HttpClient.java:211)
at sun.net.www.http.HttpClient.New(HttpClient.java:308)
at sun.net.www.http.HttpClient.New(HttpClient.java:326)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(HttpURLConnection.java:1202)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect0(HttpURLConnection.java:1138)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection.java:1032)
at sun.net.www.protocol.http.HttpURLConnection.connect(HttpURLConnection.java:966)
at org.springframework.http.client.SimpleBufferingClientHttpRequest.executeInternal(SimpleBufferingClientHttpRequest.java:76)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:109)
at com.config.RestTemplateConfig$LoggingInterceptor.intercept(RestTemplateConfig.java:62)
at org.springframework.http.client.InterceptingClientHttpRequest$InterceptingRequestExecution.execute(InterceptingClientHttpRequest.java:93)
at org.springframework.http.client.InterceptingClientHttpRequest.executeInternal(InterceptingClientHttpRequest.java:77)
at org.springframework.http.client.AbstractBufferingClientHttpRequest.executeInternal(AbstractBufferingClientHttpRequest.java:48)
at org.springframework.http.client.AbstractClientHttpRequest.execute(AbstractClientHttpRequest.java:66)
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:776)
... 26 common frames omitted
2026-01-10 14:26:02.543 [scheduling-4] ERROR c.c.service.AccessLogAlertService - 调用算法API失败: http://192.168.4.33:5001/Webshell - 无响应
2026-01-10 14:26:02.543 [scheduling-4] INFO c.c.service.AccessLogAlertService - 访问日志告警处理任务完成,下次将从 2026-01-10T14:26:00.172 开始处理
2026-01-10 14:27:00.097 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:27:00.097 [scheduling-8] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:27:00.013晚于默认保留时间2026-01-03T14:27:00.097,使用默认时间
2026-01-10 14:27:00.181 [scheduling-8] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:27:00.097天前的日志共删除0条
2026-01-10 14:27:00.265 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:27:00.270 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时173ms
2026-01-10 14:27:00.270 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:27:00.270
2026-01-10 14:27:00.270 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:27:00.270
2026-01-10 14:27:00.748 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:27:00.748 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 478ms
2026-01-10 14:28:00.002 [scheduling-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:28:00.002 [log-processor-7] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:28:00.085 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:28:00.085 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:28:00.002晚于默认保留时间2026-01-03T14:28:00.085,使用默认时间
2026-01-10 14:28:00.172 [scheduling-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:28:00.173 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:28:00.085天前的日志共删除0条
2026-01-10 14:28:00.173 [log-processor-7] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:28:00.257 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时172ms
2026-01-10 14:28:00.257 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:28:00.257
2026-01-10 14:28:00.257 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:28:00.257
2026-01-10 14:28:00.257 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:28:00.322 [scheduling-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:28:00.415 [log-processor-7] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:28:00.725 [scheduling-5] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:28:00.725 [scheduling-5] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 468ms
2026-01-10 14:29:00.089 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:29:00.089 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:29:00.003晚于默认保留时间2026-01-03T14:29:00.089,使用默认时间
2026-01-10 14:29:00.172 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:29:00.089天前的日志共删除0条
2026-01-10 14:29:00.262 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:29:00.262 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时173ms
2026-01-10 14:29:00.262 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:29:00.262
2026-01-10 14:29:00.262 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:29:00.262
2026-01-10 14:29:00.715 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:29:00.715 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 453ms
2026-01-10 14:30:00.009 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:30:00.009 [log-processor-8] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:30:00.093 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:30:00.094 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:30:00.009晚于默认保留时间2026-01-03T14:30:00.094,使用默认时间
2026-01-10 14:30:00.179 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:30:00.094天前的日志共删除0条
2026-01-10 14:30:00.179 [log-processor-8] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:30:00.179 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:30:00.263 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时170ms
2026-01-10 14:30:00.263 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:30:00.263
2026-01-10 14:30:00.263 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:30:00.263
2026-01-10 14:30:00.264 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:30:00.329 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:30:00.624 [log-processor-8] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:30:00.726 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:30:00.727 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 464ms
2026-01-10 14:31:00.011 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 14:25:00,结束时间2026-01-10 14:30:00
2026-01-10 14:31:00.011 [scheduling-10] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:25 - 2026-01-10T14:30
2026-01-10 14:31:00.095 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:31:00.275 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时180ms
2026-01-10 14:31:00.275 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:31:00.275
2026-01-10 14:31:00.275 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:31:00.275
2026-01-10 14:31:00.480 [scheduling-10] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:31:00.480 [scheduling-10] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:31:00.481 [scheduling-10] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:25 - 2026-01-10T14:30
2026-01-10 14:31:00.569 [scheduling-10] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:31:00.569 [scheduling-10] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:31:00.569 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 14:31:00.774 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:31:00.774 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 499ms
2026-01-10 14:31:05.022 [scheduling-4] WARN com.zaxxer.hikari.pool.PoolBase - HikariPool-1 - Failed to validate connection org.postgresql.jdbc.PgConnection@7cb5b9e1 (This connection has been closed.). Possibly consider using a shorter maxLifetime value.
2026-01-10 14:31:05.395 [scheduling-4] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:31:00.011晚于默认保留时间2026-01-03T14:31:05.395,使用默认时间
2026-01-10 14:31:05.480 [scheduling-4] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:31:05.395天前的日志共删除0条
2026-01-10 14:31:05.563 [scheduling-4] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:32:00.005 [scheduling-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:32:00.005 [log-processor-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:32:00.087 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:32:00.005晚于默认保留时间2026-01-03T14:32:00.087,使用默认时间
2026-01-10 14:32:00.088 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:32:00.171 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:32:00.087天前的日志共删除0条
2026-01-10 14:32:00.178 [log-processor-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:32:00.179 [scheduling-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:32:00.254 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:32:00.256 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时168ms
2026-01-10 14:32:00.257 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:32:00.257
2026-01-10 14:32:00.257 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:32:00.257
2026-01-10 14:32:00.653 [log-processor-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:32:00.653 [scheduling-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:32:00.694 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:32:00.694 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 437ms
2026-01-10 14:33:00.090 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:33:00.008晚于默认保留时间2026-01-03T14:33:00.090,使用默认时间
2026-01-10 14:33:00.091 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:33:00.173 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:33:00.090天前的日志共删除0条
2026-01-10 14:33:00.255 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:33:00.260 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时169ms
2026-01-10 14:33:00.260 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:33:00.260
2026-01-10 14:33:00.260 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:33:00.260
2026-01-10 14:33:00.763 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:33:00.763 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 503ms
2026-01-10 14:34:00.002 [scheduling-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:34:00.002 [log-processor-10] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:34:00.086 [scheduling-2] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:34:00.002晚于默认保留时间2026-01-03T14:34:00.086,使用默认时间
2026-01-10 14:34:00.087 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:34:00.169 [scheduling-2] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:34:00.086天前的日志共删除0条
2026-01-10 14:34:00.174 [log-processor-10] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:34:00.176 [scheduling-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:34:00.244 [scheduling-2] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:34:00.257 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时170ms
2026-01-10 14:34:00.257 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:34:00.257
2026-01-10 14:34:00.257 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:34:00.257
2026-01-10 14:34:00.295 [log-processor-10] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:34:00.299 [scheduling-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:34:00.724 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:34:00.724 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 467ms
2026-01-10 14:35:00.102 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:35:00.018晚于默认保留时间2026-01-03T14:35:00.102,使用默认时间
2026-01-10 14:35:00.102 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:35:00.186 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:35:00.102天前的日志共删除0条
2026-01-10 14:35:00.270 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:35:00.275 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时173ms
2026-01-10 14:35:00.275 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:35:00.275
2026-01-10 14:35:00.275 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:35:00.275
2026-01-10 14:35:00.800 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:35:00.800 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 525ms
2026-01-10 14:36:00.002 [scheduling-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:36:00.002 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:36:00.002 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 14:30:00,结束时间2026-01-10 14:35:00
2026-01-10 14:36:00.003 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:30 - 2026-01-10T14:35
2026-01-10 14:36:00.088 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:36:00.002晚于默认保留时间2026-01-03T14:36:00.088,使用默认时间
2026-01-10 14:36:00.104 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:36:00.173 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:36:00.088天前的日志共删除0条
2026-01-10 14:36:00.174 [scheduling-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:36:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:36:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:36:00.174 [scheduling-6] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:30 - 2026-01-10T14:35
2026-01-10 14:36:00.255 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:36:00.263 [scheduling-6] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:36:00.263 [scheduling-6] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:36:00.263 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 14:36:00.282 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时178ms
2026-01-10 14:36:00.282 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:36:00.282
2026-01-10 14:36:00.282 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:36:00.282
2026-01-10 14:36:00.307 [scheduling-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:36:00.471 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:36:00.765 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:36:00.766 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 484ms
2026-01-10 14:36:00.900 [log-processor-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:37:00.093 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:37:00.013晚于默认保留时间2026-01-03T14:37:00.093,使用默认时间
2026-01-10 14:37:00.093 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:37:00.178 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:37:00.093天前的日志共删除0条
2026-01-10 14:37:00.259 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:37:00.573 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时480ms
2026-01-10 14:37:00.573 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:37:00.573
2026-01-10 14:37:00.573 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:37:00.573
2026-01-10 14:37:01.144 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:37:01.145 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 572ms
2026-01-10 14:38:00.012 [scheduling-9] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:38:00.012 [log-processor-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:38:00.095 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:38:00.095 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:38:00.012晚于默认保留时间2026-01-03T14:38:00.095,使用默认时间
2026-01-10 14:38:00.178 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:38:00.095天前的日志共删除0条
2026-01-10 14:38:00.179 [log-processor-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:38:00.180 [scheduling-9] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:38:00.262 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:38:00.262 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时167ms
2026-01-10 14:38:00.262 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:38:00.262
2026-01-10 14:38:00.262 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:38:00.262
2026-01-10 14:38:00.320 [log-processor-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:38:00.320 [scheduling-9] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:38:00.755 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:38:00.755 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 493ms
2026-01-10 14:39:00.095 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:39:00.011晚于默认保留时间2026-01-03T14:39:00.095,使用默认时间
2026-01-10 14:39:00.096 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:39:00.179 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:39:00.095天前的日志共删除0条
2026-01-10 14:39:00.262 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时166ms
2026-01-10 14:39:00.262 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:39:00.262 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:39:00.262
2026-01-10 14:39:00.262 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:39:00.262
2026-01-10 14:39:00.713 [scheduling-1] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:39:00.714 [scheduling-1] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 452ms
2026-01-10 14:40:00.013 [scheduling-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:40:00.013 [log-processor-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:40:00.104 [scheduling-6] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:40:00.013晚于默认保留时间2026-01-03T14:40:00.104,使用默认时间
2026-01-10 14:40:00.105 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:40:00.176 [log-processor-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:40:00.178 [scheduling-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:40:00.190 [scheduling-6] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:40:00.104天前的日志共删除0条
2026-01-10 14:40:00.274 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:40:00.274 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时169ms
2026-01-10 14:40:00.274 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:40:00.274
2026-01-10 14:40:00.274 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:40:00.274
2026-01-10 14:40:00.281 [log-processor-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:40:00.536 [scheduling-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:40:00.747 [scheduling-4] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:40:00.747 [scheduling-4] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 473ms
2026-01-10 14:41:00.013 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 14:35:00,结束时间2026-01-10 14:40:00
2026-01-10 14:41:00.013 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:35 - 2026-01-10T14:40
2026-01-10 14:41:00.095 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:41:00.097 [scheduling-6] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:41:00.013晚于默认保留时间2026-01-03T14:41:00.097,使用默认时间
2026-01-10 14:41:00.179 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:41:00.179 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:41:00.179 [scheduling-8] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:35 - 2026-01-10T14:40
2026-01-10 14:41:00.180 [scheduling-6] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:41:00.097天前的日志共删除0条
2026-01-10 14:41:00.262 [scheduling-8] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:41:00.262 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时167ms
2026-01-10 14:41:00.262 [scheduling-8] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:41:00.262 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:41:00.262
2026-01-10 14:41:00.262 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 14:41:00.262 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:41:00.262
2026-01-10 14:41:00.265 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:41:00.698 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:41:00.698 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 436ms
2026-01-10 14:42:00.001 [log-processor-4] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:42:00.001 [scheduling-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:42:00.081 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:42:00.001晚于默认保留时间2026-01-03T14:42:00.081,使用默认时间
2026-01-10 14:42:00.101 [scheduling-9] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:42:00.161 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:42:00.081天前的日志共删除0条
2026-01-10 14:42:00.166 [log-processor-4] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:42:00.166 [scheduling-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:42:00.240 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:42:00.271 [scheduling-9] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时170ms
2026-01-10 14:42:00.271 [scheduling-9] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:42:00.271
2026-01-10 14:42:00.272 [scheduling-9] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:42:00.272
2026-01-10 14:42:00.272 [log-processor-4] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:42:00.272 [scheduling-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:42:00.748 [scheduling-9] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:42:00.749 [scheduling-9] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 478ms
2026-01-10 14:43:00.091 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:43:00.095 [scheduling-9] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:43:00.010晚于默认保留时间2026-01-03T14:43:00.095,使用默认时间
2026-01-10 14:43:00.179 [scheduling-9] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:43:00.095天前的日志共删除0条
2026-01-10 14:43:00.262 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时171ms
2026-01-10 14:43:00.262 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:43:00.262
2026-01-10 14:43:00.262 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:43:00.262
2026-01-10 14:43:00.263 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:43:00.724 [scheduling-7] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:43:00.724 [scheduling-7] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 462ms
2026-01-10 14:44:00.010 [scheduling-3] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:44:00.011 [log-processor-6] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:44:00.093 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:44:00.097 [scheduling-6] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:44:00.011晚于默认保留时间2026-01-03T14:44:00.097,使用默认时间
2026-01-10 14:44:00.177 [scheduling-3] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:44:00.183 [scheduling-6] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:44:00.097天前的日志共删除0条
2026-01-10 14:44:00.183 [log-processor-6] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:44:00.253 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时160ms
2026-01-10 14:44:00.253 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:44:00.253
2026-01-10 14:44:00.253 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:44:00.253
2026-01-10 14:44:00.266 [scheduling-6] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:44:00.320 [scheduling-3] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:44:00.413 [log-processor-6] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:44:00.756 [scheduling-10] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:44:00.756 [scheduling-10] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 503ms
2026-01-10 14:45:00.084 [scheduling-10] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:45:00.002晚于默认保留时间2026-01-03T14:45:00.084,使用默认时间
2026-01-10 14:45:00.085 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:45:00.166 [scheduling-10] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:45:00.084天前的日志共删除0条
2026-01-10 14:45:00.247 [scheduling-10] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:45:00.260 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时175ms
2026-01-10 14:45:00.260 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:45:00.260
2026-01-10 14:45:00.260 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:45:00.260
2026-01-10 14:45:01.026 [scheduling-6] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:45:01.026 [scheduling-6] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 766ms
2026-01-10 14:46:00.001 [scheduling-7] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:46:00.001 [log-processor-5] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:46:00.001 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - ETL任务开始执行开始时间2026-01-10 14:40:00,结束时间2026-01-10 14:45:00
2026-01-10 14:46:00.001 [scheduling-9] INFO com.common.service.DataExtractor - 开始处理指定时间范围内访问日志数据,时间范围: 2026-01-10T14:40 - 2026-01-10T14:45
2026-01-10 14:46:00.103 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:46:00.167 [scheduling-7] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:46:00.171 [scheduling-9] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:46:00.171 [scheduling-9] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:46:00.171 [log-processor-5] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:46:00.171 [scheduling-9] INFO com.common.service.DataExtractor - 开始处理告警类型指定时间范围内数据,时间范围: 2026-01-10T14:40 - 2026-01-10T14:45
2026-01-10 14:46:00.256 [scheduling-9] INFO com.common.service.DataExtractor - 指定时间范围分组数据量: 0 组
2026-01-10 14:46:00.256 [scheduling-9] INFO com.common.service.DataExtractor - 没有需要处理的数据
2026-01-10 14:46:00.256 [scheduling-9] INFO com.common.schedule.ETLOrchestrator - 定时ETL任务执行完成耗时: 0 秒
2026-01-10 14:46:00.279 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时176ms
2026-01-10 14:46:00.279 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:46:00.279
2026-01-10 14:46:00.279 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:46:00.279
2026-01-10 14:46:00.394 [scheduling-8] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:46:00.001晚于默认保留时间2026-01-03T14:46:00.394,使用默认时间
2026-01-10 14:46:00.407 [log-processor-5] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:46:00.475 [scheduling-8] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:46:00.394天前的日志共删除0条
2026-01-10 14:46:00.559 [scheduling-8] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:46:00.630 [scheduling-7] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:26:00.172
2026-01-10 14:46:00.798 [scheduling-2] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:46:00.798 [scheduling-2] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 519ms
2026-01-10 14:46:57.053 [main] INFO com.syslogApplication - Starting syslogApplication using Java 1.8.0_121 on LAPTOP-ARDUR3N0 with PID 29532 (E:\GIT_GOSAME\haobang-security-xdr\syslog-consumer\target\classes started by chenc in E:\GIT_GOSAME\haobang-security-xdr)
2026-01-10 14:46:57.053 [background-preinit] INFO o.h.validator.internal.util.Version - HV000001: Hibernate Validator 6.2.5.Final
2026-01-10 14:46:57.058 [main] INFO com.syslogApplication - No active profile set, falling back to 1 default profile: "default"
2026-01-10 14:47:00.045 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 14:47:00.045 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Elasticsearch repositories in DEFAULT mode.
2026-01-10 14:47:00.496 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 444 ms. Found 1 Elasticsearch repository interfaces.
2026-01-10 14:47:00.500 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 14:47:00.500 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Reactive Elasticsearch repositories in DEFAULT mode.
2026-01-10 14:47:00.596 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Reactive Elasticsearch - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Reactive Elasticsearch repository, consider annotating your entities with one of these annotations: org.springframework.data.elasticsearch.annotations.Document (preferred), or consider extending one of the following types with your repository: org.springframework.data.elasticsearch.repository.ReactiveElasticsearchRepository
2026-01-10 14:47:00.597 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 93 ms. Found 0 Reactive Elasticsearch repository interfaces.
2026-01-10 14:47:00.621 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Multiple Spring Data modules found, entering strict repository configuration mode
2026-01-10 14:47:00.623 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Bootstrapping Spring Data Redis repositories in DEFAULT mode.
2026-01-10 14:47:00.724 [main] INFO o.s.d.r.c.RepositoryConfigurationExtensionSupport - Spring Data Redis - Could not safely identify store assignment for repository candidate interface com.common.service.AppLogRepository; If you want this repository to be a Redis repository, consider annotating your entities with one of these annotations: org.springframework.data.redis.core.RedisHash (preferred), or consider extending one of the following types with your repository: org.springframework.data.keyvalue.repository.KeyValueRepository
2026-01-10 14:47:00.724 [main] INFO o.s.d.r.c.RepositoryConfigurationDelegate - Finished Spring Data repository scanning in 94 ms. Found 0 Redis repository interfaces.
2026-01-10 14:47:01.438 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat initialized with port(s): 8089 (http)
2026-01-10 14:47:01.445 [main] INFO o.a.coyote.http11.Http11NioProtocol - Initializing ProtocolHandler ["http-nio-8089"]
2026-01-10 14:47:01.445 [main] INFO o.a.catalina.core.StandardService - Starting service [Tomcat]
2026-01-10 14:47:01.446 [main] INFO o.a.catalina.core.StandardEngine - Starting Servlet engine: [Apache Tomcat/9.0.65]
2026-01-10 14:47:01.674 [main] INFO o.a.c.c.C.[.[.[/xdrservice] - Initializing Spring embedded WebApplicationContext
2026-01-10 14:47:01.674 [main] INFO o.s.b.w.s.c.ServletWebServerApplicationContext - Root WebApplicationContext: initialization completed in 4533 ms
2026-01-10 14:47:01.728 [main] INFO o.s.b.f.a.AutowiredAnnotationBeanPostProcessor - Autowired annotation is not supported on static fields: private static com.common.service.DmColumnService com.syslogApplication.dmColumnService
2026-01-10 14:47:04.308 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes
2026-01-10 14:47:04.626 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.insert] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Insert]
2026-01-10 14:47:04.642 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.update] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.Update]
2026-01-10 14:47:04.665 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.deleteById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.DeleteById]
2026-01-10 14:47:04.682 [main] WARN c.b.m.core.injector.AbstractMethod - [com.common.mapper.DeviceCollectTaskMapper.selectById] Has been loaded by XML or SqlProvider or Mybatis's Annotation, so ignoring this injection for [class com.baomidou.mybatisplus.core.injector.methods.SelectById]
2026-01-10 14:47:04.730 [main] ERROR c.b.m.core.MybatisConfiguration - mapper[com.common.mapper.SecExceptionAlgorithmMapper.findById] is ignored, because it exists, maybe from xml file
2026-01-10 14:47:09.423 [main] INFO c.c.service.AccessLogAlertService - 初始化AccessLogAlertService上次处理时间: 2026-01-10T14:45:09.423
2026-01-10 14:47:09.448 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Starting...
2026-01-10 14:47:10.068 [main] INFO com.zaxxer.hikari.HikariDataSource - HikariPool-1 - Start completed.
2026-01-10 14:47:10.178 [main] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:47:11.197 [main] INFO com.influx.InfluxDBClient - InfluxDB connection successful: ready for queries and writes
2026-01-10 14:47:11.323 [main] INFO com.common.util.MyBatisUtil - MyBatis 初始化成功
2026-01-10 14:47:12.312 [main] INFO org.quartz.impl.StdSchedulerFactory - Using default implementation for ThreadExecutor
2026-01-10 14:47:12.320 [main] INFO o.quartz.core.SchedulerSignalerImpl - Initialized Scheduler Signaller of type: class org.quartz.core.SchedulerSignalerImpl
2026-01-10 14:47:12.320 [main] INFO org.quartz.core.QuartzScheduler - Quartz Scheduler v.2.3.2 created.
2026-01-10 14:47:12.320 [main] INFO org.quartz.simpl.RAMJobStore - RAMJobStore initialized.
2026-01-10 14:47:12.320 [main] INFO org.quartz.core.QuartzScheduler - Scheduler meta-data: Quartz Scheduler (v2.3.2) 'quartzScheduler' with instanceId 'NON_CLUSTERED'
Scheduler class: 'org.quartz.core.QuartzScheduler' - running locally.
NOT STARTED.
Currently in standby mode.
Number of jobs executed: 0
Using thread pool 'org.quartz.simpl.SimpleThreadPool' - with 10 threads.
Using job-store 'org.quartz.simpl.RAMJobStore' - which does not support persistence. and is not clustered.
2026-01-10 14:47:12.320 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler 'quartzScheduler' initialized from an externally provided properties instance.
2026-01-10 14:47:12.320 [main] INFO org.quartz.impl.StdSchedulerFactory - Quartz scheduler version: 2.3.2
2026-01-10 14:47:12.320 [main] INFO org.quartz.core.QuartzScheduler - JobFactory set to: org.springframework.scheduling.quartz.SpringBeanJobFactory@481f2acb
2026-01-10 14:47:12.481 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0
2026-01-10 14:47:12.481 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53
2026-01-10 14:47:12.481 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768027632481
2026-01-10 14:47:12.500 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka version: 3.4.0
2026-01-10 14:47:12.500 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka commitId: 2e1947d240607d53
2026-01-10 14:47:12.500 [main] INFO o.a.kafka.common.utils.AppInfoParser - Kafka startTimeMs: 1768027632500
2026-01-10 14:47:12.502 [main] INFO o.a.coyote.http11.Http11NioProtocol - Starting ProtocolHandler ["http-nio-8089"]
2026-01-10 14:47:12.514 [main] INFO o.s.b.w.e.tomcat.TomcatWebServer - Tomcat started on port(s): 8089 (http) with context path '/xdrservice'
2026-01-10 14:47:12.514 [main] INFO o.s.s.quartz.SchedulerFactoryBean - Starting Quartz Scheduler now
2026-01-10 14:47:12.514 [main] INFO org.quartz.core.QuartzScheduler - Scheduler quartzScheduler_$_NON_CLUSTERED started.
2026-01-10 14:47:12.527 [main] INFO com.syslogApplication - Started syslogApplication in 15.978 seconds (JVM running for 21.192)
2026-01-10 14:47:27.968 [org.springframework.kafka.KafkaListenerEndpointContainer#0-1-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: []
2026-01-10 14:47:27.981 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO o.s.k.l.KafkaMessageListenerContainer - test-group-app: partitions assigned: [test-topic-0]
2026-01-10 14:48:00.016 [scheduling-2] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:48:00.016 [log-processor-1] INFO c.c.service.AccessLogAlertService - 开始执行访问日志告警处理任务
2026-01-10 14:48:00.104 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:48:00.194 [log-processor-1] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:48:00.194 [scheduling-2] INFO c.c.service.AccessLogAlertService - 加载了 1 个启用的算法配置
2026-01-10 14:48:00.287 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时183ms
2026-01-10 14:48:00.287 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:48:00.287
2026-01-10 14:48:00.290 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:48:00.290
2026-01-10 14:48:00.401 [scheduling-1] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:48:00.006晚于默认保留时间2026-01-03T14:48:00.401,使用默认时间
2026-01-10 14:48:00.485 [scheduling-1] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:48:00.401天前的日志共删除0条
2026-01-10 14:48:00.569 [scheduling-1] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:48:00.666 [scheduling-2] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:45:09.423
2026-01-10 14:48:00.666 [log-processor-1] INFO c.c.service.AccessLogAlertService - 没有发现新的日志数据,上次处理时间: 2026-01-10T14:45:09.423
2026-01-10 14:48:00.797 [scheduling-3] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:48:00.797 [scheduling-3] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 510ms
2026-01-10 14:48:21.353 [http-nio-8089-exec-1] INFO o.s.web.servlet.DispatcherServlet - Initializing Servlet 'dispatcherServlet'
2026-01-10 14:48:21.356 [http-nio-8089-exec-1] INFO o.s.web.servlet.DispatcherServlet - Completed initialization in 3 ms
2026-01-10 14:48:21.557 [http-nio-8089-exec-1] INFO com.controllers.SyslogPushController - 收到syslog发送请求: SyslogRequest{ip='192.168.0.103', port=514, logContent='<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}', protocol='TCP', facility='USER', severity='INFO'}
2026-01-10 14:48:21.558 [http-nio-8089-exec-1] INFO com.common.service.SyslogService - 开始发送syslog消息: IP=192.168.0.103, Port=514
2026-01-10 14:48:21.559 [http-nio-8089-exec-1] INFO com.common.service.SyslogService - TCP Syslog消息发送成功: 192.168.0.103:514
2026-01-10 14:48:21.559 [http-nio-8089-exec-1] INFO com.controllers.SyslogPushController - Syslog消息发送成功: IP=192.168.0.103, Port=514
2026-01-10 14:48:21.989 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO c.Modules.NormalData.SysLogProcessor - 开始处理批次消息,数量: 1
2026-01-10 14:48:21.991 [log-processor-2] INFO c.Modules.NormalData.SysLogProcessor - 收到syslogmessage[receive_time=20260110144821572 device_id=248 device_name=开发环境设备-HOME vendor=HFish data_type=json device_collect_id=1]<0> 2026-01-10T05:28:32+08:00 ubuntu log_forward[3419]: {"timestamp":"2026-01-10T05:28:32.806781+0800","flow_id":1671852309144385,"community_id":"uLeKRLkXu9m0D0DNn6wIg7CcdOs=","serial_num":"CJFBT92","origin":"eno4","xdr_log_type":"http","vxlan_vni":256,"src_ip":"172.16.121.137","src_port":51114,"dest_ip":"110.43.89.7","dest_port":80,"proto":"TCP","app_proto":"http","tcp_sequence":3553898360,"tcp_ack_sequence":3537707565,"ether":{"src_mac":"90:f1:b0:fb:81:a1","dest_mac":"a4:7b:2c:21:03:79"},"host":"rq.lbcct.cloud.duba.net","host_md5":"51cfa6d0981c8eb355a9b3af716da08d","uri":"/query?1767994112","uri_md5":"f28f2c62d0dd01c355caa05815d93d99","referer":"","method":"POST","protocol":"HTTP/1.1","status":200,"req_content_type":"application/x-www-form-urlencoded","request_headers":"host: rq.lbcct.cloud.duba.net\r\naccept: */*\r\ncontent-length: 85\r\ncontent-type: application/x-www-form-urlencoded\r\n","rsp_content_type":"text/plain","response_headers":"server: Tengine/1.5.2\r\ndate: Fri, 09 Jan 2026 21:28:32 GMT\r\ncontent-type: text/plain\r\nContent-Length: 54\r\nConnection: keep-alive\r\nContent-Tag: 1936292435\r\n"}
2026-01-10 14:48:27.681 [log-processor-2] WARN c.c.service.LogDataFilterService - 泛化规则-数据过滤规则为空,默认不处理!
2026-01-10 14:48:45.272 [org.springframework.kafka.KafkaListenerEndpointContainer#0-0-C-1] INFO c.Modules.NormalData.SysLogProcessor - 批次处理完成,总数: 1
2026-01-10 14:49:00.096 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备统计更新任务...
2026-01-10 14:49:00.096 [scheduling-7] WARN c.c.s.i.DeviceReceiveLogServiceImpl - 删除时间点2026-01-08T14:49:00.012晚于默认保留时间2026-01-03T14:49:00.096,使用默认时间
2026-01-10 14:49:00.185 [scheduling-7] INFO c.c.s.i.DeviceReceiveLogServiceImpl - 删除2026-01-03T14:49:00.096天前的日志共删除0条
2026-01-10 14:49:00.267 [scheduling-7] INFO com.common.schedule.ETLOrchestrator - 定时清理任务完成删除0条2天前的日志
2026-01-10 14:49:00.283 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备统计更新完成处理设备数1耗时187ms
2026-01-10 14:49:00.283 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 开始执行设备采集探针任务时间更新,时间: 2026-01-10T14:49:00.283
2026-01-10 14:49:00.283 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 开始批量更新设备采集任务时间,当前时间: 2026-01-10T14:49:00.283
2026-01-10 14:49:00.813 [scheduling-8] INFO c.c.s.DeviceCollectTaskUpdateService - 批量更新完成,总计: 48已更新: 1
2026-01-10 14:49:00.813 [scheduling-8] INFO c.c.service.DeviceStatsUpdateService - 设备采集探针任务时间更新完成,耗时: 530ms
Reference in New Issue View Git Blame Copy Permalink