#ifndef __TSG_SEND_LOG_INTERNAL_H__ #define __TSG_SEND_LOG_INTERNAL_H__ #include #include #include #define MIN_L7_PROTO_ID 100 #define MAX_L7_PROTO_ID 150 #define MAX_IPV4_LEN 16 #define MAX_STRING_LEN 32 enum _SEND_MODE { CLOSE=0, KAFKA=1, }; typedef enum _tsg_log_field_id { LOG_COMMON_POLICY_ID=1, LOG_COMMON_SERVICE, LOG_COMMON_ACTION, LOG_COMMON_START_TIME, LOG_COMMON_END_TIME, LOG_COMMON_L4_PROTOCOL, LOG_COMMON_ADDRESS_TYPE, LOG_COMMON_SERVER_IP, LOG_COMMON_CLIENT_IP, LOG_COMMON_SERVER_PORT, LOG_COMMON_CLIENT_PORT, LOG_COMMON_STREAM_DIR, LOG_COMMON_ADDRESS_LIST, LOG_COMMON_ENTRANCE_ID, LOG_COMMON_DEVICE_ID, LOG_COMMON_LINK_ID, LOG_COMMON_ISP, LOG_COMMON_ENCAPSULATION, LOG_COMMON_DIRECTION, LOG_COMMON_SLED_IP, LOG_COMMON_USER_TAG, LOG_COMMON_USER_REGION, LOG_COMMON_APP_LABEL, LOG_COMMON_APP_ID, LOG_COMMON_PROTOCOL_ID, LOG_COMMON_C2S_PKT_NUM, LOG_COMMON_S2C_PKT_NUM, LOG_COMMON_C2S_BYTE_NUM, LOG_COMMON_S2C_BYTE_NUM, LOG_COMMON_CON_DURATION_MS, LOG_COMMON_HAS_DUP_TRAFFIC, LOG_COMMON_STREAM_ERROR, LOG_COMMON_STREAM_TRACE_ID, LOG_COMMON_SCHAME_TYPE, LOG_HTTP_HOST, LOG_SSL_SNI, LOG_COMMON_ESTABLISH_LATENCY_MS, LOG_COMMON_SUB_ACTION, LOG_COMMON_CLINET_ASN, LOG_COMMON_SERVER_ASN, LOG_COMMON_CLINET_LOCATION, LOG_COMMON_SERVER_LOCATION, LOG_QUIC_SNI, LOG_SSL_JA3_FINGERPRINT, LOG_COMMON_DATA_CENTER, LOG_COMMON_L7_PROTOCOL, LOG_COMMON_TCP_CLIENT_ISN, LOG_COMMON_TCP_SERVER_ISN, LOG_COMMON_APP_SURROGATE_ID, LOG_COMMON_SIP_FROM, LOG_COMMON_SIP_TO, LOG_COMMON_TUNNELS, LOG_COMMON_TUNNELS_SCHEMA_TYPE, LOG_COMMON_TUNNELS_GTP_SGW_IP, LOG_COMMON_TUNNELS_GTP_PGW_IP, LOG_COMMON_TUNNELS_GTP_SGW_PORT, LOG_COMMON_TUNNELS_GTP_PGW_PORT, LOG_COMMON_TUNNELS_GTP_UPLINK_TEID, LOG_COMMON_TUNNELS_GTP_DOWNLINK_TEID, LOG_COMMON_TUNNELS_MPLS_SRC_LABEL, LOG_COMMON_TUNNELS_MPLS_DST_LABEL, LOG_COMMON_TUNNELS_VLAN_SRC_ID, LOG_COMMON_TUNNELS_VLAN_DST_ID, LOG_COMMON_TUNNELS_MAC_SOURCE, LOG_COMMON_TUNNELS_MAC_DEST, LOG_COMMON_TUNNELS_C2S_MAC_SOURCE, LOG_COMMON_TUNNELS_C2S_MAC_DEST, LOG_COMMON_TUNNELS_S2C_MAC_SOURCE, LOG_COMMON_TUNNELS_S2C_MAC_DEST, LOG_COMMON_TUNNELS_CLIENT_IP, LOG_COMMON_TUNNELS_SERVER_IP, LOG_COMMON_TUNNELS_PPTP_C2S_ID, LOG_COMMON_TUNNELS_PPTP_S2C_ID, LOG_COMMON_FQDN_CATEGORY, LOG_COMMON_GTP_APN, LOG_COMMON_GTP_IMSI, LOG_COMMON_GTP_IMEI, LOG_COMMON_GTP_MSISDN, //PHONE_NUMBER LOG_COMMON_USERDEFINE_APP, LOG_COMMON_MIRRORED_PKTS, LOG_COMMON_MIRRORED_BYTES, LOG_COMMON_SUBSCRIBER_ID, LOG_COMMON_HTTP_ACTION_FILESIZE, LOG_COMMON_LINK_INFO_C2S, LOG_COMMON_LINK_INFO_S2C, LOG_QUIC_VERSION, LOG_QUIC_USER_AGENT, LOG_COMMON_DEVICE_TAG, LOG_COMMON_L2TP_LAC2LNS_TUNNEL_ID, LOG_COMMON_L2TP_LNS2LAC_TUNNEL_ID, LOG_COMMON_L2TP_LAC2LNS_SESSION_ID, LOG_COMMON_L2TP_LNS2LAC_SESSION_ID, LOG_COMMON_L2TP_ACCESS_CONCENTRATOR_IP, LOG_COMMON_L2TP_NETWORK_SERVER_IP, LOG_COMMON_L2TP_ACCESS_CONCENTRATOR_PORT, LOG_COMMON_L2TP_NETWORK_SERVER_PORT, LOG_COMMON_L2TP_VERSION, LOG_COMMON_PACKET_CAPTURE_FILE, LOG_COMMON_APPLICATION_BEHAVIOR, LOG_HTTP_URL, LOG_COMMON_APP_IDENTIFY_INFO, LOG_COMMON_APP_EXTRACT_INFO, LOG_COMMON_HTTP_REQUEST_S3_FILE, LOG_COMMON_HTTP_RESPONSE_S3_FILE, LOG_COMMON_MAIL_EML_FILE, LOG_COMMON_VSYSTEM_ID, LOG_DTLS_SNI, LOG_COMMON_MAX }tsg_log_field_id_t; enum LOG_COLUMN_STATUS { LOG_COLUMN_STATUS_SUCCESS=0, LOG_COLUMN_STATUS_SUCCESS_S, LOG_COLUMN_STATUS_FAIL, LOG_COLUMN_STATUS_FAIL_S, LOG_COLUMN_STATUS_DROP, LOG_COLUMN_STATUS_DROP_S, LOG_COLUMN_STATUS_MAX }; enum LOG_FS2_TYPE{ LOG_FS2_ABORT_ALLOW, LOG_FS2_ABORT_DENY, LOG_FS2_ABORT_MONITOR, LOG_FS2_ABORT_INTERCEPT, LOG_FS2_ABORT_UNKNOWN, LOG_FS2_CREATE_LOG_HANDLE, LOG_FS2_DUP_LOG_HANDLE, LOG_FS2_APPEND_LOG_HANDLE, LOG_FS2_FREE_LOG_HANDLE, LOG_FS2_FREE_RAPID_SIZE, LOG_FS2_FREE_RAPID_CAPACITY, LOG_FS2_TYPE_MAX }; enum LOG_BRIDGE { LOG_BRIDGE_MAC_LINKINFO=0, LOG_BRIDGE_NAT_C2S_LINKINFO, LOG_BRIDGE_NAT_S2C_LINKINFO, LOG_BRIDGE_APP_LUA_RESULT, LOG_BRIDGE_BUSINESS_S3_FILENAME, LOG_BRIDGE_APP_BEHAVIOR_RESULT, LOG_BRIDGE_CONN_SKETCH_EXEC_RESULT, LOG_BRIDGE_MAX }; typedef struct _id2field { int type; int id; char name[MAX_STRING_LEN]; }id2field_t; struct topic_stat { int status; int type; int fs2_line_id; int *send_log_percent; char name[MAX_STRING_LEN]; long long *drop_start; rd_kafka_topic_t *topic_rkt; }; struct tsg_log_instance_t { int mode; int level; int max_service; int app_id_type; int vsystem_id; int send_user_region; int send_data_center; int recovery_interval; int rapidjson_chunk_capacity; int session_attribute_project_id; int tcp_flow_project_id; int udp_flow_project_id; int sum_line_id; int bridge_id[LOG_BRIDGE_MAX]; int fs2_column_id[LOG_COLUMN_STATUS_MAX]; int fs2_field_id[LOG_FS2_TYPE_MAX]; char l7_unknown_name[MAX_STRING_LEN]; char log_path[MAX_STRING_LEN*2]; char tcp_label[MAX_STRING_LEN]; char udp_label[MAX_STRING_LEN]; char common_field_file[MAX_STRING_LEN*4]; char broker_list[MAX_STRING_LEN*8]; char sasl_username[MAX_STRING_LEN]; char sasl_passwd[MAX_STRING_LEN]; char send_queue_max_msg[MAX_STRING_LEN]; char require_ack[MAX_STRING_LEN]; char refresh_interval_ms[MAX_STRING_LEN]; char local_ip_str[MAX_IPV4_LEN]; char l7_proto_id_file[MAX_STRING_LEN*4]; id2field_t id2field[LOG_COMMON_MAX]; rd_kafka_t *kafka_handle; struct topic_stat *service2topic; screen_stat_handle_t fs2_handle; void *logger; }; char *log_field_id2name(struct tsg_log_instance_t *instance, tsg_log_field_id_t id); struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile, screen_stat_handle_t fs2_handle); void tsg_sendlog_destroy(struct tsg_log_instance_t * instance); #endif