Merge remote-tracking branch 'origin/master' into haskafka
This commit is contained in:
root
@@ -32,7 +32,7 @@ public class AlertMessageService {
|
||||
public void processAlertMessage(AlertMessage alertMessage) {
|
||||
//根据告警信息——>生成指令
|
||||
List<TaskCommandInfo> dynamicTaskCommandInfoList = generateDynamicCommand(alertMessage);
|
||||
//获取任务状态,设置指令的isValid字段,且是否生成指令入库(除了RUNING\PAUSED状态,其他都不入库)。
|
||||
//获取任务状态,设置指令的isValid字段,且是否生成指令入库(除了RUNING\PAUSED状态,其他都不入command库)。
|
||||
Integer taskStatus = dynamicTaskCommandInfoList.get(0).getTaskStatus();
|
||||
//获取任务类型,设置指令的isJudged字段。
|
||||
Integer taskType = dynamicTaskCommandInfoList.get(0).getTaskType();
|
||||
@@ -89,7 +89,7 @@ public class AlertMessageService {
|
||||
alertMessage.getProtectIsSrcOrDst(), templateProtectLevel);
|
||||
|
||||
//根据fiveTuple生成动态指令信息
|
||||
List<TaskCommandInfo> dynamicCommandInfoList = new ArrayList<TaskCommandInfo>();
|
||||
List<TaskCommandInfo> dynamicCommandInfoList = new ArrayList<>();
|
||||
if (fiveTupleWithMaskNew.size() == 2){
|
||||
TaskCommandInfo dynamicCommandInfo_bi = new TaskCommandInfo();
|
||||
dynamicCommandInfo_bi.copyTaskCommandInfo(dynamicCommandInfo);
|
||||
@@ -203,7 +203,7 @@ public class AlertMessageService {
|
||||
peer.setPort(null);
|
||||
peer.setMaskPort(null);
|
||||
}
|
||||
List<FiveTupleWithMask> newFiveTupleWithMask = new ArrayList<FiveTupleWithMask>();
|
||||
List<FiveTupleWithMask> newFiveTupleWithMask = new ArrayList<>();
|
||||
//生成指令
|
||||
FiveTupleWithMask command1 = new FiveTupleWithMask();
|
||||
command1.setSourceIP(peer.getIP());
|
||||
|
||||
@@ -3,7 +3,7 @@ package com.realtime.protection.server.defense.object;
|
||||
import com.alibaba.excel.util.ListUtils;
|
||||
import com.realtime.protection.configuration.entity.defense.object.ProtectObject;
|
||||
import com.realtime.protection.configuration.utils.SqlSessionWrapper;
|
||||
import com.realtime.protection.configuration.utils.status.AuditStatusValidator;
|
||||
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package com.realtime.protection.server.defense.template;
|
||||
|
||||
import com.realtime.protection.configuration.entity.defense.template.Template;
|
||||
import lombok.SneakyThrows;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
@@ -44,6 +45,21 @@ public class TemplateService {
|
||||
return templateMapper.queryTemplate(templateId);
|
||||
}
|
||||
|
||||
public List<Template> queryTemplatesShort() {
|
||||
List<Template> templates = templateMapper.queryTemplates(null, null, null, 1, 10000);
|
||||
|
||||
templates.forEach(template -> {
|
||||
try {
|
||||
template.setHasProtectLevel();
|
||||
} catch (IllegalAccessException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
});
|
||||
templates.forEach(Template::shortenTemplate);
|
||||
|
||||
return templates;
|
||||
}
|
||||
|
||||
public Boolean deleteTemplate(Integer templateId) {
|
||||
return templateMapper.deleteTemplate(templateId);
|
||||
}
|
||||
|
||||
@@ -14,7 +14,9 @@ import org.springframework.web.multipart.MultipartFile;
|
||||
import java.io.IOException;
|
||||
import java.net.URLEncoder;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
|
||||
@RestController
|
||||
@@ -163,7 +165,7 @@ public class StaticRuleController implements StaticRuleControllerApi {
|
||||
public ResponseResult updateStaticRuleAuditStatus(@PathVariable Integer id, @PathVariable Integer auditStatus) {
|
||||
if (id <= 0 || auditStatus < 0 || auditStatus > 2) {
|
||||
return new ResponseResult(400, "id or status is invalid")
|
||||
.setData("whiteobj_id", id)
|
||||
.setData("staticRule_id", id)
|
||||
.setData("success", false);
|
||||
}
|
||||
return ResponseResult.ok()
|
||||
@@ -173,4 +175,29 @@ public class StaticRuleController implements StaticRuleControllerApi {
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 批量修改审核状态
|
||||
*/
|
||||
@PostMapping("/auditbatch")
|
||||
public ResponseResult updateStaticRuleAuditStatusBatch(@RequestBody Map<Integer, Integer> idsWithAuditStatusMap) {
|
||||
List<Integer> errorIds = new ArrayList<>();
|
||||
for (Map.Entry<Integer, Integer> entry: idsWithAuditStatusMap.entrySet()) {
|
||||
Integer id = entry.getKey();
|
||||
Integer auditStatus = entry.getValue();
|
||||
if (id <= 0 || auditStatus < 0 || auditStatus > 2) {
|
||||
errorIds.add(id);
|
||||
}
|
||||
}
|
||||
if (!errorIds.isEmpty()){
|
||||
return new ResponseResult(400, "id or status is invalid")
|
||||
.setData("staticRule_id", errorIds)
|
||||
.setData("success", false);
|
||||
}
|
||||
|
||||
return ResponseResult.ok()
|
||||
.setData("success", staticRuleService.updateAuditStatusBatch(idsWithAuditStatusMap));
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -6,6 +6,7 @@ import org.apache.ibatis.annotations.Mapper;
|
||||
import org.apache.ibatis.annotations.Param;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
@Mapper
|
||||
public interface StaticRuleMapper {
|
||||
@@ -43,4 +44,6 @@ public interface StaticRuleMapper {
|
||||
String static_rule_create_username, String ip);
|
||||
|
||||
List<StaticRuleObject> queryStaticRuleByIds(List<Integer> ids);
|
||||
|
||||
void updateAuditStatusByIdBatch(@Param("idWithAuditStatusBatch")Map<Integer, Integer> idWithAuditStatusBatch);
|
||||
}
|
||||
|
||||
@@ -3,7 +3,10 @@ package com.realtime.protection.server.rule.staticrule;
|
||||
import com.alibaba.excel.util.ListUtils;
|
||||
import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleObject;
|
||||
import com.realtime.protection.configuration.utils.SqlSessionWrapper;
|
||||
import com.realtime.protection.configuration.utils.status.AuditStatusValidator;
|
||||
import com.realtime.protection.configuration.utils.enums.RuleEnum;
|
||||
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum;
|
||||
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator;
|
||||
import lombok.SneakyThrows;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
@@ -14,6 +17,7 @@ import java.time.LocalDateTime;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Objects;
|
||||
import java.util.function.Function;
|
||||
|
||||
@Service
|
||||
@@ -49,6 +53,7 @@ public class StaticRuleService {
|
||||
/*
|
||||
新建静态规则
|
||||
*/
|
||||
@SneakyThrows
|
||||
public Integer newStaticRuleObject(StaticRuleObject object) {
|
||||
|
||||
object.setStaticRuleCreateTime(LocalDateTime.now());
|
||||
@@ -61,6 +66,9 @@ public class StaticRuleService {
|
||||
){
|
||||
throw new IllegalArgumentException("IP和IP掩码不匹配");
|
||||
}
|
||||
if (!RuleEnum.checkValidate(object)) {
|
||||
throw new IllegalArgumentException("静态规则不符合指定的配置方法,请参考规则模板以配置静态规则");
|
||||
}
|
||||
staticRuleMapper.newStaticRuleObject(object);
|
||||
|
||||
return object.getStaticRuleId();
|
||||
@@ -98,7 +106,22 @@ public class StaticRuleService {
|
||||
return sqlSessionWrapper.startBatchSession(StaticRuleMapper.class, deleteStaticRulesFunction, staticRuleIds);
|
||||
}
|
||||
|
||||
@SneakyThrows
|
||||
@Transactional
|
||||
public Boolean updateStaticRule(Integer id, StaticRuleObject object) {
|
||||
StaticRuleObject staticRuleObject = staticRuleMapper.queryStaticRuleById(id);
|
||||
if (staticRuleObject == null) {
|
||||
throw new IllegalArgumentException("未知的静态规则ID");
|
||||
}
|
||||
|
||||
if (Objects.equals(staticRuleObject.getStaticRuleAuditStatus(), AuditStatusEnum.USING.getNum())) {
|
||||
throw new IllegalArgumentException("静态规则当前正在使用,无法更新");
|
||||
}
|
||||
|
||||
if (!RuleEnum.checkValidate(object)) {
|
||||
throw new IllegalArgumentException("静态规则不符合指定的配置方法,请参考规则模板以配置静态规则");
|
||||
}
|
||||
|
||||
//判断当前静态规则是否能够修改---是否存在任务选择的静态规则??
|
||||
//按id查询该静态规则的used_task_id字段,如果不为空,则不能修改
|
||||
object.setStaticRuleModifyTime(LocalDateTime.now());
|
||||
@@ -131,7 +154,7 @@ public class StaticRuleService {
|
||||
}
|
||||
|
||||
List<StaticRuleObject> StaticRuleBatch = ListUtils.newArrayListWithExpectedSize(100);
|
||||
for (StaticRuleObject staticRule : staticRuleList) {
|
||||
for (StaticRuleObject staticRule : list) {
|
||||
staticRule.setStaticRuleCreateTime(LocalDateTime.now());
|
||||
StaticRuleBatch.add(staticRule);
|
||||
if (StaticRuleBatch.size() < 100) {
|
||||
@@ -169,7 +192,16 @@ public class StaticRuleService {
|
||||
return resultMap;
|
||||
}
|
||||
|
||||
@Transactional
|
||||
public void deleteStaticRuleById(Integer id) {
|
||||
StaticRuleObject staticRuleObject = staticRuleMapper.queryStaticRuleById(id);
|
||||
if (staticRuleObject == null) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (Objects.equals(staticRuleObject.getStaticRuleAuditStatus(), AuditStatusEnum.USING.getNum())) {
|
||||
throw new IllegalArgumentException("当前静态规则正在使用,无法删除");
|
||||
}
|
||||
staticRuleMapper.deleteStaticRuleById(id);
|
||||
}
|
||||
|
||||
@@ -182,4 +214,31 @@ public class StaticRuleService {
|
||||
public List<StaticRuleObject> queryStaticRuleByIds(List<Integer> ids) {
|
||||
return staticRuleMapper.queryStaticRuleByIds(ids);
|
||||
}
|
||||
|
||||
public Object updateAuditStatusBatch(Map<Integer, Integer> idsWithAuditStatusMap) {
|
||||
|
||||
Function<StaticRuleMapper, Function<Map<Integer, Integer>, Boolean>> updateStaticRuleAuditStatusFunction =
|
||||
mapper -> map -> {
|
||||
if (map == null || map.isEmpty()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
Map<Integer, Integer> idWithAuditStatusBatch = new HashMap<>();
|
||||
for (Map.Entry<Integer, Integer> item : map.entrySet()) {
|
||||
idWithAuditStatusBatch.put(item.getKey(), item.getValue());
|
||||
if (idWithAuditStatusBatch.size() < 100) {
|
||||
continue;
|
||||
}
|
||||
//mapper指的就是外层函数输入的参数,也就是WhiteListMapper
|
||||
mapper.updateAuditStatusByIdBatch(idWithAuditStatusBatch);
|
||||
idWithAuditStatusBatch.clear();
|
||||
}
|
||||
if (!idWithAuditStatusBatch.isEmpty()) {
|
||||
mapper.updateAuditStatusByIdBatch(idWithAuditStatusBatch);
|
||||
}
|
||||
return true;
|
||||
};
|
||||
//实现事务操作
|
||||
return sqlSessionWrapper.startBatchSession(StaticRuleMapper.class, updateStaticRuleAuditStatusFunction, idsWithAuditStatusMap);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5,7 +5,7 @@ import com.realtime.protection.configuration.entity.task.DynamicTaskInfo;
|
||||
import com.realtime.protection.configuration.entity.task.Task;
|
||||
import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
|
||||
import com.realtime.protection.configuration.utils.enums.StateEnum;
|
||||
import com.realtime.protection.configuration.utils.status.AuditStatusValidator;
|
||||
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
@@ -109,7 +109,12 @@ public class TaskService {
|
||||
|
||||
public List<TaskCommandInfo> getStaticCommandInfos(Long taskId) {
|
||||
List<TaskCommandInfo> staticCommandInfos = taskMapper.getStaticCommandInfos(taskId);
|
||||
staticCommandInfos.forEach(TaskCommandInfo::setProtocolNum);
|
||||
|
||||
staticCommandInfos.forEach(taskCommandInfo -> {
|
||||
taskCommandInfo.setProtocolNum();
|
||||
taskCommandInfo.setMask();
|
||||
});
|
||||
|
||||
return staticCommandInfos;
|
||||
}
|
||||
|
||||
|
||||
@@ -3,7 +3,7 @@ package com.realtime.protection.server.task.status;
|
||||
import com.baomidou.dynamic.datasource.annotation.DSTransactional;
|
||||
import com.realtime.protection.configuration.exception.DorisStartException;
|
||||
import com.realtime.protection.configuration.utils.enums.StateEnum;
|
||||
import com.realtime.protection.configuration.utils.status.State;
|
||||
import com.realtime.protection.server.task.status.states.State;
|
||||
import com.realtime.protection.server.command.CommandService;
|
||||
import com.realtime.protection.server.task.TaskService;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
@@ -98,7 +98,7 @@ public class StateChangeService {
|
||||
@Async
|
||||
protected void finishTasks() {
|
||||
List<Long> finishedTaskIds = taskService.getFinishedTasks();
|
||||
log.debug("成功扫描出所有需要变为结束状态的任务:" + finishedTaskIds);
|
||||
log.debug("成功扫描出所有需要变为结束状态的任务:{}", finishedTaskIds);
|
||||
|
||||
for (Long taskId : finishedTaskIds) {
|
||||
try {
|
||||
|
||||
@@ -5,7 +5,7 @@ import com.realtime.protection.configuration.entity.task.Task;
|
||||
import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
|
||||
import com.realtime.protection.configuration.response.SimpleResponse;
|
||||
import com.realtime.protection.configuration.utils.enums.TaskTypeEnum;
|
||||
import com.realtime.protection.configuration.utils.status.AuditStatus;
|
||||
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusEnum;
|
||||
import com.realtime.protection.server.command.CommandService;
|
||||
import com.realtime.protection.server.task.TaskService;
|
||||
import org.springframework.http.HttpStatus;
|
||||
@@ -36,7 +36,7 @@ public class StateHandler {
|
||||
}
|
||||
|
||||
// 如果审核状态不为已通过审核,则报错
|
||||
if (taskAuditStatus != AuditStatus.AUDITED.getAuditStatus()) {
|
||||
if (taskAuditStatus != AuditStatusEnum.AUDITED.getNum()) {
|
||||
throw new IllegalArgumentException("无效的task_id,因为未通过审核");
|
||||
}
|
||||
|
||||
@@ -75,14 +75,11 @@ public class StateHandler {
|
||||
// todo: 如果是实时任务或者研判后处置任务,那么就需要在任务启动之后,立刻向动态规则中指定的系统发送日志筛选请求。
|
||||
// 筛选完成后,系统返回日志,需要由接收端点提取字段,并且合成一条静态规则,再按照任务开始时间、结束时间和任务类型进行指令创建
|
||||
private Boolean handleJudgedTaskStart(TaskService taskService, Long taskId) {
|
||||
// return sendFilters(taskService, taskId);
|
||||
// 还没配置帅选条件发送的url,不配置会出错,所以先注释
|
||||
return true;
|
||||
return sendFilters(taskService, taskId);
|
||||
}
|
||||
|
||||
private Boolean handleDynamicTaskStart(TaskService taskService, Long taskId) {
|
||||
// return sendFilters(taskService, taskId);
|
||||
return true;
|
||||
return sendFilters(taskService, taskId);
|
||||
}
|
||||
|
||||
private Boolean handleStaticTaskStart(CommandService commandService, TaskService taskService, Long taskId) {
|
||||
@@ -106,7 +103,7 @@ public class StateHandler {
|
||||
AtomicReference<Boolean> success = new AtomicReference<>(false);
|
||||
|
||||
Mono<SimpleResponse> mono = client.post()
|
||||
.uri("") // todo: unfinished
|
||||
.uri("http://192.168.107.89:9081/api/v1/kafkasend") // todo: untested
|
||||
.bodyValue(dynamicTaskInfos)
|
||||
.exchangeToMono(res -> {
|
||||
if (res.statusCode().equals(HttpStatus.OK)) {
|
||||
|
||||
@@ -2,7 +2,6 @@ package com.realtime.protection.server.task.status.states;
|
||||
|
||||
import com.realtime.protection.configuration.exception.DorisStartException;
|
||||
import com.realtime.protection.configuration.utils.enums.StateEnum;
|
||||
import com.realtime.protection.configuration.utils.status.State;
|
||||
import com.realtime.protection.server.command.CommandService;
|
||||
import com.realtime.protection.server.task.TaskService;
|
||||
import com.realtime.protection.server.task.status.StateHandler;
|
||||
|
||||
@@ -1,6 +1,5 @@
|
||||
package com.realtime.protection.server.task.status.states;
|
||||
|
||||
import com.realtime.protection.configuration.utils.status.State;
|
||||
import com.realtime.protection.server.command.CommandService;
|
||||
import com.realtime.protection.server.task.TaskService;
|
||||
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
package com.realtime.protection.server.task.status.states;
|
||||
|
||||
import com.realtime.protection.configuration.utils.enums.StateEnum;
|
||||
import com.realtime.protection.configuration.utils.status.State;
|
||||
import com.realtime.protection.server.command.CommandService;
|
||||
import com.realtime.protection.server.task.TaskService;
|
||||
import com.realtime.protection.server.task.status.StateHandler;
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
package com.realtime.protection.server.task.status.states;
|
||||
|
||||
import com.realtime.protection.configuration.utils.enums.StateEnum;
|
||||
import com.realtime.protection.configuration.utils.status.State;
|
||||
import com.realtime.protection.server.command.CommandService;
|
||||
import com.realtime.protection.server.task.TaskService;
|
||||
import com.realtime.protection.server.task.status.StateHandler;
|
||||
|
||||
@@ -2,7 +2,6 @@ package com.realtime.protection.server.task.status.states;
|
||||
|
||||
import com.realtime.protection.configuration.exception.DorisStartException;
|
||||
import com.realtime.protection.configuration.utils.enums.StateEnum;
|
||||
import com.realtime.protection.configuration.utils.status.State;
|
||||
import com.realtime.protection.server.command.CommandService;
|
||||
import com.realtime.protection.server.task.TaskService;
|
||||
import com.realtime.protection.server.task.status.StateHandler;
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
package com.realtime.protection.server.task.status.states;
|
||||
|
||||
import com.realtime.protection.configuration.utils.enums.StateEnum;
|
||||
import com.realtime.protection.configuration.utils.status.State;
|
||||
import com.realtime.protection.server.command.CommandService;
|
||||
import com.realtime.protection.server.task.TaskService;
|
||||
import com.realtime.protection.server.task.status.StateHandler;
|
||||
|
||||
@@ -0,0 +1,9 @@
|
||||
package com.realtime.protection.server.task.status.states;
|
||||
|
||||
import com.realtime.protection.configuration.exception.DorisStartException;
|
||||
import com.realtime.protection.server.command.CommandService;
|
||||
import com.realtime.protection.server.task.TaskService;
|
||||
|
||||
public interface State {
|
||||
Boolean handle(State newState, CommandService commandService, TaskService taskService, Long taskId) throws DorisStartException;
|
||||
}
|
||||
@@ -2,7 +2,6 @@ package com.realtime.protection.server.task.status.states;
|
||||
|
||||
import com.realtime.protection.configuration.exception.DorisStartException;
|
||||
import com.realtime.protection.configuration.utils.enums.StateEnum;
|
||||
import com.realtime.protection.configuration.utils.status.State;
|
||||
import com.realtime.protection.server.command.CommandService;
|
||||
import com.realtime.protection.server.task.TaskService;
|
||||
import com.realtime.protection.server.task.status.StateHandler;
|
||||
|
||||
@@ -5,7 +5,7 @@ import com.realtime.protection.configuration.entity.rule.staticrule.StaticRuleOb
|
||||
import com.realtime.protection.configuration.entity.task.TaskCommandInfo;
|
||||
import com.realtime.protection.configuration.entity.whitelist.WhiteListObject;
|
||||
import com.realtime.protection.configuration.utils.SqlSessionWrapper;
|
||||
import com.realtime.protection.configuration.utils.status.AuditStatusValidator;
|
||||
import com.realtime.protection.configuration.utils.enums.audit.AuditStatusValidator;
|
||||
import com.realtime.protection.server.rule.staticrule.StaticRuleMapper;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
Reference in New Issue
Block a user