Merge remote-tracking branch 'origin/master'
This commit is contained in:
EnderByEndera
@@ -92,6 +92,9 @@ public class TaskCommandInfo {
|
||||
@JsonProperty("latest_send_times")
|
||||
private LocalDateTime latestSendTime;
|
||||
|
||||
@Schema(description = "指令是否研判", example = "true")
|
||||
@JsonProperty("is_judeged")
|
||||
private Boolean isJudged = true;
|
||||
/*
|
||||
以下属性用于动态规则生成,不写入doris:t_command表
|
||||
*/
|
||||
|
||||
@@ -12,7 +12,7 @@ import java.util.List;
|
||||
@Mapper
|
||||
public interface AlertMessageMapper {
|
||||
|
||||
TaskCommandInfo getDynamicTaskInfos(Long taskId) ;
|
||||
TaskCommandInfo getDynamicTaskInfos(Long taskId, Integer dynamicRuleId) ;
|
||||
|
||||
|
||||
ProtectLevel queryTemplateProtectLevel(Integer templateId, Integer protectLevel);
|
||||
|
||||
@@ -8,7 +8,6 @@ import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
|
||||
import com.realtime.protection.configuration.utils.enums.StateEnum;
|
||||
import com.realtime.protection.configuration.utils.enums.TaskTypeEnum;
|
||||
import com.realtime.protection.server.command.CommandService;
|
||||
import com.realtime.protection.server.task.TaskService;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.List;
|
||||
@@ -19,12 +18,11 @@ import java.util.List;
|
||||
public class AlertMessageService {
|
||||
private final CommandService commandService;
|
||||
private final AlertMessageMapper alertMessageMapper;
|
||||
private final TaskService taskService;
|
||||
|
||||
public AlertMessageService(CommandService commandService,TaskService taskService,
|
||||
public AlertMessageService(
|
||||
CommandService commandService,
|
||||
AlertMessageMapper alertMessageMapper) {
|
||||
this.commandService = commandService;
|
||||
this.taskService = taskService;
|
||||
this.alertMessageMapper = alertMessageMapper;
|
||||
}
|
||||
|
||||
@@ -35,43 +33,43 @@ public class AlertMessageService {
|
||||
Integer taskStatus = dynamicTaskCommandInfo.getTaskStatus();
|
||||
Integer taskType = dynamicTaskCommandInfo.getTaskType();
|
||||
|
||||
if (taskType == TaskTypeEnum.DYNAMIC.getTaskType())//动态
|
||||
if (taskType == TaskTypeEnum.DYNAMIC.getTaskType())//实时
|
||||
switch (StateEnum.getStateEnumByNum(taskStatus)) {
|
||||
case RUNNING:
|
||||
insertCommandAndAlertMessage(dynamicTaskCommandInfo, true, alertMessage);
|
||||
insertCommandAndAlertMessage(dynamicTaskCommandInfo, true, true, alertMessage);
|
||||
break;
|
||||
case PAUSED:
|
||||
insertCommandAndAlertMessage(dynamicTaskCommandInfo, false, alertMessage);
|
||||
insertCommandAndAlertMessage(dynamicTaskCommandInfo, false, true, alertMessage);
|
||||
break;
|
||||
default://主要是stop
|
||||
//command不入库
|
||||
//alertmessage入库
|
||||
insertAlertMessageOnly(alertMessage, true);
|
||||
insertAlertMessageOnly(alertMessage);
|
||||
break;
|
||||
}
|
||||
else if (taskType == TaskTypeEnum.JUDGED.getTaskType())//研判后
|
||||
switch (StateEnum.getStateEnumByNum(taskStatus)) {
|
||||
case RUNNING:
|
||||
insertCommandAndAlertMessage(dynamicTaskCommandInfo, false, alertMessage);
|
||||
insertCommandAndAlertMessage(dynamicTaskCommandInfo, true, false, alertMessage);
|
||||
break;
|
||||
case PAUSED:
|
||||
insertCommandAndAlertMessage(dynamicTaskCommandInfo, false, alertMessage);
|
||||
insertCommandAndAlertMessage(dynamicTaskCommandInfo, false, false, alertMessage);
|
||||
break;
|
||||
default://主要是stop
|
||||
//command不入库
|
||||
//alertmessage入库
|
||||
insertAlertMessageOnly(alertMessage, false);
|
||||
insertAlertMessageOnly(alertMessage);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
private TaskCommandInfo generateDynamicCommand(AlertMessage alertMessage){
|
||||
Long taskId = alertMessage.getTaskId();
|
||||
|
||||
Integer DynamicRuleId = alertMessage.getDynamicRuleId();
|
||||
// 查task信息
|
||||
// (1)查询生成指令所需信息:和alertMessage中的fiveTuple信息 合并成 TaskCommandInfo;
|
||||
// (2)额外信息:并额外查询templateId、protectLevel和taskStatus
|
||||
TaskCommandInfo dynamicCommandInfo = alertMessageMapper.getDynamicTaskInfos(taskId);
|
||||
TaskCommandInfo dynamicCommandInfo = alertMessageMapper.getDynamicTaskInfos(taskId, DynamicRuleId);
|
||||
|
||||
// 根据templateId、protectLevel获取策略模板
|
||||
ProtectLevel templateProtectLevel = alertMessageMapper.queryTemplateProtectLevel(
|
||||
@@ -87,17 +85,20 @@ public class AlertMessageService {
|
||||
}
|
||||
|
||||
@DSTransactional
|
||||
private void insertCommandAndAlertMessage(TaskCommandInfo dynamicTaskCommandInfo, Boolean isValid,
|
||||
AlertMessage alertMessage){
|
||||
private void insertCommandAndAlertMessage(TaskCommandInfo dynamicTaskCommandInfo,
|
||||
Boolean isValid,
|
||||
Boolean isJudged,
|
||||
AlertMessage alertMessage){
|
||||
//command入库
|
||||
dynamicTaskCommandInfo.setIsValid(isValid);
|
||||
dynamicTaskCommandInfo.setIsJudged(isJudged);
|
||||
String commandUUID = commandService.createCommand(dynamicTaskCommandInfo);
|
||||
|
||||
//alertmessage入库
|
||||
alertMessage.setCommandUUID(commandUUID);
|
||||
alertMessageMapper.insertAlertMessage(alertMessage);
|
||||
}
|
||||
private void insertAlertMessageOnly(AlertMessage alertMessage, Boolean isDistribute){
|
||||
private void insertAlertMessageOnly(AlertMessage alertMessage){
|
||||
//alertmessage入库
|
||||
alertMessage.setCommandUUID(null);
|
||||
alertMessageMapper.insertAlertMessage(alertMessage);
|
||||
|
||||
@@ -148,9 +148,10 @@
|
||||
t_task.task_status
|
||||
|
||||
from t_task
|
||||
left join realtime_protection.t_dynamic_rule t_dr on t_task.task_id = t_dr.dynamic_rule_used_task_id
|
||||
left join realtime_protection.t_dynamic_rule t_dr on
|
||||
(t_task.task_id = t_dr.dynamic_rule_used_task_id and t_dr.dynamic_rule_id = #{dynamicRuleId})
|
||||
where
|
||||
t_task.task_id = #{task_id}
|
||||
t_task.task_id = #{taskId}
|
||||
</select>
|
||||
|
||||
<select id="queryAlermsByCommandId"
|
||||
|
||||
@@ -17,12 +17,12 @@ public class AlertMessageTest {
|
||||
|
||||
@Test
|
||||
void testReceiveAlertMessage() {
|
||||
for (int i = 1; i < 10; i++) {
|
||||
for (int i = 1; i < 4; i++) {
|
||||
AlertMessage alertMessage = new AlertMessage();
|
||||
FiveTupleWithMask fiveTupleWithMask = new FiveTupleWithMask();
|
||||
fiveTupleWithMask.setSourceIP("1.1.1." + i);
|
||||
fiveTupleWithMask.setMaskSourceIP("255.255.255.0");
|
||||
fiveTupleWithMask.setDestinationIP("2.2.3.4");
|
||||
fiveTupleWithMask.setDestinationIP("2.2.3." + i);
|
||||
fiveTupleWithMask.setMaskDestinationIP("255.255.255.255");
|
||||
fiveTupleWithMask.setSourcePort("80");
|
||||
fiveTupleWithMask.setDestinationPort("80");
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package com.realtime.protection.server.rule.dynamic;
|
||||
|
||||
import com.github.xiaoymin.knife4j.annotations.Ignore;
|
||||
import com.realtime.protection.ProtectionApplicationTests;
|
||||
import com.realtime.protection.configuration.entity.rule.dynamicrule.DynamicRuleObject;
|
||||
import com.realtime.protection.server.rule.dynamicrule.DynamicRuleService;
|
||||
@@ -44,6 +45,7 @@ public class DynamicRuleServiceTest extends ProtectionApplicationTests {
|
||||
// System.out.println(object);
|
||||
}
|
||||
|
||||
@Ignore
|
||||
@Test
|
||||
void testUpdateDynamicRule() {
|
||||
DynamicRuleObject object = new DynamicRuleObject();
|
||||
|
||||
Reference in New Issue
Block a user