perf: ensure that the rule_id_list and ioc_type_list hava the same size

author: gujinkai <[email protected]> 2023-10-17 17:26:15 +0800
committer: gujinkai <[email protected]> 2023-10-17 17:26:15 +0800
commit: f81e6d2a825923bab43f50b11576cb9d2e2501d2 (patch)
tree: 78dea575a45fb7b0a0ffc056ffdb61ff01eafad6
parent: 9005d3e52b1976ed7fcbbde4343c226d4358077f (diff)
4 files changed, 26 insertions, 34 deletions
diff --git a/platform-base/src/main/java/com/zdjizhi/base/common/CnRecordLog.java b/platform-base/src/main/java/com/zdjizhi/base/common/CnRecordLog.java
index 777ea88..63fd517 100644
--- a/platform-base/src/main/java/com/zdjizhi/base/common/CnRecordLog.java
+++ b/platform-base/src/main/java/com/zdjizhi/base/common/CnRecordLog.java
@@ -910,6 +910,11 @@ public class CnRecordLog implements Serializable {
         this.ioc_type_list = ioc_type_list;
     }
 
+    public void putRuleIdAndIocType(Long ruleId, String iocType) {
+        this.rule_id_list.add(ruleId);
+        this.ioc_type_list.add(iocType);
+    }
+
     public String getGeo(String geoField, String type) {
         switch (geoField) {
             case "country":
diff --git a/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocDarkWebUtils.java b/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocDarkWebUtils.java
index f460603..86228ff 100644
--- a/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocDarkWebUtils.java
+++ b/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocDarkWebUtils.java
@@ -52,16 +52,14 @@ public class IocDarkWebUtils {
         if (ipMap.containsKey(serverIp)) {
             String ipTag = ipMap.get(serverIp);
             if (tagRuleIdMap.containsKey(ipTag)) {
-                cnRecordLog.getRule_id_list().add(tagRuleIdMap.get(ipTag));
-                cnRecordLog.getIoc_type_list().add("ip");
+                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(ipTag), "ip");
             }
             cnRecordLog.getServer_ip_tags().add(ipTag);
         }
         String domainTag = getDomainTag(cnRecordLog.getDomain());
         if (domainTag != null) {
             if (tagRuleIdMap.containsKey(domainTag)) {
-                cnRecordLog.getRule_id_list().add(tagRuleIdMap.get(domainTag));
-                cnRecordLog.getIoc_type_list().add("domain");
+                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(domainTag), "domain");
             }
             cnRecordLog.getDomain_tags().add(domainTag);
         }
diff --git a/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocMalwareUtils.java b/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocMalwareUtils.java
index 683b011..a1aa3bd 100644
--- a/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocMalwareUtils.java
+++ b/platform-etl/src/main/java/com/zdjizhi/etl/utils/IocMalwareUtils.java
@@ -66,22 +66,19 @@ public class IocMalwareUtils {
         if (ipMap.containsKey(serverIp)) {
             List<String> ipTags = ipMap.get(serverIp);
             if (ipTags.size() > 0 && tagRuleIdMap.containsKey(ipTags.get(0))) {
-                cnRecordLog.getRule_id_list().add(tagRuleIdMap.get(ipTags.get(0)));
-                cnRecordLog.getIoc_type_list().add("ip");
+                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(ipTags.get(0)), "ip");
             }
             cnRecordLog.getServer_ip_tags().addAll(ipTags);
         }
         List<String> domainTags = getDomainTags(cnRecordLog.getDomain());
         if (domainTags.size() > 0 && tagRuleIdMap.containsKey(domainTags.get(0))) {
-            cnRecordLog.getRule_id_list().add(tagRuleIdMap.get(domainTags.get(0)));
-            cnRecordLog.getIoc_type_list().add("domain");
+            cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(domainTags.get(0)), "domain");
         }
         cnRecordLog.getDomain_tags().addAll(domainTags);
         List<String> urlTags = getUrlTags(cnRecordLog.getHttp_url());
         for (String urlTag : urlTags) {
             if (tagRuleIdMap.containsKey(urlTag)) {
-                cnRecordLog.getRule_id_list().add(tagRuleIdMap.get(urlTag));
-                cnRecordLog.getIoc_type_list().add("url");
+                cnRecordLog.putRuleIdAndIocType(tagRuleIdMap.get(urlTag), "url");
             }
             //url only need to detection
         }
diff --git a/platform-etl/src/main/java/com/zdjizhi/etl/utils/TagUtils.java b/platform-etl/src/main/java/com/zdjizhi/etl/utils/TagUtils.java
index 66cb777..1d9beb7 100644
--- a/platform-etl/src/main/java/com/zdjizhi/etl/utils/TagUtils.java
+++ b/platform-etl/src/main/java/com/zdjizhi/etl/utils/TagUtils.java
@@ -117,14 +117,12 @@ public class TagUtils {
                     TreeRangeMap<IPAddress, Node> subRangeMap = TreeRangeMap.create();
                     Node node = new Node();
                     node.getTags().add(tagValue);
-                    node.getKnowledgeIds().add(id);
-                    node.getKnowledgeTypes().add("ip");
+                    node.put(id, "ip");
                     subRangeMap.put(Range.closed(startIpAddress, endIpAddress), node);
                     for (Range<IPAddress> ipAddressRange : rangeListMap.keySet()) {
                         Node ipAddressNode = ipAddressListRangeMap.get(ipAddressRange.lowerEndpoint());
                         ipAddressNode.getTags().add(tagValue);
-                        node.getKnowledgeIds().add(id);
-                        node.getKnowledgeTypes().add("ip");
+                        node.put(id, "ip");
                         subRangeMap.put(ipAddressRange, ipAddressNode);
                     }
                     treeRangeMap.putAll(subRangeMap);
@@ -163,20 +161,17 @@ public class TagUtils {
                 if (rule.startsWith("*")){
                     Node node = new Node();
                     node.getTags().add(tagValue);
-                    node.getKnowledgeIds().add(id);
-                    node.getKnowledgeTypes().add("domain");
+                    node.put(id, "domain");
                     fqdnTagsFuzzy.put(StringUtils.reverse(newRule), node);
                 } else {
                     if (fqdnTagsFull.containsKey(newRule)) {
                         Node node = fqdnTagsFull.get(newRule);
                         node.getTags().add(tagValue);
-                        node.getKnowledgeIds().add(id);
-                        node.getKnowledgeTypes().add("domain");
+                        node.put(id, "domain");
                     } else {
                         Node node = new Node();
                         node.getTags().add(tagValue);
-                        node.getKnowledgeIds().add(id);
-                        node.getKnowledgeTypes().add("domain");
+                        node.put(id, "domain");
                         fqdnTagsFull.put(newRule, node);
                     }
                 }
@@ -204,13 +199,11 @@ public class TagUtils {
                 if (appTags.containsKey(appName)) {
                     Node node = appTags.get(appName);
                     node.getTags().add(tagValue);
-                    node.getKnowledgeIds().add(id);
-                    node.getKnowledgeTypes().add("app");
+                    node.put(id, "app");
                 } else {
                     Node node = new Node();
                     node.getTags().add(tagValue);
-                    node.getKnowledgeIds().add(id);
-                    node.getKnowledgeTypes().add("app");
+                    node.put(id, "app");
                     appTags.put(appName, node);
                 }
             }
@@ -273,8 +266,7 @@ public class TagUtils {
         Node clientIpNode = getIpNode(entity.getCommon_client_ip());
         entity.setClient_ip_tags(clientIpNode.getTags());
         //client ip not need detection
-        /*entity.setRule_id_list(clientIpNode.getKnowledgeIds());
-        entity.setIoc_type_list(clientIpNode.getKnowledgeTypes());*/
+        /*setRuleIdAndIocType(entity, clientIpNode);*/
         Node serverIpNode = getIpNode(entity.getCommon_server_ip());
         entity.setServer_ip_tags(serverIpNode.getTags());
         setRuleIdAndIocType(entity, serverIpNode);
@@ -344,18 +336,18 @@ public class TagUtils {
             return tags;
         }
 
-        public List<Long> getKnowledgeIds() {
-            return knowledgeIds;
-        }
-
-        public List<String> getKnowledgeTypes() {
-            return knowledgeTypes;
+        public void put(Long id, String type) {
+            if (id == null || type == null) {
+                return;
+            }
+            knowledgeIds.add(id);
+            knowledgeTypes.add(type);
         }
 
         public void merge(Node node) {
             this.tags.addAll(node.getTags());
-            this.knowledgeIds.addAll(node.getKnowledgeIds());
-            this.knowledgeTypes.addAll(node.getKnowledgeTypes());
+            this.knowledgeIds.addAll(node.knowledgeIds);
+            this.knowledgeTypes.addAll(node.knowledgeTypes);
         }
 
         public void mergeAll(List<Node> nodes) {
author	gujinkai <[email protected]>	2023-10-17 17:26:15 +0800
committer	gujinkai <[email protected]>	2023-10-17 17:26:15 +0800
commit	f81e6d2a825923bab43f50b11576cb9d2e2501d2 (patch)
tree	78dea575a45fb7b0a0ffc056ffdb61ff01eafad6
parent	9005d3e52b1976ed7fcbbde4343c226d4358077f (diff)