diff options
| author | doufenghu <[email protected]> | 2024-05-18 15:19:53 +0800 |
|---|---|---|
| committer | doufenghu <[email protected]> | 2024-05-18 15:19:53 +0800 |
| commit | 7ee5bf6144367c7033804fb01edaa2c891ee1e4e (patch) | |
| tree | bc5420d2ac7c22042f90b441888ca78684e8f12c /plugins | |
| parent | 4797ffd0910ef96d3c9975639e74b4749489b94b (diff) | |
[Feature][bootstrap] Support dynamic registration of CN UDFs.
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/cn_udf.plugins | 22 | ||||
| -rw-r--r-- | plugins/install_cn_udf.sh | 57 |
2 files changed, 79 insertions, 0 deletions
diff --git a/plugins/cn_udf.plugins b/plugins/cn_udf.plugins new file mode 100644 index 0000000..0545bec --- /dev/null +++ b/plugins/cn_udf.plugins @@ -0,0 +1,22 @@ +com.geedgenetworks.core.udf.SnowflakeId +com.geedgenetworks.core.udf.UnixTimestampConverter +com.geedgenetworks.core.udf.AsnLookup +com.geedgenetworks.core.udf.Eval +com.geedgenetworks.core.udf.GenerateStringArray +com.geedgenetworks.core.udf.GeoIpLookup +com.geedgenetworks.core.udf.cn.L7ProtocolAndAppExtract +com.geedgenetworks.core.udf.cn.IdcRenterLookup +com.geedgenetworks.core.udf.cn.LinkDirectionLookup +com.geedgenetworks.core.udf.cn.FqdnCategoryLookup +com.geedgenetworks.core.udf.cn.IcpLookup +com.geedgenetworks.core.udf.cn.FqdnWhoisLookup +com.geedgenetworks.core.udf.cn.DnsServerInfoLookup +com.geedgenetworks.core.udf.cn.AppCategoryLookup +com.geedgenetworks.core.udf.cn.IpZoneLookup +com.geedgenetworks.core.udf.cn.VpnLookup +com.geedgenetworks.core.udf.cn.AnonymityLookup +com.geedgenetworks.core.udf.cn.IocLookup +com.geedgenetworks.core.udf.cn.UserDefineTagLookup +com.geedgenetworks.core.udf.cn.FieldsMerge +com.geedgenetworks.core.udf.cn.ArrayElementsPrepend +com.geedgenetworks.core.udf.cn.IntelligenceIndicatorLookup
\ No newline at end of file diff --git a/plugins/install_cn_udf.sh b/plugins/install_cn_udf.sh new file mode 100644 index 0000000..4e6b072 --- /dev/null +++ b/plugins/install_cn_udf.sh @@ -0,0 +1,57 @@ +#!/bin/bash +# This script used to register the UDF functions required during the running process. +# All are registered by default. You can also choose what you need. At same time, you need to configure knowledge base in config/grootstream.yaml. + +# get groot stream home + +GROOTSTREAM_HOME=$(cd $(dirname $0);cd ../;pwd) + +#Default version is 1.3.1, you can also choose a custom version. eg: 1.4.0: sh install_cn_udf.sh 1.4.0 +VERSION_DEFAULT=1.3.1 + +CN_UDF_FILE="${GROOTSTREAM_HOME}/plugins/cn_udf.plugins" + +GROOTSTREAM_UDF_FILE="${GROOTSTREAM_HOME}/config/udf.plugins" + +# Function to log messages +log() { + echo "$(date +"%Y-%m-%d %H:%M:%S") - $1" +} + +# Function to handle errors +handle_error() { + local message=$1 + log "ERROR: $message" + exit 1 +} + +# Validate arguments +if [ $# -gt 1 ]; then + handle_error "Usage: $0 [version]" +fi + +# Set version +version=${1:-$VERSION_DEFAULT} +log "Installing CN UDFs. Version: $version" + + +# Verify existence of necessary files +if [ ! -f "$CN_UDF_FILE" ]; then + handle_error "File $CN_UDF_FILE not found." +fi + +# Ensure GROOTSTREAM_UDF_FILE ends with a blank line +if [ -n "$(tail -c 1 "$GROOTSTREAM_UDF_FILE")" ]; then + echo "" >> "$GROOTSTREAM_UDF_FILE" +fi + +# Register UDFs +while IFS= read -r line || [ -n "$line" ]; do + if [[ "$line" == com.geedgenetworks.core.udf* ]] && ! grep -qxF "$line" "$GROOTSTREAM_UDF_FILE"; then + log "Registering UDF: $line" + echo "$line" >> "$GROOTSTREAM_UDF_FILE" || handle_error "Failed to register UDF: $line" + fi +done < "$CN_UDF_FILE" + +# shellcheck disable=SC1073 +log "Installation completed successfully."
\ No newline at end of file |