1、AlertMessage实体类增加content字段,并同步mapper中新增、查询方法增加content字段
2、DynamicRuleObject实体类新增log_rule_id属性,并同步mapper中新增、查询方法增加log_rule_id字段 3、StaticRule新建增加ip、maskip是否匹配的判断,批量新建和更新还没增加。
This commit is contained in:
Hao Miao
@@ -5,19 +5,23 @@ import com.fasterxml.jackson.annotation.JsonProperty;
|
||||
import com.realtime.protection.configuration.entity.task.FiveTupleWithMask;
|
||||
import lombok.Data;
|
||||
|
||||
|
||||
@Data
|
||||
public class AlertMessage {
|
||||
|
||||
@JsonProperty("task_id")
|
||||
private Long taskId;
|
||||
|
||||
@JsonProperty("dynamic_rule_id")
|
||||
@JsonProperty("rule_id")
|
||||
private Integer dynamicRuleId;
|
||||
|
||||
|
||||
@JsonProperty("five_tuple_with_mask")
|
||||
private FiveTupleWithMask fiveTupleWithMask;
|
||||
|
||||
@JsonProperty("content")
|
||||
private String content;
|
||||
|
||||
// @JsonProperty("is_distribute")
|
||||
// private Boolean isDistribute;//待删除
|
||||
|
||||
|
||||
@@ -91,4 +91,8 @@ public class DynamicRuleObject {
|
||||
@Schema(description = "频率", example = "1", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||
private Integer dynamicRuleFrequency;
|
||||
|
||||
@NotNull
|
||||
@JsonProperty("log_rule_id")
|
||||
@Schema(description = "筛选条件-日志规则id", example = "1", requiredMode = Schema.RequiredMode.REQUIRED)
|
||||
private Integer logRuleId;
|
||||
}
|
||||
|
||||
@@ -19,7 +19,7 @@ public class AlertMessageController
|
||||
@PostMapping("/new")
|
||||
public ResponseResult receiveAlertMessage(@RequestBody @Valid AlertMessage alertMessage){
|
||||
alertMessageService.processAlertMessage(alertMessage);
|
||||
return ResponseResult.ok();
|
||||
return ResponseResult.ok().setData("success", true);
|
||||
}
|
||||
|
||||
//实时任务、研判后任务:查看指令对应的告警信息
|
||||
|
||||
@@ -70,8 +70,8 @@ public class AlertMessageService {
|
||||
// (1)查询生成指令所需信息:和alertMessage中的fiveTuple信息 合并成 TaskCommandInfo;
|
||||
// (2)额外信息:并额外查询templateId、protectLevel和taskStatus
|
||||
TaskCommandInfo dynamicCommandInfo = alertMessageMapper.getDynamicTaskInfos(taskId, DynamicRuleId);
|
||||
if (dynamicCommandInfo.getTemplateId() == null){
|
||||
throw new IllegalArgumentException("taskId: " + taskId + " DynamicRuleId: " + DynamicRuleId + " 不匹配");
|
||||
if (dynamicCommandInfo == null || dynamicCommandInfo.getTemplateId() == null){
|
||||
throw new IllegalArgumentException("taskId: " + taskId + " DynamicRuleId: " + DynamicRuleId + " 不正确");
|
||||
}
|
||||
// 根据templateId、protectLevel获取策略模板
|
||||
ProtectLevel templateProtectLevel = alertMessageMapper.queryTemplateProtectLevel(
|
||||
|
||||
@@ -26,8 +26,6 @@ public class DynamicRuleService {
|
||||
@Transactional
|
||||
public Integer newDynamicRuleObject(DynamicRuleObject dynamicRule) {
|
||||
|
||||
dynamicRuleMapper.newDynamicRule(dynamicRule);
|
||||
|
||||
//判断protectObject id是否有效
|
||||
boolean ProtectObjIdValid = dynamicRule.getProtectObjectIds().stream()
|
||||
.allMatch(
|
||||
@@ -36,6 +34,8 @@ public class DynamicRuleService {
|
||||
if (!ProtectObjIdValid) {
|
||||
throw new IllegalArgumentException("protect object id is invalid");
|
||||
}
|
||||
|
||||
dynamicRuleMapper.newDynamicRule(dynamicRule);
|
||||
Integer dynamicRuleId = dynamicRule.getDynamicRuleId();
|
||||
dynamicRule.getProtectObjectIds().forEach(
|
||||
protectObjectId -> dynamicRuleMapper.newDynamicRulProtectObjectConcat(dynamicRuleId, protectObjectId));
|
||||
@@ -104,9 +104,10 @@ public class DynamicRuleService {
|
||||
//template在表中删除了,需要重新设置template(感觉这种情况不多见)
|
||||
dynamicRuleObject.setDynamicRuleSourceSystem("need reset");
|
||||
dynamicRuleObject.setDynamicRuleEventType("need reset");
|
||||
}
|
||||
}else{
|
||||
dynamicRuleObject.setDynamicRuleSourceSystem(template.getSourceSystem());
|
||||
dynamicRuleObject.setDynamicRuleEventType(template.getTemplateName());
|
||||
}
|
||||
|
||||
return dynamicRuleObject;
|
||||
}
|
||||
|
||||
@@ -7,6 +7,9 @@ import com.realtime.protection.configuration.utils.status.AuditStatusValidator;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import java.net.InetAddress;
|
||||
import java.net.UnknownHostException;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
@@ -25,17 +28,39 @@ public class StaticRuleService {
|
||||
this.sqlSessionWrapper = sqlSessionWrapper;
|
||||
}
|
||||
|
||||
private static int ipToInt(String ip) {
|
||||
try {
|
||||
byte[] bytes = InetAddress.getByName(ip).getAddress();
|
||||
return ByteBuffer.wrap(bytes).getInt();
|
||||
} catch (UnknownHostException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
private Boolean isIpMaskValid(String ip, String mip) {
|
||||
if (ip == null && mip != null) throw new IllegalArgumentException("有ip掩码但没设置ip");
|
||||
if (mip == null) return true;
|
||||
|
||||
int ipToInt = ipToInt(ip);
|
||||
int mipToInt = ipToInt(mip);
|
||||
return ( ipToInt == (ipToInt & mipToInt) ) ;
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
新建静态规则
|
||||
*/
|
||||
public Integer newStaticRuleObject(StaticRuleObject object) {
|
||||
public Integer newStaticRuleObject(StaticRuleObject object) {
|
||||
|
||||
object.setStaticRuleCreateTime(LocalDateTime.now());
|
||||
object.setStaticRuleAuditStatus(0);
|
||||
/*
|
||||
待开发:设置静态规则对象的创建用户、用户所属部门等属性
|
||||
*/
|
||||
if (!isIpMaskValid(object.getStaticRuleSip(),object.getStaticRuleMsip()) ||
|
||||
!isIpMaskValid(object.getStaticRuleDip(),object.getStaticRuleMdip())
|
||||
){
|
||||
throw new IllegalArgumentException("IP和IP掩码不匹配");
|
||||
}
|
||||
staticRuleMapper.newStaticRuleObject(object);
|
||||
|
||||
return object.getStaticRuleId();
|
||||
|
||||
Reference in New Issue
Block a user