diff options
15 files changed, 510 insertions, 104 deletions
diff --git a/src/main/java/com/nis/domain/LogEntity.java b/src/main/java/com/nis/domain/LogEntity.java index 0bcd441..22df7dc 100644 --- a/src/main/java/com/nis/domain/LogEntity.java +++ b/src/main/java/com/nis/domain/LogEntity.java @@ -118,9 +118,27 @@ public abstract class LogEntity<T> implements Serializable { protected String searchSSubscribeId;//sSubscribeId
protected String searchDSubscribeId;//dSubscribeId
protected String searchIspCode;// 运营商
+ protected String searchDPort;// 目的端口
+ protected String searchSPort;// 源端口
+
+ @JsonIgnore
+ public String getSearchDPort() {
+ return searchDPort;
+ }
+
+ public void setSearchDPort(String searchDPort) {
+ this.searchDPort = searchDPort;
+ }
+ @JsonIgnore
+ public String getSearchSPort() {
+ return searchSPort;
+ }
+ public void setSearchSPort(String searchSPort) {
+ this.searchSPort = searchSPort;
+ }
@JsonIgnore
public String getSearchIspCode() {
diff --git a/src/main/java/com/nis/domain/restful/NtcHttpCollectLog.java b/src/main/java/com/nis/domain/restful/NtcHttpCollectLog.java new file mode 100644 index 0000000..f77f205 --- /dev/null +++ b/src/main/java/com/nis/domain/restful/NtcHttpCollectLog.java @@ -0,0 +1,133 @@ +package com.nis.domain.restful; + +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.nis.domain.LogEntity; +import com.wordnik.swagger.annotations.ApiModelProperty; + +/** + * @author A.Chen + * @date 2019年6月8日11:00:06 + * @Description: HttpCollect采集公共类 httpPost,httpDoc,httpAv,httpExe公用这个类 + */ +public class NtcHttpCollectLog extends LogEntity { + + private static final long serialVersionUID = 2553033624540656138L; + + @ApiModelProperty(value = "url地址", required = true) + protected String url; + + @ApiModelProperty(value = "请求头转储文件", required = true) + protected String reqHdrFile; + + @ApiModelProperty(value = "请求头转储文件KEY", required = true) + protected String reqHdrKey; + + @ApiModelProperty(value = "请求体转储文件", required = true) + protected String reqBodyFile; + + @ApiModelProperty(value = "请求体转储文件KEY", required = true) + protected String reqBodyKey; + + @ApiModelProperty(value = "应答头转储文件", required = true) + protected String resHdrFile; + + @ApiModelProperty(value = "应答头转储文件KEY", required = true) + protected String resHdrKey; + + @ApiModelProperty(value = "应答体转储文件", required = true) + protected String resBodyFile; + + @ApiModelProperty(value = "应答体转储文件KEY", required = true) + protected String resBodyKey; + + protected String searchUrl; // url查询条件 + + public String getUrl() { + return url; + } + + public void setUrl(String url) { + this.url = url; + } + + public String getReqHdrFile() { + return reqHdrFile; + } + + public void setReqHdrFile(String reqHdrFile) { + this.reqHdrFile = reqHdrFile; + } + + public String getReqBodyFile() { + return reqBodyFile; + } + + public void setReqBodyFile(String reqBodyFile) { + this.reqBodyFile = reqBodyFile; + } + + public String getResHdrFile() { + return resHdrFile; + } + + public void setResHdrFile(String resHdrFile) { + this.resHdrFile = resHdrFile; + } + + public String getResBodyFile() { + return resBodyFile; + } + + public void setResBodyFile(String resBodyFile) { + this.resBodyFile = resBodyFile; + } + + public String getReqHdrKey() { + return reqHdrKey; + } + + public void setReqHdrKey(String reqHdrKey) { + this.reqHdrKey = reqHdrKey; + } + + public String getReqBodyKey() { + return reqBodyKey; + } + + public void setReqBodyKey(String reqBodyKey) { + this.reqBodyKey = reqBodyKey; + } + + public String getResHdrKey() { + return resHdrKey; + } + + public void setResHdrKey(String resHdrKey) { + this.resHdrKey = resHdrKey; + } + + public String getResBodyKey() { + return resBodyKey; + } + + public void setResBodyKey(String resBodyKey) { + this.resBodyKey = resBodyKey; + } + + /** + * @return the searchUrl + */ + + @JsonIgnore + public String getSearchUrl() { + return searchUrl; + } + + /** + * @param searchUrl + * the searchUrl to set + */ + public void setSearchUrl(String searchUrl) { + this.searchUrl = searchUrl; + } +}
\ No newline at end of file diff --git a/src/main/java/com/nis/domain/restful/NtcHttpObjscanResultLog.java b/src/main/java/com/nis/domain/restful/NtcHttpObjscanResultLog.java new file mode 100644 index 0000000..9ea6dc8 --- /dev/null +++ b/src/main/java/com/nis/domain/restful/NtcHttpObjscanResultLog.java @@ -0,0 +1,55 @@ +package com.nis.domain.restful;
+
+import com.wordnik.swagger.annotations.ApiModelProperty;
+
+public class NtcHttpObjscanResultLog extends NtcHttpCollectLog {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
+ @ApiModelProperty(value = "原始消息所属的topic", required = true, notes = "NTC-COLLECT-HTTP-DOC-LOG或者NTC- COLLECT- HTTP-EXE-LOG")
+ private String topicName;
+
+ @ApiModelProperty(value = "恶意文件命中病毒ID", required = true)
+ private int malwareId;
+
+ @ApiModelProperty(value = "恶意病毒类型", required = true)
+ private String malwareType;
+
+ @ApiModelProperty(value = "恶意病毒名称", required = true)
+ private String malwareName;
+
+ public String getTopicName() {
+ return topicName;
+ }
+
+ public void setTopicName(String topicName) {
+ this.topicName = topicName;
+ }
+
+ public int getMalwareId() {
+ return malwareId;
+ }
+
+ public void setMalwareId(int malwareId) {
+ this.malwareId = malwareId;
+ }
+
+ public String getMalwareType() {
+ return malwareType;
+ }
+
+ public void setMalwareType(String malwareType) {
+ this.malwareType = malwareType;
+ }
+
+ public String getMalwareName() {
+ return malwareName;
+ }
+
+ public void setMalwareName(String malwareName) {
+ this.malwareName = malwareName;
+ }
+
+}
diff --git a/src/main/java/com/nis/web/controller/restful/NtcLogSearchController.java b/src/main/java/com/nis/web/controller/restful/NtcLogSearchController.java index 8445fdf..d2202b0 100644 --- a/src/main/java/com/nis/web/controller/restful/NtcLogSearchController.java +++ b/src/main/java/com/nis/web/controller/restful/NtcLogSearchController.java @@ -49,6 +49,9 @@ public class NtcLogSearchController extends BaseRestController { protected NtcHttpRecordLogsService ntcHttpRecordLogsService;//http泛收 @Autowired + NtcCollectLogsService NtcCollectLogsService;//采集日志 + + @Autowired protected NtcLogService ntcLogService; @Autowired private LogDataService logDataService; @@ -917,4 +920,37 @@ public class NtcLogSearchController extends BaseRestController { return serviceLogResponse(auditLogThread, System.currentTimeMillis() - start, request, "Http泛收日志检索成功", page, 0); } + + @RequestMapping(value = "/ntcHttpObjscanResultLogs", method = RequestMethod.GET) + @ApiOperation(value = "文件离线扫描结果采集日志查询", httpMethod = "GET", notes = "文件离线扫描结果采集日志") + public Map<String, ?> ntcHttpObjscanResultLog(Page page, NtcHttpObjscanResultLog ntcHttpObjscanResultLog, Model model, HttpServletRequest request, + HttpServletResponse response) { + long start = System.currentTimeMillis(); + AuditLogThread auditLogThread = super.saveRequestLog(servicesRequestLogService, Constants.OPACTION_GET, request, + null); + try { + resetTime(ntcHttpObjscanResultLog); + ntcLogService.queryConditionCheck(auditLogThread, start, ntcHttpObjscanResultLog, NtcHttpObjscanResultLog.class, page); + // logDataService.getData(page, ntcHttpRecordLog); + // 将数据源切换到本地clickhouse + CustomerContextHolder.setCustomerType(CustomerContextHolder.DATA_SOURCE_B); + NtcCollectLogsService.getNtcHttpObjscanResultLogsList(page, ntcHttpObjscanResultLog); + CustomerContextHolder.clearCustomerType(); + } catch (Exception e) { + auditLogThread.setExceptionInfo("文件离线扫描结果采集日志检索失败:" + e.getMessage()); + logger.error("文件离线扫描结果采集日志检索失败:" + ExceptionUtil.getExceptionMsg(e)); + if (e instanceof RestServiceException) { + throw new RestServiceException(auditLogThread, System.currentTimeMillis() - start, + "文件离线扫描结果采集日志检索失败:" + e.getMessage(), ((RestServiceException) e).getErrorCode()); + } else if (e instanceof ServiceRuntimeException) { + throw new ServiceRuntimeException(auditLogThread, System.currentTimeMillis() - start, + "文件离线扫描结果采集日志志检索失败:" + e.getMessage(), ((ServiceRuntimeException) e).getErrorCode()); + } else { + throw new ServiceRuntimeException(auditLogThread, System.currentTimeMillis() - start, + "文件离线扫描结果采集日志检索失败:" + e.getMessage(), RestBusinessCode.service_runtime_error.getValue()); + } + } + + return serviceLogResponse(auditLogThread, System.currentTimeMillis() - start, request, "文件离线扫描结果采集日志检索成功", page, 0); + } } diff --git a/src/main/java/com/nis/web/dao/NtcCollectLogsDao.java b/src/main/java/com/nis/web/dao/NtcCollectLogsDao.java new file mode 100644 index 0000000..09c7c29 --- /dev/null +++ b/src/main/java/com/nis/web/dao/NtcCollectLogsDao.java @@ -0,0 +1,12 @@ +package com.nis.web.dao;
+
+import java.util.List;
+
+import com.nis.domain.restful.*;
+
+@MyBatisDao
+public interface NtcCollectLogsDao {
+
+ // 文件扫描结果采集 查询
+ List<NtcHttpObjscanResultLog> findNtcHttpObjscanResultLogList(NtcHttpObjscanResultLog ntcHttpObjscanResultLog);
+}
diff --git a/src/main/java/com/nis/web/dao/NtcCollectLogsDao.xml b/src/main/java/com/nis/web/dao/NtcCollectLogsDao.xml new file mode 100644 index 0000000..ebcb714 --- /dev/null +++ b/src/main/java/com/nis/web/dao/NtcCollectLogsDao.xml @@ -0,0 +1,105 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.nis.web.dao.NtcCollectLogsDao">
+
+ <resultMap id="NtcHttpObjscanResultLogMap" type="com.nis.domain.restful.NtcHttpObjscanResultLog">
+ <result column="cfg_id" jdbcType="BIGINT" property="cfgId" />
+ <result column="found_time" jdbcType="TIMESTAMP" property="foundTime" />
+ <result column="recv_time" jdbcType="TIMESTAMP" property="recvTime" />
+ <result column="trans_proto" jdbcType="VARCHAR" property="transProto" />
+ <result column="addr_type" jdbcType="INTEGER" property="addrType" />
+ <result column="d_ip" jdbcType="VARCHAR" property="dIp" />
+ <result column="s_ip" jdbcType="VARCHAR" property="sIp" />
+ <result column="d_port" jdbcType="VARCHAR" property="dPort" />
+ <result column="s_port" jdbcType="VARCHAR" property="sPort" />
+ <result column="service" jdbcType="INTEGER" property="service" />
+ <result column="entrance_id" jdbcType="BIGINT" property="entranceId" />
+ <result column="device_id" jdbcType="INTEGER" property="deviceId" />
+ <result column="direction" jdbcType="INTEGER" property="direction" />
+ <result column="stream_dir" jdbcType="INTEGER" property="streamDir" />
+ <result column="cap_ip" jdbcType="VARCHAR" property="capIp" />
+ <result column="addr_list" jdbcType="VARCHAR" property="addrList" />
+ <result column="user_region" jdbcType="VARCHAR" property="userRegion" />
+ <result column="server_locate" jdbcType="VARCHAR" property="serverLocate" />
+ <result column="client_locate" jdbcType="VARCHAR" property="clientLocate" />
+ <result column="s_asn" jdbcType="VARCHAR" property="sAsn" />
+ <result column="d_asn" jdbcType="VARCHAR" property="dAsn" />
+ <result column="s_subscribe_id" jdbcType="VARCHAR" property="sSubscribeId" />
+ <result column="d_subscribe_id" jdbcType="VARCHAR" property="dSubscribeId" />
+ <result column="scene_file" jdbcType="VARCHAR" property="sceneFile" />
+ <result column="link_id" jdbcType="BIGINT" property="linkId" />
+ <result column="encap_type" jdbcType="INTEGER" property="encapType" />
+ <result column="inner_smac" jdbcType="VARCHAR" property="innerSmac" />
+ <result column="inner_dmac" jdbcType="VARCHAR" property="innerDmac" />
+
+ <result column="url" jdbcType="VARCHAR" property="url" />
+ <result column="req_hdr_file" jdbcType="VARCHAR" property="reqHdrFile" />
+ <result column="req_hdr_key" jdbcType="VARCHAR" property="reqHdrKey" />
+ <result column="req_body_file" jdbcType="VARCHAR" property="reqBodyFile" />
+ <result column="req_body_key" jdbcType="VARCHAR" property="reqBodyKey" />
+ <result column="res_hdr_file" jdbcType="VARCHAR" property="resHdrFile" />
+ <result column="res_hdr_key" jdbcType="VARCHAR" property="resHdrKey" />
+ <result column="res_body_file" jdbcType="VARCHAR" property="resBodyFile" />
+ <result column="res_body_key" jdbcType="VARCHAR" property="resBodyKey" />
+
+ <result column="topic_name" jdbcType="VARCHAR" property="topicName" />
+ <result column="malware_id" jdbcType="INTEGER" property="malwareId" />
+ <result column="malware_type" jdbcType="VARCHAR" property="malwareType" />
+ <result column="malware_name" jdbcType="VARCHAR" property="malwareName" />
+ </resultMap>
+
+ <sql id="BaseColumn">
+ ,toDateTime(found_time) found_time,cfg_id,toDateTime(recv_time) as recv_time,trans_proto,addr_type,d_ip,s_ip,
+ d_port,s_port,service,entrance_id,device_id,link_id,encap_type,direction,inner_smac,inner_dmac,
+ stream_dir,cap_ip,addr_list,server_locate,client_locate,s_asn,d_asn,s_subscribe_id,d_subscribe_id,
+ user_region,scene_file
+ </sql>
+
+ <select id="findNtcHttpObjscanResultLogList" parameterType="com.nis.domain.restful.NtcHttpObjscanResultLog" resultMap="NtcHttpObjscanResultLogMap">
+ select url,req_hdr_file,req_hdr_key,req_body_file,req_body_key,
+ res_hdr_file,res_hdr_key,res_body_file,res_body_key,topic_name,malware_id,malware_type,malware_name
+ <include refid="BaseColumn"/>
+ from ntc_http_objscan_result
+ <where>
+ <if test="searchFoundStartTime !=null and searchFoundStartTime !=''">
+ and found_time >= toDateTime(#{searchFoundStartTime})
+ </if>
+ <if test="searchFoundEndTime !=null and searchFoundEndTime !=''">
+ and found_time < toDateTime(#{searchFoundEndTime})
+ </if>
+ <if test="searchEntranceId !=null and searchEntranceId !=''">
+ and entrance_id = ${searchEntranceId}
+ </if>
+ <if test="searchCapIp !=null and searchCapIp !=''">
+ and cap_ip = #{searchCapIp}
+ </if>
+ <if test="searchTransProto !=null and searchTransProto !=''">
+ and trans_proto = #{searchTransProto}
+ </if>
+ <if test="searchDIp !=null and searchDIp !=''">
+ and d_ip = #{searchDIp}
+ </if>
+ <if test="searchSIp !=null and searchSIp !=''">
+ and s_ip = #{searchSIp}
+ </if>
+ <if test="searchDPort !=null and searchDPort !=''">
+ and d_port = ${searchDPort}
+ </if>
+ <if test="searchSPort !=null and searchSPort !=''">
+ and s_port = ${searchSPort}
+ </if>
+ <if test="searchUrl !=null and searchUrl !=''">
+ and url LIKE concat(concat('%',#{searchUrl}),'%')
+ </if>
+ </where>
+ <choose>
+ <when test="page !=null and page.orderBy !=null and page.orderBy !=''">
+ ORDER BY ${page.orderBy}
+ </when>
+ <otherwise>
+ ORDER BY found_time DESC
+ </otherwise>
+ </choose>
+ </select>
+
+</mapper>
\ No newline at end of file diff --git a/src/main/java/com/nis/web/dao/TrafficReportDao.xml b/src/main/java/com/nis/web/dao/TrafficReportDao.xml index e6e1470..e66c0c3 100644 --- a/src/main/java/com/nis/web/dao/TrafficReportDao.xml +++ b/src/main/java/com/nis/web/dao/TrafficReportDao.xml @@ -178,8 +178,8 @@ </if>
and addr_type in('4',
'6')
- and entrance_id in (1,
- 2)
+<!-- and entrance_id in (1, -->
+<!-- 2) -->
and trans_type in(6,
17)
group by
@@ -231,8 +231,8 @@ </if>
and addr_type in('4',
'6')
- and entrance_id in (1,
- 2)
+<!-- and entrance_id in (1, -->
+<!-- 2) -->
and trans_type in(6,
17)
group by
@@ -283,8 +283,8 @@ </if>
and addr_type in('4',
'6')
- and entrance_id in (1,
- 2)
+<!-- and entrance_id in (1, -->
+<!-- 2) -->
and trans_type in(6,
17)
group by
@@ -327,9 +327,9 @@ where
<![CDATA[ ${serviceSql} and report_time<#{endDate} and report_time>=#{beginDate}]]>
- <if test="searchEntranceId != null">
- and entrance_id=#{searchEntranceId}
- </if>
+<!-- <if test="searchEntranceId != null"> -->
+<!-- and entrance_id=#{searchEntranceId} -->
+<!-- </if> -->
group by report_time order by report_time
</select>
diff --git a/src/main/java/com/nis/web/dao/dashboard/NtcTotalReportDao.xml b/src/main/java/com/nis/web/dao/dashboard/NtcTotalReportDao.xml index 18da3ce..72b23a4 100644 --- a/src/main/java/com/nis/web/dao/dashboard/NtcTotalReportDao.xml +++ b/src/main/java/com/nis/web/dao/dashboard/NtcTotalReportDao.xml @@ -35,10 +35,10 @@ SELECT COALESCE(SUM(total_traffic.inoctets),0) AS inoctets , COALESCE(SUM(total_traffic.outoctets),0) AS outoctets FROM (
SELECT sum(case direction when 1 then c2s_byte_len+s2c_byte_len else 0 end) inoctets ,
sum(case direction when 0 then c2s_byte_len+s2c_byte_len else 0 end) outoctets FROM traffic_trans_statistic
- where stat_time = (SELECT distinct(stat_time) FROM traffic_trans_statistic WHERE entrance_id=1 and stat_time > DATE_SUB(now(), INTERVAL 30 MINUTE) ORDER BY stat_time DESC LIMIT 1,1) and entrance_id=1
+ where stat_time = (SELECT distinct(stat_time) FROM traffic_trans_statistic WHERE stat_time > DATE_SUB(now(), INTERVAL 30 MINUTE) ORDER BY stat_time DESC LIMIT 1,1)
UNION ALL
SELECT sum(case direction when 1 then c2s_byte_len+s2c_byte_len else 0 end) inoctets ,sum(case direction when 0 then c2s_byte_len+s2c_byte_len else 0 end) outoctets FROM traffic_trans_statistic
- where stat_time = (SELECT distinct(stat_time) FROM traffic_trans_statistic WHERE entrance_id=2 and stat_time > DATE_SUB(now(), INTERVAL 30 MINUTE) ORDER BY stat_time DESC LIMIT 1,1) and entrance_id=2
+ where stat_time = (SELECT distinct(stat_time) FROM traffic_trans_statistic WHERE stat_time > DATE_SUB(now(), INTERVAL 30 MINUTE) ORDER BY stat_time DESC LIMIT 1,1)
) total_traffic
</select>
@@ -96,7 +96,7 @@ <if test="transType != null">
and trans_type=${transType}
</if>
- and entrance_id=#{entranceId}
+<!-- and entrance_id=#{entranceId} -->
group by stat_time order by stat_time
</select>
@@ -133,7 +133,7 @@ <select id="getActionTrans" resultType="com.nis.domain.restful.NtcEntranceReport">
select sum(sum) sum,report_time reportTime from ntc_entrance_report r where
<![CDATA[${serviceSql} and report_time<#{endDate} and report_time>=#{beginDate}]]>
- and entrance_id=#{entranceId}
+<!-- and entrance_id=#{entranceId} -->
group by report_time order by report_time
</select>
diff --git a/src/main/java/com/nis/web/dao/dashboard/TrafficAppStatisticDao.xml b/src/main/java/com/nis/web/dao/dashboard/TrafficAppStatisticDao.xml index e71ea8c..3ea5ca6 100644 --- a/src/main/java/com/nis/web/dao/dashboard/TrafficAppStatisticDao.xml +++ b/src/main/java/com/nis/web/dao/dashboard/TrafficAppStatisticDao.xml @@ -39,9 +39,9 @@ #{item}
</foreach>
</if>
- <if test="entranceId !=null and entranceId != ''">
- and entrance_id=#{entranceId}
- </if>
+<!-- <if test="entranceId !=null and entranceId != ''"> -->
+<!-- and entrance_id=#{entranceId} -->
+<!-- </if> -->
GROUP BY app_type ) p
LEFT JOIN ui_code_app_dic c ON p.app_type=c.view_code ORDER BY p.GByte DESC
</select>
@@ -50,12 +50,12 @@ select stat_time time, sum(unique_sip_num) sipNum,sum(unique_dip_num) dipNum from traffic_app_focus_statistic t where
<![CDATA[ stat_time>= toDateTime(#{searchStartTime}) and stat_time< toDateTime(#{searchEndTime})
and app_id=toInt64(#{searchAppId}) ]]>
- <if test="searchEntranceId !=null and searchEntranceId != ''">
- <![CDATA[and entrance_id=toInt64(#{searchEntranceId}) ]]>
- </if>
- <if test="ispNum !=null and ispNum != ''">
- <![CDATA[and concat(toString(entrance_id),toString(device_id)) in (${ispNum})]]>
- </if>
+<!-- <if test="searchEntranceId !=null and searchEntranceId != ''"> -->
+<!-- <![CDATA[and entrance_id=toInt64(#{searchEntranceId}) ]]> -->
+<!-- </if> -->
+<!-- <if test="ispNum !=null and ispNum != ''"> -->
+<!-- <![CDATA[and concat(toString(entrance_id),toString(device_id)) in (${ispNum})]]> -->
+<!-- </if> -->
group by stat_time
order by stat_time
</select>
@@ -63,12 +63,12 @@ select stat_time time, sum(c2s_byte_len) c2sNum,sum(s2c_byte_len) s2cNum,sum(s2c_byte_len+c2s_byte_len) totalNum from traffic_app_focus_statistic t where
<![CDATA[ stat_time>= toDateTime(#{searchStartTime}) and stat_time< toDateTime(#{searchEndTime})
and app_id=toInt64(#{searchAppId}) ]]>
- <if test="searchEntranceId !=null and searchEntranceId != ''">
- <![CDATA[and entrance_id=toInt64(#{searchEntranceId}) ]]>
- </if>
- <if test="ispNum !=null and ispNum != ''">
- <![CDATA[and concat(toString(entrance_id),toString(device_id)) in (${ispNum})]]>
- </if>
+<!-- <if test="searchEntranceId !=null and searchEntranceId != ''"> -->
+<!-- <![CDATA[and entrance_id=toInt64(#{searchEntranceId}) ]]> -->
+<!-- </if> -->
+<!-- <if test="ispNum !=null and ispNum != ''"> -->
+<!-- <![CDATA[and concat(toString(entrance_id),toString(device_id)) in (${ispNum})]]> -->
+<!-- </if> -->
group by stat_time
order by stat_time
</select>
@@ -76,12 +76,12 @@ select stat_time time, sum(c2s_pkt_num) c2sNum,sum(s2c_pkt_num) s2cNum,sum(s2c_pkt_num+c2s_pkt_num) totalNum from traffic_app_focus_statistic t where
<![CDATA[ stat_time>= toDateTime(#{searchStartTime}) and stat_time< toDateTime(#{searchEndTime})
and app_id=toInt64(#{searchAppId}) ]]>
- <if test="searchEntranceId !=null and searchEntranceId != ''">
- <![CDATA[and entrance_id=toInt64(#{searchEntranceId}) ]]>
- </if>
- <if test="ispNum !=null and ispNum != ''">
- <![CDATA[and concat(toString(entrance_id),toString(device_id)) in (${ispNum})]]>
- </if>
+<!-- <if test="searchEntranceId !=null and searchEntranceId != ''"> -->
+<!-- <![CDATA[and entrance_id=toInt64(#{searchEntranceId}) ]]> -->
+<!-- </if> -->
+<!-- <if test="ispNum !=null and ispNum != ''"> -->
+<!-- <![CDATA[and concat(toString(entrance_id),toString(device_id)) in (${ispNum})]]> -->
+<!-- </if> -->
group by stat_time
order by stat_time
</select>
@@ -91,12 +91,12 @@ from tbs_ods_ntc_conn_record_log t where
<![CDATA[ found_time>= toDateTime(#{searchStartTime}) and found_time< toDateTime(#{searchEndTime})
and app_id=toInt64(#{searchAppId}) ]]>
- <if test="searchEntranceId !=null and searchEntranceId != ''">
- <![CDATA[and entrance_id=toInt64(#{searchEntranceId}) ]]>
- </if>
- <if test="ispNum !=null and ispNum != ''">
- <![CDATA[and concat(toString(entrance_id),toString(device_id)) in (${ispNum})]]>
- </if>
+<!-- <if test="searchEntranceId !=null and searchEntranceId != ''"> -->
+<!-- <![CDATA[and entrance_id=toInt64(#{searchEntranceId}) ]]> -->
+<!-- </if> -->
+<!-- <if test="ispNum !=null and ispNum != ''"> -->
+<!-- <![CDATA[and concat(toString(entrance_id),toString(device_id)) in (${ispNum})]]> -->
+<!-- </if> -->
group by s_ip
order by
<choose>
@@ -118,9 +118,9 @@ from tbs_ods_ntc_conn_record_log t where
<![CDATA[ found_time>= toDateTime(#{searchStartTime}) and found_time< toDateTime(#{searchEndTime})
and app_id=toInt64(#{searchAppId}) ]]>
- <if test="searchEntranceId !=null and searchEntranceId != ''">
- <![CDATA[and entrance_id=toInt64(#{searchEntranceId}) ]]>
- </if>
+<!-- <if test="searchEntranceId !=null and searchEntranceId != ''"> -->
+<!-- <![CDATA[and entrance_id=toInt64(#{searchEntranceId}) ]]> -->
+<!-- </if> -->
</select>
</mapper>
\ No newline at end of file diff --git a/src/main/java/com/nis/web/dao/dashboard/TrafficHttpStatisticDao.xml b/src/main/java/com/nis/web/dao/dashboard/TrafficHttpStatisticDao.xml index ae339a5..3c520a3 100644 --- a/src/main/java/com/nis/web/dao/dashboard/TrafficHttpStatisticDao.xml +++ b/src/main/java/com/nis/web/dao/dashboard/TrafficHttpStatisticDao.xml @@ -132,18 +132,18 @@ FROM #{item}
</foreach>
</if>
- <if test="entranceId!=null">
- and entrance_id=#{entranceId}
- </if>
+<!-- <if test="entranceId!=null"> -->
+<!-- and entrance_id=#{entranceId} -->
+<!-- </if> -->
group by web_id order by unique_num
</select>
<select id="getDomainTrans" resultType="com.nis.domain.restful.dashboard.TrafficHttpFocusStatistic">
select stat_time statTime, max(unique_num)count from traffic_http_focus_statistic t where
<![CDATA[ stat_time>= #{beginDate} and stat_time< #{endDate}]]>
and web_id=#{domain}
- <if test="entranceId!=null">
- and entrance_id=#{entranceId}
- </if>
+<!-- <if test="entranceId!=null"> -->
+<!-- and entrance_id=#{entranceId} -->
+<!-- </if> -->
group by stat_time
order by stat_time
diff --git a/src/main/java/com/nis/web/dao/dashboard/TrafficIpActiveStatisticDao.xml b/src/main/java/com/nis/web/dao/dashboard/TrafficIpActiveStatisticDao.xml index ed1eedd..d514d36 100644 --- a/src/main/java/com/nis/web/dao/dashboard/TrafficIpActiveStatisticDao.xml +++ b/src/main/java/com/nis/web/dao/dashboard/TrafficIpActiveStatisticDao.xml @@ -36,9 +36,9 @@ <select id="ipActiveChart" resultType="java.util.LinkedHashMap">
SELECT ip_addr ipAddr,SUM(link_num) linkNum FROM traffic_ip_active_statistic WHERE
<![CDATA[stat_time >= #{beginDate} AND stat_time < #{endDate}]]>
- <if test="entranceId !=null">
- and area_id=#{entranceId}
- </if>
+<!-- <if test="entranceId !=null"> -->
+<!-- and area_id=#{entranceId} -->
+<!-- </if> -->
GROUP BY ip_addr ORDER BY linkNum DESC LIMIT 0,10
</select>
@@ -65,19 +65,19 @@ select ip_addr,SUM(link_num) count ,stat_time from traffic_ip_active_statistic
WHERE
<![CDATA[ip_addr in (${ipAddr}) and stat_time>= #{beginDate} and stat_time<#{endDate}]]>
- <if test="entranceId !=null">
- and area_id=#{entranceId}
- </if>
+<!-- <if test="entranceId !=null"> -->
+<!-- and area_id=#{entranceId} -->
+<!-- </if> -->
GROUP BY stat_time,ip_addr order by stat_time asc
</select>
<!-- IP流量统计一小时-->
<select id="ipActiveOneHour" resultType="java.util.HashMap">
- SELECT ip_addr ipAddr,area_id areaId,SUM(c2s_byte_len+s2c_byte_len) count, link_num linkNum ,c2s_pkt_num c2sPktNum,s2c_pkt_num s2cPktNum,c2s_byte_len c2sByteLen,s2c_byte_len s2cByteLen,date_format(stat_time, '%Y-%m-%d %H:%i:%s') statTime FROM traffic_ip_active_statistic
+ SELECT ip_addr ipAddr,SUM(c2s_byte_len+s2c_byte_len) count, link_num linkNum ,c2s_pkt_num c2sPktNum,s2c_pkt_num s2cPktNum,c2s_byte_len c2sByteLen,s2c_byte_len s2cByteLen,date_format(stat_time, '%Y-%m-%d %H:%i:%s') statTime FROM traffic_ip_active_statistic
WHERE ip_addr=#{ipAddr}
and <![CDATA[ stat_time>= #{beginDate} and stat_time<#{endDate}]]>
- <if test="entranceId !=null">
- and area_id=#{entranceId}
- </if>
+<!-- <if test="entranceId !=null"> -->
+<!-- and area_id=#{entranceId} -->
+<!-- </if> -->
GROUP BY statTime
ORDER BY count DESC LIMIT 1
</select>
diff --git a/src/main/java/com/nis/web/dao/dashboard/TrafficProtocolStatisticDao.xml b/src/main/java/com/nis/web/dao/dashboard/TrafficProtocolStatisticDao.xml index 4b006e9..2280376 100644 --- a/src/main/java/com/nis/web/dao/dashboard/TrafficProtocolStatisticDao.xml +++ b/src/main/java/com/nis/web/dao/dashboard/TrafficProtocolStatisticDao.xml @@ -36,9 +36,9 @@ #{item}
</foreach>
</if>
- <if test="entranceId !=null">
- and entrance_id = #{entranceId}
- </if>
+<!-- <if test="entranceId !=null"> -->
+<!-- and entrance_id = #{entranceId} -->
+<!-- </if> -->
<if test="searchDirection !=null">
and direction = #{searchDirection}
</if>
diff --git a/src/main/java/com/nis/web/service/NtcCollectLogsService.java b/src/main/java/com/nis/web/service/NtcCollectLogsService.java new file mode 100644 index 0000000..b974178 --- /dev/null +++ b/src/main/java/com/nis/web/service/NtcCollectLogsService.java @@ -0,0 +1,48 @@ +package com.nis.web.service;
+
+import java.util.List;
+
+import org.apache.commons.lang3.StringEscapeUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import com.nis.domain.LogEntity;
+import com.nis.domain.Page;
+import com.nis.domain.restful.NtcBgpLog;
+import com.nis.domain.restful.NtcDnsLog;
+import com.nis.domain.restful.NtcHttpCollectLog;
+import com.nis.domain.restful.NtcHttpObjscanResultLog;
+import com.nis.domain.restful.NtcHttpRecordLog;
+import com.nis.restful.RestBusinessCode;
+import com.nis.restful.RestServiceException;
+import com.nis.web.dao.NtcCollectLogsDao;
+import com.nis.web.dao.NtcHttpRecordLogsDao;
+import com.zdjizhi.utils.StringUtil;
+
+@Service
+public class NtcCollectLogsService extends BaseService {
+
+ @Autowired
+ protected NtcCollectLogsDao ntcCollectLogsDao;
+
+ // 查询文件扫描结果采集 日志数据
+ public Page<?> getNtcHttpObjscanResultLogsList(Page page, NtcHttpObjscanResultLog entity) {
+ entity.setPage(page);
+ entity.setSearchUrl(checkUrlAndFormat(entity.getSearchUrl()));
+ List<NtcHttpObjscanResultLog> findNtcHttpObjscanResultLogList = ntcCollectLogsDao
+ .findNtcHttpObjscanResultLogList(entity);
+ page.setList(findNtcHttpObjscanResultLogList);
+ if (page.getLast() > 100) {
+ page.setLast(100);
+ }
+ return page;
+ }
+
+ public String checkUrlAndFormat(String params) {
+ if (!StringUtil.isBlank(params)) {
+ return StringEscapeUtils.unescapeHtml4(params.toString().trim());
+ }
+ return null;
+ }
+
+}
diff --git a/src/main/java/com/nis/web/service/restful/DashboardService.java b/src/main/java/com/nis/web/service/restful/DashboardService.java index e35c87c..e136fb2 100644 --- a/src/main/java/com/nis/web/service/restful/DashboardService.java +++ b/src/main/java/com/nis/web/service/restful/DashboardService.java @@ -413,13 +413,13 @@ public class DashboardService extends BaseService { }
ArrayList<HashMap> listMap = new ArrayList<HashMap>();
List<NtcEntranceReport> entrance1 = new ArrayList<NtcEntranceReport>();
- List<NtcEntranceReport> entrance2 = new ArrayList<NtcEntranceReport>();
+// List<NtcEntranceReport> entrance2 = new ArrayList<NtcEntranceReport>();
HashMap m1 = new HashMap();
- HashMap m2 = new HashMap();
+// HashMap m2 = new HashMap();
entrance1 = ntcTotalReportDao.getActionTrans(begin, end, 1, sql);
- entrance2 = ntcTotalReportDao.getActionTrans(begin, end, 2, sql);
+// entrance2 = ntcTotalReportDao.getActionTrans(begin, end, 2, sql);
- if (!StringUtil.isEmpty(entrance1) || !StringUtil.isEmpty(entrance2)) {
+ if (!StringUtil.isEmpty(entrance1) ) {
Map<String, Comparable> m = new HashMap<String, Comparable>();
Date beginDate = DateUtils.parseDate(begin);
Date endDate = DateUtils.parseDate(end);
@@ -433,19 +433,19 @@ public class DashboardService extends BaseService { calendar.add(Calendar.MINUTE, Constants.TREND_TIME_INTERVAL);
}
int index1 = 0;
- int index2 = 0;
+// int index2 = 0;
List sumList1 = new ArrayList();
- List sumList2 = new ArrayList();
+// List sumList2 = new ArrayList();
Long sumEnt1 = 0L;
- Long sumEnt2 = 0L;
+// Long sumEnt2 = 0L;
for (int i = 0; i < dateRangeList.size(); i++) {
// 存放一个时间点中总数
List listEnt1 = new ArrayList();
- List listEnt2 = new ArrayList();
+// List listEnt2 = new ArrayList();
Map<String, Long> ipCountMap = new HashMap<String, Long>();
Date date = dateRangeList.get(i);
Long num1 = 0L;
- Long num2 = 0L;
+// Long num2 = 0L;
for (int j = index1; j < entrance1.size(); j++) {
NtcEntranceReport ipInfo = entrance1.get(j);
if (ipInfo.getReportTime() != null) {
@@ -460,21 +460,21 @@ public class DashboardService extends BaseService { }
}
- for (int j = index2; j < entrance2.size(); j++) {
- NtcEntranceReport ipInfo = entrance2.get(j);
- if (ipInfo.getReportTime() != null) {
- if (ipInfo.getReportTime().compareTo(date) >= 0 && (i + 1 < dateRangeList.size()
- ? ipInfo.getReportTime().compareTo(dateRangeList.get(i + 1)) < 0
- : true)) {
- num2 = num2 + ipInfo.getSum();
- } else {
- index2 = j;
- break;
- }
- }
- }
+// for (int j = index2; j < entrance2.size(); j++) {
+// NtcEntranceReport ipInfo = entrance2.get(j);
+// if (ipInfo.getReportTime() != null) {
+// if (ipInfo.getReportTime().compareTo(date) >= 0 && (i + 1 < dateRangeList.size()
+// ? ipInfo.getReportTime().compareTo(dateRangeList.get(i + 1)) < 0
+// : true)) {
+// num2 = num2 + ipInfo.getSum();
+// } else {
+// index2 = j;
+// break;
+// }
+// }
+// }
// 最后一个时间点,全为0 直接跳过不存入列表
- if (i + 1 == dateRangeList.size() && num1.compareTo(0L) == 0 && num2.compareTo(0L) == 0) {
+ if (i + 1 == dateRangeList.size() && num1.compareTo(0L) == 0) {
break;
}
sumEnt1 += num1;
@@ -482,24 +482,25 @@ public class DashboardService extends BaseService { listEnt1.add(num1);
sumList1.add(listEnt1);
- sumEnt2 += num2;
- listEnt2.add(date.getTime());
- listEnt2.add(num2);
- sumList2.add(listEnt2);
+// sumEnt2 += num2;
+// listEnt2.add(date.getTime());
+// listEnt2.add(num2);
+// sumList2.add(listEnt2);
}
// 整合 count time
m1.put("sum", sumEnt1);
m1.put("result", sumList1);
- m1.put("entranceId", 1);
- m2.put("sum", sumEnt2);//
- m2.put("result", sumList2);
- m2.put("entranceId", 2);
+// m1.put("entranceId", 1);
+// m2.put("sum", sumEnt2);//
+// m2.put("result", sumList2);
+// m2.put("entranceId", 2);
listMap.add(m1);
- listMap.add(m2);
+// listMap.add(m2);
}
return listMap;
}
+
/**
* 最近活跃端口时间五分钟数据
*
diff --git a/src/main/java/com/nis/web/service/restful/TrafficReportService.java b/src/main/java/com/nis/web/service/restful/TrafficReportService.java index 2781c33..263c3b4 100644 --- a/src/main/java/com/nis/web/service/restful/TrafficReportService.java +++ b/src/main/java/com/nis/web/service/restful/TrafficReportService.java @@ -124,22 +124,18 @@ public class TrafficReportService extends BaseLogService { Map<String, Map<String, Object>> map = new HashMap<>();
if (list != null) {
Set<String> dataKey = new HashSet<>();//无论有没有数据都要组装这几个json,界面需要这几个数据
- dataKey.add("ipv4Type1");//ip只有4,6两种,协议只有tcp和udp,这里都写死了
- dataKey.add("ipv4Type2");
- dataKey.add("ipv6Type1");
- dataKey.add("ipv6Type2");
+ dataKey.add("ipv4Type");//ip只有4,6两种,协议只有tcp和udp,这里都写死了
+ dataKey.add("ipv6Type");
- dataKey.add("trans6Type1");
- dataKey.add("trans6Type2");
- dataKey.add("trans17Type1");
- dataKey.add("trans17Type2");
+ dataKey.add("trans6Type");
+ dataKey.add("trans17Type");
for (TrafficTransStatisticCK trafficTransStatisticCK : list) {
Integer entranceId = trafficTransStatisticCK.getEntranceId();
Integer addrType = trafficTransStatisticCK.getAddrType();
Integer transType = trafficTransStatisticCK.getTransType();
- String addrAndEntrKey = "ipv" + addrType + "Type" + entranceId;
- String transAndEntrKey = "trans" + transType + "Type" + entranceId;
+ String addrAndEntrKey = "ipv" + addrType + "Type";
+ String transAndEntrKey = "trans" + transType + "Type";
if (mapList.containsKey(addrAndEntrKey)) {
mapList.get(addrAndEntrKey).add(trafficTransStatisticCK);
@@ -200,6 +196,8 @@ public class TrafficReportService extends BaseLogService { }
return map;
}
+
+
/**
* 根据service 动作查询近五分钟变化趋势 entrance 默认为1,2
|