ops / monitor-service · Commits

Go to a project

Authored by qinchao
Commit c2ff2032b29bd1bd854a12ff8f97af1a055f957c 1 parent 3c769fe5

恶意ip添加新的字段:hbasetime

Inline Side-by-side
Showing 6 changed files with 18 additions and 8 deletions
@@ -11,7 +11,7 @@ import java.util.Set; @@ -11,7 +11,7 @@ import java.util.Set;
11 */ 11 */
12 public interface MaliciousIpMapper { 12 public interface MaliciousIpMapper {
13 void insertMip(String influxDBName, String ip); 13 void insertMip(String influxDBName, String ip);
14 - void insertMipObj(String influxDBName, String ip,String reason,String duration); 14 + void insertMipObj(String influxDBName, String ip,String reason,String duration,String hbaseTime);
15 15
16 16
17 Map<String,Map<String,String>> getMaliousIpInfo(Set<String> listMaliciousIp, String cloud); 17 Map<String,Map<String,String>> getMaliousIpInfo(Set<String> listMaliciousIp, String cloud);
@@ -51,13 +51,13 @@ public class MaliciousIpMapperImpl extends InfluxDBQuery implements MaliciousIpM @@ -51,13 +51,13 @@ public class MaliciousIpMapperImpl extends InfluxDBQuery implements MaliciousIpM
51 51
52 //duration 是influxdb关键字,因此字段名称取为dur,保留策略: rp_thirtyweek 52 //duration 是influxdb关键字,因此字段名称取为dur,保留策略: rp_thirtyweek
53 //由于不是默认的保留策略,因此执行查询时,select * from rp_thirtyweek.monitor_malicousips where value= '127.0.0.1'; 53 //由于不是默认的保留策略,因此执行查询时,select * from rp_thirtyweek.monitor_malicousips where value= '127.0.0.1';
54 - public void insertMipObj(String influxDBName, String ip,String reason,String duration){ 54 + public void insertMipObj(String influxDBName, String ip,String reason,String duration,String hbaseTime){
55 BatchPoints batchPoints = BatchPoints 55 BatchPoints batchPoints = BatchPoints
56 .database(InfluxDBContants.YOMO_MONITOR).retentionPolicy(mip_rpname) 56 .database(InfluxDBContants.YOMO_MONITOR).retentionPolicy(mip_rpname)
57 .build(); 57 .build();
58 Point point = Point.measurement("monitor_malicousips") 58 Point point = Point.measurement("monitor_malicousips")
59 .tag("ip",ip) 59 .tag("ip",ip)
60 - .addField("value", ip).addField("dur",duration).addField("reason",reason).build(); 60 + .addField("value", ip).addField("dur",duration).addField("reason",reason).addField("hbasetime",hbaseTime).build();
61 batchPoints.point(point); 61 batchPoints.point(point);
62 inluxDBSingle.getInfluxDBByName(influxDBName).getInfluxDB() 62 inluxDBSingle.getInfluxDBByName(influxDBName).getInfluxDB()
63 .write(batchPoints); 63 .write(batchPoints);
@@ -14,6 +14,11 @@ public class MaliciousIpsRecordForbid { @@ -14,6 +14,11 @@ public class MaliciousIpsRecordForbid {
14 private String reason; 14 private String reason;
15 15
16 /** 16 /**
  17 + *获取hbase数据的时间戳
  18 + */
  19 + private String hbaseTime;
  20 +
  21 + /**
17 * 创建时间 22 * 创建时间
18 */ 23 */
19 private Date createTime; 24 private Date createTime;
@@ -6,10 +6,11 @@ @@ -6,10 +6,11 @@
6 <result column="ip" property="ip" jdbcType="VARCHAR" /> 6 <result column="ip" property="ip" jdbcType="VARCHAR" />
7 <result column="reason" property="reason" jdbcType="VARCHAR" /> 7 <result column="reason" property="reason" jdbcType="VARCHAR" />
8 <result column="forbid_status" property="forbidStatus" jdbcType="VARCHAR" /> 8 <result column="forbid_status" property="forbidStatus" jdbcType="VARCHAR" />
  9 + <result column="hbase_time" property="hbaseTime" jdbcType="VARCHAR" />
9 <result column="create_time" property="createTime" jdbcType="TIMESTAMP" /> 10 <result column="create_time" property="createTime" jdbcType="TIMESTAMP" />
10 </resultMap> 11 </resultMap>
11 <sql id="Base_Column_List" > 12 <sql id="Base_Column_List" >
12 - id, ip,reason,create_time,forbid_status 13 + id, ip,reason,create_time,forbid_status,hbase_time
13 </sql> 14 </sql>
14 15
15 <select id="getAlarmCountMipsInfoToOpsDb" resultType="java.lang.Integer"> 16 <select id="getAlarmCountMipsInfoToOpsDb" resultType="java.lang.Integer">
@@ -44,8 +45,8 @@ @@ -44,8 +45,8 @@
44 </select> 45 </select>
45 46
46 <insert id="insert" parameterType="com.model.MaliciousIpsRecordForbid"> 47 <insert id="insert" parameterType="com.model.MaliciousIpsRecordForbid">
47 - insert into malicious_ips_record_forbid(ip,reason,create_time)  
48 - values(#{ip,jdbcType=VARCHAR},#{reason,jdbcType=VARCHAR},now()) 48 + insert into malicious_ips_record_forbid(ip,reason,hbase_time,create_time)
  49 + values(#{ip,jdbcType=VARCHAR},#{reason,jdbcType=VARCHAR},#{hbaseTime,jdbcType=VARCHAR},now())
49 </insert> 50 </insert>
50 51
51 <update id="updateForbidStatusByPrimaryKey" parameterType="com.model.MaliciousIpsRecordForbid" > 52 <update id="updateForbidStatusByPrimaryKey" parameterType="com.model.MaliciousIpsRecordForbid" >
@@ -176,12 +176,13 @@ public class MaliciousIpServiceImpl implements MaliciousIpService { @@ -176,12 +176,13 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
176 String ip=jo.getString("ip"); 176 String ip=jo.getString("ip");
177 String reason=jo.getString("reason"); 177 String reason=jo.getString("reason");
178 String duration=jo.get("duration")==null?"":""+jo.get("duration"); 178 String duration=jo.get("duration")==null?"":""+jo.get("duration");
  179 + String hbaseTime=String.valueOf(jo.getLongValue("timestamp"));
179 if(StringUtils.isNotBlank(ip)){ 180 if(StringUtils.isNotBlank(ip)){
180 String smsStr = "成功捕获恶意ip->" + ip ; 181 String smsStr = "成功捕获恶意ip->" + ip ;
181 alarmMsgService.sendSms("MaliciousIp", smsStr, mobile_yunwei); 182 alarmMsgService.sendSms("MaliciousIp", smsStr, mobile_yunwei);
182 183
183 try { 184 try {
184 - maliciousIpMapper.insertMipObj(influxDBStr, ip, reason, duration); 185 + maliciousIpMapper.insertMipObj(influxDBStr, ip, reason, duration,hbaseTime);
185 } catch (Exception e) { 186 } catch (Exception e) {
186 logger.error("writeMipsObjToOpsReids insert mip into influxdb failed", e); 187 logger.error("writeMipsObjToOpsReids insert mip into influxdb failed", e);
187 } 188 }
@@ -207,12 +208,14 @@ public class MaliciousIpServiceImpl implements MaliciousIpService { @@ -207,12 +208,14 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
207 JSONObject jo= ipsObjArray.getJSONObject(i); 208 JSONObject jo= ipsObjArray.getJSONObject(i);
208 String ip=jo.getString("ip"); 209 String ip=jo.getString("ip");
209 String reason=jo.getString("reason"); 210 String reason=jo.getString("reason");
  211 + String hbaseTime=String.valueOf(jo.getLongValue("timestamp"));
210 //String duration=jo.get("duration")==null?"":""+jo.get("duration"); 212 //String duration=jo.get("duration")==null?"":""+jo.get("duration");
211 if(StringUtils.isNotBlank(ip)){ 213 if(StringUtils.isNotBlank(ip)){
212 214
213 MaliciousIpsRecordForbid record=new MaliciousIpsRecordForbid(); 215 MaliciousIpsRecordForbid record=new MaliciousIpsRecordForbid();
214 record.setIp(ip); 216 record.setIp(ip);
215 record.setReason(reason); 217 record.setReason(reason);
  218 + record.setHbaseTime(hbaseTime);
216 maliciousIpsRecordForbidMapper.insert(record); 219 maliciousIpsRecordForbidMapper.insert(record);
217 220
218 logger.info("MaliciousIpServiceImpl writeMipsObjToOpsReids - "+ip); 221 logger.info("MaliciousIpServiceImpl writeMipsObjToOpsReids - "+ip);
@@ -888,7 +891,7 @@ public class MaliciousIpServiceImpl implements MaliciousIpService { @@ -888,7 +891,7 @@ public class MaliciousIpServiceImpl implements MaliciousIpService {
888 } 891 }
889 } 892 }
890 }catch(Exception e){ 893 }catch(Exception e){
891 - 894 + e.printStackTrace();
892 } 895 }
893 896
894 return list; 897 return list;
@@ -12,6 +12,7 @@ import java.io.IOException; @@ -12,6 +12,7 @@ import java.io.IOException;
12 */ 12 */
13 public class HbasePool { 13 public class HbasePool {
14 private static final String QUORUM = "10.66.80.5"; 14 private static final String QUORUM = "10.66.80.5";
  15 + //private static final String QUORUM = "server3";
15 private static final String CLIENTPORT = "2181"; 16 private static final String CLIENTPORT = "2181";
16 private static Configuration conf = null; 17 private static Configuration conf = null;
17 private static Connection conn = null; 18 private static Connection conn = null;