summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortanghao <[email protected]>2024-10-28 10:21:19 +0800
committertanghao <[email protected]>2024-10-28 10:21:19 +0800
commit507000b9072e2184ddb289f2579eda2e6911901d (patch)
treefe9d2137ecb4aef9cacdff368e416a86cc622fba
parentfe1a4062323da61d76c8c0773bb1037b8fe168dc (diff)
fix: tag相关接口增加subscriber
Diffstat
-rw-r--r--cn-admin/src/main/java/net/geedge/modules/knowledge/dao/IntelligenceIndicatorDao.java2
-rw-r--r--cn-admin/src/main/java/net/geedge/modules/knowledge/entity/IntelligenceIndicator.java2
-rw-r--r--cn-admin/src/main/java/net/geedge/modules/knowledge/enums/EntityType.java16
-rw-r--r--cn-admin/src/main/java/net/geedge/modules/knowledge/service/IntelligenceIndicatorService.java2
-rw-r--r--cn-admin/src/main/java/net/geedge/modules/knowledge/service/TagService.java2
-rw-r--r--cn-admin/src/main/java/net/geedge/modules/knowledge/service/impl/IntelligenceIndicatorServiceImpl.java5
-rw-r--r--cn-admin/src/main/java/net/geedge/modules/knowledge/service/impl/TagServiceImpl.java19
-rw-r--r--cn-admin/src/main/resources/db/V24.10.28__add intelligence indicator column.sql2
-rw-r--r--cn-admin/src/main/resources/mapper/knowledge/IntelligenceIndicatorDao.xml33
9 files changed, 78 insertions, 5 deletions
diff --git a/cn-admin/src/main/java/net/geedge/modules/knowledge/dao/IntelligenceIndicatorDao.java b/cn-admin/src/main/java/net/geedge/modules/knowledge/dao/IntelligenceIndicatorDao.java
index 019496b..b2db0db 100644
--- a/cn-admin/src/main/java/net/geedge/modules/knowledge/dao/IntelligenceIndicatorDao.java
+++ b/cn-admin/src/main/java/net/geedge/modules/knowledge/dao/IntelligenceIndicatorDao.java
@@ -28,5 +28,7 @@ public interface IntelligenceIndicatorDao extends BaseMapper<IntelligenceIndicat
List<String> queryIpEntityTags(@Param("resource") String resource);
+ List<String> querySubscriberEntityTags(@Param("resource") String resource);
+
List<IntelligenceIndicator> queryList(IPage<IntelligenceIndicator> page, @Param("params") Map<String, Object> params);
}
diff --git a/cn-admin/src/main/java/net/geedge/modules/knowledge/entity/IntelligenceIndicator.java b/cn-admin/src/main/java/net/geedge/modules/knowledge/entity/IntelligenceIndicator.java
index a8bf9a5..d2484bf 100644
--- a/cn-admin/src/main/java/net/geedge/modules/knowledge/entity/IntelligenceIndicator.java
+++ b/cn-admin/src/main/java/net/geedge/modules/knowledge/entity/IntelligenceIndicator.java
@@ -34,6 +34,8 @@ public class IntelligenceIndicator {
private String domain;
+ private String subscriber;
+
private String method;
private String confidence;
diff --git a/cn-admin/src/main/java/net/geedge/modules/knowledge/enums/EntityType.java b/cn-admin/src/main/java/net/geedge/modules/knowledge/enums/EntityType.java
new file mode 100644
index 0000000..84bd38e
--- /dev/null
+++ b/cn-admin/src/main/java/net/geedge/modules/knowledge/enums/EntityType.java
@@ -0,0 +1,16 @@
+package net.geedge.modules.knowledge.enums;
+
+
+public enum EntityType {
+ IP("IP"),DOMAIN("Domain"),SUBSCRIBER("Subscriber");
+
+ private String value;
+
+ public String getValue() {
+ return value;
+ }
+
+ private EntityType(String value) {
+ this.value = value;
+ }
+} \ No newline at end of file
diff --git a/cn-admin/src/main/java/net/geedge/modules/knowledge/service/IntelligenceIndicatorService.java b/cn-admin/src/main/java/net/geedge/modules/knowledge/service/IntelligenceIndicatorService.java
index 1f4ebe9..782418a 100644
--- a/cn-admin/src/main/java/net/geedge/modules/knowledge/service/IntelligenceIndicatorService.java
+++ b/cn-admin/src/main/java/net/geedge/modules/knowledge/service/IntelligenceIndicatorService.java
@@ -37,5 +37,7 @@ public interface IntelligenceIndicatorService extends IService<IntelligenceIndic
List<String> queryIpEntityTags(String resource);
+ List<String> querySubscriberEntityTags(String resource);
+
PageUtils queryList(Map<String,Object> params);
}
diff --git a/cn-admin/src/main/java/net/geedge/modules/knowledge/service/TagService.java b/cn-admin/src/main/java/net/geedge/modules/knowledge/service/TagService.java
index 22ef514..7c758da 100644
--- a/cn-admin/src/main/java/net/geedge/modules/knowledge/service/TagService.java
+++ b/cn-admin/src/main/java/net/geedge/modules/knowledge/service/TagService.java
@@ -30,4 +30,6 @@ public interface TagService extends IService<Tag> {
List<Map<String,Object>> queryDomainEntityTags(String resource);
List<Map<String,Object>> queryIpEntityTags(String resource);
+
+ List<Map<String,Object>> querySubscriberEntityTags(String resource);
}
diff --git a/cn-admin/src/main/java/net/geedge/modules/knowledge/service/impl/IntelligenceIndicatorServiceImpl.java b/cn-admin/src/main/java/net/geedge/modules/knowledge/service/impl/IntelligenceIndicatorServiceImpl.java
index bbaa38d..733bfaa 100644
--- a/cn-admin/src/main/java/net/geedge/modules/knowledge/service/impl/IntelligenceIndicatorServiceImpl.java
+++ b/cn-admin/src/main/java/net/geedge/modules/knowledge/service/impl/IntelligenceIndicatorServiceImpl.java
@@ -198,6 +198,11 @@ public class IntelligenceIndicatorServiceImpl extends ServiceImpl<IntelligenceIn
}
@Override
+ public List<String> querySubscriberEntityTags(String resource) {
+ return this.baseMapper.querySubscriberEntityTags(resource);
+ }
+
+ @Override
public PageUtils queryList(Map<String, Object> params) {
IPage page = this.page(new Query(IntelligenceIndicator.class).getPage(params));
List<IntelligenceIndicator> intelligenceIndicators = this.baseMapper.queryList(page, params);
diff --git a/cn-admin/src/main/java/net/geedge/modules/knowledge/service/impl/TagServiceImpl.java b/cn-admin/src/main/java/net/geedge/modules/knowledge/service/impl/TagServiceImpl.java
index 43ca728..c9ad374 100644
--- a/cn-admin/src/main/java/net/geedge/modules/knowledge/service/impl/TagServiceImpl.java
+++ b/cn-admin/src/main/java/net/geedge/modules/knowledge/service/impl/TagServiceImpl.java
@@ -21,6 +21,7 @@ import net.geedge.common.exception.CNException;
import net.geedge.common.utils.*;
import net.geedge.modules.knowledge.dao.TagDao;
import net.geedge.modules.knowledge.entity.*;
+import net.geedge.modules.knowledge.enums.EntityType;
import net.geedge.modules.knowledge.service.*;
import net.geedge.modules.sys.service.BasicImportAndExportService;
import net.geedge.modules.sys.service.SysConfigService;
@@ -183,7 +184,7 @@ public class TagServiceImpl extends ServiceImpl<TagDao, Tag> implements TagServi
} else {
intelligenceIndicator.setId(Long.valueOf(String.valueOf(data.get("id"))));
}
- if(data.get("entityType").equals("IP")) {
+ if(data.get("entityType").equals(EntityType.IP.getValue())) {
String[] ipData = KnowledgeCheckUtil.ipToData((String) data.get("entityValue"));
// 计算ip binary
Map<String, String> ipHandler = KnowledgeCheckUtil.ipBinaryHandler(ipData[0],ipData[1],ipData[2]);
@@ -192,8 +193,10 @@ public class TagServiceImpl extends ServiceImpl<TagDao, Tag> implements TagServi
intelligenceIndicator.setIp2(ipData[2]);
intelligenceIndicator.setStartIpBinary(ipHandler.get("start_ip_binary"));
intelligenceIndicator.setEndIpBinary(ipHandler.get("end_ip_binary"));
- } else {
+ } else if(data.get("entityType").equals(EntityType.DOMAIN.getValue())) {
intelligenceIndicator.setDomain((String) data.get("entityValue"));
+ } else if(data.get("entityType").equals(EntityType.SUBSCRIBER.getValue())) {
+ intelligenceIndicator.setSubscriber((String) data.get("entityValue"));
}
intelligenceIndicator.setSourceId(Constant.SOURCE_ID);
intelligenceIndicator.setSourceName(Constant.SOURCE_NAME);
@@ -431,7 +434,7 @@ public class TagServiceImpl extends ServiceImpl<TagDao, Tag> implements TagServi
}
tmpMap.put(headerName, value);
}
- if("IP".equals(tmpMap.get("type"))) {
+ if(EntityType.IP.getValue().equals(tmpMap.get("type"))) {
Map<String, String> ipHandlerResult = KnowledgeCheckUtil.ipBinaryHandler(tmpMap.get("ip_addr_format"),tmpMap.get("ip1"),tmpMap.get("ip2"));
tmpMap.put("start_ip_binary",ipHandlerResult.get("start_ip_binary"));
tmpMap.put("end_ip_binary",ipHandlerResult.get("end_ip_binary"));
@@ -606,4 +609,14 @@ public class TagServiceImpl extends ServiceImpl<TagDao, Tag> implements TagServi
}
return result;
}
+
+ @Override
+ public List<Map<String,Object>> querySubscriberEntityTags(String resource) {
+ List<Map<String,Object>> result = Tool.CollectionUtil.newArrayList();
+ List<String> tagNames = intelligenceIndicatorService.querySubscriberEntityTags(resource);
+ if(ObjectUtil.isNotEmpty(tagNames)) {
+ result = this.baseMapper.queryTagList(tagNames);
+ }
+ return result;
+ }
}
diff --git a/cn-admin/src/main/resources/db/V24.10.28__add intelligence indicator column.sql b/cn-admin/src/main/resources/db/V24.10.28__add intelligence indicator column.sql
new file mode 100644
index 0000000..1101f84
--- /dev/null
+++ b/cn-admin/src/main/resources/db/V24.10.28__add intelligence indicator column.sql
@@ -0,0 +1,2 @@
+ALTER TABLE `cn_intelligence_indicator`
+ADD COLUMN `subscriber` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL AFTER `domain`; \ No newline at end of file
diff --git a/cn-admin/src/main/resources/mapper/knowledge/IntelligenceIndicatorDao.xml b/cn-admin/src/main/resources/mapper/knowledge/IntelligenceIndicatorDao.xml
index 1fc6626..dacae9c 100644
--- a/cn-admin/src/main/resources/mapper/knowledge/IntelligenceIndicatorDao.xml
+++ b/cn-admin/src/main/resources/mapper/knowledge/IntelligenceIndicatorDao.xml
@@ -13,6 +13,7 @@
<result property="startIpBinary" column="start_ip_binary"></result>
<result property="endIpBinary" column="end_ip_binary"></result>
<result property="domain" column="domain"></result>
+ <result property="subscriber" column="subscriber"></result>
<result property="method" column="method"></result>
<result property="confidence" column="confidence"></result>
<result property="tags" column="tags"></result>
@@ -24,10 +25,12 @@
</resultMap>
<select id="indicatorTrend" parameterType="java.util.Map" resultType="java.util.Map">
- SELECT FROM_UNIXTIME(date) as statTime, IFNULL(ipIndicatorCount,0) as ipCount, IFNULL(domainIndicatorCount,0) as domainCount
+ SELECT FROM_UNIXTIME(date) as statTime, IFNULL(ipIndicatorCount,0) as ipCount, IFNULL(domainIndicatorCount,0) as domainCount,
+ IFNULL(subscriberIndicatorCount,0) as subscriberCount
FROM
(
- SELECT statTime, SUM(case when type='IP' then 1 else 0 end) as ipIndicatorCount, SUM(case when type='Domain' then 1 else 0 end) as domainIndicatorCount
+ SELECT statTime, SUM(case when type='IP' then 1 else 0 end) as ipIndicatorCount, SUM(case when type='Domain' then 1 else 0 end) as domainIndicatorCount,
+ SUM(case when type='Subscriber' then 1 else 0 end) as subscriberIndicatorCount
FROM
(
SELECT FLOOR(UNIX_TIMESTAMP(created_time)/(#{params.step}*3600)) * (#{params.step}*3600) AS statTime,type
@@ -83,6 +86,14 @@
#{tag.domain},
</otherwise>
</choose>
+ <choose>
+ <when test="tag.subscriber==null">
+ "",
+ </when>
+ <otherwise>
+ #{tag.subscriber},
+ </otherwise>
+ </choose>
#{tag.method},
#{tag.confidence},
#{tag.tags},
@@ -126,6 +137,14 @@
domain = #{tag.domain},
</otherwise>
</choose>
+ <choose>
+ <when test="tag.subscriber==null">
+ "",
+ </when>
+ <otherwise>
+ #{tag.subscriber},
+ </otherwise>
+ </choose>
tags = #{tag.tags},
last_seen_time = #{tag.lastSeenTime},
updated_time = #{tag.updatedTime}
@@ -171,4 +190,14 @@
where type = "IP" and start_ip_binary &lt;= INET6_ATON(#{resource}) and end_ip_binary &gt;= INET6_ATON(#{resource})
group by tags)
</select>
+
+ <select id="querySubscriberEntityTags" resultType="java.lang.String">
+ select tags from
+ cn_intelligence_indicator
+ where type = "Subscriber" and (subscriber = concat ('$', #{resource}) or LOCATE(substring_index(subscriber, '*', -1), #{resource}) > 0) and updated_time in
+ (select MAX(updated_time) from
+ cn_intelligence_indicator
+ where type = "Subscriber" and (subscriber = concat ('$', #{resource}) or LOCATE(substring_index(subscriber, '*', -1), #{resource}) > 0)
+ group by tags)
+ </select>
</mapper> \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 16:48:51 +0000