diff --git a/bin/main.conf b/bin/main.conf index 318cef6..6f949bb 100644 --- a/bin/main.conf +++ b/bin/main.conf @@ -25,28 +25,28 @@ TCP_MIN_BYTES=5 UDP_MIN_PKTS=3 UDP_MIN_BYTES=5 -[SECURITY_HITS] -CYCLE=1000 +[SECURITY_HITS_METRICS] +CYCLE_INTERVAL_MS=1000 TELEGRAF_PORT=8400 TELEGRAF_IP="127.0.0.1" APP_NAME="security_rule_hits" -[STATISTIC] -CYCLE=5 +[NETWORK_METRICS] +CYCLE_INTERVAL_MS=5000 TELEGRAF_PORT=8100 TELEGRAF_IP="127.0.0.1" OUTPUT_PATH="log/master.metrics" APP_NAME="network_activity" -[APP_METRIC] -CYCLE=1000 +[APPLICATION_METRICS] +CYCLE_INTERVAL_MS=1000 TELEGRAF_PORT=8100 TELEGRAF_IP="127.0.0.1" APP_NAME="app_metric" -[FIELD_STAT] -CYCLE=30 -TELEGRAF_PORT=8125 +[MASTER_STATUS] +CYCLE_INTERVAL_MS=30000 +TELEGRAF_PORT=8200 TELEGRAF_IP="127.0.0.1" OUTPUT_PATH="log/master.status" APP_NAME="tsg_master" diff --git a/src/tsg_entry.h b/src/tsg_entry.h index cf1fd88..0fa1d51 100644 --- a/src/tsg_entry.h +++ b/src/tsg_entry.h @@ -98,78 +98,6 @@ struct app_id_dict struct deny_user_region deny_app_para; }; -typedef enum tsg_statis_field_id -{ - STATIS_SESSIONS = 0, - STATIS_ACTIVE_SESSIONS, - STATIS_CLOSE_SESSIONS, - STATIS_IN_BYTES, - STATIS_OUT_BYTES, - STATIS_IN_PACKETS, - STATIS_OUT_PACKETS, - STATIC_ASYMMETRIC_C2S_FLOWS, - STATIC_ASYMMETRIC_S2C_FLOWS, - STATIS_MAX -} tsg_statis_field_id_t; - -enum security_metric_columns -{ - COLUMN_HIT_COUNT = 0, - COLUMN_IN_BYTES, - COLUMN_OUT_BYTES, - COLUMN_IN_PKTS, - COLUMN_OUT_PKTS, - COLUMN_MAX -}; - -enum app_metric_columns -{ - TRAFFIC_APP_SESSIONS = 0, - TRAFFIC_APP_IN_BYTES, - TRAFFIC_APP_OUT_BYTES, - TRAFFIC_APP_IN_PKTS, - TRAFFIC_APP_OUT_PKTS, - TRAFFIC_APP_C2S_PKTS, - TRAFFIC_APP_S2C_PKTS, - TRAFFIC_APP_C2S_BYTES, - TRAFFIC_APP_S2C_BYTES, - TRAFFIC_APP_C2S_FRAGMENTS, - TRAFFIC_APP_S2C_FRAGMENTS, - TRAFFIC_APP_C2S_LOST_BYTES, - TRAFFIC_APP_S2C_LOST_BYTES, - TRAFFIC_APP_C2S_ORDER_PKTS, - TRAFFIC_APP_S2C_ORDER_PKTS, - TRAFFIC_APP_C2S_RETRANSMITTED_PKTS, - TRAFFIC_APP_S2C_RETRANSMITTED_PKTS, - TRAFFIC_APP_C2S_RETRANSMITTED_BYTES, - TRAFFIC_APP_S2C_RETRANSMITTED_BYTES, - TRAFFIC_APP_MAX -}; - -struct tsg_statistic -{ - int vsystem_id; - - int cycle; - int thread_alive; - pthread_t stat_thread_id; - long long statistic_opt[_OPT_TYPE_MAX]; - - int static_table_id; - int static_column_id[STATIS_MAX]; - struct fieldstat_instance *statistic_handle; - - int metric_cycle; - int metric_table_id; - unsigned int security_column_ids[COLUMN_MAX]; - struct fieldstat_dynamic_instance *security_metric_handle; - - int app_metric_cycle; - int app_metric_table_id; - unsigned int app_column_ids[TRAFFIC_APP_MAX]; - struct fieldstat_dynamic_instance *app_metric_handle; -}; - int tsg_metric_init(const char *conffile, void *logger); void tsg_metric_destroy(void); diff --git a/src/tsg_stat.cpp b/src/tsg_stat.cpp index 73549d8..65bfa89 100644 --- a/src/tsg_stat.cpp +++ b/src/tsg_stat.cpp @@ -90,31 +90,51 @@ struct runtime_stat_para g_rt_stat_para={0}; static void stat_update(int column_id, long long increase) { - fieldstat_value_incrby(g_rt_stat_para.fs_instance, column_id, increase); + if(g_rt_stat_para.fs_instance!=NULL) + { + fieldstat_value_incrby(g_rt_stat_para.fs_instance, column_id, increase); + } } void tsg_stat_abort_rule_update(enum RULE_TYPE column_idx, long long increase) { - stat_update(g_rt_stat_para.rule.abort_column_id[column_idx], increase); + if(g_rt_stat_para.fs_instance!=NULL) + { + stat_update(g_rt_stat_para.rule.abort_column_id[column_idx], increase); + } } void tsg_stat_send_rule_update(enum RULE_TYPE column_idx, long long increase) { - stat_update(g_rt_stat_para.rule.send_column_id[column_idx], increase); + if(g_rt_stat_para.fs_instance!=NULL) + { + stat_update(g_rt_stat_para.rule.send_column_id[column_idx], increase); + } } void tsg_stat_sendlog_update(int row_idx, enum LOG_STATUS column_idx, long long increase) { - stat_update(g_rt_stat_para.sendlog.column_id[row_idx][column_idx], increase); + if(g_rt_stat_para.fs_instance!=NULL) + { + stat_update(g_rt_stat_para.sendlog.column_id[row_idx][column_idx], increase); + } } void tsg_stat_log_handle_update(enum LOG_HANDLE column_idx, long long increase) { - stat_update(g_rt_stat_para.tld.column_id[column_idx], increase); + if(g_rt_stat_para.fs_instance!=NULL) + { + stat_update(g_rt_stat_para.tld.column_id[column_idx], increase); + } } void tsg_stat_flow_update(enum STAT_STATUS status, enum FLOW_STAT column_idx, long long increase) { + if(g_rt_stat_para.fs_instance==NULL) + { + return ; + } + switch(status) { case STAT_STATUS_FAIL: @@ -130,6 +150,11 @@ void tsg_stat_flow_update(enum STAT_STATUS status, enum FLOW_STAT column_idx, lo void tsg_stat_sync_ctrl_update(enum STAT_STATUS status, enum CTRL_SYNC column_idx, long long increase) { + if(g_rt_stat_para.fs_instance==NULL) + { + return ; + } + switch(status) { case STAT_STATUS_FAIL: @@ -145,21 +170,35 @@ void tsg_stat_sync_ctrl_update(enum STAT_STATUS status, enum CTRL_SYNC column_id void tsg_stat_sync_exdata_add_update(enum SYNC_EXDATA_ROW row_idx, long long increase) { - stat_update(g_rt_stat_para.exdata.column_id[row_idx][OP_EXDATA_ADD], increase); + if(g_rt_stat_para.fs_instance!=NULL) + { + stat_update(g_rt_stat_para.exdata.column_id[row_idx][OP_EXDATA_ADD], increase); + } } void tsg_stat_sync_exdata_del_update(enum SYNC_EXDATA_ROW row_idx, long long increase) { - stat_update(g_rt_stat_para.exdata.column_id[row_idx][OP_EXDATA_DEL], increase); + if(g_rt_stat_para.fs_instance!=NULL) + { + stat_update(g_rt_stat_para.exdata.column_id[row_idx][OP_EXDATA_DEL], increase); + } } void tsg_stat_sync_application_update(enum SYNC_APP column_idx, long long increase) { - stat_update(g_rt_stat_para.app.column_id[column_idx], increase); + if(g_rt_stat_para.fs_instance!=NULL) + { + stat_update(g_rt_stat_para.app.column_id[column_idx], increase); + } } void tsg_stat_ctrl_service_activing_update(enum STAT_STATUS status, enum CTRL_SERVICE column_idx, long long increase) { + if(g_rt_stat_para.fs_instance==NULL) + { + return ; + } + switch(status) { case STAT_STATUS_FAIL: @@ -175,6 +214,11 @@ void tsg_stat_ctrl_service_activing_update(enum STAT_STATUS status, enum CTRL_SE void tsg_stat_ctrl_service_updating_update(enum STAT_STATUS status, enum CTRL_SERVICE column_idx, long long increase) { + if(g_rt_stat_para.fs_instance==NULL) + { + return ; + } + switch(status) { case STAT_STATUS_FAIL: @@ -190,23 +234,29 @@ void tsg_stat_ctrl_service_updating_update(enum STAT_STATUS status, enum CTRL_SE int tsg_stat_create(const char *conffile) { - int cycle=0,vsystem_id=0; + int cycle_interval_ms=0,vsystem_id=0; unsigned short fs_server_port=0; char instance_name[128]={0}; char fs_server_ip[32]={0}; char fs_output_path[128]={0}; - MESA_load_profile_int_def(conffile, "FIELD_STAT", "CYCLE", &cycle, 30000); - MESA_load_profile_short_nodef(conffile, "FIELD_STAT","TELEGRAF_PORT", (short *)&(fs_server_port)); - MESA_load_profile_string_nodef(conffile,"FIELD_STAT","TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip)); - MESA_load_profile_string_def(conffile,"FIELD_STAT","OUTPUT_PATH",fs_output_path, sizeof(fs_output_path), "master.status"); - MESA_load_profile_string_def(conffile,"FIELD_STAT","INSTANCE_NAME", instance_name, sizeof(instance_name), "tsg_master"); + MESA_load_profile_int_def(conffile, "MASTER_STATUS", "CYCLE_INTERVAL_MS", &cycle_interval_ms, 30000); + if(cycle_interval_ms<=0) + { + return 0; + } + MESA_load_profile_int_def(conffile, "TSG_LOG", "VSYSTEM_ID", &vsystem_id, 1); + MESA_load_profile_short_nodef(conffile, "MASTER_STATUS","TELEGRAF_PORT", (short *)&(fs_server_port)); + MESA_load_profile_string_nodef(conffile,"MASTER_STATUS","TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip)); + MESA_load_profile_string_def(conffile,"MASTER_STATUS","OUTPUT_PATH",fs_output_path, sizeof(fs_output_path), "master.status"); + MESA_load_profile_string_def(conffile,"MASTER_STATUS","INSTANCE_NAME", instance_name, sizeof(instance_name), "tsg_master"); + //memset(&(g_rt_stat_para), 0, sizeof(struct runtime_stat_para)); g_rt_stat_para.fs_instance=fieldstat_instance_new(instance_name); - fieldstat_set_output_interval(g_rt_stat_para.fs_instance, cycle); + fieldstat_set_output_interval(g_rt_stat_para.fs_instance, cycle_interval_ms); fieldstat_enable_prometheus_output(g_rt_stat_para.fs_instance); fieldstat_set_local_output(g_rt_stat_para.fs_instance, fs_output_path, "default"); @@ -220,6 +270,11 @@ int tsg_stat_create(const char *conffile) int tsg_stat_init(void) { + if(g_rt_stat_para.fs_instance==NULL) + { + return 0; + } + enum field_type exdata_column_type[OP_EXDATA_MAX]={FIELD_TYPE_GAUGE, FIELD_TYPE_GAUGE}; const char *exdata_column_name[OP_EXDATA_MAX]={"add", "del"}; g_rt_stat_para.exdata.table_id=fieldstat_register_table(g_rt_stat_para.fs_instance, "sync_exdata", exdata_column_name, exdata_column_type, OP_EXDATA_MAX); @@ -281,6 +336,11 @@ int tsg_stat_init(void) int tsg_stat_sendlog_row_init(const char *row_name) { + if(g_rt_stat_para.fs_instance==NULL) + { + return 0; + } + int row_idx=g_rt_stat_para.sendlog.max_row_idx; if(row_idx==0) { @@ -301,6 +361,9 @@ int tsg_stat_sendlog_row_init(const char *row_name) void tsg_stat_start(void) { - fieldstat_instance_start(g_rt_stat_para.fs_instance); + if(g_rt_stat_para.fs_instance!=NULL) + { + fieldstat_instance_start(g_rt_stat_para.fs_instance); + } } diff --git a/src/tsg_statistic.cpp b/src/tsg_statistic.cpp index a713c43..a15dc7b 100644 --- a/src/tsg_statistic.cpp +++ b/src/tsg_statistic.cpp @@ -12,7 +12,104 @@ #include "tsg_statistic.h" #include "tsg_send_log_internal.h" -struct tsg_statistic g_tsg_statis_para; +enum NETWORK_TAGS +{ + NETWORK_TAG_VSYS_ID=0, + NETWORK_TAG_MAX +}; + +enum NETWORK_METRICS +{ + NETWORK_SESSIONS=0, + NETWORK_ACTIVE_SESSIONS, + NETWORK_CLOSE_SESSIONS, + NETWORK_IN_BYTES, + NETWORK_OUT_BYTES, + NETWORK_IN_PACKETS, + NETWORK_OUT_PACKETS, + NETWORK_ASYM_C2S_FLOWS, + NETWORK_ASYM_S2C_FLOWS, + NETWORK_METRIC_MAX +}; + +enum SECURYTY_METRICS_COLUMS +{ + SECURITY_COLUMN_HIT_COUNT=0, + SECURITY_COLUMN_IN_BYTES, + SECURITY_COLUMN_OUT_BYTES, + SECURITY_COLUMN_IN_PKTS, + SECURITY_COLUMN_OUT_PKTS, + SECURITY_COLUMN_MAX +}; + +enum APPLICATION_TAGS +{ + APPLICATION_TAG_VSYS_ID=0, + APPLICATION_TAG_PROTOCOL_LABEL, + APPLICATION_TAG_FULL_PATH, + APPLICATION_MAX +}; +enum APPLICATION_METRICS +{ + APPLICATION_SESSIONS=0, + APPLICATION_IN_BYTES, + APPLICATION_OUT_BYTES, + APPLICATION_IN_PKTS, + APPLICATION_OUT_PKTS, + APPLICATION_C2S_PKTS, + APPLICATION_S2C_PKTS, + APPLICATION_C2S_BYTES, + APPLICATION_S2C_BYTES, + APPLICATION_C2S_FRAGMENTS, + APPLICATION_S2C_FRAGMENTS, + APPLICATION_C2S_LOST_BYTES, + APPLICATION_S2C_LOST_BYTES, + APPLICATION_C2S_ORDER_PKTS, + APPLICATION_S2C_ORDER_PKTS, + APPLICATION_C2S_RETRANSMITTED_PKTS, + APPLICATION_S2C_RETRANSMITTED_PKTS, + APPLICATION_C2S_RETRANSMITTED_BYTES, + APPLICATION_S2C_RETRANSMITTED_BYTES, + APPLICATION_METRICS_MAX +}; + + +struct network_metrics +{ + int thread_alive; + int cycle_interval_ms; + pthread_t stat_thread_id; + long long statistic_opt[_OPT_TYPE_MAX]; + + int metrics_table_id; + int metrics_column_id[NETWORK_METRIC_MAX]; + struct fieldstat_instance *metrics_handle; +}; + +struct security_metrics +{ + int cycle_interval_ms; + int metrics_table_id; + unsigned int metrics_column_id[SECURITY_COLUMN_MAX]; + struct fieldstat_dynamic_instance *metrics_handle; +}; + +struct application_metrics +{ + int cycle_interval_ms; + int metrics_table_id; + unsigned int metrics_column_id[APPLICATION_METRICS_MAX]; + struct fieldstat_dynamic_instance *metrics_handle; +}; +struct tsg_statistic_metrics +{ + int vsystem_id; + struct network_metrics fs_network; + struct security_metrics fs_security; + struct application_metrics fs_application; +}; + +struct tsg_statistic_metrics g_tsg_statis_para; enum security_metric_tags { @@ -22,20 +119,6 @@ enum security_metric_tags SECURITY_TAG_MAX }; -enum traffic_metric_tags -{ - TRAFFIC_TAG_VSYS_ID = 0, - TRAFFIC_TAG_MAX -}; - -enum app_metric_tags -{ - APP_TAG_VSYS_ID = 0, - APP_TAG_PROTOCOL_LABEL, - APP_TAG_APP_FULL_PATH, - APP_TAG_MAX -}; - int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_seq) { switch(type) @@ -45,7 +128,7 @@ int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_s case OPT_TYPE_PINNING_YES: case OPT_TYPE_PINNING_NOT: case OPT_TYPE_PINNING_MAYBE: - atomic_add(&(g_tsg_statis_para.statistic_opt[type]), value); + atomic_add(&(g_tsg_statis_para.fs_network.statistic_opt[type]), value); break; default: break; @@ -56,7 +139,7 @@ int tsg_set_statistic_opt(int value, enum _STATISTIC_OPT_TYPE type, int thread_s int tsg_set_intercept_flow(struct maat_rule *p_result, struct traffic_info *traffic_info, int thread_seq) { - if (p_result == NULL || traffic_info == NULL || thread_seq < 0 || thread_seq >= get_thread_count() || p_result->service_id != TSG_SERVICE_INTERCEPT) + if (p_result == NULL || traffic_info == NULL || thread_seq < 0 || g_tsg_statis_para.fs_security.metrics_handle==NULL || p_result->service_id != TSG_SERVICE_INTERCEPT) { return -1; } @@ -66,29 +149,30 @@ int tsg_set_intercept_flow(struct maat_rule *p_result, struct traffic_info *traf security_tags[SECURITY_TAG_ACTION].value_int = p_result->action; security_tags[SECURITY_TAG_VSYS_ID].value_int = p_result->vsys_id; - long long column[COLUMN_MAX]; - size_t n_column_num=COLUMN_MAX; - column[COLUMN_HIT_COUNT]=traffic_info->con_num; - column[COLUMN_IN_BYTES]=traffic_info->in_bytes; - column[COLUMN_OUT_BYTES]=traffic_info->out_bytes; - column[COLUMN_IN_PKTS]=traffic_info->in_packets; - column[COLUMN_OUT_PKTS]=traffic_info->out_packets; + long long column[SECURITY_COLUMN_MAX]; + size_t n_column_num=SECURITY_COLUMN_MAX; + column[SECURITY_COLUMN_HIT_COUNT]=traffic_info->con_num; + column[SECURITY_COLUMN_IN_BYTES]=traffic_info->in_bytes; + column[SECURITY_COLUMN_OUT_BYTES]=traffic_info->out_bytes; + column[SECURITY_COLUMN_IN_PKTS]=traffic_info->in_packets; + column[SECURITY_COLUMN_OUT_PKTS]=traffic_info->out_packets; - fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, "security_rule_hits", column, n_column_num, security_tags, SECURITY_TAG_MAX, thread_seq); + fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.fs_security.metrics_handle, + g_tsg_statis_para.fs_security.metrics_table_id, + "security_rule_hits", + column, + n_column_num, + security_tags, + SECURITY_TAG_MAX, + thread_seq + ); -#if 0 - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_HIT_COUNT], "security_rule_hits", traffic_info->con_num, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq); - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_IN_BYTES], "security_rule_hits", traffic_info->in_bytes, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq); - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_OUT_BYTES], "security_rule_hits", traffic_info->out_bytes, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq); - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_IN_PKTS], "security_rule_hits", traffic_info->in_packets, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq); - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_OUT_PKTS], "security_rule_hits", traffic_info->out_packets, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq); -#endif return 0; } int tsg_set_policy_flow(const struct streaminfo *a_stream, struct maat_rule *p_result, int thread_seq) { - if (a_stream == NULL || p_result == NULL || thread_seq < 0 || thread_seq >= get_thread_count()) + if (a_stream == NULL || p_result == NULL || thread_seq < 0 || g_tsg_statis_para.fs_security.metrics_handle==NULL) { return -1; } @@ -98,48 +182,35 @@ int tsg_set_policy_flow(const struct streaminfo *a_stream, struct maat_rule *p_r security_tags[SECURITY_TAG_ACTION].value_int = p_result->action; security_tags[SECURITY_TAG_VSYS_ID].value_int = p_result->vsys_id; - long long column[COLUMN_MAX]; - size_t n_column_num=COLUMN_MAX; + long long column[SECURITY_COLUMN_MAX]; + size_t n_column_num=SECURITY_COLUMN_MAX; - column[COLUMN_HIT_COUNT]=1; + column[SECURITY_COLUMN_HIT_COUNT]=1; int value_len = sizeof(unsigned long long); - MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_BYTE_RAW, (void *)&(column[COLUMN_IN_BYTES]), &value_len); - MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_PKT, (void *)&(column[COLUMN_IN_PKTS]), &value_len); - MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_BYTE_RAW, (void *)&(column[COLUMN_OUT_BYTES]), &value_len); - MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_PKT, (void *)&(column[COLUMN_OUT_PKTS]), &value_len); + MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_BYTE_RAW, (void *)&(column[SECURITY_COLUMN_IN_BYTES]), &value_len); + MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_PKT, (void *)&(column[SECURITY_COLUMN_IN_PKTS]), &value_len); + MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_BYTE_RAW, (void *)&(column[SECURITY_COLUMN_OUT_BYTES]), &value_len); + MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_PKT, (void *)&(column[SECURITY_COLUMN_OUT_PKTS]), &value_len); - fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, "security_rule_hits", column, n_column_num, security_tags, SECURITY_TAG_MAX, thread_seq); + fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.fs_security.metrics_handle, + g_tsg_statis_para.fs_security.metrics_table_id, + "security_rule_hits", + column, + n_column_num, + security_tags, + SECURITY_TAG_MAX, + thread_seq + ); -#if 0 - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_HIT_COUNT], "security_rule_hits", 1, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq); - - unsigned long long value = 0; - value=0; - MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_BYTE_RAW, (void *)&value, &value_len); - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_IN_BYTES], "security_rule_hits", value, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq); - - value=0; - MESA_get_stream_opt(a_stream, MSO_TOTAL_INBOUND_PKT, (void *)&value, &value_len); - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_IN_PKTS], "security_rule_hits", value, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq); - - value=0; - MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_BYTE_RAW, (void *)&value, &value_len); - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_OUT_BYTES], "security_rule_hits", value, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq); - - value=0; - MESA_get_stream_opt(a_stream, MSO_TOTAL_OUTBOUND_PKT, (void *)&value, &value_len); - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_table_id, g_tsg_statis_para.security_column_ids[COLUMN_OUT_PKTS], "security_rule_hits", value, security_tags, (size_t)SECURITY_TAG_MAX, thread_seq); -#endif return 0; } static void *tsg_statistic_thread(void *arg) { - pthread_detach(pthread_self()); - fieldstat_instance_start(g_tsg_statis_para.statistic_handle); + fieldstat_instance_start(g_tsg_statis_para.fs_network.metrics_handle); - while(g_tsg_statis_para.thread_alive) + while(g_tsg_statis_para.fs_network.thread_alive) { long long value=0; long long total_value=0; @@ -161,7 +232,7 @@ static void *tsg_statistic_thread(void *arg) value=0; sapp_get_platform_opt(SPO_UDP_STREAM_CONCURRENT, (void *)&value, &value_len); total_value+=value; - fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_ACTIVE_SESSIONS], total_value); + fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_ACTIVE_SESSIONS], total_value); value=0; total_value=0; @@ -170,7 +241,7 @@ static void *tsg_statistic_thread(void *arg) value=0; sapp_get_platform_opt(SPO_UDP_STREAM_CLOSE, (void *)&value, &value_len); total_value+=value; - fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_CLOSE_SESSIONS], total_value); + fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_CLOSE_SESSIONS], total_value); value=0; total_value=0; @@ -179,23 +250,23 @@ static void *tsg_statistic_thread(void *arg) value = 0; sapp_get_platform_opt(SPO_UDP_STREAM_NEW, (void *)&value, &value_len); total_value+=value; - fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_SESSIONS], total_value); + fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_SESSIONS], total_value); value=0; sapp_get_platform_opt(SPO_TOTAL_INBOUND_BYTE, (void *)&value, &value_len); - fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IN_BYTES], value); + fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_IN_BYTES], value); value = 0; sapp_get_platform_opt(SPO_TOTAL_INBOUND_PKT, (void *)&value, &value_len); - fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_IN_PACKETS], value); + fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_IN_PACKETS], value); value = 0; sapp_get_platform_opt(SPO_TOTAL_OUTBOUND_BYTE, (void *)&value, &value_len); - fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_OUT_BYTES], value); + fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_OUT_BYTES], value); value = 0; sapp_get_platform_opt(SPO_TOTAL_OUTBOUND_PKT, (void *)&value, &value_len); - fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIS_OUT_PACKETS], value); + fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_OUT_PACKETS], value); value = 0; total_value = 0; @@ -204,7 +275,7 @@ static void *tsg_statistic_thread(void *arg) value = 0; sapp_get_platform_opt(SPO_UDP_STREAM_C2S, (void *)&value, &value_len); total_value += value; - fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIC_ASYMMETRIC_C2S_FLOWS], total_value); + fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_ASYM_C2S_FLOWS], total_value); value = 0; total_value = 0; @@ -213,117 +284,68 @@ static void *tsg_statistic_thread(void *arg) value = 0; sapp_get_platform_opt(SPO_UDP_STREAM_S2C, (void *)&value, &value_len); total_value += value; - fieldstat_value_set(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_column_id[STATIC_ASYMMETRIC_S2C_FLOWS], total_value); + fieldstat_value_set(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.metrics_column_id[NETWORK_ASYM_S2C_FLOWS], total_value); - fieldstat_passive_output(g_tsg_statis_para.statistic_handle); + fieldstat_passive_output(g_tsg_statis_para.fs_network.metrics_handle); - sleep(g_tsg_statis_para.cycle); + usleep(g_tsg_statis_para.fs_network.cycle_interval_ms*1000); } + pthread_exit(NULL); return NULL; } int tsg_set_application_metrics(const struct streaminfo *a_stream, const char *l4_protocol, const char *app_full_path, struct traffic_packet_info *app_statis, int thread_seq) { - if (a_stream == NULL || l4_protocol == NULL || app_full_path == NULL || app_statis == NULL) + if (a_stream == NULL || l4_protocol == NULL || app_full_path == NULL || app_statis == NULL || g_tsg_statis_para.fs_application.metrics_handle==NULL) { return -1; } - struct fieldstat_tag app_tags[APP_TAG_MAX] = {{"vsys_id", 0, -1}, {"protocol_label", 2, 0}, {"app_full_path", 2, 0}}; - app_tags[APP_TAG_VSYS_ID].value_int = g_tsg_statis_para.vsystem_id; - app_tags[APP_TAG_PROTOCOL_LABEL].value_str = l4_protocol; - app_tags[APP_TAG_APP_FULL_PATH].value_str = app_full_path; + struct fieldstat_tag app_tags[APPLICATION_MAX] = {{"vsys_id", 0, -1}, {"protocol_label", 2, 0}, {"app_full_path", 2, 0}}; + app_tags[APPLICATION_TAG_VSYS_ID].value_int = g_tsg_statis_para.vsystem_id; + app_tags[APPLICATION_TAG_PROTOCOL_LABEL].value_str = l4_protocol; + app_tags[APPLICATION_TAG_FULL_PATH].value_str = app_full_path; - long long column[TRAFFIC_APP_MAX]; - size_t n_column_num=TRAFFIC_APP_MAX; + long long column[APPLICATION_METRICS_MAX]; + size_t n_column_num=APPLICATION_METRICS_MAX; - column[TRAFFIC_APP_SESSIONS]=app_statis->sessions; - column[TRAFFIC_APP_IN_BYTES]=app_statis->in_bytes; - column[TRAFFIC_APP_OUT_BYTES]=app_statis->out_bytes; - column[TRAFFIC_APP_IN_PKTS]=app_statis->in_pkts; - column[TRAFFIC_APP_OUT_PKTS]=app_statis->out_pkts; - column[TRAFFIC_APP_C2S_PKTS]=app_statis->c2s_pkts; - column[TRAFFIC_APP_S2C_PKTS]=app_statis->s2c_pkts; - column[TRAFFIC_APP_C2S_BYTES]=app_statis->c2s_bytes; - column[TRAFFIC_APP_S2C_BYTES]=app_statis->s2c_bytes; - column[TRAFFIC_APP_C2S_FRAGMENTS]=app_statis->c2s_fragments; - column[TRAFFIC_APP_S2C_FRAGMENTS]=app_statis->s2c_fragments; - column[TRAFFIC_APP_C2S_LOST_BYTES]=app_statis->c2s_tcp_lost_bytes; - column[TRAFFIC_APP_S2C_LOST_BYTES]=app_statis->s2c_tcp_lost_bytes; - column[TRAFFIC_APP_C2S_ORDER_PKTS]=app_statis->c2s_tcp_ooorder_pkts; - column[TRAFFIC_APP_S2C_ORDER_PKTS]=app_statis->s2c_tcp_ooorder_pkts; - column[TRAFFIC_APP_C2S_RETRANSMITTED_PKTS]=app_statis->c2s_tcp_retransmitted_pkts; - column[TRAFFIC_APP_S2C_RETRANSMITTED_PKTS]=app_statis->s2c_tcp_retransmitted_pkts; - column[TRAFFIC_APP_C2S_RETRANSMITTED_BYTES]=app_statis->c2s_tcp_retransmitted_bytes; - column[TRAFFIC_APP_S2C_RETRANSMITTED_BYTES]=app_statis->s2c_tcp_retransmitted_bytes; + column[APPLICATION_SESSIONS]=app_statis->sessions; + column[APPLICATION_IN_BYTES]=app_statis->in_bytes; + column[APPLICATION_OUT_BYTES]=app_statis->out_bytes; + column[APPLICATION_IN_PKTS]=app_statis->in_pkts; + column[APPLICATION_OUT_PKTS]=app_statis->out_pkts; + column[APPLICATION_C2S_PKTS]=app_statis->c2s_pkts; + column[APPLICATION_S2C_PKTS]=app_statis->s2c_pkts; + column[APPLICATION_C2S_BYTES]=app_statis->c2s_bytes; + column[APPLICATION_S2C_BYTES]=app_statis->s2c_bytes; + column[APPLICATION_C2S_FRAGMENTS]=app_statis->c2s_fragments; + column[APPLICATION_S2C_FRAGMENTS]=app_statis->s2c_fragments; + column[APPLICATION_C2S_LOST_BYTES]=app_statis->c2s_tcp_lost_bytes; + column[APPLICATION_S2C_LOST_BYTES]=app_statis->s2c_tcp_lost_bytes; + column[APPLICATION_C2S_ORDER_PKTS]=app_statis->c2s_tcp_ooorder_pkts; + column[APPLICATION_S2C_ORDER_PKTS]=app_statis->s2c_tcp_ooorder_pkts; + column[APPLICATION_C2S_RETRANSMITTED_PKTS]=app_statis->c2s_tcp_retransmitted_pkts; + column[APPLICATION_S2C_RETRANSMITTED_PKTS]=app_statis->s2c_tcp_retransmitted_pkts; + column[APPLICATION_C2S_RETRANSMITTED_BYTES]=app_statis->c2s_tcp_retransmitted_bytes; + column[APPLICATION_S2C_RETRANSMITTED_BYTES]=app_statis->s2c_tcp_retransmitted_bytes; - fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, "traffic_application_protocol_stat", column, n_column_num, app_tags, APP_TAG_MAX, thread_seq); + fieldstat_dynamic_table_row_metric_values_incrby(g_tsg_statis_para.fs_application.metrics_handle, + g_tsg_statis_para.fs_application.metrics_table_id, + "traffic_application_protocol_stat", + column, + n_column_num, + app_tags, + APPLICATION_MAX, + thread_seq + ); -#if 0 - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_SESSIONS], "traffic_application_protocol_stat", - app_statis->sessions, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_IN_BYTES], "traffic_application_protocol_stat", - app_statis->in_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_IN_PKTS], "traffic_application_protocol_stat", - app_statis->in_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_OUT_BYTES], "traffic_application_protocol_stat", - app_statis->out_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_OUT_PKTS], "traffic_application_protocol_stat", - app_statis->out_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_PKTS], "traffic_application_protocol_stat", - app_statis->c2s_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_PKTS], "traffic_application_protocol_stat", - app_statis->s2c_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_BYTES], "traffic_application_protocol_stat", - app_statis->c2s_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_BYTES], "traffic_application_protocol_stat", - app_statis->s2c_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_FRAGMENTS], "traffic_application_protocol_stat", - app_statis->c2s_fragments, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_FRAGMENTS], "traffic_application_protocol_stat", - app_statis->s2c_fragments, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_LOST_BYTES], "traffic_application_protocol_stat", - app_statis->c2s_tcp_lost_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_LOST_BYTES], "traffic_application_protocol_stat", - app_statis->s2c_tcp_lost_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_ORDER_PKTS], "traffic_application_protocol_stat", - app_statis->c2s_tcp_ooorder_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_ORDER_PKTS], "traffic_application_protocol_stat", - app_statis->s2c_tcp_ooorder_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_RETRANSMITTED_PKTS], "traffic_application_protocol_stat", - app_statis->c2s_tcp_retransmitted_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_RETRANSMITTED_PKTS], "traffic_application_protocol_stat", - app_statis->s2c_tcp_retransmitted_pkts, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_C2S_RETRANSMITTED_BYTES], "traffic_application_protocol_stat", - app_statis->c2s_tcp_retransmitted_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq); - - fieldstat_dynamic_table_metric_value_incrby(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_table_id, g_tsg_statis_para.app_column_ids[TRAFFIC_APP_S2C_RETRANSMITTED_BYTES], "traffic_application_protocol_stat", - app_statis->s2c_tcp_retransmitted_bytes, app_tags, (size_t)APP_TAG_MAX, thread_seq); -#endif return 0; } int tsg_security_metric_init(const char *conffile, void *logger) { - if (conffile == NULL || logger == NULL) + if(conffile == NULL || logger == NULL) { return -1; } @@ -333,46 +355,52 @@ int tsg_security_metric_init(const char *conffile, void *logger) char app_name[128]={0}; int thread_num = get_thread_count(); - MESA_load_profile_short_nodef(conffile, "SECURITY_HITS", "TELEGRAF_PORT", (short *)&(fs_server_port)); - MESA_load_profile_string_nodef(conffile,"SECURITY_HITS", "TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip)); - MESA_load_profile_string_def(conffile,"SECURITY_HITS", "APP_NAME", app_name, sizeof(app_name), "metric"); - MESA_load_profile_int_def(conffile, "SECURITY_HITS", "CYCLE", &g_tsg_statis_para.metric_cycle, 1000); - if(g_tsg_statis_para.metric_cycle<=0) + MESA_load_profile_short_nodef(conffile, "SECURITY_HITS_METRICS", "TELEGRAF_PORT", (short *)&(fs_server_port)); + MESA_load_profile_string_nodef(conffile,"SECURITY_HITS_METRICS", "TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip)); + MESA_load_profile_string_def(conffile,"SECURITY_HITS_METRICS", "APP_NAME", app_name, sizeof(app_name), "metric"); + MESA_load_profile_int_def(conffile, "SECURITY_HITS_METRICS", "CYCLE_INTERVAL_MS", &g_tsg_statis_para.fs_security.cycle_interval_ms, 1000); + if(g_tsg_statis_para.fs_security.cycle_interval_ms<=0) { - MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "SECURITY_HITS g_tsg_statis_para.metric_cycle error"); + MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "Disabale secutiry metrics"); + return 0; + } + + g_tsg_statis_para.fs_security.metrics_handle = fieldstat_dynamic_instance_new(app_name, thread_num); + if (g_tsg_statis_para.fs_security.metrics_handle == NULL) + { + MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "SECURITY_HITS_METRICS g_tsg_statis_para.fs_security.metrics_handle error"); return -1; } - g_tsg_statis_para.security_metric_handle = fieldstat_dynamic_instance_new(app_name, thread_num); - if (g_tsg_statis_para.security_metric_handle == NULL) - { - MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "SECURITY_HITS g_tsg_statis_para.security_metric_handle error"); - return -1; - } - - fieldstat_dynamic_set_output_interval(g_tsg_statis_para.security_metric_handle, g_tsg_statis_para.metric_cycle); + fieldstat_dynamic_set_output_interval(g_tsg_statis_para.fs_security.metrics_handle, g_tsg_statis_para.fs_security.cycle_interval_ms); if (fs_server_port > 0 && strlen(fs_server_ip) > 0) { - fieldstat_dynamic_set_line_protocol_server(g_tsg_statis_para.security_metric_handle, fs_server_ip, fs_server_port); + fieldstat_dynamic_set_line_protocol_server(g_tsg_statis_para.fs_security.metrics_handle, fs_server_ip, fs_server_port); } - enum field_type security_metric_type[COLUMN_MAX] = {FIELD_TYPE_COUNTER}; - const char *security_metric_field[COLUMN_MAX] = {"hit_count", "in_bytes", "out_bytes", "in_pkts", "out_pkts"}; - g_tsg_statis_para.metric_table_id = fieldstat_register_dynamic_table(g_tsg_statis_para.security_metric_handle, "security_rule_hits", security_metric_field, security_metric_type, (size_t)COLUMN_MAX, g_tsg_statis_para.security_column_ids); - if(g_tsg_statis_para.metric_table_id<0) + enum field_type security_metric_type[SECURITY_COLUMN_MAX] = {FIELD_TYPE_COUNTER}; + const char *security_metric_field[SECURITY_COLUMN_MAX] = {"hit_count", "in_bytes", "out_bytes", "in_pkts", "out_pkts"}; + g_tsg_statis_para.fs_security.metrics_table_id = fieldstat_register_dynamic_table(g_tsg_statis_para.fs_security.metrics_handle, + "security_rule_hits", + security_metric_field, + security_metric_type, + SECURITY_COLUMN_MAX, + g_tsg_statis_para.fs_security.metrics_column_id + ); + if(g_tsg_statis_para.fs_security.metrics_table_id<0) { - MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "SECURITY_HITS g_tsg_statis_para.metric_table_id error"); + MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "SECURITY_HITS_METRICS g_tsg_statis_para.metric_table_id error"); return -1; } - fieldstat_dynamic_instance_start(g_tsg_statis_para.security_metric_handle); + fieldstat_dynamic_instance_start(g_tsg_statis_para.fs_security.metrics_handle); return 0; } -int tsg_traffic_metric_init(const char *conffile, void *logger) +int tsg_application_metric_init(const char *conffile, void *logger) { - if (conffile == NULL || logger == NULL) + if(conffile == NULL || logger == NULL) { return -1; } @@ -382,113 +410,157 @@ int tsg_traffic_metric_init(const char *conffile, void *logger) char app_name[128] = {0}; int thread_num = get_thread_count(); - MESA_load_profile_short_nodef(conffile, "APP_METRIC", "TELEGRAF_PORT", (short *)&(fs_server_port)); - MESA_load_profile_string_nodef(conffile, "APP_METRIC", "TELEGRAF_IP", fs_server_ip, sizeof(fs_server_ip)); - MESA_load_profile_string_def(conffile, "APP_METRIC", "APP_NAME", app_name, sizeof(app_name), "app_metric"); - MESA_load_profile_int_def(conffile, "APP_METRIC", "CYCLE", &g_tsg_statis_para.app_metric_cycle, 1000); + MESA_load_profile_short_nodef(conffile, "APPLICATION_METRICS", "TELEGRAF_PORT", (short *)&(fs_server_port)); + MESA_load_profile_string_nodef(conffile, "APPLICATION_METRICS", "TELEGRAF_IP", fs_server_ip, sizeof(fs_server_ip)); + MESA_load_profile_string_def(conffile, "APPLICATION_METRICS", "APP_NAME", app_name, sizeof(app_name), "app_metric"); + MESA_load_profile_int_def(conffile, "APPLICATION_METRICS", "CYCLE_INTERVAL_MS", &g_tsg_statis_para.fs_application.cycle_interval_ms, 1000); - if (g_tsg_statis_para.app_metric_cycle <= 0) + if (g_tsg_statis_para.fs_application.cycle_interval_ms <= 0) { - MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "APP_METRIC g_tsg_statis_para.app_metric_cycle error"); - return -1; + MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "Disabale application metrics"); + return 0; } - g_tsg_statis_para.app_metric_handle = fieldstat_dynamic_instance_new(app_name, thread_num); - if(g_tsg_statis_para.app_metric_handle == NULL) + g_tsg_statis_para.fs_application.metrics_handle = fieldstat_dynamic_instance_new(app_name, thread_num); + if(g_tsg_statis_para.fs_application.metrics_handle == NULL) { - MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "APP_METRIC g_tsg_statis_para.app_metric_handle error"); + MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "APPLICATION_METRICS g_tsg_statis_para.fs_application.metrics_handle error"); return -1; } - fieldstat_dynamic_set_output_interval(g_tsg_statis_para.app_metric_handle, g_tsg_statis_para.app_metric_cycle); + fieldstat_dynamic_set_output_interval(g_tsg_statis_para.fs_application.metrics_handle, g_tsg_statis_para.fs_application.cycle_interval_ms); if (fs_server_port > 0 && strlen(fs_server_ip) > 0) { - fieldstat_dynamic_set_line_protocol_server(g_tsg_statis_para.app_metric_handle, fs_server_ip, fs_server_port); + fieldstat_dynamic_set_line_protocol_server(g_tsg_statis_para.fs_application.metrics_handle, fs_server_ip, fs_server_port); } - enum field_type app_metric_type[TRAFFIC_APP_MAX] = {FIELD_TYPE_COUNTER}; - const char *app_metric_field[TRAFFIC_APP_MAX] = {"sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "c2s_pkts", "s2c_pkts", "c2s_bytes", "s2c_bytes", "c2s_fragments", "s2c_fragments", + enum field_type app_metric_type[APPLICATION_METRICS_MAX] = {FIELD_TYPE_COUNTER}; + const char *app_metric_field[APPLICATION_METRICS_MAX] = {"sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "c2s_pkts", "s2c_pkts", "c2s_bytes", "s2c_bytes", "c2s_fragments", "s2c_fragments", "c2s_tcp_lost_bytes", "s2c_tcp_lost_bytes", "c2s_tcp_ooorder_pkts", "s2c_tcp_ooorder_pkts", "c2s_tcp_retransmitted_pkts", "s2c_tcp_retransmitted_pkts", "c2s_tcp_retransmitted_bytes", "s2c_tcp_retransmitted_bytes"}; - g_tsg_statis_para.app_metric_table_id = fieldstat_register_dynamic_table(g_tsg_statis_para.app_metric_handle, "traffic_application_protocol_stat", app_metric_field, app_metric_type, (size_t)TRAFFIC_APP_MAX, g_tsg_statis_para.app_column_ids); - if (g_tsg_statis_para.app_metric_table_id < 0) + g_tsg_statis_para.fs_application.metrics_table_id = fieldstat_register_dynamic_table(g_tsg_statis_para.fs_application.metrics_handle, + "traffic_application_protocol_stat", + app_metric_field, + app_metric_type, + APPLICATION_METRICS_MAX, + g_tsg_statis_para.fs_application.metrics_column_id + ); + if (g_tsg_statis_para.fs_application.metrics_table_id < 0) { MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "APP_METRIC g_tsg_statis_para.app_metric_table_id error"); return -1; } - fieldstat_dynamic_instance_start(g_tsg_statis_para.app_metric_handle); + fieldstat_dynamic_instance_start(g_tsg_statis_para.fs_application.metrics_handle); return 0; } -int tsg_metric_init(const char *conffile, void *logger) +int tsg_network_traffic_metrics_init(const char *conffile, void *logger) { + if(conffile == NULL || logger == NULL) + { + return -1; + } + unsigned short fs_server_port = 0; char app_name[128]={0}; char fs_server_ip[MAX_IPV4_LEN]={0}; char fs_output_path[128]={0}; - memset(&g_tsg_statis_para, 0, sizeof(g_tsg_statis_para)); - - MESA_load_profile_int_def(conffile, "STATISTIC", "CYCLE", &g_tsg_statis_para.cycle, 1); - if(g_tsg_statis_para.cycle<=0) + MESA_load_profile_int_def(conffile, "NETWORK_METRICS", "CYCLE_INTERVAL_MS", &g_tsg_statis_para.fs_network.cycle_interval_ms, 5000); + if(g_tsg_statis_para.fs_network.cycle_interval_ms<=0) { MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "Disabale traffic statistic"); return 0; } - MESA_load_profile_short_nodef(conffile, "STATISTIC", "TELEGRAF_PORT", (short *)&(fs_server_port)); - MESA_load_profile_string_nodef(conffile,"STATISTIC", "TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip)); - MESA_load_profile_string_def(conffile,"STATISTIC", "OUTPUT_PATH",fs_output_path, sizeof(fs_output_path), "statistic.log"); - MESA_load_profile_string_def(conffile, "STATISTIC", "APP_NAME", app_name, sizeof(app_name), "network_activity"); - MESA_load_profile_int_def(conffile, "TSG_LOG", "VSYSTEM_ID", &(g_tsg_statis_para.vsystem_id), 1); + MESA_load_profile_short_nodef(conffile, "NETWORK_METRICS", "TELEGRAF_PORT", (short *)&(fs_server_port)); + MESA_load_profile_string_nodef(conffile,"NETWORK_METRICS", "TELEGRAF_IP",fs_server_ip, sizeof(fs_server_ip)); + MESA_load_profile_string_def(conffile,"NETWORK_METRICS", "OUTPUT_PATH",fs_output_path, sizeof(fs_output_path), "statistic.log"); + MESA_load_profile_string_def(conffile, "NETWORK_METRICS", "APP_NAME", app_name, sizeof(app_name), "network_activity"); - g_tsg_statis_para.statistic_handle = fieldstat_instance_new(app_name); - g_tsg_statis_para.thread_alive=1; + g_tsg_statis_para.fs_network.metrics_handle=fieldstat_instance_new(app_name); + g_tsg_statis_para.fs_network.thread_alive=1; - fieldstat_disable_background_thread(g_tsg_statis_para.statistic_handle); + fieldstat_disable_background_thread(g_tsg_statis_para.fs_network.metrics_handle); - fieldstat_set_output_interval(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.cycle * 1000); - fieldstat_set_local_output(g_tsg_statis_para.statistic_handle, fs_output_path, "default"); + fieldstat_set_output_interval(g_tsg_statis_para.fs_network.metrics_handle, g_tsg_statis_para.fs_network.cycle_interval_ms); + fieldstat_set_local_output(g_tsg_statis_para.fs_network.metrics_handle, fs_output_path, "default"); if (fs_server_port > 0 && strlen(fs_server_ip) > 0) { - fieldstat_set_line_protocol_server(g_tsg_statis_para.statistic_handle, fs_server_ip, fs_server_port); + fieldstat_set_line_protocol_server(g_tsg_statis_para.fs_network.metrics_handle, fs_server_ip, fs_server_port); } - const char *static_column_name[STATIS_MAX] = {"sessions", "active_sessions", "closed_sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "asymmetric_c2s_flows", "asymmetric_s2c_flows"}; + const char *network_column_name[NETWORK_METRIC_MAX] = {"sessions", "active_sessions", "closed_sessions", "in_bytes", "out_bytes", "in_pkts", "out_pkts", "asymmetric_c2s_flows", "asymmetric_s2c_flows"}; - enum field_type static_column_type[STATIS_MAX] = {FIELD_TYPE_COUNTER}; - static_column_type[STATIS_ACTIVE_SESSIONS] = FIELD_TYPE_GAUGE; - struct fieldstat_tag traffic_tags[TRAFFIC_TAG_MAX] = {{"vsys_id", 0, -1}}; - traffic_tags[TRAFFIC_TAG_VSYS_ID].value_int = g_tsg_statis_para.vsystem_id; + enum field_type network_column_type[NETWORK_METRIC_MAX]={FIELD_TYPE_COUNTER}; + network_column_type[NETWORK_ACTIVE_SESSIONS]=FIELD_TYPE_GAUGE; + struct fieldstat_tag traffic_tags[NETWORK_TAG_MAX]={{"vsys_id", 0, -1}}; + traffic_tags[NETWORK_TAG_VSYS_ID].value_int = g_tsg_statis_para.vsystem_id; - g_tsg_statis_para.static_table_id = fieldstat_register_table(g_tsg_statis_para.statistic_handle, app_name, static_column_name, static_column_type, (size_t)(STATIS_MAX)); - fieldstat_register_table_row(g_tsg_statis_para.statistic_handle, g_tsg_statis_para.static_table_id, (const char *)"traffic_general_stat", traffic_tags, (size_t)TRAFFIC_TAG_MAX, g_tsg_statis_para.static_column_id); + g_tsg_statis_para.fs_network.metrics_table_id = fieldstat_register_table(g_tsg_statis_para.fs_network.metrics_handle, app_name, network_column_name, network_column_type, (size_t)(NETWORK_METRIC_MAX)); + fieldstat_register_table_row(g_tsg_statis_para.fs_network.metrics_handle, + g_tsg_statis_para.fs_network.metrics_table_id, + (const char *)"traffic_general_stat", + traffic_tags, + NETWORK_TAG_MAX, + g_tsg_statis_para.fs_network.metrics_column_id + ); - int ret = tsg_security_metric_init(conffile, logger); + pthread_create(&g_tsg_statis_para.fs_network.stat_thread_id, NULL, tsg_statistic_thread, NULL); + + return 0; +} + +int tsg_metric_init(const char *conffile, void *logger) +{ + memset(&g_tsg_statis_para, 0, sizeof(g_tsg_statis_para)); + MESA_load_profile_int_def(conffile, "TSG_LOG", "VSYSTEM_ID", &(g_tsg_statis_para.vsystem_id), 1); + + int ret=tsg_network_traffic_metrics_init(conffile, logger); + if(ret<0) + { + MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "tsg_network_traffic_metrics_init failed ..."); + return -1; + } + + ret=tsg_security_metric_init(conffile, logger); if(ret<0) { MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "tsg_security_metric_init failed ..."); return -1; } - ret = tsg_traffic_metric_init(conffile, logger); - if (ret < 0) + ret=tsg_application_metric_init(conffile, logger); + if(ret<0) { - MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "tsg_traffic_metric_init failed ..."); + MASTER_LOG(logger, RLOG_LV_FATAL, LOG_MODULE_METRICS, "tsg_application_metric_init failed ..."); return -1; } - pthread_create(&g_tsg_statis_para.stat_thread_id, NULL, tsg_statistic_thread, NULL); - return 0; } void tsg_metric_destroy(void) { - g_tsg_statis_para.thread_alive = 0; - sleep(g_tsg_statis_para.cycle+1); - fieldstat_instance_free(g_tsg_statis_para.statistic_handle); + if(g_tsg_statis_para.fs_network.metrics_handle!=NULL) + { + g_tsg_statis_para.fs_network.thread_alive = 0; + usleep((g_tsg_statis_para.fs_network.cycle_interval_ms+1000)*1000); + pthread_join(g_tsg_statis_para.fs_network.stat_thread_id, NULL); + fieldstat_instance_free(g_tsg_statis_para.fs_network.metrics_handle); + } + + if(g_tsg_statis_para.fs_security.metrics_handle!=NULL) + { + fieldstat_dynamic_instance_free(g_tsg_statis_para.fs_security.metrics_handle); + } + + if(g_tsg_statis_para.fs_application.metrics_handle!=NULL) + { + fieldstat_dynamic_instance_free(g_tsg_statis_para.fs_application.metrics_handle); + } + return; }