gfwleak/k18-ntcs-web-ntc
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

流量日志菜单下新增 文件扫描菜单

Browse Source
This commit is contained in:
shangguanyanfei
2019-07-04 18:35:14 +08:00
parent ca84326442
commit 406a5d83cd
9 changed files with 831 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

160
src/main/java/com/nis/domain/log/NtcHttpObjScanResultLog.java Normal file
View File

@@ -0,0 +1,160 @@
package com.nis.domain.log;
import com.nis.util.excel.ExcelField;
/**
*
*文件离线扫描结果 实体类
*
*/
public class NtcHttpObjScanResultLog extends BaseLogEntity<NtcHttpObjScanResultLog> {
private static final long serialVersionUID = -7697668215327123848L;
@ExcelField(title = "URL", sort = 8)
private String url;
@ExcelField(title = "req_hdr_key", sort = 9)
private String reqHdrKey;// 请求头转储文件key
@ExcelField(title = "req_hdr_file", sort = 10)
private String reqHdrFile;
@ExcelField(title = "req_body_key", sort = 11)
private String reqBodyKey;// 请求体转储文件key
@ExcelField(title = "req_body_file", sort = 12)
private String reqBodyFile;
@ExcelField(title = "res_hdr_key", sort = 13)
private String resHdrKey;// 应答头转储文件key
@ExcelField(title = "res_hdr_file", sort = 14)
private String resHdrFile;
@ExcelField(title = "res_body_key", sort = 15)
private String resBodyKey;// 应答体转储文件key
@ExcelField(title = "res_body_file", sort = 16)
private String resBodyFile;
@ExcelField(title = "topic_name", sort = 16)
private String topicName;//原始消息所属的topic
@ExcelField(title = "malware_id", sort = 16)
private Integer malwareId;//恶意文件命中病毒ID
@ExcelField(title = "malware_type", sort = 16)
private String malwareType;//恶意病毒类型
@ExcelField(title = "malware_name", sort = 16)
private String malwareName;//恶意病毒名称
public String getReqHdrFile() {
return reqHdrFile;
}
public void setReqHdrFile(String reqHdrFile) {
this.reqHdrFile = reqHdrFile;
}
public String getReqBodyFile() {
return reqBodyFile;
}
public void setReqBodyFile(String reqBodyFile) {
this.reqBodyFile = reqBodyFile;
}
public String getResHdrFile() {
return resHdrFile;
}
public void setResHdrFile(String resHdrFile) {
this.resHdrFile = resHdrFile;
}
public String getResBodyFile() {
return resBodyFile;
}
public void setResBodyFile(String resBodyFile) {
this.resBodyFile = resBodyFile;
}
public String getUrl() {
return url;
}
public void setUrl(String url) {
this.url = url;
}
public String getReqHdrKey() {
return reqHdrKey;
}
public void setReqHdrKey(String reqHdrKey) {
this.reqHdrKey = reqHdrKey;
}
public String getReqBodyKey() {
return reqBodyKey;
}
public void setReqBodyKey(String reqBodyKey) {
this.reqBodyKey = reqBodyKey;
}
public String getResHdrKey() {
return resHdrKey;
}
public void setResHdrKey(String resHdrKey) {
this.resHdrKey = resHdrKey;
}
public String getResBodyKey() {
return resBodyKey;
}
public void setResBodyKey(String resBodyKey) {
this.resBodyKey = resBodyKey;
}
public String getTopicName() {
return topicName;
}
public void setTopicName(String topicName) {
this.topicName = topicName;
}
public Integer getMalwareId() {
return malwareId;
}
public void setMalwareId(Integer malwareId) {
this.malwareId = malwareId;
}
public String getMalwareType() {
return malwareType;
}
public void setMalwareType(String malwareType) {
this.malwareType = malwareType;
}
public String getMalwareName() {
return malwareName;
}
public void setMalwareName(String malwareName) {
this.malwareName = malwareName;
}
}

5
src/main/java/com/nis/util/Constants.java
View File

@@ -795,4 +795,9 @@ public final class Constants {
* 管理员用户预警查询服务配置总量接口
*/
public static final String CONFIG_BY_SERVICE = Configurations.getStringProperty("getConfigByService","");
/**
* 文件扫描结果接口
*/
public static final String NTC_HTTP_OBJSCAN_RESULT_LOGS = Configurations.getStringProperty("ntcHttpObjscanResultLogs","");
}

175
src/main/java/com/nis/web/controller/log/ntc/HttpObjScanResultLogController.java Normal file
View File

@@ -0,0 +1,175 @@
package com.nis.web.controller.log.ntc;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.reflect.TypeToken;
import com.nis.domain.FunctionServiceDict;
import com.nis.domain.Page;
import com.nis.domain.PageLog;
import com.nis.domain.SysUser;
import com.nis.domain.log.NtcHttpObjScanResultLog;
import com.nis.domain.maat.LogRecvData;
import com.nis.util.Constants;
import com.nis.util.DictUtils;
import com.nis.util.LogUtils;
import com.nis.util.httpclient.HttpClientUtil;
import com.nis.web.controller.BaseController;
import com.nis.web.security.UserUtils;
@Controller
@RequestMapping("${adminPath}/log/ntc/httpObjScanResult")
public class HttpObjScanResultLogController extends BaseController {
@RequestMapping(value = { "list", "" })
public String list(@ModelAttribute("log") NtcHttpObjScanResultLog log, Model model, HttpServletRequest request,
HttpServletResponse response) {
try {
PageLog<NtcHttpObjScanResultLog> page = new PageLog<NtcHttpObjScanResultLog>(request, response);
Map<String, Object> params = new HashMap<String, Object>();
params.put("pageSize", page.getPageSize());
params.put("pageNo", page.getPageNo());
if (StringUtils.isNotBlank(log.getUrl())) {
String httpurl = StringEscapeUtils.unescapeHtml(log.getUrl());
params.put("searchUrl", httpurl);
}
initLogSearchValue(log, params);
if (StringUtils.isNotBlank(log.getdPort())) {
params.put("searchDPort", log.getdPort());
}
if (StringUtils.isNotBlank(log.getsPort())) {
params.put("searchSPort", log.getsPort());
}
if (null != log.getDeviceId()) {
params.put("searchDeviceId", log.getDeviceId());
}
List<FunctionServiceDict> serviceList = DictUtils.getFunctionServiceDictList(log.getFunctionId());
model.addAttribute("serviceList", serviceList);
String url = Constants.LOG_BASE_URL + Constants.NTC_HTTP_OBJSCAN_RESULT_LOGS;
String recv = HttpClientUtil.getMsg(url, params, request);
Gson gson = new GsonBuilder().create();
LogRecvData<NtcHttpObjScanResultLog> fromJson = gson.fromJson(recv,
new TypeToken<LogRecvData<NtcHttpObjScanResultLog>>() {
}.getType());
if (fromJson.getStatus().intValue() == 200) {
Page<NtcHttpObjScanResultLog> data = fromJson.getData();
page.setCount(data.getCount());
page.setLast(data.getLast());
page.setList(data.getList());
List<NtcHttpObjScanResultLog> list = page.getList();
for (NtcHttpObjScanResultLog l : list) {
l.setFunctionId(log.getFunctionId());
setLogAction(l, serviceList);
}
model.addAttribute("page", page);
}
} catch (Exception e) {
logger.error("查询失败", e);
addMessageLog(model, e.getMessage());
LogUtils.saveLog(request, null, e, null);
}
return "/log/ntc/httpObjScanResultList";
}
// 文件离线扫描结果 导出
@RequestMapping(value = "exportHttpObjScanResult")
public void exportHttpObjScanResult(@ModelAttribute("log") NtcHttpObjScanResultLog log, Model model, String hColumns, String type,
HttpServletRequest request, HttpServletResponse response, RedirectAttributes redirectAttributes) {
try {
// export data info
List<String> titleList = new ArrayList<String>();
Map<String, Class<?>> classMap = new HashMap<String, Class<?>>();
Map<String, List> dataMap = new HashMap<String, List>();
Map<String, String> noExportMap = new HashMap<String, String>();
// ---------------------------
PageLog<NtcHttpObjScanResultLog> page = new PageLog<NtcHttpObjScanResultLog>(request, response);
page.setPageNo(1);
page.setPageSize(Constants.MAX_LOG_EXPORT_SIZE);
Map<String, Object> params = new HashMap<String, Object>();
params.put("pageSize", page.getPageSize());
params.put("pageNo", page.getPageNo());
if (StringUtils.isNotBlank(log.getUrl())) {
String httpurl = StringEscapeUtils.unescapeHtml(log.getUrl());
params.put("searchUrl", httpurl);
}
initLogSearchValue(log, params);
if (StringUtils.isNotBlank(log.getdPort())) {
params.put("searchDport", log.getdPort());
}
if (StringUtils.isNotBlank(log.getsPort())) {
params.put("searchSport", log.getsPort());
}
if (null != log.getDeviceId()) {
params.put("searchDeviceId", log.getDeviceId());
}
List<FunctionServiceDict> serviceList = DictUtils.getFunctionServiceDictList(log.getFunctionId());
model.addAttribute("serviceList", serviceList);
String url = Constants.LOG_BASE_URL + Constants.NTC_HTTP_OBJSCAN_RESULT_LOGS;
String recv = HttpClientUtil.getMsg(url, params, request);
List<NtcHttpObjScanResultLog> list = new ArrayList<NtcHttpObjScanResultLog>();
if (StringUtils.isNotBlank(recv)) {
Gson gson = new GsonBuilder().create();
LogRecvData<NtcHttpObjScanResultLog> fromJson = gson.fromJson(recv,
new TypeToken<LogRecvData<NtcHttpObjScanResultLog>>() {
}.getType());
if (fromJson.getStatus().intValue() == 200) {
Page<NtcHttpObjScanResultLog> data = fromJson.getData();
list = data.getList();
}
}
for (NtcHttpObjScanResultLog l : list) {
l.setFunctionId(log.getFunctionId());
setLogAction(l, serviceList);
}
titleList.add("http_obj_scan_result");
classMap.put("http_obj_scan_result", NtcHttpObjScanResultLog.class);
SysUser user = UserUtils.getUser();
if (!user.isAdmin()) {
hColumns += ",scene_file,";
} else {
hColumns += ",";
}
String cfgIndexInfoNoExport = ",action,cfg_id,"
+ hColumns;
noExportMap.put("http_obj_scan_result", cfgIndexInfoNoExport);
dataMap.put("http_obj_scan_result", list);
String timeRange = initLogMap(log, "http_obj_scan_result");
noExportMap.put("timeRange", timeRange);
if ("csv".equals(type)) {
this._exportCsv(model, request, response, redirectAttributes, "http_obj_scan_result", titleList, classMap,
dataMap, noExportMap);
} else {
this._export(model, request, response, redirectAttributes, "http_obj_scan_result", titleList, classMap, dataMap,
noExportMap);
}
} catch (Exception e) {
logger.error("http_obj_scan_result export failed", e);
addMessage(redirectAttributes, "error", "export_failed");
LogUtils.saveLog(request, null, e, null);
}
}
}

7
src/main/resources/messages/message_en.properties
View File

@@ -1527,4 +1527,9 @@ url_group_manage=URL Group Manage
range_cross=Found intersections between Server IP address and Client IP address
app_ip_correlation=APP IP Correlation
public_private_file_error=Public-private key mismatch
https_url_format_tip=URL(http[s]://xxx.xx)
https_url_format_tip=URL(http[s]://xxx.xx)
http_obj_scan_result=File Scan
topic_name=TOPIC NAME
malware_id=MALWARE ID
malware_type=MALWARE TYPE
malware_name=MALWARE NAME

11
src/main/resources/messages/message_ru.properties
View File

@@ -547,7 +547,7 @@ ftp_ip=\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f
dns_ip=\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f DNS IP
dns_domain=\u041a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u0434\u043e\u043c\u0435\u043d\u0430 DNS
action=\u0414\u0435\u0439\u0441\u0442\u0432\u0438\u0435
has_prohibit_delete= только удаляет незаконченные настройки и отменяет проверку конфигурации
has_prohibit_delete=\u807d\u890c\u82af\u8c22\u891c\u6cfb\u82af \u890d\u5199\u90aa\u8c22\u891f\u68b0\u890c \u85aa\u68b0\u87f9\u90aa\u6cfb\u82af\u85aa\u8914\u68b0\u85aa\u85aa\u8918\u68b0 \u85aa\u90aa\u890b\u890c\u8909\u82af\u6cc4\u6cfb\u61c8 \u61c8 \u82af\u890c\u5c51\u68b0\u85aa\u891f\u68b0\u890c \u950c\u8909\u82af\u80c1\u68b0\u8909\u6cfb\u890d \u6cfb\u82af\u85aa\u890e\u61c8\u8c10\u890d\u8909\u90aa\u8911\u61c8\u61c8
has_prohibit_nopass=\u0422\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u043d\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430
has_prohibit_pass=\u0422\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u043d\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430
multiple_keywords_tip=\u041c\u043e\u0436\u043d\u043e \u0432\u0432\u0435\u0441\u0442\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u0441\u043b\u043e\u0432,\u0440\u0430\u0437\u0434\u0435\u043b\u0438\u0442\u0435 \u0438\u0445 \u043a\u043b\u0430\u0432\u0438\u0448\u0435\u0439 "Enter".
@@ -1513,7 +1513,7 @@ admin_user_warn=\u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u04
interface_total=\u041e\u0431\u0449\u0435\u0435 \u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0418\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430
service_total=\u041e\u0431\u0449\u0435\u0435 \u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0421\u0435\u0440\u0432\u0438\u0441\u0430
none_file_tip=\u041f\u043e\u0436\u0430\u043b\u0443\u0439\u0441\u0442\u0430, \u0432\u044b\u0431\u0435\u0440\u0438\u0442\u0435 \u0444\u0430\u0439\u043b%21
the_same_ip_type=IP-\u0430\u0434\u0440\u0435\u0441 \u043A\u043B\u0438\u0435\u043D\u0442\u0430 \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0434\u043E\u043B\u0436\u043D\u044B \u0438\u043C\u0435\u0442\u044C \u043E\u0434\u0438\u043D \u0438 \u0442\u043E\u0442 \u0436\u0435 \u0442\u0438\u043F.
the_same_ip_type=IP-\u0430\u0434\u0440\u0435\u0441 \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0434\u043e\u043b\u0436\u043d\u044b \u0438\u043c\u0435\u0442\u044c \u043e\u0434\u0438\u043d \u0438 \u0442\u043e\u0442 \u0436\u0435 \u0442\u0438\u043f.
src_ip_pattern=\u0424\u043e\u0440\u043c\u0430\u0442 ip \u041a\u043b\u0438\u0435\u043d\u0442\u0430
dest_ip_pattern=\u0424\u043e\u0440\u043c\u0430\u0442 ip \u0421\u0435\u0440\u0432\u0435\u0440\u0430
src_port_pattern=\u0424\u043e\u0440\u043c\u0430\u0442 \u041f\u043e\u0440\u0442\u0430 \u041a\u043b\u0438\u0435\u043d\u0442\u0430
@@ -1530,4 +1530,9 @@ url_group_manage=URL Group Manage
range_cross=\u041d\u0430\u0439\u0434\u0435\u043d\u044b \u043f\u0435\u0440\u0435\u0441\u0435\u0447\u0435\u043d\u0438\u044f \u043c\u0435\u0436\u0434\u0443 ip-\u0430\u0434\u0440\u0435\u0441\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 ip-\u0430\u0434\u0440\u0435\u0441\u043e\u043c \u043a\u043b\u0438\u0435\u043d\u0442\u0430
app_ip_correlation=\u041a\u043e\u0440\u0440\u0435\u043b\u044f\u0446\u0438\u044f ip-\u0430\u0434\u0440\u0435\u0441\u043e\u0432 \u041f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439
public_private_file_error=\u041d\u0435\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0438\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e-\u043f\u0440\u0438\u0432\u0430\u0442\u043d\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430.
https_url_format_tip=URL(http[s]://xxx.xx)
https_url_format_tip=URL(http[s]://xxx.xx)
http_obj_scan_result=File Scan
topic_name=TOPIC NAME
malware_id=MALWARE ID
malware_type=MALWARE TYPE
malware_name=MALWARE NAME

35
src/main/resources/messages/message_zh_CN.properties
View File

@@ -706,7 +706,7 @@ ir_type=\u590d\u7528\u7c7b\u578b
dns_strategy_id=DNS\u7b56\u7565ID
no_strategy=\u9ed8\u8ba4\u7b56\u7565
domain=\u57df\u540d
app_ip_config=APP\u534F\u8BAEIP\u914D\u7F6E
app_ip_config=APP\u534f\u8baeIP\u914d\u7f6e
bytes=\u5b57\u8282
app_http_config=APP HTTP\u7279\u5f81
app_domain_config=APP\u57df\u540d\u7279\u5f81
@@ -1134,10 +1134,10 @@ label_proto_source=\u534f\u8bae\u6765\u6e90
label_behav_source=\u884c\u4e3a\u6765\u6e90
label_app_source=\u5e94\u7528\u6765\u6e90
packet=\u5305
stream=\u6D41
stream=\u6d41
protocol_menu=Protocol
advanced=Advanced
protocol_identify=\u57FA\u7840\u534F\u8BAE
protocol_identify=\u57fa\u7840\u534f\u8bae
MM_FILE_DIGEST=\u6587\u4ef6\u6458\u8981
NTC_ASN_IP=ASN
NTC_STREAMING_MEDIA_URL=URL
@@ -1255,9 +1255,9 @@ user_behavior_data=\u7528\u6237\u7edf\u8ba1
ip_behavior_data=\u7528\u6237IP\u7edf\u8ba1
not_valid_domain=%s\u4e0d\u662f\u4e00\u4e2a\u5408\u6cd5\u57df\u540d
cert_not_match_domain=\u57df\u540d\u4e0e\u6240\u9009\u8bc1\u4e66\u4fe1\u606f\u4e0d\u7b26\u5408\uff01
certificate_file_error=\u8BC1\u4E66\u683C\u5F0F\u9519\u8BEF
certificate_file_error=\u8bc1\u4e66\u683c\u5f0f\u9519\u8bef
PXY_OBJ_TRUSTED_CA_CERT=\u53ef\u4fe1\u8bc1\u4e66
crl_file_error=CRL\u6587\u4EF6\u683C\u5F0F\u9519\u8BEF
crl_file_error=CRL\u6587\u4ef6\u683c\u5f0f\u9519\u8bef
crl_issuer_error=crl\u6587\u4ef6\u7684issuer\u4e0e\u8bc1\u4e66\u6587\u4ef6\u7684issuer\u4e0d\u5339\u914d
cert_name=\u8bc1\u4e66\u540d\u79f0
add_crl_file=Add CRL File
@@ -1508,14 +1508,14 @@ effective=\u6709\u6548
admin_user_warn=\u7ba1\u7406\u5458\u7528\u6237\u9884\u8b66
interface_total=\u754c\u9762\u603b\u91cf
service_total=\u670d\u52a1\u603b\u91cf
unapproved_all=\u5ba1\u6838\u4E0D\u901a\u8fc7\u6240\u6709\u914d\u7f6e!
unapproved_all=\u5ba1\u6838\u4e0d\u901a\u8fc7\u6240\u6709\u914d\u7f6e!
delete_all=\u5220\u9664\u6240\u6709\u914d\u7f6e!
none_file_tip=\u8BF7\u9009\u62E9\u6587\u4EF6!
none_file_tip=\u8bf7\u9009\u62e9\u6587\u4ef6!
the_same_ip_type=\u6e90IP\u4e0e\u76ee\u7684IP\u7684IP\u7c7b\u578b\u5fc5\u987b\u76f8\u540c
src_ip_pattern=\u6E90IP\u683C\u5F0F
dest_ip_pattern=\u76EE\u7684IP\u683C\u5F0F
src_port_pattern=\u6E90\u7AEF\u53E3\u683C\u5F0F
dest_port_pattern=\u76EE\u7684\u7AEF\u53E3\u683C\u5F0F
src_ip_pattern=\u6e90IP\u683c\u5f0f
dest_ip_pattern=\u76ee\u7684IP\u683c\u5f0f
src_port_pattern=\u6e90\u7aef\u53e3\u683c\u5f0f
dest_port_pattern=\u76ee\u7684\u7aef\u53e3\u683c\u5f0f
url_group_configuration=URL \u5206\u7ec4\u914d\u7f6e
dns_keyword_group_configuration=DNS \u5173\u952e\u5b57\u5206\u7ec4\u914d\u7f6e
app_ip_correlation=APP IP \u901a\u8054
@@ -1525,7 +1525,12 @@ common_group=Common \u5206\u7ec4
dns_keyword_group_manage=DNS \u5173\u952e\u5b57\u5206\u7ec4\u7ba1\u7406
old_asn_group_manage=ASN \u5206\u7ec4
url_group_manage=URL \u5206\u7ec4 \u7ba1\u7406
range_cross=\u6E90IP\u4E0E\u76EE\u7684IP\u8303\u56F4\u6709\u4EA4\u53C9
app_ip_correlation=APP\u5173\u8054\u7279\u5F81IP\u914D\u7F6E
public_private_file_error=\u516C\u79C1\u94A5\u8BC1\u4E66\u4E0D\u5339\u914D
https_url_format_tip=URL(http[s]://xxx.xx)
range_cross=\u6e90IP\u4e0e\u76ee\u7684IP\u8303\u56f4\u6709\u4ea4\u53c9
app_ip_correlation=APP\u5173\u8054\u7279\u5f81IP\u914d\u7f6e
public_private_file_error=\u516c\u79c1\u94a5\u8bc1\u4e66\u4e0d\u5339\u914d
https_url_format_tip=URL(http[s]://xxx.xx)
http_obj_scan_result=\u6587\u4ef6\u626b\u63cf
topic_name=\u4e3b\u9898\u540d\u79f0
malware_id=\u6076\u610f\u75c5\u6bd2ID
malware_type=\u6076\u610f\u75c5\u6bd2\u7c7b\u578b
malware_name=\u6076\u610f\u75c5\u6bd2\u540d\u79f0

4
src/main/resources/nis.properties
View File

@@ -520,4 +520,6 @@ trafficAppBpsTrend=v1/trafficAppBpsTrend
cgiError=cannot connect to vpnserver,Connection to the server has failed,Specified object can not be found,Too many users,User already exists,Too many created users,The destination server is not a VPN server,The connection has been interrupted,
#\u83b7\u53d6\u670d\u52a1\u914d\u7f6e\u603b\u91cf\u63a5\u53e3
getConfigByService=v1/getConfigByService
delAllCfg=v1/delAllConfig
delAllCfg=v1/delAllConfig
#\u6587\u4ef6\u626b\u63cf\u63a5\u53e3
ntcHttpObjscanResultLogs=v1/ntcHttpObjscanResultLogs

3
src/main/resources/sql/20190704/add_sys_menu.sql Normal file
View File

@@ -0,0 +1,3 @@
# 新增日志检索->流量日志->文件扫描结果
INSERT INTO `sys_menu` (`parent_id`, `parent_ids`, `code`, `name`, `sort`, `href`, `target`, `icon`, `is_show`, `permission`, `create_by`, `create_date`, `update_by`, `update_date`, `remarks`, `del_flag`, `menu_bg`, `quick_action`, `is_top`, `function_id`) VALUES ('1217', '0,1,152,1217,', 'http_obj_scan_result', '文件扫描', '200', '/log/ntc/httpObjScanResult', '', '', '1', '', '1', '2019-07-04 10:34:26', '1', '2019-07-04 10:34:26', '', '1', NULL, '0', '0', NULL);

451
src/main/webapp/WEB-INF/views/log/ntc/httpObjScanResultList.jsp Normal file
View File

@@ -0,0 +1,451 @@
<%@ page contentType="text/html;charset=UTF-8"%>
<%@ include file="/WEB-INF/include/taglib.jsp"%>
<html>
<head>
<title>
<spring:message code="http_obj_scan_result"></spring:message>
</title>
<script>
$(document).ready(function() {
//reset
$("#resetBtn").on("click",function(){
$("select.selectpicker").each(function(){
$(this).selectpicker('val',$(this).find('option:first').val());
$(this).find("option").attr("selected",false);
$(this).find("option:first").attr("selected",true);
});
$(".Wdate").attr("value",'');
$(':input','#searchForm')
.not(':button,:submit,:reset,:hidden')
.attr("value",'');
$("#searchForm")[0].reset();
});
//筛选功能
filterActionInit();
//异步获取voip相关信息
$("span[id^=open]").click(function(){
var openId=$(this).attr("id");
var closeId=$(this).attr("id").replace("open","close");
var index=$(this).attr("id").replace("open","");
$("#"+openId).hide();
$("#"+closeId).show();
var compileId=$(this).attr("compileId");
// var cfgId=$(this).attr("cfgId");
if($("#"+openId).parent().parent().next("tr").hasClass("child")){
$("#"+openId).parent().parent().next("tr").show();
}else{
$.ajax({
type:'post',
async:false,
url:'${ctx}/ntc/website/ajaxHttpSubList',
data:{"compileId":compileId,"index":index},
dataType:"html",
success:function(data){
var subTab="<tr class='child'>"+
"<td colspan='"+($(".table tr").eq(0).children("th").length-1)+"'>";
var html="";
html+="<div class='row'>";
html = html+data;
subTab=subTab+html;
subTab+="</td>";
subTab+="</tr>";
$("#"+openId).parent().parent().after(subTab);
$("div[name='tabTitle"+index+"']").get(0).click();
}
});
}
});
$("span[id^=close]").on("click",function(){
var closeId=$(this).attr("id");
var openId=$(this).attr("id").replace("close","open");
$("#"+closeId).hide();
$("#"+openId).show();
$("#"+closeId).parent().parent().next("tr").hide();
});
});
</script>
</head>
<body>
<div class="page-content">
<div class="theme-panel hidden-xs hidden-sm">
</div>
<h3 class="page-title">
<spring:message code="http_obj_scan_result"/>
</h3>
<h5 class="page-header"></h5>
<div class="col-md-12">
<div class="portlet">
<div class="portlet-body">
<div class="row" >
<form:form id="searchForm" modelAttribute="log" action="${ctx}/log/ntc/httpObjScanResult/list" method="post" class="form-search">
<input id="pageNo" name="pageNo" type="hidden" value="${page.pageNo}"/>
<input id="pageSize" name="pageSize" type="hidden" value="${page.pageSize}"/>
<input id="functionId" name="functionId" type="hidden" value="${log.functionId}"/>
<input id="jboxtCustomValue" type="hidden" value="true"/>
<input id="isLogTotalSearch" name="isLogTotalSearch" type="hidden" value="${log.isLogTotalSearch}"/>
<!-- 筛选按钮展开状态-->
<input id="isFilterAction" name="isFilterAction" type="hidden" value="${log.isFilterAction }"/><sys:tableSort id="orderBy" name="orderBy" value="${page.orderBy}" callback="page();"/>
<!-- 搜索内容与操作按钮栏 -->
<div class="col-md-12">
<div class="pull-left">
<div class="input-group">
<div class="input-group-btn">
<span class="selectpicker form-control" ><spring:message code="begin_date"/></span>
</div>
<%-- <input id="searchFoundStartTime" name="searchFoundStartTime" type="text" readonly="readonly" maxlength="20" class="form-control Wdate input-medium"
value="${log.searchFoundStartTime}" onclick="WdatePicker({onpicked:setTimee,dateFmt:'yyyy-MM-dd HH:mm:ss',isShowClear:true,maxDate:'#F{$dp.$D(\'searchFoundEndTime\')}'});"/> --%>
<input name="searchFoundStartTime" id="searchFoundStartTime" type="text" readonly="readonly" maxlength="20" class="form-control Wdate input-medium"
value="${log.searchFoundStartTime}" onclick="WdatePicker({onpicked:function(){this.onchange()},dateFmt:'yyyy-MM-dd HH:mm:ss',isShowClear:true,maxDate:'#F{\'new Date()\'}'});" onchange="setStartTime('#searchFoundStartTime','#searchFoundEndTime',1,'d','yyyy-MM-dd hh:mm:ss',false)"/>
</div>
</div>
<div class="pull-left">
<div class="input-group">
<div class="input-group-btn">
<span class="selectpicker form-control" ><spring:message code="end_date"/></span>
</div>
<%-- <input id="searchFoundEndTime" name="searchFoundEndTime" type="text" readonly="readonly" maxlength="20" class="form-control Wdate input-medium"
value="${log.searchFoundEndTime}" onclick="WdatePicker({dateFmt:'yyyy-MM-dd HH:mm:ss',isShowClear:true,minDate:'#F{$dp.$D(\'searchFoundStartTime\')}',maxDate:'#F{$dp.$D(\'searchFoundStartTime\',{d:1})}'});"/> --%>
<input name="searchFoundEndTime" id="searchFoundEndTime" type="text" readonly="readonly" maxlength="20" class="form-control Wdate input-medium"
value="${log.searchFoundEndTime}" onclick="WdatePicker({onpicked:function(){this.onchange()},dateFmt:'yyyy-MM-dd HH:mm:ss',isShowClear:true,maxDate:'#F{\'new Date()\'}'});" onchange="setEndTime('#searchFoundStartTime','#searchFoundEndTime',1,'d','yyyy-MM-dd hh:mm:ss',false)"/>
</div>
</div>
<div class="pull-left">
<button type="button" class="btn blue" onClick="return page()"> <i class="fa fa-search"></i> <spring:message code="search"/> </button>
<button type="button" class="btn btn-default" id="resetBtn"> <i class="fa fa-refresh"></i> <spring:message code="reset"/> </button>
<button type="button" class="btn btn-default" id="filter-btn"> <spring:message code="filter"/><i class="fa fa-angle-double-down"></i></button>
</div>
<div class="pull-right">
<div class="btn-group">
<button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown">
<i class="fa fa-wrench"></i> <spring:message code="export"></spring:message>
<i class="fa fa-angle-down"></i>
</button>
<ul class="dropdown-menu pull-right" style="min-width: 110px;" >
<li><sys:delRow url="${ctx}/log/ntc/httpObjScanResult/exportHttpObjScanResult?type=excel" searchUrl="${ctx}/log/ntc/httpObjScanResult/list" id="contentTable" maxRow="10000" label="excel"></sys:delRow></li>
<li><sys:delRow url="${ctx}/log/ntc/httpObjScanResult/exportHttpObjScanResult?type=csv" searchUrl="${ctx}/log/ntc/httpObjScanResult/list" id="contentTable" maxRow="10000" label="csv"></sys:delRow></li>
</ul>
</div>
<a class="btn btn-icon-only btn-default setfields tooltips"
data-container="body" data-placement="top" data-original-title=<spring:message code="custom_columns"/> href="javascript:;">
<i class="icon-wrench"></i>
</a>
</div>
</div>
<!-- 搜索内容与操作按钮栏 -->
<!-- 筛选搜索内容栏默认隐藏-->
<div class="col-md-12 filter-action-select-panle hide" >
<div class="row">
<%-- <div class="col-md-2">
<div class="form-group">
<label><spring:message code="entrance"/></label>
<form:select path="entranceId" class="selectpicker form-control" data-live-search="true" data-live-search-placeholder="search">
<form:option value=""><spring:message code="select"/></form:option>
<c:forEach items="${fns:getDictList('ENTRANCE')}" var="entrance">
<form:option value="${entrance.itemCode}"><spring:message code="${entrance.itemValue}"></spring:message></form:option>
</c:forEach>
</form:select>
</div>
</div> --%>
<div class="col-md-2">
<div class="form-group">
<label><spring:message code="clj_ip"></spring:message></label>
<input name="capIp" type="text" class="form-control" value="${log.capIp }"/>
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label class="control-label"><spring:message code='transport_layer_protocol'/></label>
<form:select path="transProto" class="selectpicker form-control">
<form:option value=""><spring:message code="select"/></form:option>
<c:forEach items="${fns:getDictList('LOG_PROTOCOL')}" var="protocol" >
<form:option value="${protocol.itemCode}"><spring:message code="${protocol.itemValue}"></spring:message></form:option>
</c:forEach>
</form:select>
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label><spring:message code="serverip"></spring:message></label>
<input name="dIp" type="text" class="form-control" value="${log.dIp }"/>
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label><spring:message code="clientip"></spring:message></label>
<input name="sIp" type="text" class="form-control" value="${log.sIp }"/>
</div>
</div>
</div>
<div class="row">
<div class="col-md-2">
<div class="form-group">
<label><spring:message code="server_port"></spring:message></label>
<input name="dPort" type="text" class="form-control logCfgId number" value="${log.dPort }"/>
</div>
</div>
<div class="col-md-2">
<div class="form-group">
<label><spring:message code="client_port"></spring:message></label>
<input name="sPort" type="text" class="form-control logCfgId number" value="${log.sPort }"/>
</div>
</div>
<div class="col-md-4">
<div class="form-group">
<label>URL</label>
<input name="url" type="text" class="form-control" value="${log.url }"/>
</div>
</div>
</div>
</div>
<!-- /筛选搜索内容栏 结束-->
</form:form>
</div>
<sys:message content="${message}"/>
<div class="table-responsive">
<table id="contentTable" class="table table-striped table-bordered table-condensed text-nowrap logTb">
<thead>
<tr>
<th><spring:message code="log"/></th>
<%-- <th class="sort-column cfg_id " isVisible="false" column="cfg_id"><spring:message code="cfg_id"/></th> --%>
<%-- <th class="sort-column service" isVisible="false" column="action"><spring:message code="action"/></th> --%>
<th class="sort-column found_time" column="found_time"><spring:message code="found_time"/></th>
<th class="sort-column recv_time" isVisible="false" column="recv_time"><spring:message code="recv_time"/></th>
<th class="sort-column entrance_id" isVisible="false" column="entrance_id"><spring:message code="entrance_id"/></th>
<th class="sort-column url" column="URL"> URL </th>
<th class="sort-column req_hdr_key" isVisible="false" column="req_hdr_key"><spring:message code="req_hdr_key"/></th>
<th class="sort-column req_hdr_file" column="req_hdr_file"><spring:message code="req_hdr_file"/></th>
<th class="sort-column req_body_key" isVisible="false" column="req_body_key"><spring:message code="req_body_key"/></th>
<th class="sort-column req_body_file" column="req_body_file"><spring:message code="req_body_file"/></th>
<th class="sort-column res_hdr_key" isVisible="false" column="res_hdr_key"><spring:message code="res_hdr_key"/></th>
<th class="sort-column res_hdr_file" column="res_hdr_file"><spring:message code="res_hdr_file"/></th>
<th class="sort-column res_body_key" isVisible="false" column="res_body_key"><spring:message code="res_body_key"/></th>
<th class="sort-column res_body_file" column="res_body_file"><spring:message code="res_body_file"/></th>
<th class="sort-column topic_name" isVisible="false" column="topic_name"><spring:message code="topic_name"/></th>
<th class="sort-column malware_id" isVisible="false" column="malware_id"><spring:message code="malware_id"/></th>
<th class="sort-column malware_type" column="malware_type"><spring:message code="malware_type"/></th>
<th class="sort-column malware_name" column="malware_name"><spring:message code="malware_name"/></th>
<th class="sort-column cap_ip" isVisible="false" column="clj_ip"><spring:message code="clj_ip"/></th>
<th class="sort-column trans_proto" column="transport_layer_protocol"><spring:message code="transport_layer_protocol"/></th>
<th class="sort-column addr_type" column="addr_type"><spring:message code='addr_type'/></th>
<th class="sort-column d_ip" column="server_ip"><spring:message code="server_ip"/></th>
<th class="sort-column s_ip" column="client_ip"><spring:message code="client_ip"/></th>
<th class="sort-column d_port" column="server_port"><spring:message code="server_port"/></th>
<th class="sort-column s_port" column="client_port"><spring:message code="client_port"/></th>
<th class="sort-column device_id" isVisible="false" column="deviceid"><spring:message code="deviceid"/></th>
<th class="sort-column link_id" isVisible="false" column="link_id"><spring:message code="link_id"/></th>
<th class="sort-column encap_type" column="encap_type"><spring:message code="encap_type"/></th>
<th class="sort-column direction" column="direction"><spring:message code="direction"/></th>
<th class="sort-column inner_smac" column="inner_smac"><spring:message code="inner_smac"/></th>
<th class="sort-column inner_dmac" column="inner_dmac"><spring:message code="inner_dmac"/></th>
<th class="sort-column stream_dir" column="stream_type"><spring:message code="stream_type"/></th>
<th class="sort-column addr_list" column="nest_addr_list"><spring:message code="nest_addr_list"/></th>
<th class="sort-column server_locate" column="server_locate"><spring:message code='server_locate'/></th>
<th class="sort-column client_locate" column="client_locate"><spring:message code='client_locate'/></th>
<th class="sort-column s_asn" isVisible="false" column="s_asn"><spring:message code='s_asn'/></th>
<th class="sort-column d_asn" isVisible="false" column="d_asn"><spring:message code='d_asn'/></th>
<th class="sort-column s_subscribe_id" isVisible="false" column="s_subscribe_id"><spring:message code='s_subscribe_id'/></th>
<th class="sort-column d_subscribe_id" isVisible="false" column="d_subscribe_id"><spring:message code='d_subscribe_id'/></th>
<%-- <th class="sort-column user_region" isVisible="false" column="user_region"><spring:message code='user_region'/></th> --%>
<c:if test="${fns:getUser().isAdmin()}"><th class="sort-column scene_file" column="scene_file"><spring:message code='scene_file'/></th></c:if>
</tr>
</thead>
<tbody>
<c:forEach var="log" items="${page.list }" varStatus="status">
<tr>
<td>
<%-- <span id="open${status.index}" class="log-open-cfg" compileId="${log.cfgId }"> ▷ </span><span style="display: none" id="close${status.index}" > ▼ </span> --%>
<a href="javascript:void(0)" name="viewLogInfo" url="${ctx}/ntc/website/ajaxHttpSubList" compileId="${log.cfgId }" ><i class="icon-book-open"></i></a>
<!-- </td> -->
<%-- <td>${log.cfgId }</td> --%>
<td>${log.foundTime }</td>
<td>${log.recvTime}</td>
<td>
<%-- <c:set var="entrances">${log.entranceId }</c:set>
<c:forEach items="${fns:getDictList('ENTRANCE')}" var="dic">
<c:if test="${dic.itemCode eq log.entranceId}">
<c:set var="entrances">${dic.itemValue}</c:set>
</c:if>
</c:forEach>
<spring:message code="${entrances}"/> --%>
${log.entranceId }
</td>
<td>${log.url}</td>
<td>${log.reqHdrKey }</td>
<td>
<c:if test="${fn:startsWith(log.reqHdrFile, 'http')}">
<a href="${log.reqHdrFile}" data-original-title="${log.reqHdrFile}" target="_blank"
class="tooltips" data-flag="false" data-html="true" data-placement="top">
${fn:substring(log.reqHdrFile,0,20) }
</a>
</c:if>
<c:if test="${!fn:startsWith(log.reqHdrFile, 'http') and !empty log.reqHdrFile}">
<a href="http://${log.reqHdrFile}" data-original-title="http://${log.reqHdrFile}" target="_blank"
class="tooltips" data-flag="false" data-html="true" data-placement="top">
http://${fn:substring(log.reqHdrFile,0,20) }
</a>
</c:if>
</td>
<td>${log.reqBodyKey }</td>
<td>
<c:if test="${fn:startsWith(log.reqBodyFile, 'http')}">
<a href="${log.reqBodyFile}" data-original-title="${log.reqBodyFile}" target="_blank"
class="tooltips" data-flag="false" data-html="true" data-placement="top">
${fn:substring(log.reqBodyFile,0,20) }
</a>
</c:if>
<c:if test="${!fn:startsWith(log.reqBodyFile, 'http') and !empty log.reqBodyFile}">
<a href="http://${log.reqBodyFile}" data-original-title="http://${log.reqBodyFile}" target="_blank"
class="tooltips" data-flag="false" data-html="true" data-placement="top">
http://${fn:substring(log.reqBodyFile,0,20) }
</a>
</c:if>
</td>
<td>${log.resHdrKey }</td>
<td>
<c:if test="${fn:startsWith(log.resHdrFile, 'http')}">
<a href="${log.resHdrFile}" data-original-title="${log.resHdrFile}" target="_blank"
class="tooltips" data-flag="false" data-html="true" data-placement="top">
${fn:substring(log.resHdrFile,0,20) }
</a>
</c:if>
<c:if test="${!fn:startsWith(log.resHdrFile, 'http') and !empty log.resHdrFile}">
<a href="http://${log.resHdrFile}" data-original-title="http://${log.resHdrFile}" target="_blank"
class="tooltips" data-flag="false" data-html="true" data-placement="top">
http://${fn:substring(log.resHdrFile,0,20) }
</a>
</c:if>
</td>
<td>${log.resBodyKey }</td>
<td>
<c:if test="${fn:startsWith(log.resBodyFile, 'http')}">
<a href="${log.resBodyFile}" data-original-title="${log.resBodyFile}" target="_blank"
class="tooltips" data-flag="false" data-html="true" data-placement="top">
${fn:substring(log.resBodyFile,0,20) }
</a>
</c:if>
<c:if test="${!fn:startsWith(log.resBodyFile, 'http') and !empty log.resBodyFile}">
<a href="http://${log.resBodyFile}" data-original-title="http://${log.resBodyFile}" target="_blank"
class="tooltips" data-flag="false" data-html="true" data-placement="top">
http://${fn:substring(log.resBodyFile,0,20) }
</a>
</c:if>
</td>
<td >${log.topicName}</td>
<td >${log.malwareId}</td>
<td >${log.malwareType}</td>
<td >${log.malwareName}</td>
<td >${log.capIp}</td>
<td>
<c:set var="transProtos">${log.transProto }</c:set>
<c:forEach items="${fns:getDictList('LOG_PROTOCOL')}" var="dic">
<c:if test="${dic.itemCode eq log.transProto}">
<c:set var="transProtos">${dic.itemValue}</c:set>
</c:if>
</c:forEach>
<spring:message code="${transProtos}"/>
</td>
<td>
<c:set var="addrTypes">${log.addrType }</c:set>
<c:forEach items="${fns:getDictList('IP_TYPE')}" var="dic">
<c:if test="${log.addrType==dic.itemCode}">
<c:set var="addrTypes">${dic.itemValue}</c:set>
</c:if>
</c:forEach>
<spring:message code="${addrTypes}"/>
</td>
<td>${log.dIp}</td>
<td>${log.sIp}</td>
<td>${log.dPort}</td>
<td>${log.sPort}</td>
<td>
<c:set var="deviceIds">${log.deviceId }</c:set>
<c:forEach items="${fns:getDictList('DEVICE')}" var="device">
<c:if test="${device.itemCode eq log.deviceId}">
<c:set var="deviceIds">${device.itemValue}</c:set>
</c:if>
</c:forEach>
<spring:message code="${deviceIds}"/>
</td>
<td>
<c:set var="linkIds">${log.linkId }</c:set>
<c:forEach items="${fns:getDictList('LINK')}" var="link">
<c:if test="${link.itemCode eq log.linkId}">
<c:set var="linkIds">${link.itemValue}</c:set>
</c:if>
</c:forEach>
<spring:message code="${linkIds}"/>
</td>
<td>
<c:set var="encapTypes">${log.encapType }</c:set>
<c:forEach items="${fns:getDictList('ENCAP_TYPE')}" var="encapType">
<c:if test="${encapType.itemCode eq log.encapType}">
<c:set var="encapTypes">${encapType.itemValue}</c:set>
</c:if>
</c:forEach>
<spring:message code="${encapTypes}"/>
</td>
<td>
<c:set var="directions">${log.direction }</c:set>
<c:forEach items="${fns:getDictList('LOG_DIRECTION')}" var="direction">
<c:if test="${direction.itemCode eq log.direction}">
<c:set var="directions">${direction.itemValue}</c:set>
</c:if>
</c:forEach>
<spring:message code="${directions}"/>
</td>
<td>${log.innerSmac }</td>
<td>${log.innerDmac }</td>
<td>
<c:set var="streamDirs">${log.streamDir }</c:set>
<c:forEach items="${fns:getDictList('LOG_STREAM_TYPE')}" var="streamType">
<c:if test="${streamType.itemCode eq log.streamDir}">
<c:set var="streamDirs">${streamType.itemValue}</c:set>
</c:if>
</c:forEach>
<spring:message code="${streamDirs}"/>
</td>
<td>${log.addrList }</td>
<td>${log.serverLocate}</td>
<td>${log.clientLocate}</td>
<td>${log.sAsn}</td>
<td>${log.dAsn}</td>
<td>${log.sSubscribeId}</td>
<td>${log.dSubscribeId}</td>
<%-- <td>${log.userRegion}</td> --%>
<c:if test="${fns:getUser().isAdmin()}"><td>${log.sceneFile}</td></c:if>
</tr>
</c:forEach>
</tbody>
</table>
<div class="page">${page}</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>