diff --git a/bin/maat.conf b/bin/maat.conf index 03d35b3..4e826f0 100644 --- a/bin/maat.conf +++ b/bin/maat.conf @@ -3,8 +3,10 @@ MAAT_MODE=json STAT_SWITCH=1 PERF_SWITCH=1 TABLE_INFO=tsgconf/tsg_static_tableinfo.json -STAT_FILE=tsg_static_maat.status -EFFECT_INTERVAL_S=1 +STAT_FILE=log/master.maat.status +EFFECT_INTERVAL_MS=1000 +GARBAGE_COLLECT_MS=30000 +RULE_UPDATE_CHECK_INTERVAL_MS=1000 REDIS_IP=127.0.0.1 REDIS_PORT_NUM=1 REDIS_PORT=7002 @@ -20,7 +22,7 @@ MAAT_MODE=1 STAT_SWITCH=1 PERF_SWITCH=1 TABLE_INFO=tsgconf/app_sketch_tableinfo.conf -STAT_FILE=app_sketch_maat.status +STAT_FILE=log/app_sketch.maat.status EFFECT_INTERVAL_S=1 REDIS_IP=127.0.0.1 REDIS_PORT_NUM=1 @@ -36,7 +38,7 @@ MAAT_MODE=1 STAT_SWITCH=1 PERF_SWITCH=1 TABLE_INFO=tsgconf/capture_packet_tableinfo.conf -STAT_FILE=capture_packet_maat.status +STAT_FILE=log/capture_packet.maat.status EFFECT_INTERVAL_S=1 REDIS_IP=192.168.44.72 REDIS_PORT_NUM=1 diff --git a/bin/main.conf b/bin/main.conf index 24c7a5d..318cef6 100644 --- a/bin/main.conf +++ b/bin/main.conf @@ -1,13 +1,13 @@ [MAAT] LOG_LEVEL=10 -LOG_PATH="./tsglog/maat/maat.log" +LOG_PATH="log/master.maat.log" PROFILE="./tsgconf/maat.conf" [TSG_LOG] MODE=1 NIC_NAME="lo" LOG_LEVEL=10 -LOG_PATH="./tsglog/tsglog" +LOG_PATH="log/master.kafka" SASL_USERNAME="admin" SASL_PASSWD="galaxy2019" BROKER_LIST="127.0.0.1:9092" @@ -35,7 +35,7 @@ APP_NAME="security_rule_hits" CYCLE=5 TELEGRAF_PORT=8100 TELEGRAF_IP="127.0.0.1" -OUTPUT_PATH="./tsg_statistic.log" +OUTPUT_PATH="log/master.metrics" APP_NAME="network_activity" [APP_METRIC] @@ -48,7 +48,7 @@ APP_NAME="app_metric" CYCLE=30 TELEGRAF_PORT=8125 TELEGRAF_IP="127.0.0.1" -OUTPUT_PATH="./tsg_stat.log" +OUTPUT_PATH="log/master.status" APP_NAME="tsg_master" [SYSTEM] @@ -57,7 +57,7 @@ LOG_LEVEL=10 SCAN_TIME_INTERVAL=5 DEFAULT_POLICY_ID=0 DEFAULT_POLICY_SWITCH=0 -LOG_PATH="./tsglog/tsg_master" +LOG_PATH="log/master.log" APP_BRIDGE_NAME="APP_BRIDGE" POLICY_PRIORITY_LABEL="POLICY_PRIORITY" L7_RPTOCOL_FILE="./tsgconf/tsg_l7_protocol.conf" diff --git a/src/tsg_rule.cpp b/src/tsg_rule.cpp index 3b1164b..7fe3784 100644 --- a/src/tsg_rule.cpp +++ b/src/tsg_rule.cpp @@ -1893,7 +1893,9 @@ struct maat *init_maat_feather(const char* conffile, char* instance_name, char * { int deferred_load=0; char maat_mode[32]={0}; - int effect_interval=60; + int effect_interval_ms=60000; + int rule_update_interval_ms=60000; + int garbage_collect_ms=30000; char effective_range_filename[1024]={0}; char effective_flag[1024]={0}; int output_prometheus=0; @@ -1938,16 +1940,31 @@ struct maat *init_maat_feather(const char* conffile, char* instance_name, char * MESA_load_profile_int_def(conffile, module,"DEFERRED_LOAD", &(deferred_load), 0); MESA_load_profile_string_def(conffile,module,"TABLE_INFO",table_info, sizeof(table_info), ""); MESA_load_profile_string_def(conffile,module,"STAT_FILE",maat_stat_file, sizeof(maat_stat_file), ""); - MESA_load_profile_int_def(conffile, module,"EFFECT_INTERVAL_S", &(effect_interval), 60); - effect_interval*=1000;//convert s to ms + MESA_load_profile_int_def(conffile, module,"EFFECT_INTERVAL_MS", &(effect_interval_ms), 60000); + MESA_load_profile_int_def(conffile, module,"RULE_UPDATE_CHECK_INTERVAL_MS", &(rule_update_interval_ms), 60000); + MESA_load_profile_int_def(conffile, module,"GARBAGE_COLLECT_MS", &(garbage_collect_ms), 60000); struct maat_options *opts=maat_options_new(); size_t thread_max=(size_t)get_thread_count(); maat_options_set_logger(opts, log_path, (enum log_level)_log_level); maat_options_set_caller_thread_number(opts, thread_max); maat_options_set_accept_tags(opts, (const char *)effective_flag); - maat_options_set_rule_effect_interval_ms(opts, effect_interval); + maat_options_set_rule_effect_interval_ms(opts, effect_interval_ms); maat_options_set_instance_name(opts, instance_name); + maat_options_set_foreign_cont_dir(opts, "./alerts_files"); + maat_options_set_stat_file(opts, maat_stat_file); + maat_options_set_rule_update_checking_interval_ms(opts, rule_update_interval_ms); + maat_options_set_gc_timeout_ms(opts, garbage_collect_ms); + + if(maat_stat_on==1) + { + maat_options_set_stat_on(opts); + } + if(maat_perf_on) + { + maat_options_set_perf_on(opts); + } + if(deferred_load==1) { maat_options_set_deferred_load_on(opts);