TSG-20112，TSG-20099适配功能端日志调整，重构代码

2024-04-03 17:29:22 +08:00
parent fae16e5804
commit 49f1200787
22 changed files with 600 additions and 1522 deletions
--- a/src/test/java/com/zdjizhi/common/NacosTest.java
+++ b/src/test/java/com/zdjizhi/common/NacosTest.java
@@ -1,101 +0,0 @@
-package com.zdjizhi.common;
-
-import com.alibaba.nacos.api.NacosFactory;
-import com.alibaba.nacos.api.PropertyKeyConst;
-import com.alibaba.nacos.api.config.ConfigService;
-import com.alibaba.nacos.api.config.listener.Listener;
-import com.alibaba.nacos.api.exception.NacosException;
-import org.junit.Test;
-
-import java.io.IOException;
-import java.io.StringReader;
-import java.util.Properties;
-import java.util.concurrent.Executor;
-
-
-/**
- * @author qidaijie
- * @Package com.zdjizhi
- * @Description:
- * @date 2022/3/1016:58
- */
-public class NacosTest {
-
-    /**
-     * <dependency>
-     * <groupId>com.alibaba.nacos</groupId>
-     * <artifactId>nacos-client</artifactId>
-     * <version>1.2.0</version>
-     * </dependency>
-     */
-
-    private static Properties properties = new Properties();
-    /**
-     * config data id = config name
-     */
-    private static final String DATA_ID = "dos_baseline.properties";
-    /**
-     * config group
-     */
-    private static final String GROUP = "Galaxy";
-
-    private void getProperties() {
-        properties.setProperty(PropertyKeyConst.SERVER_ADDR, "192.168.44.12:8848");
-        properties.setProperty(PropertyKeyConst.NAMESPACE, "test");
-        properties.setProperty(PropertyKeyConst.USERNAME, "nacos");
-        properties.setProperty(PropertyKeyConst.PASSWORD, "nacos");
-    }
-
-
-    @Test
-    public void GetConfigurationTest() {
-        try {
-            getProperties();
-            ConfigService configService = NacosFactory.createConfigService(properties);
-            String content = configService.getConfig(DATA_ID, GROUP, 5000);
-            Properties nacosConfigMap = new Properties();
-            nacosConfigMap.load(new StringReader(content));
-//            System.out.println(FlowWriteConfig.STATIC_SENSITIVITY_THRESHOLD);
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-
-    }
-
-    @Test
-    public void ListenerConfigurationTest() {
-        getProperties();
-        try {
-            //first get config
-            ConfigService configService = NacosFactory.createConfigService(properties);
-            String config = configService.getConfig(DATA_ID, GROUP, 5000);
-//            System.out.println(config);
-
-            //start listenner
-            configService.addListener(DATA_ID, GROUP, new Listener() {
-                @Override
-                public Executor getExecutor() {
-                    return null;
-                }
-
-                @Override
-                public void receiveConfigInfo(String configMsg) {
-                    System.out.println(configMsg);
-                }
-            });
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
-
-        //keep running,change nacos config,print new config
-        /*
-        while (true) {
-            try {
-                Thread.sleep(5000);
-            } catch (InterruptedException e) {
-                e.printStackTrace();
-            }
-        }
-        */
-    }
-}
--- a/src/test/java/com/zdjizhi/etl/DosDetectionTest.java
+++ b/src/test/java/com/zdjizhi/etl/DosDetectionTest.java
@@ -44,21 +44,21 @@ public class DosDetectionTest {

        DosSketchLog dosSketchLog = new DosSketchLog ();

-        dosSketchLog.setSketch_sessions(68);
-        dosSketchLog.setSketch_packets(68);
-        dosSketchLog.setSketch_bytes(285820);//185.82
+        dosSketchLog.setSessions(68);
+        dosSketchLog.setPkts(68);
+        dosSketchLog.setBytes(285820);//185.82
        dosSketchLog.setVsys_id(1);
        dosSketchLog.setAttack_type("ICMP Flood");
-        dosSketchLog.setSource_ip("45.170.244.25");
-        dosSketchLog.setDestination_ip("24.152.57.56");
+        dosSketchLog.setServer_ip("45.170.244.25");
+        dosSketchLog.setClient_ip("24.152.57.56");
        //静态阈值获取
        long sessionBase = dosDetectionThreshold.getSessions_per_sec();
        long pktBase=dosDetectionThreshold.getPackets_per_sec();
        long bitBase=dosDetectionThreshold.getBits_per_sec();
        //基于速率进行计算
-        long diffSession = dosSketchLog.getSketch_sessions() - sessionBase;
-        long diffPkt = dosSketchLog.getSketch_packets() - pktBase;
-        long diffByte = dosSketchLog.getSketch_bytes() - bitBase;
+        long diffSession = dosSketchLog.getSessions() - sessionBase;
+        long diffPkt = dosSketchLog.getPkts() - pktBase;
+        long diffByte = dosSketchLog.getBytes() - bitBase;


        Double diffSessionPercent = getDiffPercent(diffSession, sessionBase)*100;
@@ -85,7 +85,7 @@ public class DosDetectionTest {
    }
    private DosEventLog getDosEventLog(DosSketchLog value, long base, long diff, long profileId, int type, String tag) {
        DosEventLog result = null;
-        String destinationIp = value.getDestination_ip();
+        String destinationIp = value.getServer_ip();
        String attackType = value.getAttack_type();
        if (diff > 0 && base != 0) {
            double percent = getDiffPercent(diff, base);
@@ -94,7 +94,7 @@ public class DosDetectionTest {
            if (severity != Severity.NORMAL) {
                if (type == BASELINE_CONDITION_TYPE && percent < 0.2) {
 //                    logger.debug("当前server IP:{},类型:{},基线值{}百分比{}未超过基线敏感阈值,日志详情\n{}", destinationIp, attackType, base, percent, value);
-                }else if ((type == BASELINE_CONDITION_TYPE || type == SENSITIVITY_CONDITION_TYPE) && value.getSketch_sessions() < staticSensitivityThreshold){
+                }else if ((type == BASELINE_CONDITION_TYPE || type == SENSITIVITY_CONDITION_TYPE) && value.getSessions() < staticSensitivityThreshold){
 //                    logger.debug("当前server IP:{},类型:{},基线值{}百分比{}未超过静态敏感阈值,日志详情\n{}",destinationIp, attackType, base, percent, value);
                }else {
                    result = getResult(value, base, profileId, severity, percent+1, type, tag);
@@ -115,21 +115,21 @@ public class DosDetectionTest {
        DosEventLog dosEventLog = new DosEventLog();
 //        dosEventLog.setLog_id(SnowflakeId.generateId());
        dosEventLog.setVsys_id(value.getVsys_id());
-        dosEventLog.setStart_time(value.getSketch_start_time());
-        dosEventLog.setEnd_time(value.getSketch_start_time() + value.getSketch_duration());
+        dosEventLog.setStart_time(value.getStart_timestamp_ms());
+        dosEventLog.setEnd_time(value.getStart_timestamp_ms() + value.getDuration());
        dosEventLog.setProfile_id(profileId);
        dosEventLog.setAttack_type(value.getAttack_type());
        dosEventLog.setSeverity(severity.severity);
 //        dosEventLog.setConditions(getConditions(PERCENT_INSTANCE.format(percent), base, value.getSketch_sessions(), type, tag));
-        dosEventLog.setConditions(getConditions(percent, base, value.getSketch_sessions(), type, tag,dosEventLog));
-        dosEventLog.setDestination_ip(value.getDestination_ip());
+        dosEventLog.setConditions(getConditions(percent, base, value.getSessions(), type, tag,dosEventLog));
+        dosEventLog.setDestination_ip(value.getServer_ip());
 //        dosEventLog.setDestination_country(IpUtils.ipLookup.countryLookup(value.getDestination_ip()));
-        String ipList = value.getSource_ip();
+        String ipList = value.getClient_ip();
        dosEventLog.setSource_ip_list(ipList);
        dosEventLog.setSource_country_list(getSourceCountryList(ipList));
-        dosEventLog.setSession_rate(value.getSketch_sessions());
-        dosEventLog.setPacket_rate(value.getSketch_packets());
-        dosEventLog.setBit_rate(value.getSketch_bytes());
+        dosEventLog.setSession_rate(value.getSession_rate());
+        dosEventLog.setPacket_rate(value.getPacket_rate());
+        dosEventLog.setBit_rate(value.getBit_rate());
        return dosEventLog;
    }