新增common_app_label字段补全逻辑.22.05

author: wanglihui <[email protected]> 2022-07-28 14:31:53 +0800
committer: wanglihui <[email protected]> 2022-07-28 14:31:53 +0800
commit: d7dc9a69437fc82252600ce31e1cef627f5837da (patch)
tree: b5ffa77af98673e33bdf3795bb8cb691f2a610dd
parent: 81eaf9d73783c78147ddffcee02643dbf243c5bb (diff)
5 files changed, 75 insertions, 22 deletions
diff --git a/platform-base/src/main/java/com/zdjizhi/base/common/CnRecordLog.java b/platform-base/src/main/java/com/zdjizhi/base/common/CnRecordLog.java
index cd13b15..32bcc2b 100644
--- a/platform-base/src/main/java/com/zdjizhi/base/common/CnRecordLog.java
+++ b/platform-base/src/main/java/com/zdjizhi/base/common/CnRecordLog.java
@@ -15,6 +15,7 @@ public class CnRecordLog implements Serializable {
     private String common_server_ip;
     private int common_client_port;
     private int common_server_port;
+    private Object common_app_id;
     private String common_app_label;
     private String common_l4_protocol;
     private String common_l7_protocol;
@@ -128,6 +129,14 @@ public class CnRecordLog implements Serializable {
     private long ssl_con_latency_ms;
     private long dns_response_latency_ms;
 
+    public Object getCommon_app_id() {
+        return common_app_id;
+    }
+
+    public void setCommon_app_id(Object common_app_id) {
+        this.common_app_id = common_app_id;
+    }
+
     public long getCommon_start_time() {
         return common_start_time;
     }
diff --git a/platform-etl/src/main/java/com/zdjizhi/etl/common/AppSketchLabel.java b/platform-etl/src/main/java/com/zdjizhi/etl/common/AppSketchLabel.java
index ce3dd29..35d6f87 100644
--- a/platform-etl/src/main/java/com/zdjizhi/etl/common/AppSketchLabel.java
+++ b/platform-etl/src/main/java/com/zdjizhi/etl/common/AppSketchLabel.java
@@ -7,6 +7,7 @@ public class AppSketchLabel {
     private Long risk;
     private Integer isProtocol;
     private String appCompany;
+    private Integer appId;
 
     public String getAppName() {
         return appName;
@@ -56,14 +57,32 @@ public class AppSketchLabel {
         this.subCategory = subCategory;
     }
 
+    public Integer getIsProtocol() {
+        return isProtocol;
+    }
+
+    public void setIsProtocol(Integer isProtocol) {
+        this.isProtocol = isProtocol;
+    }
+
+    public Integer getAppId() {
+        return appId;
+    }
+
+    public void setAppId(Integer appId) {
+        this.appId = appId;
+    }
+
     @Override
     public String toString() {
         return "AppSketchLabel{" +
                 "appName='" + appName + '\'' +
                 ", category='" + category + '\'' +
+                ", subCategory='" + subCategory + '\'' +
                 ", risk=" + risk +
                 ", isProtocol=" + isProtocol +
                 ", appCompany='" + appCompany + '\'' +
+                ", appId=" + appId +
                 '}';
     }
 }
diff --git a/platform-etl/src/main/java/com/zdjizhi/etl/utils/AppUtils.java b/platform-etl/src/main/java/com/zdjizhi/etl/utils/AppUtils.java
index e078979..525c2e6 100644
--- a/platform-etl/src/main/java/com/zdjizhi/etl/utils/AppUtils.java
+++ b/platform-etl/src/main/java/com/zdjizhi/etl/utils/AppUtils.java
@@ -11,7 +11,6 @@ import org.slf4j.LoggerFactory;
 
 import java.util.ArrayList;
 import java.util.HashMap;
-import java.util.Set;
 
 public class AppUtils {
     private static Logger LOG = LoggerFactory.getLogger(AppUtils.class);
@@ -19,10 +18,14 @@ public class AppUtils {
     private static JavaType hashmapJsonType = jsonMapperInstance.createCollectionType(HashMap.class, String.class, Object.class);
     private static JavaType listType = jsonMapperInstance.createCollectionType(ArrayList.class, HashMap.class);
 
-    private static HashMap<String, AppSketchLabel> smap = readJson();
+    private static HashMap<String, AppSketchLabel> appmap = new HashMap<>();
+    private static HashMap<Integer, String> appIdMap = new HashMap<>();
 
-    private static HashMap<String, AppSketchLabel> readJson() {
-        HashMap<String, AppSketchLabel> appmap = new HashMap<>();
+    static {
+        readJson();
+    }
+
+    private static void readJson() {
         try {
             String s = JsonUtils.readJsonFile(CommonConfig.APPSKT_PATH);
             ArrayList<HashMap<String, Object>>  jarray = jsonMapperInstance.fromJson(s, listType);
@@ -40,7 +43,9 @@ public class AppUtils {
                     int isProtocol = Integer.parseInt(properties.getOrDefault("isProtocol", "0").toString());
                     appSketchLabel.setProtocol(isProtocol);
                     String appCompany = properties.getOrDefault("appCompany", "").toString();
+                    Integer appId = (Integer)obj.get("appId");
                     String appName = obj.get("appName").toString();
+                    appIdMap.put(appId,appName);
                     if (isProtocol != 1){
                         if (StringUtil.isNotBlank(appCompany)){
                             appSketchLabel.setAppCompany(appCompany);
@@ -56,28 +61,46 @@ public class AppUtils {
         } catch (Exception e) {
             LOG.error("transaction app json error :{}",e);
         }
-        return appmap;
     }
 
     public static void getAppSketchMessage(CnRecordLog entity) {
-        String commonAppLabel = entity.getCommon_app_label();
-        if (smap.containsKey(commonAppLabel)) {
-            AppSketchLabel appSketchLabel = smap.get(commonAppLabel);
-            entity.setApp_subcategory(appSketchLabel.getSubCategory());
-            entity.setApp_risk(appSketchLabel.getRisk());
-            entity.setApp_category(appSketchLabel.getCategory());
-            entity.setApp_is_protocol(appSketchLabel.getProtocol());
-            entity.setApp_company(appSketchLabel.getAppCompany());
+        Object commonAppId = entity.getCommon_app_id();
+        if (commonAppId != null){
+            HashMap<String, Object> appId = jsonMapperInstance.fromJson(jsonMapperInstance.toJson(commonAppId), hashmapJsonType);
+            ArrayList<HashMap<String, Object>> third = (ArrayList<HashMap<String, Object>>)appId.getOrDefault("THIRD", null);
+            if (third != null){
+                Integer id = (Integer) third.get(third.size() - 1).getOrDefault("app_id", 0);
+                String appName = appIdMap.getOrDefault(id, StringUtil.EMPTY);
+                entity.setCommon_app_label(appName);
+                if (appmap.containsKey(appName)) {
+                    AppSketchLabel appSketchLabel = appmap.get(appName);
+                    entity.setApp_subcategory(appSketchLabel.getSubCategory());
+                    entity.setApp_risk(appSketchLabel.getRisk());
+                    entity.setApp_category(appSketchLabel.getCategory());
+                    entity.setApp_is_protocol(appSketchLabel.getProtocol());
+                    entity.setApp_company(appSketchLabel.getAppCompany());
+                }
+            }
+        }else {
+            entity.setCommon_app_label(null);
         }
     }
 
     public static void main(String[] args) throws Exception {
 
-        HashMap<String, AppSketchLabel> map = readJson();
-        Set<String> keySet = map.keySet();
+        /*
+        Set<String> keySet = appmap.keySet();
         for (String key : keySet){
-            System.out.println(map.get(key).toString());
+            System.out.println(appmap.get(key).toString());
         }
-        System.out.println(map.size());
+        System.out.println(appmap.size());
+        */
+
+        for (Integer id: appIdMap.keySet()){
+            String x = appIdMap.get(id);
+            System.out.println(id+"----"+x);
+        }
+        System.out.println(appIdMap.size());
+
     }
 }
 \ No newline at end of file
diff --git a/platform-etl/src/main/java/com/zdjizhi/etl/utils/CompletedUtils.java b/platform-etl/src/main/java/com/zdjizhi/etl/utils/CompletedUtils.java
index 66286b7..3c6e56c 100644
--- a/platform-etl/src/main/java/com/zdjizhi/etl/utils/CompletedUtils.java
+++ b/platform-etl/src/main/java/com/zdjizhi/etl/utils/CompletedUtils.java
@@ -13,10 +13,12 @@ public class CompletedUtils {
     public static void getCompletedMessage(CnRecordLog recordLog){
         recordLog.setCommon_recv_time(recordLog.getCommon_end_time());
 
+        /*
         String commonAppLabel = recordLog.getCommon_app_label();
         if (StringUtil.isBlank(commonAppLabel) || "unknown".equals(commonAppLabel) || commonAppLabel.startsWith("05")){
             recordLog.setCommon_app_label("");
         }
+        */
 
         recordLog.setHttp_status_code(getHttpStatusCode(recordLog));
 
diff --git a/platform-schedule/src/main/resources/business.properties b/platform-schedule/src/main/resources/business.properties
index 868be70..6322cd2 100644
--- a/platform-schedule/src/main/resources/business.properties
+++ b/platform-schedule/src/main/resources/business.properties
@@ -2,8 +2,8 @@
 #dos.detection.task.class=com.zdjizhi.test.DosDetection
 
 cn.record.etl.class=com.zdjizhi.etl.CnRecordEtl
-cn.top.metric.class=com.zdjizhi.top.CnTopMetrics
-cn.security.event.class=com.zdjizhi.security.CnSecurityEvent
-cn.dns.error.detection=com.zdjizhi.detection.dns.DnsErrorDetection
-cn.dns.response.detection=com.zdjizhi.detection.dns.DnsResponseTimeDetection
-cn.http.error.detection=com.zdjizhi.detection.dns.HttpErrorDetection
-\ No newline at end of file
+#cn.top.metric.class=com.zdjizhi.top.CnTopMetrics
+#cn.security.event.class=com.zdjizhi.security.CnSecurityEvent
+#cn.dns.error.detection=com.zdjizhi.detection.dns.DnsErrorDetection
+#cn.dns.response.detection=com.zdjizhi.detection.dns.DnsResponseTimeDetection
+#cn.http.error.detection=com.zdjizhi.detection.dns.HttpErrorDetection
+\ No newline at end of file
author	wanglihui <[email protected]>	2022-07-28 14:31:53 +0800
committer	wanglihui <[email protected]>	2022-07-28 14:31:53 +0800
commit	d7dc9a69437fc82252600ce31e1cef627f5837da (patch)
tree	b5ffa77af98673e33bdf3795bb8cb691f2a610dd
parent	81eaf9d73783c78147ddffcee02643dbf243c5bb (diff)