From 3dc29a07befd0383b286b729606bdc74b7f07e29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=BE=90=E9=B9=8F=E9=A3=9E?= Date: Tue, 31 May 2022 18:00:36 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=B0=E5=A2=9E=E6=A0=B9=E6=8D=AEvsysId?= =?UTF-8?q?=E4=BB=8Ebifang=E8=8E=B7=E5=8F=96=E9=9D=99=E6=80=81=E9=98=88?= =?UTF-8?q?=E5=80=BC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/zdjizhi/common/CommonConfig.java | 2 + .../java/com/zdjizhi/common/DosVsysId.java | 22 ++++++ .../com/zdjizhi/etl/ParseStaticThreshold.java | 77 ++++++++++++++++--- src/main/resources/common.properties | 15 ++-- 4 files changed, 98 insertions(+), 18 deletions(-) create mode 100644 src/main/java/com/zdjizhi/common/DosVsysId.java diff --git a/src/main/java/com/zdjizhi/common/CommonConfig.java b/src/main/java/com/zdjizhi/common/CommonConfig.java index 325bc29..846a2f5 100644 --- a/src/main/java/com/zdjizhi/common/CommonConfig.java +++ b/src/main/java/com/zdjizhi/common/CommonConfig.java @@ -63,6 +63,8 @@ public class CommonConfig { public static final String BIFANG_SERVER_LOGIN_PATH = CommonConfigurations.getStringProperty("bifang.server.login.path"); public static final String BIFANG_SERVER_POLICY_THRESHOLD_PATH = CommonConfigurations.getStringProperty("bifang.server.policy.threshold.path"); + public static final String BIFANG_SERVER_POLICY_VSYSID_PATH = CommonConfigurations.getStringProperty("bifang.server.policy.vaysid.path"); + public static final int HTTP_POOL_MAX_CONNECTION = CommonConfigurations.getIntProperty("http.pool.max.connection"); public static final int HTTP_POOL_MAX_PER_ROUTE = CommonConfigurations.getIntProperty("http.pool.max.per.route"); public static final int HTTP_POOL_REQUEST_TIMEOUT = CommonConfigurations.getIntProperty("http.pool.request.timeout"); diff --git a/src/main/java/com/zdjizhi/common/DosVsysId.java b/src/main/java/com/zdjizhi/common/DosVsysId.java new file mode 100644 index 0000000..27c0eaf --- /dev/null +++ b/src/main/java/com/zdjizhi/common/DosVsysId.java @@ -0,0 +1,22 @@ +package com.zdjizhi.common; + +import java.util.Objects; + +public class DosVsysId { + private int vsysId; + + public int getVsysId() { + return vsysId; + } + + public void setVsysId(int vsysId) { + this.vsysId = vsysId; + } + + @Override + public String toString() { + return "DosVsysId{" + + "vsysId=" + vsysId + + '}'; + } +} diff --git a/src/main/java/com/zdjizhi/etl/ParseStaticThreshold.java b/src/main/java/com/zdjizhi/etl/ParseStaticThreshold.java index 77ff8e9..8bb5ff3 100644 --- a/src/main/java/com/zdjizhi/etl/ParseStaticThreshold.java +++ b/src/main/java/com/zdjizhi/etl/ParseStaticThreshold.java @@ -3,6 +3,7 @@ package com.zdjizhi.etl; import com.fasterxml.jackson.databind.JavaType; import com.zdjizhi.common.CommonConfig; import com.zdjizhi.common.DosDetectionThreshold; +import com.zdjizhi.common.DosVsysId; import com.zdjizhi.utils.HttpClientUtils; import com.zdjizhi.utils.JsonMapper; import inet.ipaddr.IPAddress; @@ -29,6 +30,7 @@ public class ParseStaticThreshold { private static JsonMapper jsonMapperInstance = JsonMapper.getInstance(); private static JavaType hashmapJsonType = jsonMapperInstance.createCollectionType(HashMap.class, String.class, Object.class); private static JavaType thresholdType = jsonMapperInstance.createCollectionType(ArrayList.class, DosDetectionThreshold.class); + private static JavaType vsysIDType = jsonMapperInstance.createCollectionType(ArrayList.class, DosVsysId.class); static { //加载加密登录密码 @@ -99,19 +101,18 @@ public class ParseStaticThreshold { } /** - * 获取静态阈值配置列表 + * 获取vsysId配置列表,只需要拿到id的集合,输出出去即可 * - * @return thresholds + * @return vsysIdList */ - private static ArrayList getDosDetectionThreshold() { - ArrayList thresholds = null; + private static ArrayList getVsysId() { + ArrayList vsysIdList = null; try { URIBuilder uriBuilder = new URIBuilder(CommonConfig.BIFANG_SERVER_URI); HashMap parms = new HashMap<>(); parms.put("pageSize", -1); - parms.put("orderBy", "profileId asc"); - parms.put("isValid", 1); - HttpClientUtils.setUrlWithParams(uriBuilder, CommonConfig.BIFANG_SERVER_POLICY_THRESHOLD_PATH, parms); + parms.put("orderBy", "vsysId desc"); + HttpClientUtils.setUrlWithParams(uriBuilder, CommonConfig.BIFANG_SERVER_POLICY_VSYSID_PATH, parms); String token = CommonConfig.BIFANG_SERVER_TOKEN; if (!HttpClientUtils.ERROR_MESSAGE.equals(token)) { BasicHeader authorization = new BasicHeader("Authorization", token); @@ -125,19 +126,69 @@ public class ParseStaticThreshold { HashMap data = jsonMapperInstance.fromJson(jsonMapperInstance.toJson(resposeMap.get("data")), hashmapJsonType); Object list = data.get("list"); if (list != null) { - thresholds = jsonMapperInstance.fromJson(jsonMapperInstance.toJson(list), thresholdType); - logger.info("获取到静态阈值配置{}条", thresholds.size()); + vsysIdList = jsonMapperInstance.fromJson(jsonMapperInstance.toJson(list), vsysIDType); + logger.info("获取到vsysId{}条", vsysIdList.size()); } else { - logger.warn("静态阈值配置为空"); + logger.warn("vsysIdList为空"); } } else { logger.error(msg); } } } + } catch (Exception e) { + logger.error("获取vsysId失败,请检查bifang服务或登录配置信息 ", e); + } + return vsysIdList; + } + + /** + * 获取静态阈值配置列表,遍历id的集合,并将每个id放入请求体中 + * + * @return thresholds + */ + private static ArrayList getDosDetectionThreshold() { + ArrayList thresholds = null; + ArrayList vsysId = getVsysId(); + try { + if (vsysId != null){ + for (DosVsysId dosVsysId : vsysId) { + URIBuilder uriBuilder = new URIBuilder(CommonConfig.BIFANG_SERVER_URI); + HashMap parms = new HashMap<>(); + parms.put("pageSize", -1); + parms.put("orderBy", "profileId asc"); + parms.put("isValid", 1); + parms.put("vsysId", dosVsysId.getVsysId()); + HttpClientUtils.setUrlWithParams(uriBuilder, CommonConfig.BIFANG_SERVER_POLICY_THRESHOLD_PATH, parms); + String token = CommonConfig.BIFANG_SERVER_TOKEN; + if (!HttpClientUtils.ERROR_MESSAGE.equals(token)) { + BasicHeader authorization = new BasicHeader("Authorization", token); + BasicHeader authorization1 = new BasicHeader("Content-Type", "application/x-www-form-urlencoded"); + String resposeJsonStr = HttpClientUtils.httpGet(uriBuilder.build(), authorization, authorization1); + if (!HttpClientUtils.ERROR_MESSAGE.equals(resposeJsonStr)) { + HashMap resposeMap = jsonMapperInstance.fromJson(resposeJsonStr, hashmapJsonType); + boolean success = (boolean) resposeMap.get("success"); + String msg = resposeMap.get("msg").toString(); + if (success) { + HashMap data = jsonMapperInstance.fromJson(jsonMapperInstance.toJson(resposeMap.get("data")), hashmapJsonType); + Object list = data.get("list"); + if (list != null) { + thresholds = jsonMapperInstance.fromJson(jsonMapperInstance.toJson(list), thresholdType); + logger.info("获取到静态阈值配置{}条", thresholds.size()); + } else { + logger.warn("静态阈值配置为空"); + } + } else { + logger.error(msg); + } + } + } + } + } } catch (Exception e) { logger.error("获取静态阈值配置失败,请检查bifang服务或登录配置信息 ", e); } + return thresholds; } @@ -196,7 +247,8 @@ public class ParseStaticThreshold { } public static void main(String[] args) { - +// ArrayList vsysId = getVsysId(); +// vsysId.forEach(System.out::println); ArrayList dosDetectionThreshold = getDosDetectionThreshold(); dosDetectionThreshold.forEach(System.out::println); @@ -214,7 +266,8 @@ public class ParseStaticThreshold { } System.out.println("------------------------"); } - +// String s = loginBifangServer(); +// System.out.println(s); } diff --git a/src/main/resources/common.properties b/src/main/resources/common.properties index 92d0520..5939a6c 100644 --- a/src/main/resources/common.properties +++ b/src/main/resources/common.properties @@ -22,15 +22,15 @@ kafka.input.group.id=dos-detection-job-220516-1 kafka.output.metric.parallelism=1 #发送kafka metrics topic名 -#kafka.output.metric.topic.name=TRAFFIC-TOP-DESTINATION-IP-METRICS -kafka.output.metric.topic.name=test +kafka.output.metric.topic.name=TRAFFIC-TOP-DESTINATION-IP-METRICS +#kafka.output.metric.topic.name=test #发送kafka event并行度大小 kafka.output.event.parallelism=1 #发送kafka event topic名 -#kafka.output.event.topic.name=DOS-EVENT -kafka.output.event.topic.name=storm-dos-test +kafka.output.event.topic.name=DOS-EVENT +#kafka.output.event.topic.name=storm-dos-test #kafka输出地址 kafka.output.bootstrap.servers=192.168.44.12:9094 @@ -92,8 +92,8 @@ baseline.sessions.severe.threshold=5 baseline.sessions.critical.threshold=8 #bifang服务访问地址 -bifang.server.uri=http://192.168.44.72:80 -#bifang.server.uri=http://192.168.44.3:80 +#bifang.server.uri=http://192.168.44.72:80 +bifang.server.uri=http://192.168.44.3:80 #访问bifang只读权限token,bifang内置,无需修改 bifang.server.token=ed04b942-7df4-4e3d-b9a9-a881ca98a867 @@ -104,6 +104,9 @@ bifang.server.encryptpwd.path=/v1/user/encryptpwd #登录bifang服务路径信息 bifang.server.login.path=/v1/user/login +#获取vaysId路径信息 +bifang.server.policy.vaysid.path=/v1/system/vsys/ + #获取静态阈值路径信息 bifang.server.policy.threshold.path=/v1/policy/profile/DoS/detection/threshold