#pragma once #include #include #include #include #include "ipfix.h" #define MIN_L7_PROTO_ID 100 #define MAX_L7_PROTO_ID 150 #define MAX_IPV4_LEN 16 #ifndef MAX_STRING_LEN32 #define MAX_STRING_LEN32 32 #endif #define CLOSE_SEND_MODE 0x00 #define KAFKA_SEND_MODE 0x01 #define IPFIX_SEND_MODE 0x02 enum LOG_FIELD_ID { LOG_COMMON_POLICY_ID=1, LOG_COMMON_SERVICE, LOG_COMMON_ACTION, LOG_COMMON_START_TIME, LOG_COMMON_END_TIME, LOG_COMMON_L4_PROTOCOL, LOG_COMMON_ADDRESS_TYPE, LOG_COMMON_SERVER_IP, LOG_COMMON_CLIENT_IP, LOG_COMMON_SERVER_PORT, LOG_COMMON_CLIENT_PORT, LOG_COMMON_STREAM_DIR, LOG_COMMON_ADDRESS_LIST, LOG_COMMON_ENTRANCE_ID, LOG_COMMON_DEVICE_ID, LOG_COMMON_LINK_ID, LOG_COMMON_ISP, LOG_COMMON_ENCAPSULATION, LOG_COMMON_DIRECTION, LOG_COMMON_SLED_IP, LOG_COMMON_USER_TAG, LOG_COMMON_USER_REGION, LOG_COMMON_APP_LABEL, LOG_COMMON_APP_ID, LOG_COMMON_PROTOCOL_ID, LOG_COMMON_C2S_PKT_NUM, LOG_COMMON_S2C_PKT_NUM, LOG_COMMON_C2S_BYTE_NUM, LOG_COMMON_S2C_BYTE_NUM, LOG_COMMON_CON_DURATION_MS, LOG_COMMON_HAS_DUP_TRAFFIC, LOG_COMMON_STREAM_ERROR, LOG_COMMON_STREAM_TRACE_ID, LOG_COMMON_SCHAME_TYPE, LOG_HTTP_HOST, LOG_SSL_SNI, LOG_COMMON_ESTABLISH_LATENCY_MS, LOG_COMMON_SUB_ACTION, LOG_COMMON_CLINET_ASN, LOG_COMMON_SERVER_ASN, LOG_COMMON_CLINET_LOCATION, LOG_COMMON_SERVER_LOCATION, LOG_QUIC_SNI, LOG_SSL_JA3_FINGERPRINT, LOG_COMMON_DATA_CENTER, LOG_COMMON_L7_PROTOCOL, LOG_COMMON_TCP_CLIENT_ISN, LOG_COMMON_TCP_SERVER_ISN, LOG_COMMON_APP_SURROGATE_ID, LOG_COMMON_SIP_FROM, LOG_COMMON_SIP_TO, LOG_COMMON_TUNNELS, LOG_COMMON_TUNNELS_SCHEMA_TYPE, LOG_COMMON_TUNNELS_GTP_SGW_IP, LOG_COMMON_TUNNELS_GTP_PGW_IP, LOG_COMMON_TUNNELS_GTP_SGW_PORT, LOG_COMMON_TUNNELS_GTP_PGW_PORT, LOG_COMMON_TUNNELS_GTP_UPLINK_TEID, LOG_COMMON_TUNNELS_GTP_DOWNLINK_TEID, LOG_COMMON_TUNNELS_MPLS_SRC_LABEL, LOG_COMMON_TUNNELS_MPLS_DST_LABEL, LOG_COMMON_TUNNELS_VLAN_SRC_ID, LOG_COMMON_TUNNELS_VLAN_DST_ID, LOG_COMMON_TUNNELS_MAC_SOURCE, LOG_COMMON_TUNNELS_MAC_DEST, LOG_COMMON_TUNNELS_C2S_MAC_SOURCE, LOG_COMMON_TUNNELS_C2S_MAC_DEST, LOG_COMMON_TUNNELS_S2C_MAC_SOURCE, LOG_COMMON_TUNNELS_S2C_MAC_DEST, LOG_COMMON_TUNNELS_CLIENT_IP, LOG_COMMON_TUNNELS_SERVER_IP, LOG_COMMON_TUNNELS_PPTP_C2S_ID, LOG_COMMON_TUNNELS_PPTP_S2C_ID, LOG_COMMON_FQDN_CATEGORY, LOG_COMMON_GTP_APN, LOG_COMMON_GTP_IMSI, LOG_COMMON_GTP_IMEI, LOG_COMMON_GTP_MSISDN, //PHONE_NUMBER LOG_COMMON_USERDEFINE_APP, LOG_COMMON_MIRRORED_PKTS, LOG_COMMON_MIRRORED_BYTES, LOG_COMMON_SUBSCRIBER_ID, LOG_COMMON_HTTP_ACTION_FILESIZE, LOG_COMMON_LINK_INFO_C2S, LOG_COMMON_LINK_INFO_S2C, LOG_QUIC_VERSION, LOG_QUIC_USER_AGENT, LOG_COMMON_DEVICE_TAG, LOG_COMMON_L2TP_LAC2LNS_TUNNEL_ID, LOG_COMMON_L2TP_LNS2LAC_TUNNEL_ID, LOG_COMMON_L2TP_LAC2LNS_SESSION_ID, LOG_COMMON_L2TP_LNS2LAC_SESSION_ID, LOG_COMMON_L2TP_ACCESS_CONCENTRATOR_IP, LOG_COMMON_L2TP_NETWORK_SERVER_IP, LOG_COMMON_L2TP_ACCESS_CONCENTRATOR_PORT, LOG_COMMON_L2TP_NETWORK_SERVER_PORT, LOG_COMMON_L2TP_VERSION, LOG_COMMON_PACKET_CAPTURE_FILE, LOG_COMMON_APPLICATION_BEHAVIOR, LOG_HTTP_URL, LOG_COMMON_APP_IDENTIFY_INFO, LOG_COMMON_APP_EXTRACT_INFO, LOG_COMMON_HTTP_REQUEST_S3_FILE, LOG_COMMON_HTTP_RESPONSE_S3_FILE, LOG_COMMON_MAIL_EML_FILE, LOG_COMMON_VSYSTEM_ID, LOG_DTLS_SNI, LOG_COMMON_TUNNELS_ENDPOINT_A_DESC, LOG_COMMON_TUNNELS_ENDPOINT_B_DESC, LOG_COMMON_TRAFFIC_VSYSTEM_ID, LOG_COMMON_APP_FULL_PATH, LOG_COMMON_FLAGS, LOG_COMMON_SHAPING_RULE_IDS, LOG_COMMON_FLAGS_IDENTIFY_INFO, LOG_COMMON_SSL_PINNING_STATE, LOG_COMMON_SSL_CERT_VERIFY, LOG_COMMON_SSL_INTERCEPT_STATE, LOG_COMMON_SSL_UPSTREAM_LATENCY, LOG_COMMON_SSL_DOWNSTREAM_LATENCY, LOG_COMMON_SSL_UPSTREAM_VERSION, LOG_COMMON_SSL_DOWNSTREAM_VERSION, LOG_COMMON_SSL_ERROR, LOG_COMMON_SSL_PASSTHROUGHT_REASON, LOG_COMMON_SCE_PROFILE_IDS, LOG_COMMON_SHAPING_PROFILE_IDS, LOG_COMMON_L4_PROTOCOL_LABEL, LOG_COMMON_INCOMING_SRC_MAC, LOG_COMMON_INCOMING_DST_MAC, LOG_COMMON_OUTCOMING_SRC_MAC, LOG_COMMON_OUTCOMING_DST_MAC, LOG_COMMON_MAX }; typedef struct _id2field { int type; int id; char name[MAX_STRING_LEN32]; }id2field_t; struct topic_stat { int status; int type; int row_idx; int *send_log_percent; char name[MAX_STRING_LEN32]; long long *drop_start; rd_kafka_topic_t *topic_rkt; }; struct tsg_log_instance_t { unsigned char mode; int level; int max_service; int vsystem_id; int unknown_app_id; int tcp_min_log_pkts; int tcp_min_log_bytes; int udp_min_log_pkts; int udp_min_log_bytes; int send_interim_log; int send_transcation_log; int send_user_region; int send_app_id; int send_intercept_log; int send_nat_linkinfo; int send_data_center; int recovery_interval; int rapidjson_chunk_capacity; int tcp_flow_project_id; int udp_flow_project_id; int sum_stat_row_id; int ipfix_template_interval_pkts; char tcp_label[MAX_STRING_LEN32]; char udp_label[MAX_STRING_LEN32]; char sasl_username[MAX_STRING_LEN32]; char sasl_passwd[MAX_STRING_LEN32]; char compression[MAX_STRING_LEN32]; char send_queue_max_msg[MAX_STRING_LEN32]; char require_ack[MAX_STRING_LEN32]; char refresh_interval_ms[MAX_STRING_LEN32]; char local_ip_str[MAX_IPV4_LEN]; id2field_t id2field[LOG_COMMON_MAX]; rd_kafka_t *kafka_handle; struct topic_stat *service2topic; struct ipfix_exporter_instance *ipfix_instance; void *logger; }; int tsg_unknown_app_id_get(struct tsg_log_instance_t *instance); char *log_field_id2name(struct tsg_log_instance_t *instance, enum LOG_FIELD_ID id); struct tsg_log_instance_t *tsg_sendlog_init(const char *conffile); void tsg_sendlog_destroy(struct tsg_log_instance_t * instance);