ops / monitor-service · Commits

Go to a project

Authored by Xu
Commit 63b1707f6f62a93d6c07de05c2cbd6ca0de6d382 1 parent 6cf95e81

敏感接口比例

Inline Side-by-side
Showing 6 changed files with 390 additions and 2 deletions
package com.monitor.other.maliciousip;
/**
* 恶意ip内容集合
* 比例
* @author hui.xu
*
*/
public class MaliciousIpBL {
/**
* 恶意ip
*/
private String userIP;
/**
* 总访问次数
*/
private int aCount;
/**
* 敏感接口次数
*/
private int count;
/**
* 百分比
*/
private int percent;
/**
* 攻击时间
*/
private String timestamp;
/**
* 攻击时间
*/
private String time;
public String getUserIP() {
return userIP;
}
public void setUserIP(String userIP) {
this.userIP = userIP;
}
public int getaCount() {
return aCount;
}
public void setaCount(int aCount) {
this.aCount = aCount;
}
public int getCount() {
return count;
}
public void setCount(int count) {
this.count = count;
}
public int getPercent() {
return percent;
}
public void setPercent(int percent) {
this.percent = percent;
}
public String getTimestamp() {
return timestamp;
}
public void setTimestamp(String timestamp) {
this.timestamp = timestamp;
}
public String getTime() {
return time;
}
public void setTime(String time) {
this.time = time;
}
@Override
public String toString() {
return "MaliciousIpBL [userIP=" + userIP + ", aCount=" + aCount + ", count=" + count + ", percent=" + percent
+ ", timestamp=" + timestamp + ", time=" + time + "]";
}
}
\ No newline at end of file
... ...
package com.monitor.other.maliciousip;
/**
* 恶意ip内容集合
* 次数
* @author hui.xu
*
*/
public class MaliciousIpCS {
/**
* 恶意ip
*/
private String ip;
/**
* QPS
*/
private int count;
/**
* 百分比
*/
private int percent;
/**
* 攻击时间
*/
private String timestamp;
/**
* 攻击时间
*/
private String time;
public String getIp() {
return ip;
}
public void setIp(String ip) {
this.ip = ip;
}
public int getCount() {
return count;
}
public void setCount(int count) {
this.count = count;
}
public int getPercent() {
return percent;
}
public void setPercent(int percent) {
this.percent = percent;
}
public String getTimestamp() {
return timestamp;
}
public void setTimestamp(String timestamp) {
this.timestamp = timestamp;
}
public String getTime() {
return time;
}
public void setTime(String time) {
this.time = time;
}
@Override
public String toString() {
return "MaliciousIp [ip=" + ip + ", count=" + count + ", percent=" + percent + ", timestamp=" + timestamp
+ ", time=" + time + "]";
}
}
\ No newline at end of file
... ...
... ... @@ -12,6 +12,8 @@ import org.springframework.web.bind.annotation.ResponseBody;
import com.monitor.model.response.BaseResponse;
import com.monitor.other.maliciousip.MaliciousDetailIp;
import com.monitor.other.maliciousip.MaliciousIp;
import com.monitor.other.maliciousip.MaliciousIpBL;
import com.monitor.other.maliciousip.MaliciousIpCS;
import com.monitor.other.maliciousip.MaliciousIpLook;
import com.monitor.other.maliciousip.UpLoadError;
import com.monitor.other.maliciousip.UpLoadMaliciousIp;
... ... @@ -94,4 +96,26 @@ public class MaliciousIpController {
String []arr = StringUtils.split(ips.getIps(), '|');
return ipImpl.removeIp(arr);
}
/**
* 从Reids中获取恶意的ip集合
* 比例
* @return
*/
@RequestMapping("/getIpsBL")
@ResponseBody
public BaseResponse<List<MaliciousIpBL>> getIpsBL() {
return ipImpl.getIpsBL();
}
/**
* 从Reids中获取恶意的ip集合
* 次数
* @return
*/
@RequestMapping("/getIpsCS")
@ResponseBody
public BaseResponse<List<MaliciousIpCS>> getIpsCS() {
return ipImpl.getIpsCS();
}
}
\ No newline at end of file
... ...
... ... @@ -5,6 +5,8 @@ import java.util.List;
import com.monitor.model.response.BaseResponse;
import com.monitor.other.maliciousip.MaliciousDetailIp;
import com.monitor.other.maliciousip.MaliciousIp;
import com.monitor.other.maliciousip.MaliciousIpBL;
import com.monitor.other.maliciousip.MaliciousIpCS;
import com.monitor.other.maliciousip.MaliciousIpLook;
import com.monitor.other.maliciousip.UpLoadError;
... ... @@ -47,4 +49,18 @@ public interface MaliciousIpService {
* @return
*/
BaseResponse<UpLoadError> removeIp(String[] ip);
/**
* 从Redis中获取恶意ip集合
* 比例
* @return
*/
BaseResponse<List<MaliciousIpBL>> getIpsBL();
/**
* 从Redis中获取恶意ip集合
* 次数
* @return
*/
BaseResponse<List<MaliciousIpCS>> getIpsCS();
}
\ No newline at end of file
... ...
... ... @@ -14,18 +14,22 @@ import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Service;
import com.alibaba.fastjson.JSON;
import com.monitor.model.response.BaseResponse;
import com.monitor.other.maliciousip.MaliciousDetailIp;
import com.monitor.other.maliciousip.MaliciousIp;
import com.monitor.other.maliciousip.MaliciousIpBL;
import com.monitor.other.maliciousip.MaliciousIpCS;
import com.monitor.other.maliciousip.MaliciousIpLook;
import com.monitor.other.maliciousip.UpLoadError;
import com.monitor.other.maliciousip.service.MaliciousIpService;
import com.monitor.other.maliciousip.util.RedisReadMaliciousUtil;
import com.monitor.other.maliciousip.util.RedisReadUtil;
import com.monitor.other.maliciousip.util.RedisWriteUtil;
import com.yoho.core.config.ConfigReader;
/**
* 恶意ip
... ... @@ -40,6 +44,9 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
*/
private Logger logger = LoggerFactory.getLogger(getClass());
@Autowired
@Qualifier("core-config-reader")
private ConfigReader configReader;
@Autowired
private RedisReadUtil redisRead;
... ... @@ -50,6 +57,16 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
@Autowired
private RedisReadMaliciousUtil redisReadMalicious;
/**
* 公司内部ip,需要过滤掉
*/
private final static String YOHO_WHITE_LIST_IP = "YOHO_WHITE_LIST_IP";
/**
* 公司内部ip,需要过滤掉
*/
private final static String YOHO_INTERNAL_IP = "172.31|10.66|10.67";
/* (non-Javadoc)
* @see com.monitor.other.maliciousip.service.MaliciousIpService#getIps()
* 从Redis中获取恶意ip集合
... ... @@ -63,22 +80,33 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
if(StringUtils.isBlank(ips_json)){
return response;
}
String yoho_ip = configReader.getString(YOHO_WHITE_LIST_IP, YOHO_INTERNAL_IP);
listMaliciousIp = (List<MaliciousIp>) JSON.parseArray(ips_json, MaliciousIp.class);
List<MaliciousIp> newlistMaliciousIp = new ArrayList<MaliciousIp>();
if(CollectionUtils.isNotEmpty(listMaliciousIp)){
SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
Date date;
for (MaliciousIp maliciousIp : listMaliciousIp) {
if(StringUtils.isNotBlank(yoho_ip) && StringUtils.isNoneBlank(maliciousIp.getIp())){
String []arrIp = StringUtils.split(maliciousIp.getIp(),'.');
String inIp = arrIp[0] + "." + arrIp[1];
if(yoho_ip.indexOf(inIp) >= 0){
continue;
}
}
if(StringUtils.isBlank(maliciousIp.getTimestamp())){
continue;
}
long lt = new Long(maliciousIp.getTimestamp());
date = new Date(lt);
maliciousIp.setTime(simpleDateFormat.format(date));
newlistMaliciousIp.add(maliciousIp);
}
}
Comparator comp = new ComparatorIp();
Collections.sort(listMaliciousIp, comp);
response.setData(listMaliciousIp);
Collections.sort(newlistMaliciousIp, comp);
response.setData(newlistMaliciousIp);
}catch(Exception e){
logger.error(" - MaliciousIpServiceImpl - getIps - error", e);
}
... ... @@ -172,6 +200,20 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
}
}
class ComparatorIpBL implements Comparator<MaliciousIpBL> {
public int compare(MaliciousIpBL e1, MaliciousIpBL e2) {
int count1 = e1.getPercent();
int count2 = e2.getPercent();
if (count1 < count2) {
return 1;
} else if (count1 > count2) {
return -1;
} else {
return 0;
}
}
}
class ComparatorDetailIp implements Comparator<MaliciousDetailIp> {
public int compare(MaliciousDetailIp e1, MaliciousDetailIp e2) {
int count1 = e1.getCount();
... ... @@ -205,4 +247,98 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
response.setData(error);
return response;
}
/* (non-Javadoc)
* @see com.monitor.other.maliciousip.service.MaliciousIpService#getIpsBL()
* 从Redis中获取恶意ip集合
* 比例
*/
@Override
public BaseResponse<List<MaliciousIpBL>> getIpsBL() {
BaseResponse<List<MaliciousIpBL>> response = new BaseResponse<>();
List<MaliciousIpBL> listMaliciousIp;
try{
String ips_json = redisRead.getIpsBL();
if(StringUtils.isBlank(ips_json)){
return response;
}
String yoho_ip = configReader.getString(YOHO_WHITE_LIST_IP, YOHO_INTERNAL_IP);
listMaliciousIp = (List<MaliciousIpBL>) JSON.parseArray(ips_json, MaliciousIpBL.class);
List<MaliciousIpBL> newlistMaliciousIp = new ArrayList<>();
if(CollectionUtils.isNotEmpty(listMaliciousIp)){
SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
Date date;
for (MaliciousIpBL maliciousIp : listMaliciousIp) {
if(StringUtils.isNotBlank(yoho_ip) && StringUtils.isNoneBlank(maliciousIp.getUserIP())){
String []arrIp = StringUtils.split(maliciousIp.getUserIP(),'.');
String inIp = arrIp[0] + "." + arrIp[1];
if(yoho_ip.indexOf(inIp) >= 0){
continue;
}
}
if(StringUtils.isBlank(maliciousIp.getTimestamp())){
continue;
}
long lt = new Long(maliciousIp.getTimestamp());
date = new Date(lt);
maliciousIp.setTime(simpleDateFormat.format(date));
newlistMaliciousIp.add(maliciousIp);
}
}
Comparator comp = new ComparatorIpBL();
Collections.sort(newlistMaliciousIp, comp);
response.setData(newlistMaliciousIp);
}catch(Exception e){
logger.error(" - MaliciousIpServiceImpl - getIps - error", e);
}
return response;
}
/* (non-Javadoc)
* @see com.monitor.other.maliciousip.service.MaliciousIpService#getIpsCS()
* 从Redis中获取恶意ip集合
* 次数
*/
@Override
public BaseResponse<List<MaliciousIpCS>> getIpsCS() {
BaseResponse<List<MaliciousIpCS>> response = new BaseResponse<>();
List<MaliciousIpCS> listMaliciousIp;
try{
String ips_json = redisRead.getIpsCS();
if(StringUtils.isBlank(ips_json)){
return response;
}
String yoho_ip = configReader.getString(YOHO_WHITE_LIST_IP, YOHO_INTERNAL_IP);
listMaliciousIp = (List<MaliciousIpCS>) JSON.parseArray(ips_json, MaliciousIpCS.class);
List<MaliciousIpCS> newlistMaliciousIp = new ArrayList<>();
if(CollectionUtils.isNotEmpty(listMaliciousIp)){
SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
Date date;
for (MaliciousIpCS maliciousIp : listMaliciousIp) {
if(StringUtils.isNotBlank(yoho_ip) && StringUtils.isNoneBlank(maliciousIp.getIp())){
String []arrIp = StringUtils.split(maliciousIp.getIp(),'.');
String inIp = arrIp[0] + "." + arrIp[1];
if(yoho_ip.indexOf(inIp) >= 0){
continue;
}
}
if(StringUtils.isBlank(maliciousIp.getTimestamp())){
continue;
}
long lt = new Long(maliciousIp.getTimestamp());
date = new Date(lt);
maliciousIp.setTime(simpleDateFormat.format(date));
newlistMaliciousIp.add(maliciousIp);
}
}
Comparator comp = new ComparatorIp();
Collections.sort(newlistMaliciousIp, comp);
response.setData(newlistMaliciousIp);
}catch(Exception e){
logger.error(" - MaliciousIpServiceImpl - getIps - error", e);
}
return response;
}
}
\ No newline at end of file
... ...
... ... @@ -20,6 +20,18 @@ public class RedisReadUtil {
private static final String MALICIOUS_IP = "yh:malicious:ip:%s:top100";
/**
* Redis string,里面放ip、ops、百分比
* 敏感接口比例
*/
private static final String MALICIOUS_IP_BL = "yh:malicious:ip:api:%s:top100";
/**
* Redis string,里面放ip、ops、百分比
* 敏感接口次数
*/
private static final String MALICIOUS_IP_CS = "yh:malicious:ip:%s:top100";
/**
* Redis string ,当前ip访问的接口模块名称
*/
private static final String MALICIOUS_IP_DETAIL = "yh:malicious:ip:%s:method:detail:%s";
... ... @@ -75,6 +87,30 @@ public class RedisReadUtil {
}
/**
* 获取所有恶意ip集合
* 比例
* @return
*/
public String getIpsBL() {
Jedis jedis = getJedis();
String value = jedis.get(String.format(MALICIOUS_IP_BL, TIME_DIMENSION_MINUTE_KEY));
returnResource(jedis);
return value;
}
/**
* 获取所有恶意ip集合
* 次数
* @return
*/
public String getIpsCS() {
Jedis jedis = getJedis();
String value = jedis.get(String.format(MALICIOUS_IP, TIME_DIMENSION_MINUTE_KEY));
returnResource(jedis);
return value;
}
/**
* 单个
* 根据ip获取访问的接口模块名称
* @param ip
... ...