gfwleak/tango-tsg-master
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

支持拼接app_name和parent_app_name字符串

Browse Source 
修正配置文件
This commit is contained in:
liuxueli
2021-05-11 17:19:41 +08:00
parent 301d13a790
commit ce7120dd6e
13 changed files with 193 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CMakeLists.txt
View File

@@ -49,6 +49,7 @@ install(FILES bin/tsg_static_tableinfo.conf DESTINATION ${CMAKE_INSTALL_PREFIX}/
install(FILES bin/tsg_dynamic_tableinfo.conf DESTINATION ${CMAKE_INSTALL_PREFIX}/tsgconf COMPONENT PROFILE)
install(FILES bin/tsg_log_field.conf DESTINATION ${CMAKE_INSTALL_PREFIX}/tsgconf COMPONENT PROFILE)
install(FILES bin/app_l7_proto_id.conf DESTINATION ${CMAKE_INSTALL_PREFIX}/tsgconf COMPONENT PROFILE)
install(FILES bin/tsg_l7_protocol.conf DESTINATION ${CMAKE_INSTALL_PREFIX}/tsgconf COMPONENT PROFILE)
install(FILES bin/tsg_maat.json DESTINATION ${CMAKE_INSTALL_PREFIX}/tsgconf COMPONENT PROFILE)
install(FILES inc/tsg_send_log.h DESTINATION /opt/MESA/include/tsg COMPONENT HEADER)

4
bin/app_l7_proto_id.conf
View File

@@ -1,8 +1,8 @@
#TYPE1:UCHAR,2:USHORT,3:USTRING,4:ULOG,5:USTRING,6:FILE,7:UBASE64,8:PACKET
#TYPE FIELD VALUE
STRING UNCATEGORIZED 100
STRING UNCATEGORIZED 101
STRING UNKNOWN_OTHER 102
#STRING UNCATEGORIZED 101
#STRING UNKNOWN_OTHER 102
STRING DNS 103
STRING FTP 104
STRING FTPS 105

16
bin/maat.conf
View File

@@ -30,5 +30,21 @@ INC_CFG_DIR=tsgrule/inc/index/
FULL_CFG_DIR=tsgrule/full/index/
EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
[APP_SIGNATURE_MAAT]
MAAT_MODE=1
STAT_SWITCH=1
PERF_SWITCH=1
TABLE_INFO=tsgconf/app_sketch_tableinfo.conf
STAT_FILE=app_sketch_maat.status
EFFECT_INTERVAL_S=1
REDIS_IP=127.0.0.1
REDIS_PORT_NUM=1
REDIS_PORT=7002
REDIS_INDEX=0
JSON_CFG_FILE=tsgconf/app_sketch_maat.json
INC_CFG_DIR=tsgrule/inc/index/
FULL_CFG_DIR=tsgrule/full/index/
EFFECTIVE_RANGE_FILE=/opt/tsg/etc/tsg_device_tag.json
[MAAT]
ACCEPT_TAGS={"tags":[{"tag":"device_id","value":"device_1"}]}

39
bin/main.conf
View File

@@ -1,35 +1,40 @@
[MAAT]
PROFILE=./tsgconf/maat.conf
IP_ADDR_TABLE=TSG_SECURITY_ADDR
SUBSCRIBER_ID_TABLE=TSG_OBJ_SUBSCRIBER_ID
CB_SUBSCRIBER_IP_TABLE=TSG_DYN_SUBSCRIBER_IP
PROFILE="./tsgconf/maat.conf"
IP_ADDR_TABLE="TSG_SECURITY_ADDR"
SUBSCRIBER_ID_TABLE="TSG_OBJ_SUBSCRIBER_ID"
CB_SUBSCRIBER_IP_TABLE="TSG_DYN_SUBSCRIBER_IP"
[TSG_LOG]
MODE=1
NIC_NAME=lo
NIC_NAME="lo"
LOG_LEVEL=10
LOG_PATH=./tsglog/tsglog
BROKER_LIST=127.0.0.1:9092
COMMON_FIELD_FILE=tsgconf/tsg_log_field.conf
LOG_PATH="./tsglog/tsglog"
BROKER_LIST="127.0.0.1:9092"
COMMON_FIELD_FILE="tsgconf/tsg_log_field.conf"
[STATISTIC]
CYCLE=30
TELEGRAF_PORT=8100
TELEGRAF_IP=127.0.0.1
OUTPUT_PATH=./tsg_statistic.log
APP_NAME=statistic
TELEGRAF_IP="127.0.0.1"
OUTPUT_PATH="./tsg_statistic.log"
APP_NAME="statistic"
[FIELD_STAT]
CYCLE=30
TELEGRAF_PORT=8125
TELEGRAF_IP=127.0.0.1
OUTPUT_PATH=./tsg_stat.log
APP_NAME=tsg_master
TELEGRAF_IP="127.0.0.1"
OUTPUT_PATH="./tsg_stat.log"
APP_NAME="tsg_master"
[SYSTEM]
ENTRANCE_ID=18
LOG_LEVEL=10
LOG_PATH=./tsglog/tsg_master
POLICY_PRIORITY_LABEL=POLICY_PRIORITY
SCAN_TIME_INTERVAL=5
DEFAULT_POLICY_ID=0
DEFAULT_POLICY_SWITCH=0
LOG_PATH="./tsglog/tsg_master"
APP_BRIDGE_NAME="APP_BRIDGE"
POLICY_PRIORITY_LABEL="POLICY_PRIORITY"
L7_RPTOCOL_FILE="./tsgconf/tsg_l7_protocol.conf"
DEVICE_ID_COMMAND=hostname | awk -F'-' '{print $3}'| awk -F'ADC' '{print $2}'
DEVICE_SN_FILENAME="/opt/tsg/etc/tsg_sn.json"
DEVICE_ID_COMMAND="hostname | awk -F'-' '{print $3}'| awk -F'ADC' '{print $2}'"

6
bin/tsg_l7_protocol.conf
View File

@@ -1,8 +1,8 @@
#TYPE1:UCHAR,2:USHORT,3:USTRING,4:ULOG,5:USTRING,6:FILE,7:UBASE64,8:PACKET
#TYPE FIELD VALUE
STRING UNCATEGORIZED 15001
STRING UNCATEGORIZED 15002
STRING UNKNOWN_OTHER 15003
#STRING UNCATEGORIZED 15002
#STRING UNKNOWN_OTHER 15003
STRING DNS 32
STRING FTP 45
STRING FTPS 751
@@ -52,4 +52,4 @@ STRING BJNP 2481
STRING LDAP 100
STRING RTMP 337
STRING RTSP 176
STRING ESNI 15009
STRING ESNI 8008

167
bin/tsg_maat.json
View File

@@ -1,149 +1,70 @@
{
"compile_table": "TSG_SECURITY_COMPILE",
"group_table": "GROUP_COMPILE_RELATION",
"group2compile_table": "GROUP_COMPILE_RELATION",
"group2group_table": "GROUP_GROUP_RELATION",
"rules": [
{
"compile_id": 1,
"compile_id": 2,
"service": 0,
"action": 128,
"action": 1,
"do_blacklist": 0,
"do_log": 1,
"effective_rage": 0,
"user_region": "anything",
"user_region": "Virtual",
"is_valid": "yes",
"groups": [
{
"group_name": "IP_ADDR_1",
"regions": [
{
"table_name": "TSG_OBJ_IP_ADDR",
"table_type": "ip_plus",
"table_content": {
"addr_type": "ipv4",
"src_ip": "192.168.100.5",
"mask_src_ip": "255.255.255.255",
"src_port": "0",
"mask_src_port": "65535",
"dst_ip": "0.0.0.0",
"mask_dst_ip": "255.255.255.255",
"dst_port": "0",
"mask_dst_port": "65535",
"protocol": 6,
"direction": "double"
}
}
]
},
{
"group_name": "IP_ADDR_2",
"regions": [
{
"table_name": "TSG_OBJ_IP_ADDR",
"table_type": "ip_plus",
"table_content": {
"addr_type": "ipv4",
"src_ip": "192.168.50.37",
"mask_src_ip": "255.255.255.255",
"src_port": "0",
"mask_src_port": "65535",
"dst_ip": "0.0.0.0",
"mask_dst_ip": "255.255.255.255",
"dst_port": "0",
"mask_dst_port": "65535",
"protocol": 6,
"direction": "double"
}
}
]
},
{
"group_name": "ASN",
"regions": [
{
"table_name": "TSG_OBJ_AS_NUMBER",
"table_type": "expr",
"table_content": {
"keywords": "101",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
},
{
"table_name": "TSG_OBJ_AS_NUMBER",
"table_type": "expr",
"table_content": {
"keywords": "102",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
}
]
},
{
"group_name": "LOCATION",
"regions": [
{
"table_name": "TSG_OBJ_GEO_LOCATION",
"table_type": "expr",
"table_content": {
"keywords": "China",
"expr_type": "none",
"match_method": "sub",
"format": "uncase plain"
}
}
]
}
]
},
{
"compile_id": 5,
"service": 0,
"action": 128,
"do_blacklist": 0,
"do_log": 1,
"effective_rage": 0,
"user_region": "anything",
"is_valid": "yes",
"groups": [
{
"group_name":"IP_ADDR_1",
"group_name":"OBJ_DST_IP_ADDR",
"virtual_table":"TSG_SECURITY_SOURCE_ADDR",
"not_flag":0
"not_flag" : 0,
"regions": [
{
"table_type": "ip_plus",
"table_name": "TSG_OBJ_IP_ADDR",
"table_content": {
"addr_type": "ipv4",
"saddr_format": "range",
"src_ip1": "192.168.41.228",
"src_ip2": "192.168.41.228",
"sport_format": "range",
"src_port1": "0",
"src_port2": "0",
"protocol": 6,
"direction": "double"
}
}
]
},
{
"group_name":"IP_ADDR_2",
"virtual_table":"TSG_SECURITY_DESTINATION_ADDR",
"not_flag":0
"group_name": "HTTP_APP_ID",
"regions": [
{
"table_name": "TSG_OBJ_APP_ID",
"table_type": "intval",
"table_content": {
"low_boundary": 106,
"up_boundary": 106
}
},
{
"group_name":"ASN",
"virtual_table":"TSG_SECURITY_SOURCE_ASN",
"not_flag":0
},
{
"group_name":"LOCATION",
"virtual_table":"TSG_SECURITY_DESTINATION_LOCATION",
"not_flag":0
"table_name": "TSG_OBJ_APP_ID",
"table_type": "intval",
"table_content": {
"low_boundary": 67,
"up_boundary": 67
}
}
]
}
]
}
],
"plugin_table": [
{
"table_name": "TSG_IP_ASN_USER_DEFINED",
"table_name": "APP_ID_DICT",
"table_content": [
"101\t4\t192.168.50.1\t192.168.50.255\t101\tmesa\t1",
"102\t4\t192.168.100.1\t192.168.100.255\t102\tgeedge\t1"
]
},
{
"table_name": "TSG_IP_LOCATION_USER_DEFINED",
"table_content": [
"201\t20100\t4\t192.168.50.1\t192.168.50.255\t11.12\t11.12\t0\ten\tAS\tAsia\tCN\tChina\tBJ\tBeijing\tBeijing\tAsia/Singapore\t1",
"202\t20200\t4\t192.168.100.1\t192.168.100.255\t11.12\t11.12\t0\ten\tAS\tAsia\tCN\tChina\tSH\tShanghai\tShanghai\tAsia/Singapore\t1"
"20002\tUSER_DEFINE\t20000\tparent_name\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1",
"20001\tWhatsApp_video\t20000\tWhatsApp\tcategory\tsubcategory\ttechnology\trisk\tcharacteristics\tnull\tnull\t1\t0\t3600\t3600\t1800\t1800\t1"
]
}
]

2
bin/tsg_static_tableinfo.conf
View File

@@ -72,4 +72,4 @@
60 APP_SELECTOR_ID intval UTF8 UTF8 yes 0
61 TSG_FIELD_SIP_ORIGINATOR_DESCRIPTION virtual TSG_OBJ_ACCOUNT --
62 TSG_FIELD_SIP_RESPONDER_DESCRIPTION virtual TSG_OBJ_ACCOUNT --
63 APP_ID_DICT plugin {"key":1,"valid":16}
63 APP_ID_DICT plugin {"key":1,"valid":18}

4
inc/tsg_rule.h
View File

@@ -55,6 +55,7 @@ struct app_id_dict_table
{
int ref_cnt;
int app_id;
int parent_app_id;
int deny_action;
int continue_scanning;
int tcp_timeout;
@@ -64,6 +65,7 @@ struct app_id_dict_table
int is_valid;
char risk[MAX_APP_ID_PROPERTY_LEN*4];
char app_name[MAX_APP_ID_PROPERTY_LEN];
char parent_app_name[MAX_APP_ID_PROPERTY_LEN];
char category[MAX_APP_ID_PROPERTY_LEN*4];
char subcategroy[MAX_APP_ID_PROPERTY_LEN*4];
char technology[MAX_APP_ID_PROPERTY_LEN*4];
@@ -85,5 +87,7 @@ struct Maat_rule_t *tsg_fetch_deny_rule(Maat_rule_t *result, int result_num);
int tsg_get_method_id(char *method);
int tsg_get_fqdn_category_id(Maat_feather_t maat_feather, char *fqdn, unsigned int *category_id, int category_id_num, void *logger, int thread_seq);
int tsg_scan_app_id_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *name, unsigned int id, int thread_seq);
int tsg_scan_fqdn_category_id(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, int table_id, unsigned int *category_id, int category_id_num, int thread_seq);
#endif

2
inc/tsg_send_log.h
View File

@@ -36,5 +36,7 @@ int TLD_cancel(struct TLD_handle_t *handle);
int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handle, tsg_log_t *log_msg, int thread_id);
unsigned long long tsg_get_stream_id(struct streaminfo *a_stream);
char *tsg_l7_protocol_id2name(unsigned int l7_protocol_id);
unsigned int tsg_l7_protocol_name2id(const char *l7_protocol_name);
#endif

1
src/tsg_entry.cpp
View File

@@ -1400,7 +1400,6 @@ extern "C" int TSG_MASTER_INIT()
MESA_load_profile_int_def(tsg_conffile, "SYSTEM", "ENTRANCE_ID", &g_tsg_para.entrance_id, 0);
MESA_load_profile_short_def(tsg_conffile, "SYSTEM", "TIMEOUT", (short *)&g_tsg_para.timeout, 300);
MESA_load_profile_int_def(tsg_conffile, "SYSTEM", "MAIL_PROTOCOL_ID",&(g_tsg_para.mail_proto_id), 110);
MESA_load_profile_int_def(tsg_conffile, "SYSTEM", "SCAN_TIME_INTERVAL", &g_tsg_para.scan_time_interval, 5);
MESA_load_profile_string_def(tsg_conffile, "SYSTEM", "DEVICE_ID_COMMAND", g_tsg_para.device_id_command, sizeof(g_tsg_para.device_id_command), NULL);

10
src/tsg_entry.h
View File

@@ -108,7 +108,6 @@ struct l7_protocol
UT_hash_handle hh2; /* handle for second hash table */
};
struct _fqdn_category_t
{
int ref_cnt;
@@ -132,7 +131,6 @@ struct master_context
typedef struct _tsg_para
{
int level;
int mail_proto_id;
unsigned short timeout;
int app_id_table_type;
int device_id;
@@ -247,6 +245,9 @@ typedef struct _tsg_statistic
int tsg_statistic_init(const char *conffile, void *logger);
//parent_app_name.app_name
int tsg_app_id2name(int app_id, char *app_name, int app_name_len, int is_joint_parent);
void location_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
void ASN_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
void subscribe_id_free_data(int table_id, MAAT_PLUGIN_EX_DATA* ad, long argl, void* argp);
@@ -255,12 +256,7 @@ void security_compile_free(int idx, const struct Maat_rule_t* rule, const char*
struct Maat_rule_t *tsg_policy_decision_criteria(struct streaminfo *a_stream, Maat_rule_t *result, int result_num, int thread_seq);
int tsg_scan_addr(Maat_feather_t maat_feather, const struct streaminfo *a_stream, tsg_protocol_t proto, scan_status_t *mid, Maat_rule_t*result, int result_num);
int tsg_scan_shared_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, char *domain, Maat_rule_t *result, int result_num, scan_status_t *mid, int table_id, int thread_seq);
int tsg_scan_app_id_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *name, unsigned int id, int thread_seq);
int tsg_scan_app_properties_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, char *property, char *district, int thread_seq);
int tsg_scan_subscribe_id_policy(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, struct _subscribe_id_info_t *user_info, int thread_seq);
int tsg_scan_fqdn_category_id(Maat_feather_t maat_feather, const struct streaminfo *a_stream, struct Maat_rule_t *result, int result_num, scan_status_t *mid, int table_id, unsigned int *category_id, int category_id_num, int thread_seq);
unsigned int tsg_l7_protocol_name2id(const char *l7_protocol_name);
char *tsg_l7_protocol_id2name(unsigned int l7_protocol_id);
#endif

40
src/tsg_rule.cpp
View File

@@ -448,9 +448,11 @@ static void app_id_dict_new_data(int table_id, const char* key, const char* tabl
app_id_dict=(struct app_id_dict_table *)calloc(1, sizeof(struct app_id_dict_table));
ret=sscanf(table_line,
"%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%d",
"%d\t%s\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%d\t%d\t%d\t%d\t%d",
&app_id_dict->app_id,
app_id_dict->app_name,
&app_id_dict->parent_app_id,
app_id_dict->parent_app_name,
app_id_dict->category,
app_id_dict->subcategroy,
app_id_dict->technology,
@@ -465,7 +467,7 @@ static void app_id_dict_new_data(int table_id, const char* key, const char* tabl
&app_id_dict->tcp_half_close,
&app_id_dict->tcp_time_wait,
&app_id_dict->is_valid);
if(ret!=16)
if(ret!=18)
{
free(app_id_dict);
app_id_dict=NULL;
@@ -483,6 +485,7 @@ static void app_id_dict_new_data(int table_id, const char* key, const char* tabl
atomic_inc(&app_id_dict->ref_cnt);
eliminate_default_value(app_id_dict->app_name);
eliminate_default_value(app_id_dict->parent_app_name);
eliminate_default_value(app_id_dict->category);
eliminate_default_value(app_id_dict->subcategroy);
eliminate_default_value(app_id_dict->technology);
@@ -1613,3 +1616,36 @@ int tsg_scan_subscribe_id_policy(Maat_feather_t maat_feather, const struct strea
return 0;
}
int tsg_app_id2name(int app_id, char *app_name, int app_name_len, int is_joint_parent)
{
int offset=0;
char app_id_buff[128]={0};
struct app_id_dict_table *dict=NULL;
if(app_id<=0 || app_name==NULL || app_name_len<=0)
{
return offset;
}
snprintf(app_id_buff, sizeof(app_id_buff), "%d", app_id);
dict=(struct app_id_dict_table *)Maat_plugin_get_EX_data(g_tsg_maat_feather, g_tsg_para.table_id[TABLE_APP_ID_DICT], (const char *)app_id_buff);
if(dict!=NULL)
{
if(dict->parent_app_id!=0)
{
offset=snprintf(app_name, app_name_len, "%s.%s", dict->parent_app_name, dict->app_name);
}
else
{
offset=snprintf(app_name, app_name_len, "%s", dict->app_name);
}
app_id_dict_free_data(g_tsg_para.table_id[TABLE_APP_ID_DICT], (MAAT_PLUGIN_EX_DATA *)&dict, 0, NULL);
return offset;
}
return offset;
}

70
src/tsg_send_log.cpp
View File

@@ -291,7 +291,7 @@ static int set_fqdn_category(struct tsg_log_instance_t *_instance, struct TLD_ha
for(i=0; i< category_id_num; i++)
{
offset+=snprintf(category_str+offset, sizeof(category_str)-offset, "%d,", category_id[i]);
offset+=snprintf(category_str+offset, sizeof(category_str)-offset, "%s%d", ((i>0) ? "," : ""), category_id[i]);
}
if(offset>0)
@@ -360,11 +360,25 @@ static int get_l7_protocol(struct app_identify_result *result, char *protocol_li
return 1;
}
static int get_app_id_list(struct app_identify_result *result, char *app_list, int app_list_len, char *surrogate_list, int surrogate_list_len, int *flag)
static int get_app_id_list(struct app_identify_result *result, char *app_list, int app_list_len, char *surrogate_list, int surrogate_list_len)
{
int i=0;
int offset1=0,offset2=0;
for(i=0; i<result->app_id_num; i++)
{
offset1+=snprintf(app_list+offset1, app_list_len-offset1, "APP%d=%d;", result->origin, result->app_id[i]);
offset2+=snprintf(surrogate_list+offset2, surrogate_list_len-offset2, "SURROGATE%d=%d;", result->origin, result->surrogate_id[i]);
}
return 1;
}
static int get_app_name_list(struct app_identify_result *result, char *app_name, int app_name_len, int *flag, int is_joint_parent)
{
int i=0;
int offset=0;
if((*flag)==1)
{
return 0;
@@ -373,8 +387,14 @@ static int get_app_id_list(struct app_identify_result *result, char *app_list, i
for(i=0; i<result->app_id_num; i++)
{
(*flag)=1;
offset1+=snprintf(app_list+offset1, app_list_len-offset1, "%d;", result->app_id[i]);
offset2+=snprintf(surrogate_list+offset2, surrogate_list_len-offset2, "%d;", result->surrogate_id[i]);
if(i>0 && offset>0 && (app_name_len-offset)>0)
{
app_name[offset]='.';
offset++;
}
offset+=tsg_app_id2name(result->app_id[i], app_name+offset, app_name_len-offset, is_joint_parent);
}
return 1;
@@ -383,37 +403,56 @@ static int get_app_id_list(struct app_identify_result *result, char *app_list, i
static int set_app_id(struct tsg_log_instance_t *_instance, struct TLD_handle_t *_handle, struct streaminfo *a_stream)
{
int app_id_flag=0;
int app_offset=0;
int surrogate_offset=0;
int l7_protocol_flag=0;
char app_list[256]={0};
char app_list[512]={0};
char app_name[512]={0};
char protocol_list[256]={0};
char surrogate_list[256]={0};
char surrogate_list[512]={0};
struct gather_app_result *label=NULL;
label=(struct gather_app_result *)project_req_get_struct(a_stream, g_tsg_para.gather_app_project_id);
if(label!=NULL)
if(label==NULL)
{
return 0;
}
get_l7_protocol(&(label->result[ORIGIN_BASIC_PROTOCOL]), protocol_list, sizeof(protocol_list), &l7_protocol_flag);
get_app_id_list(&(label->result[ORIGIN_USER_DEFINE]), app_list, sizeof(app_list), surrogate_list, sizeof(surrogate_list), &app_id_flag);
if(l7_protocol_flag==1)
{
TLD_append(_handle, _instance->id2field[LOG_COMMON_L7_PROTOCOL].name, (void *)protocol_list, TLD_TYPE_STRING);
}
app_offset=0;
surrogate_offset=0;
get_app_id_list(&(label->result[ORIGIN_USER_DEFINE]), app_list+app_offset, sizeof(app_list)-app_offset, surrogate_list+surrogate_offset, sizeof(surrogate_list)-surrogate_offset);
app_offset=strlen(app_list);
surrogate_offset=strlen(surrogate_list);
get_app_id_list(&(label->result[ORIGIN_DKPT]), app_list+app_offset, sizeof(app_list)-app_offset, surrogate_list+surrogate_offset, sizeof(surrogate_list)-surrogate_offset);
app_offset=strlen(app_list);
surrogate_offset=strlen(surrogate_list);
get_app_id_list(&(label->result[ORIGIN_QM_ENGINE]), app_list+app_offset, sizeof(app_list)-app_offset, surrogate_list+surrogate_offset, sizeof(surrogate_list)-surrogate_offset);
get_app_name_list(&(label->result[ORIGIN_USER_DEFINE]), app_name, sizeof(app_name), &app_id_flag, 1);
if(app_id_flag!=1)
{
get_app_id_list(&(label->result[ORIGIN_DKPT]), app_list, sizeof(app_list), surrogate_list, sizeof(surrogate_list), &app_id_flag);
get_app_name_list(&(label->result[ORIGIN_DKPT]), app_name, sizeof(app_name), &app_id_flag, 0);
}
if(app_id_flag!=1)
{
get_app_id_list(&(label->result[ORIGIN_QM_ENGINE]), app_list, sizeof(app_list), surrogate_list, sizeof(surrogate_list), &app_id_flag);
get_app_name_list(&(label->result[ORIGIN_QM_ENGINE]), app_name, sizeof(app_name), &app_id_flag, 1);
}
if(app_id_flag==1)
{
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_ID].name, (void *)app_list, TLD_TYPE_STRING);
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_SURROGATE_ID].name, (void *)surrogate_list, TLD_TYPE_STRING);
}
if(l7_protocol_flag==1)
{
TLD_append(_handle, _instance->id2field[LOG_COMMON_L7_PROTOCOL].name, (void *)protocol_list, TLD_TYPE_STRING);
}
TLD_append(_handle, _instance->id2field[LOG_COMMON_APP_LABEL].name, (void *)app_name, TLD_TYPE_STRING);
}
return 1;
@@ -1239,7 +1278,6 @@ int tsg_send_log(struct tsg_log_instance_t *instance, struct TLD_handle_t *handl
payload=cJSON_PrintUnformatted(_handle->object);
status=rd_kafka_produce(_instance->topic_rkt[log_msg->result[i].service_id], RD_KAFKA_PARTITION_UA, RD_KAFKA_MSG_F_COPY, payload, strlen(payload), NULL, 0, NULL);
if(status<0)
{
clock_gettime(CLOCK_REALTIME, &cur_time);