gfwleak/galaxy-deployment-updata-record
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CN 24.08.1 change groot config

Browse Source
This commit is contained in:
gujinkai
2024-11-08 19:01:54 +08:00
parent 3da93049e1
commit 4c693527cc
4 changed files with 125 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cyber_narrator/upgrade/2024/CN-24.08/groot-stream/1.3.2/24.08.1/README.md Normal file
View File

@@ -0,0 +1,4 @@
groot-stream version base 1.3.2
etl_session_record_kafka_to_cn_kafka 需要根据部署环境确定数据源的topic是SESSION-RECORD还是SESSION-RECORD-PROCESSED

94
cyber_narrator/upgrade/2024/CN-24.08/groot-stream/1.3.2/24.08.1/grootstream.yaml Normal file
View File

@@ -0,0 +1,94 @@
grootstream:
knowledge_base:
- name: cn_ip_location
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 1
- name: cn_ip_asn
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 2
- name: cn_idc_renter
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 11
- name: cn_link_direction
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 13
- name: cn_fqdn_category
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 5
- name: cn_fqdn_icp
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 4
- name: cn_fqdn_whois
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 6
- name: cn_dns_server
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 3
- name: cn_app_category
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 9
- name: cn_internal_ip
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 12
- name: cn_ioc_darkweb
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 8
- name: cn_ioc_malware
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 7
- name: cn_intelligence_indicator
fs_type: http
fs_path: http://192.168.44.55:9999/v1/knowledge_base
files:
- 16
- name: base_station_location
fs_type: local
fs_path: /data/cn/olap/flink/topology/groot-stream/knowledge/
files:
- base_station_location.csv
- name: cn_rule
fs_type: http
fs_path: http://192.168.44.54:8090
properties:
token: 1a653ea0-d39b-4246-94b0-1ba95db4b6a7
properties:
scheduler.knowledge_base.update.interval.minutes: 5

26
cyber_narrator/upgrade/2024/CN-24.08/groot-stream/1.3.2/24.08.1/udf.plugins Normal file
View File

@@ -0,0 +1,26 @@
com.geedgenetworks.core.udf.AsnLookup
com.geedgenetworks.core.udf.Eval
com.geedgenetworks.core.udf.GenerateStringArray
com.geedgenetworks.core.udf.GeoIpLookup
com.geedgenetworks.core.udf.cn.L7ProtocolAndAppExtract
com.geedgenetworks.core.udf.cn.IdcRenterLookup
com.geedgenetworks.core.udf.cn.LinkDirectionLookup
com.geedgenetworks.core.udf.cn.FqdnCategoryLookup
com.geedgenetworks.core.udf.cn.IcpLookup
com.geedgenetworks.core.udf.cn.FqdnWhoisLookup
com.geedgenetworks.core.udf.cn.DnsServerInfoLookup
com.geedgenetworks.core.udf.cn.AppCategoryLookup
com.geedgenetworks.core.udf.cn.IpZoneLookup
com.geedgenetworks.core.udf.cn.VpnLookup
com.geedgenetworks.core.udf.cn.AnonymityLookup
com.geedgenetworks.core.udf.cn.IocLookup
com.geedgenetworks.core.udf.cn.FieldsMerge
com.geedgenetworks.core.udf.cn.ArrayElementsPrepend
com.geedgenetworks.core.udf.cn.IntelligenceIndicatorLookup
com.geedgenetworks.core.udf.SnowflakeId
com.geedgenetworks.core.udf.UnixTimestampConverter
com.geedgenetworks.core.udf.Domain
com.geedgenetworks.core.udf.cn.BaseStationLookup
com.geedgenetworks.core.udf.cn.H3CellLookup
com.geedgenetworks.core.udf.JsonExtract
com.geedgenetworks.core.udf.Rename

2
cyber_narrator/upgrade/2024/CN-24.08/groot-stream/1.7.0/24.08.1/sd_kafka_to_cn_clickhouse
View File

@@ -168,7 +168,7 @@ processing_pipelines:
output_fields: [ subscriber_tags ]
time_processor:
type: com.geedgenetworks.core.processor.projection.ProjectionProcessorImpl
type: projection
remove_fields:
output_fields:
functions: