summaryrefslogtreecommitdiff
path: root/plugin
diff options
context:
space:
mode:
Diffstat (limited to 'plugin')
-rw-r--r--plugin/business/doh/src/logger.cpp77
-rw-r--r--plugin/business/tsg-http/src/tsg_logger.cpp174
-rw-r--r--plugin/protocol/http/src/http_half.cpp2
-rw-r--r--plugin/protocol/http2/src/http2_stream.cpp2
4 files changed, 110 insertions, 145 deletions
diff --git a/plugin/business/doh/src/logger.cpp b/plugin/business/doh/src/logger.cpp
index 88526de..b9f986c 100644
--- a/plugin/business/doh/src/logger.cpp
+++ b/plugin/business/doh/src/logger.cpp
@@ -328,25 +328,20 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c
common_obj = cJSON_CreateObject();
cur_time = time(NULL);
- cJSON_AddNumberToObject(common_obj, "common_start_time", cur_time);
- cJSON_AddNumberToObject(common_obj, "common_end_time", cur_time);
+ cJSON_AddNumberToObject(common_obj, "start_timestamp_ms", cur_time);
+ cJSON_AddNumberToObject(common_obj, "end_timestamp_ms", cur_time);
cJSON_AddStringToObject(common_obj, "doh_version", app_proto[http->major_version]);
- cJSON_AddStringToObject(common_obj, "common_schema_type", "DoH");
+ cJSON_AddStringToObject(common_obj, "decoded_as", "DoH");
char opt_val[24] = { 0 };
- uint16_t opt_out_size; unsigned int common_direction=0;
+ uint16_t opt_out_size;
struct tfe_cmsg *cmsg = tfe_stream_get0_cmsg(stream);
if (cmsg != NULL)
{
int ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_STREAM_TRACE_ID, (unsigned char *)opt_val, sizeof(opt_val), &opt_out_size);
if (ret == 0)
{
- cJSON_AddStringToObject(common_obj, "common_stream_trace_id", opt_val);
- }
- ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_COMMON_DIRECTION, (unsigned char *)&common_direction, sizeof(common_direction), &opt_out_size);
- if (ret==0)
- {
- cJSON_AddNumberToObject(common_obj, "common_direction", common_direction); //0:域内->域外,1:域外->域内,描述的是CLIENT_IP信息
+ cJSON_AddStringToObject(common_obj, "session_id", opt_val);
}
}
@@ -371,24 +366,22 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c
switch (addr->addrtype)
{
case TFE_ADDR_STREAM_TUPLE4_V4:
- cJSON_AddNumberToObject(common_obj, "common_address_type", 4);
+ cJSON_AddNumberToObject(common_obj, "address_type", 4);
inet_ntop(AF_INET, &addr->tuple4_v4->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET, &addr->tuple4_v4->daddr, dst_ip_str, sizeof(dst_ip_str));
- cJSON_AddStringToObject(common_obj, "common_client_ip", src_ip_str);
- cJSON_AddStringToObject(common_obj, "common_server_ip", dst_ip_str);
- cJSON_AddNumberToObject(common_obj, "common_client_port", ntohs(addr->tuple4_v4->source));
- cJSON_AddNumberToObject(common_obj, "common_server_port", ntohs(addr->tuple4_v4->dest));
- cJSON_AddStringToObject(common_obj, "common_l4_protocol", "IPv4_TCP");
+ cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
+ cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
+ cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v4->source));
+ cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v4->dest));
break;
case TFE_ADDR_STREAM_TUPLE4_V6:
- cJSON_AddNumberToObject(common_obj, "common_address_type", 6);
+ cJSON_AddNumberToObject(common_obj, "address_type", 6);
inet_ntop(AF_INET6, &addr->tuple4_v6->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET6, &addr->tuple4_v6->daddr, dst_ip_str, sizeof(dst_ip_str));
- cJSON_AddStringToObject(common_obj, "common_client_ip", src_ip_str);
- cJSON_AddStringToObject(common_obj, "common_server_ip", dst_ip_str);
- cJSON_AddNumberToObject(common_obj, "common_client_port", ntohs(addr->tuple4_v6->source));
- cJSON_AddNumberToObject(common_obj, "common_server_port", ntohs(addr->tuple4_v6->dest));
- cJSON_AddStringToObject(common_obj, "common_l4_protocol", "IPv6_TCP");
+ cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
+ cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
+ cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v6->source));
+ cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v6->dest));
break;
default:
break;
@@ -397,20 +390,21 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c
tfe_stream_info_get(stream, INFO_FROM_DOWNSTREAM_RX_OFFSET, &c2s_byte_num, sizeof(c2s_byte_num));
tfe_stream_info_get(stream, INFO_FROM_UPSTREAM_RX_OFFSET, &s2c_byte_num, sizeof(s2c_byte_num));
- cJSON_AddNumberToObject(common_obj, "common_link_id", 0);
- cJSON_AddNumberToObject(common_obj, "common_stream_dir", 3); //1:c2s, 2:s2c, 3:double
- cJSON_AddStringToObject(common_obj, "common_sled_ip", handle->kafka_logger->local_ip_str);
- cJSON_AddNumberToObject(common_obj, "common_t_vsys_id", handle->kafka_logger->t_vsys_id);
- cJSON_AddNumberToObject(common_obj, "common_vsys_id", ctx->vsys_id);
- cJSON_AddNumberToObject(common_obj, "common_entrance_id", handle->entry_id);
- cJSON_AddStringToObject(common_obj, "common_device_id", handle->device_id);
- cJSON_AddNumberToObject(common_obj, "common_c2s_byte_num", c2s_byte_num);
- cJSON_AddNumberToObject(common_obj, "common_s2c_byte_num", s2c_byte_num);
+ cJSON_AddNumberToObject(common_obj, "out_link_id", 0);
+ cJSON_AddNumberToObject(common_obj, "in_link_id", 0);
+ cJSON_AddStringToObject(common_obj, "sled_ip", handle->kafka_logger->local_ip_str);
+ cJSON_AddNumberToObject(common_obj, "t_vsys_id", handle->kafka_logger->t_vsys_id);
+ cJSON_AddNumberToObject(common_obj, "vsys_id", ctx->vsys_id);
+ cJSON_AddStringToObject(common_obj, "device_id", handle->device_id);
+ cJSON_AddNumberToObject(common_obj, "sent_bytes", c2s_byte_num);
+ cJSON_AddNumberToObject(common_obj, "received_bytes", s2c_byte_num);
cJSON_AddStringToObject(common_obj, "doh_url", http->req->req_spec.url);
cJSON_AddStringToObject(common_obj, "doh_host", http->req->req_spec.host);
+ cJSON_AddStringToObject(common_obj, "server_fqdn", http->req->req_spec.host);
+
if(handle->effective_device_tag)
{
- cJSON_AddStringToObject(common_obj, "common_device_tag", handle->effective_device_tag);
+ cJSON_AddStringToObject(common_obj, "device_tag", handle->effective_device_tag);
}
for (size_t i = 0; i < sizeof(req_fields) / sizeof(struct json_spec); i++)
@@ -432,19 +426,19 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c
if (ctx->location_client)
{
- cJSON_AddStringToObject(common_obj, "common_client_location", ctx->location_client);
+ cJSON_AddStringToObject(common_obj, "client_geolocation", ctx->location_client);
}
if (ctx->location_server)
{
- cJSON_AddStringToObject(common_obj, "common_server_location", ctx->location_server);
+ cJSON_AddStringToObject(common_obj, "server_geolocation", ctx->location_server);
}
if (ctx->asn_client)
{
- cJSON_AddStringToObject(common_obj, "common_client_asn", ctx->asn_client);
+ cJSON_AddStringToObject(common_obj, "client_asn", ctx->asn_client);
}
if (ctx->asn_server)
{
- cJSON_AddStringToObject(common_obj, "common_server_asn", ctx->asn_server);
+ cJSON_AddStringToObject(common_obj, "server_asn", ctx->asn_server);
}
add_dns_info_to_log(common_obj, dns_info);
@@ -462,11 +456,14 @@ int doh_send_log(struct doh_conf *handle, const struct tfe_http_session *http, c
continue;
}
+ cJSON *proxy_rule_list=NULL;
+ int config_id[1]={0};
+
per_hit_obj = cJSON_Duplicate(common_obj, 1);
- cJSON_AddNumberToObject(per_hit_obj, "common_policy_id", result[i].config_id);
- cJSON_AddNumberToObject(per_hit_obj, "common_service", result[i].service_id);
- cJSON_AddNumberToObject(per_hit_obj, "common_action", LG_ACTION_MANIPULATE);
- cJSON_AddStringToObject(per_hit_obj, "common_sub_action", "redirect");
+ config_id[0]=result[i].config_id;
+ proxy_rule_list = cJSON_CreateIntArray(config_id, 1);
+ cJSON_AddItemToObject(per_hit_obj, "proxy_rule_list", proxy_rule_list);
+ cJSON_AddStringToObject(per_hit_obj, "proxy_action", "redirect");
log_payload = cJSON_PrintUnformatted(per_hit_obj);
diff --git a/plugin/business/tsg-http/src/tsg_logger.cpp b/plugin/business/tsg-http/src/tsg_logger.cpp
index ec289b4..8114e0f 100644
--- a/plugin/business/tsg-http/src/tsg_logger.cpp
+++ b/plugin/business/tsg-http/src/tsg_logger.cpp
@@ -43,6 +43,18 @@ enum _log_action //Bigger action number is prior.
__LG_ACTION_MAX
};
+#define get_time_ms(tv) ((long long)(tv.tv_sec) * 1000 + (long long)(tv.tv_usec) / 1000)
+
+#include "uuid_v4.h"
+UUIDv4::UUIDGenerator<std::mt19937_64> uuidGenerator;
+
+void get_http_body_uuid(char *uuid)
+{
+ UUIDv4::UUID uid = uuidGenerator.getUUID();
+ uid.str(uuid);
+ return;
+}
+
struct proxy_logger* proxy_log_handle_create(const char* profile, const char* section, void* local_logger)
{
struct tango_cache_parameter *log_file_upload_para=NULL;
@@ -115,8 +127,7 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
char* log_payload=NULL;
int kafka_status=0;
int send_cnt=0;
- int tmp=0;
- time_t cur_time;
+ struct timeval cur_time;
char src_ip_str[MAX(INET6_ADDRSTRLEN,INET_ADDRSTRLEN)] = {0};
char dst_ip_str[MAX(INET6_ADDRSTRLEN,INET_ADDRSTRLEN)] = {0};
@@ -145,14 +156,15 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
}
common_obj=cJSON_CreateObject();
- cur_time = time(NULL);
+ gettimeofday(&cur_time, NULL);
- cJSON_AddNumberToObject(common_obj, "common_start_time", http->start_time);
- cJSON_AddNumberToObject(common_obj, "common_end_time", cur_time);
+ cJSON_AddNumberToObject(common_obj, "start_timestamp_ms", get_time_ms(http->start_time));
+ cJSON_AddNumberToObject(common_obj, "end_timestamp_ms", get_time_ms(cur_time));
cJSON_AddStringToObject(common_obj, "http_version", app_proto[http->major_version]);
- cJSON_AddStringToObject(common_obj, "common_schema_type", "HTTP");
+ cJSON_AddStringToObject(common_obj, "decoded_as", "HTTP");
+
- unsigned int common_direction=0, category_id_val[64]={0};
+ unsigned int category_id_val[64]={0};
char opt_val[24]={0}; uint16_t opt_out_size;
struct tfe_cmsg * cmsg = tfe_stream_get0_cmsg(log_msg->stream);
if (cmsg!=NULL)
@@ -160,17 +172,12 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
int ret=tfe_cmsg_get_value(cmsg, TFE_CMSG_STREAM_TRACE_ID, (unsigned char *) opt_val, sizeof(opt_val), &opt_out_size);
if (ret==0)
{
- cJSON_AddStringToObject(common_obj, "common_stream_trace_id", opt_val);
+ cJSON_AddStringToObject(common_obj, "session_id", opt_val);
}
- ret = tfe_cmsg_get_value(cmsg, TFE_CMSG_COMMON_DIRECTION, (unsigned char *)&common_direction, sizeof(common_direction), &opt_out_size);
- if (ret==0)
- {
- cJSON_AddNumberToObject(common_obj, "common_direction", common_direction); //69:域内->域外,73:域外->域内,描述的是CLIENT_IP信息
- }
ret = proxy_log_get_fqdn_cat(cmsg, category_id_val, sizeof(category_id_val));
if (ret>0)
{
- cJSON_AddItemToObject(common_obj, "common_service_category", cJSON_CreateIntArray((const int*)category_id_val, ret));
+ cJSON_AddItemToObject(common_obj, "fqdn_category_list", cJSON_CreateIntArray((const int*)category_id_val, ret));
}
}
@@ -189,30 +196,29 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
struct tfe_http_resp_spec resp_spec=http->resp->resp_spec;
asprintf(&response_line, "HTTP/%d.%d %d OK", http->major_version, http->minor_version, resp_spec.resp_code);
cJSON_AddStringToObject(common_obj, "http_response_line", response_line);
+ cJSON_AddNumberToObject(common_obj, "http_status_code", resp_spec.resp_code);
free(response_line);
}
switch(addr->addrtype)
{
case TFE_ADDR_STREAM_TUPLE4_V4:
- cJSON_AddNumberToObject(common_obj, "common_address_type", 4);
+ cJSON_AddNumberToObject(common_obj, "address_type", 4);
inet_ntop(AF_INET, &addr->tuple4_v4->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET, &addr->tuple4_v4->daddr, dst_ip_str, sizeof(dst_ip_str));
- cJSON_AddStringToObject(common_obj, "common_client_ip", src_ip_str);
- cJSON_AddStringToObject(common_obj, "common_server_ip", dst_ip_str);
- cJSON_AddNumberToObject(common_obj, "common_client_port", ntohs(addr->tuple4_v4->source));
- cJSON_AddNumberToObject(common_obj, "common_server_port", ntohs(addr->tuple4_v4->dest));
- cJSON_AddStringToObject(common_obj, "common_l4_protocol", "IPv4_TCP");
+ cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
+ cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
+ cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v4->source));
+ cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v4->dest));
break;
case TFE_ADDR_STREAM_TUPLE4_V6:
- cJSON_AddNumberToObject(common_obj, "common_address_type", 6);
+ cJSON_AddNumberToObject(common_obj, "address_type", 6);
inet_ntop(AF_INET6, &addr->tuple4_v6->saddr, src_ip_str, sizeof(src_ip_str));
inet_ntop(AF_INET6, &addr->tuple4_v6->daddr, dst_ip_str, sizeof(dst_ip_str));
- cJSON_AddStringToObject(common_obj, "common_client_ip", src_ip_str);
- cJSON_AddStringToObject(common_obj, "common_server_ip", dst_ip_str);
- cJSON_AddNumberToObject(common_obj, "common_client_port", ntohs(addr->tuple4_v6->source));
- cJSON_AddNumberToObject(common_obj, "common_server_port", ntohs(addr->tuple4_v6->dest));
- cJSON_AddStringToObject(common_obj, "common_l4_protocol", "IPv6_TCP");
+ cJSON_AddStringToObject(common_obj, "client_ip", src_ip_str);
+ cJSON_AddStringToObject(common_obj, "server_ip", dst_ip_str);
+ cJSON_AddNumberToObject(common_obj, "client_port", ntohs(addr->tuple4_v6->source));
+ cJSON_AddNumberToObject(common_obj, "server_port", ntohs(addr->tuple4_v6->dest));
break;
default:
break;
@@ -230,19 +236,20 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
s2c_byte_num = log_msg->s2c_byte_num;
}
- cJSON_AddNumberToObject(common_obj, "common_link_id", 0);
- cJSON_AddNumberToObject(common_obj, "common_stream_dir", 3); //1:c2s, 2:s2c, 3:double
- cJSON_AddStringToObject(common_obj, "common_sled_ip", handle->kafka_logger->local_ip_str);
- cJSON_AddNumberToObject(common_obj, "common_t_vsys_id", handle->kafka_logger->t_vsys_id);
- cJSON_AddNumberToObject(common_obj, "common_entrance_id", handle->entry_id);
- cJSON_AddStringToObject(common_obj, "common_device_id", handle->device_id);
- cJSON_AddNumberToObject(common_obj, "common_c2s_byte_num", c2s_byte_num);
- cJSON_AddNumberToObject(common_obj, "common_s2c_byte_num", s2c_byte_num);
+ cJSON_AddNumberToObject(common_obj, "out_link_id", 0);
+ cJSON_AddNumberToObject(common_obj, "in_link_id", 0);
+ cJSON_AddStringToObject(common_obj, "sled_ip", handle->kafka_logger->local_ip_str);
+ cJSON_AddNumberToObject(common_obj, "t_vsys_id", handle->kafka_logger->t_vsys_id);
+ cJSON_AddStringToObject(common_obj, "device_id", handle->device_id);
+ cJSON_AddNumberToObject(common_obj, "sent_bytes", c2s_byte_num);
+ cJSON_AddNumberToObject(common_obj, "received_bytes", s2c_byte_num);
cJSON_AddStringToObject(common_obj, "http_url", http->req->req_spec.url);
cJSON_AddStringToObject(common_obj, "http_host", http->req->req_spec.host);
+ cJSON_AddStringToObject(common_obj, "server_fqdn", http->req->req_spec.host);
+
if(handle->effective_device_tag)
{
- cJSON_AddStringToObject(common_obj, "common_device_tag", handle->effective_device_tag);
+ cJSON_AddStringToObject(common_obj, "device_tag", handle->effective_device_tag);
}
for(size_t i=0;i<sizeof(req_fields)/sizeof(struct json_spec);i++)
@@ -262,11 +269,8 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
}
}
- char log_file_upload_req_path[TFE_STRING_MAX]={0}, cont_type_whole[TFE_STRING_MAX]={0};
- char log_file_upload_resp_path[TFE_STRING_MAX]={0};
- memset(log_file_upload_req_path, 0, sizeof(log_file_upload_req_path));
- memset(log_file_upload_resp_path, 0, sizeof(log_file_upload_resp_path));
- memset(cont_type_whole, 0, sizeof(cont_type_whole));
+ #define FILE_CHUNK_UUID_LEN 40
+ char uuid[FILE_CHUNK_UUID_LEN]={0};
for(size_t i=0; i<log_msg->result_num; i++)
{
@@ -280,81 +284,34 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
continue;
}
- struct tango_cache_meta_put meta;
- char* log_file_key=NULL;;
- const char* cont_type_val;
if(log_msg->req_body!=NULL)
{
- if(log_file_upload_req_path[0] != '\0')
+ if(uuid[0] != '\0')
{
- cJSON_AddStringToObject(common_obj, "http_request_body", log_file_upload_req_path);
+ cJSON_AddStringToObject(common_obj, "http_request_body", uuid);
}
else
{
- memset(&meta, 0, sizeof(meta));
- asprintf(&log_file_key, "%s.reqbody", http->req->req_spec.url);
- meta.url=log_file_key;
- cont_type_val=tfe_http_std_field_read(http->req, TFE_HTTP_CONT_TYPE);
- if(cont_type_val!=NULL)
- {
- snprintf(cont_type_whole, sizeof(cont_type_whole), "Content-Type:%s", cont_type_val);
- meta.std_hdr[0]=cont_type_whole;
- }
- meta.user_log_name=1;
- tmp=cache_evbase_upload_once_evbuf(handle->log_file_upload_instance, NULL,
- log_msg->req_body,
- &meta,
- log_file_upload_req_path, sizeof(log_file_upload_req_path));
- if(tmp==0)
- {
- cJSON_AddStringToObject(common_obj, "http_request_body", log_file_upload_req_path);
- }
- else
- {
- TFE_LOG_ERROR(handle->local_logger, "Upload req_body failed.");
- }
- free(log_file_key);
+ get_http_body_uuid(uuid);
+ cJSON_AddStringToObject(common_obj, "http_request_body", uuid);
}
}
if(log_msg->resp_body!=NULL)
{
- if(log_file_upload_resp_path[0] != '\0')
+ if(uuid[0] != '\0')
{
- cJSON_AddStringToObject(common_obj, "http_response_body", log_file_upload_resp_path);
+ cJSON_AddStringToObject(common_obj, "http_response_body", uuid);
}
else
{
- memset(&meta, 0, sizeof(meta));
- asprintf(&log_file_key, "%s.respbody", http->req->req_spec.url);
- meta.url=log_file_key;
- cont_type_val=tfe_http_std_field_read(http->resp, TFE_HTTP_CONT_TYPE);
- if(cont_type_val!=NULL)
- {
- snprintf(cont_type_whole, sizeof(cont_type_whole), "Content-Type:%s", cont_type_val);
- meta.std_hdr[0]=cont_type_whole;
- }
- meta.user_log_name=1;
- tmp=cache_evbase_upload_once_evbuf(handle->log_file_upload_instance, NULL,
- log_msg->resp_body,
- &meta,
- log_file_upload_resp_path, sizeof(log_file_upload_resp_path));
-
- if(tmp==0)
- {
- cJSON_AddStringToObject(common_obj, "http_response_body", log_file_upload_resp_path);
- }
- else
- {
- TFE_LOG_ERROR(handle->local_logger, "Upload resp_body failed.");
- }
- free(log_file_key);
+ get_http_body_uuid(uuid);
+ cJSON_AddStringToObject(common_obj, "http_response_body", uuid);
}
}
}
for(size_t i=0; i<log_msg->result_num; i++)
{
-
TFE_LOG_DEBUG(handle->local_logger, "URL: %s, policy_id: %lld, service: %d, do_log:%d",
http->req->req_spec.url,
log_msg->result[i].config_id,
@@ -366,27 +323,38 @@ int proxy_send_log(struct proxy_logger* handle, const struct proxy_log* log_msg)
continue;
}
+ cJSON *proxy_rule_list=NULL;
+ int config_id[1]={0};
+
per_hit_obj=cJSON_Duplicate(common_obj, 1);
- cJSON_AddNumberToObject(per_hit_obj, "common_policy_id", log_msg->result[i].config_id);
- cJSON_AddNumberToObject(per_hit_obj, "common_service", log_msg->result[i].service_id);
- cJSON_AddNumberToObject(per_hit_obj, "common_vsys_id", log_msg->result[i].vsys_id);
- cJSON_AddNumberToObject(per_hit_obj, "common_action", LG_ACTION_MANIPULATE);
+ config_id[0]=log_msg->result[i].config_id;
+ proxy_rule_list = cJSON_CreateIntArray(config_id, 1);
+ cJSON_AddItemToObject(per_hit_obj, "proxy_rule_list", proxy_rule_list);
+ cJSON_AddNumberToObject(per_hit_obj, "vsys_id", log_msg->result[i].vsys_id);
if(log_msg->result[i].action == LG_ACTION_MANIPULATE)
{
- cJSON_AddStringToObject(per_hit_obj, "common_sub_action", manipulate_action_map[log_msg->action]);
+ cJSON_AddStringToObject(per_hit_obj, "proxy_action", manipulate_action_map[log_msg->action]);
cJSON_AddNumberToObject(per_hit_obj, "http_action_file_size", log_msg->inject_sz);
}
else
{
- cJSON_AddStringToObject(per_hit_obj, "common_sub_action", panggu_action_map[(unsigned char)(log_msg->result[i].action)]);
+ cJSON_AddStringToObject(per_hit_obj, "proxy_action", panggu_action_map[(unsigned char)(log_msg->result[i].action)]);
}
if(log_msg->location_client)
{
- cJSON_AddStringToObject(per_hit_obj, "common_client_location", log_msg->location_client);
+ cJSON_AddStringToObject(per_hit_obj, "client_geolocation", log_msg->location_client);
}
if(log_msg->location_server)
{
- cJSON_AddStringToObject(per_hit_obj, "common_server_location", log_msg->location_server);
+ cJSON_AddStringToObject(per_hit_obj, "server_geolocation", log_msg->location_server);
+ }
+ if(log_msg->asn_client)
+ {
+ cJSON_AddStringToObject(common_obj, "client_asn", log_msg->asn_client);
+ }
+ if (log_msg->asn_server)
+ {
+ cJSON_AddStringToObject(common_obj, "server_asn", log_msg->asn_server);
}
log_payload = cJSON_PrintUnformatted(per_hit_obj);
diff --git a/plugin/protocol/http/src/http_half.cpp b/plugin/protocol/http/src/http_half.cpp
index 3d832b4..c58c83e 100644
--- a/plugin/protocol/http/src/http_half.cpp
+++ b/plugin/protocol/http/src/http_half.cpp
@@ -1136,7 +1136,7 @@ struct http_session_private * hs_private_create(struct http_connection_private *
__hs_private->hs_public.req = hf_private_req != NULL ? to_hf_public(hf_private_req) : NULL;
__hs_private->hs_public.resp = hf_private_req != NULL ? to_hf_public(hf_private_resp) : NULL;
__hs_private->hs_public.session_id = hc_private->session_id_counter++;
- __hs_private->hs_public.start_time=time(NULL);
+ gettimeofday(&(__hs_private->hs_public.start_time), NULL);
/* HS-PRIVATE*/
__hs_private->hc_private = hc_private;
diff --git a/plugin/protocol/http2/src/http2_stream.cpp b/plugin/protocol/http2/src/http2_stream.cpp
index 13e37e8..15f32fa 100644
--- a/plugin/protocol/http2/src/http2_stream.cpp
+++ b/plugin/protocol/http2/src/http2_stream.cpp
@@ -1270,7 +1270,7 @@ static int tfe_half_session_init(struct tfe_h2_session *h2_session, int32_t stre
struct tfe_h2_half_private *req = h2_session->req;
tfe_session->ops = &http2_session_ops;
tfe_session->req = &req->half_public;
- tfe_session->start_time=time(NULL);
+ gettimeofday(&tfe_session->start_time, NULL);
tfe_session->session_id = stream_id;
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 22:04:26 +0000