y806839048
- 浏览: 1090500 次
- 性别:
- 来自: 上海
-
文章分类
- 全部博客 (1055)
- quartz定时任务 (1)
- json (9)
- 接口 (1)
- http (1)
- sccket (2)
- xmlbean (1)
- webservice (1)
- flex (1)
- sitemesh (2)
- json组装 (2)
- 存储过程 (6)
- ajax后台返回前台上下问 (3)
- flect反射机制 (1)
- 页面列表 (1)
- oracal结果集合并 (1)
- lucene (1)
- 读取配置文件工具 (1)
- 框架整合 (1)
- jms (3)
- 断点续传 (1)
- 页面之间的传值 (1)
- jpa (6)
- sql (8)
- jsp跳转 (1)
- jsp (6)
- jquery (2)
- ui (1)
- js与jsp之间的值的交互应用 (1)
- js空值判断 (1)
- Ajax (9)
- web-inf 编译目录 (1)
- 多线程 (9)
- 资料 (0)
- oracal (4)
- 多线程webservice (1)
- ztree (1)
- 加载与内容的变化 (1)
- 页面的公用变量 (1)
- web-inf目录结构 (1)
- 登陆系列 (1)
- jass应用于webservice认证 (2)
- 路径问题 (1)
- list合并 (1)
- list map中的value获取 (2)
- 标签tag (4)
- 方法 (1)
- 树形数据及其渲染 (1)
- require js 回调 (1)
- tab 页面切换 (2)
- 计时获取验证码 (1)
- 模式 (6)
- easyui (3)
- dialog (2)
- 乱码问题 (1)
- spring (29)
- sqlserver (1)
- iis,netframework (0)
- iis (1)
- netframework (1)
- 处理乱码问题 (1)
- struts-ajax (0)
- ,理论,了;,; (0)
- 排错方法 (1)
- hibernate (1)
- 二级缓存 (1)
- portal (1)
- date类型 (0)
- jvm out of memery StackOverflowError (1)
- echart数据填充 (0)
- echart (1)
- jmv (1)
- 学习 (0)
- java基础 (1)
- oracle性能优化 (1)
- 数据库三范式 (1)
- easy UI (1)
- oracle11g (1)
- form (3)
- servlet (2)
- spring mvc (1)
- htm5 (0)
- ibatise (1)
- 序列化 (1)
- tomcat双认证 (1)
- maven Lib (1)
- tomcat eclipse (2)
- ehcache (1)
- http 代替 ajax (2)
- rest (6)
- script脚本占位模板 (1)
- strust 标签 el表达式 (1)
- js bo (1)
- 公司资料 (0)
- js return (1)
- spring 第三方插件的工具类 (1)
- linux (10)
- linux 克隆 (1)
- linux xshell连接 (1)
- yum expect (1)
- linux 应用命令 (1)
- yum 缓存rmp包 (1)
- yum 本地库离线安装 (2)
- yum错误 (1)
- jsp页面用定时调用 (1)
- ajax setup (2)
- Exception,RuntimeException (1)
- 对话框 dialog (1)
- maven (17)
- PropertyPlaceholderConfigurer properties文件 (1)
- 错误集 (1)
- mybatise (0)
- 拦截器filter (1)
- http get post 区别 (1)
- rest 客户端两种返回的数据处理方式 (1)
- listener (2)
- maven工程 (1)
- ContainerResponseFilter (1)
- ajax action 打印任意实体类jsp (1)
- yum svn mvn (1)
- 分页 (1)
- angularjs (1)
- memcached (1)
- git (12)
- yyyyyyyy (0)
- oracal安装 (4)
- jaxwswebservice (1)
- spring bean (1)
- 排方法 (0)
- java 生成pdf (2)
- 创建目录 (1)
- 下载与生产pdf文件 (1)
- base64 (2)
- 配置文件 (2)
- blob (1)
- pdf (1)
- yum linux 安装Oracle (1)
- excl 插入数据库 (1)
- 搭建框架 (1)
- .classpath和jdk jre (1)
- mybatise 配置文件通配 (1)
- 用Maven插件生成Mybatis代码 (2)
- springmvc值的传递 (1)
- js jsp html (1)
- ajax跨域 (1)
- javamail (0)
- 提交复杂格式json数据 (1)
- get中文乱码/post (1)
- 弹出框,承载弹出链接----页面,显示大图 (1)
- @RequestBody list bean (1)
- 隐藏域 (1)
- 多页保存 (1)
- form 校验 (1)
- 注册,上传图片 (1)
- 登录验证 (1)
- 全局的异常处理 (0)
- 异常捕获,显示在页面 (0)
- mybatise事物配置 (1)
- maven compile (1)
- 时间格式 (1)
- js 跳转页面 (1)
- pringsecurity 角色授资源要重启服务 (0)
- Retrofi restfull (1)
- session过期推出,直接点击退出,退出 (0)
- 参数放于requestbody (1)
- maven本地仓库jar包 (1)
- 编译环境出错jdk1.6 1,7 (1)
- jsonarray ---json数组格式 (1)
- java后台文件上传,接受的2种方式 (0)
- 生成保存图片 (1)
- 权限mysql数据库Md5加密sql (1)
- mysql一对多关联查询 (1)
- mysql批量更新 (0)
- oracle in exists 区别 (1)
- https (1)
- linux发布脚本 (1)
- dubbo zookeepr (1)
- request.getParameter() (1)
- request.setAttribute() (1)
- @RequestMapping @ResponseBody (1)
- @RequestMapping @responsebody src控件 后台如何写入src值 (1)
- dwz (8)
- lib jar maven (1)
- web服务访问名称 (1)
- mvc返回内容设置,拦截 (1)
- @ResponseBody 返回json处理 (1)
- 视图,函数,存储过程 (1)
- <context:annotation-config/> (1)
- <context:component-scan/> (1)
- xml路劲通配 (2)
- 杂项 (1)
- dubbo (34)
- redis (25)
- mybatis (34)
- springmvc (15)
- js (7)
- sprinvmvc (1)
- 设计理念 (1)
- 工程 (1)
- 其他 (149)
- 导出,下载 (1)
- session (4)
- token (1)
- Exception处理 (2)
- 注解 (2)
- 框架 (3)
- shrio (1)
- login (1)
- 项目结构设计 (1)
- mybatis两种关联查询 (1)
- mybaits (2)
- 迭代模式 (1)
- oralce树形数据结构构建 (2)
- 树形结构的jsp展现 (1)
- filter intecept(Struts) (1)
- 树形结构数据的提交 (1)
- @RequestBody @RequestParam (1)
- div (1)
- equals重写 (1)
- 程序设计 (1)
- f多层for循环跳出 (1)
- 看源码 (0)
- 权限系统普遍通性 (1)
- 设计程序 (1)
- 动态拼接元素样式问题 (1)
- sql迭代 (1)
- debug断点 (1)
- spring mvc 扫描注解(ioc (1)
- di) (1)
- jdk (2)
- cglib (1)
- mybatis 多层括号(超过三层)解析不了 (1)
- tiles (2)
- cacheManager缓存的切换 (1)
- jsp,xml中el表达式等占位符中的数据操作 (1)
- jpa 及spring data jpa开发 (1)
- compareTo equals toString (1)
- 子页面用父页面js (1)
- jsp相对路径自加问题 (1)
- bean之间的相互拷贝 (1)
- DECODE (2)
- 泛型 (2)
- NVL (1)
- jsp jstl函数 用标签声明页面变量,供jstl使用,时间格式问题 (1)
- form表单切换action值 (1)
- response.getWriter().write()功能优于springMvc的返回 (1)
- 快速复制构建项目 (1)
- activeMq (15)
- cache (2)
- sql获取序列号 (1)
- 上传 (2)
- tfs (1)
- jsp标签 (2)
- qita (1)
- 触发器 (1)
- Exception (1)
- mybais (1)
- 标签 (1)
- connect by (1)
- for ... in (1)
- map转化为list (1)
- 树形结构list构建(树形实体) (1)
- 左侧菜单的设计 (1)
- response.getWriter().write() (1)
- eclipse打断点之后断无效 (1)
- 直接访问/web-inf/下的页面 (1)
- clob (1)
- freemark (1)
- 框架的设计 (1)
- get方式处理乱码 (1)
- Request的getParameter和getAttribute方法的区别 (1)
- cas (9)
- 时间格式问题 (1)
- ResponseUtil.writeToResponse (1)
- 树形数据的反选 (1)
- spring data jpa (1)
- jsp异常提示 (1)
- jquery js (1)
- eclipse (1)
- 乱码 (1)
- Json OBJETC (1)
- PROCEDURE (1)
- pl/sql oracle (1)
- 设计 (1)
- el表达式 (3)
- iframe (1)
- map (1)
- jsp中调用Java (1)
- response.getWriter().write() ajax (1)
- mybatis xml 传入参数 (0)
- response与request在返回时作用区别 (1)
- spring cache (1)
- 模型驱动 (1)
- 关于mybatis传空值的处理 (1)
- 日志配置 (1)
- mapper (1)
- mapper mybatis (1)
- mapper mybatis-spring spring-data-jpa (1)
- js插件 (1)
- spring-data-jpa (2)
- 字节流转化过程 (1)
- 数据库 (11)
- jsp页面 (1)
- 局域网络访问问题 (1)
- plsql (2)
- response (1)
- plsq (1)
- Proxool (1)
- cas security (1)
- 系统配置化 (1)
- 集群 (4)
- springboot (24)
- 设计模式 (5)
- 通知 (1)
- 架构 (48)
- zookeeper (5)
- mvc框架 (1)
- 事物隔离策略 (1)
- jvm (8)
- 调研 (1)
- Java工具类 (1)
- 并发容器 (3)
- 多线程管理器 (4)
- 简历 (0)
- 查询 (1)
- 集群工具 (1)
- springMcv (1)
- ConcurrentHashMap (1)
- hashtable (1)
- cac (1)
- 树形结构 (1)
- 定时任务 (1)
- tortoiseGit (2)
- struts (11)
- shiro (31)
- log4j (3)
- struts2 (2)
- 编码 (1)
- request (3)
- Nginx (14)
- tomcat (1)
- idea (12)
- mvc (2)
- BeanUtils (2)
- image (1)
- mino (1)
- httpClient (1)
- volecity (1)
- swagger (3)
- 调错 (0)
- data (1)
- log (1)
- shell (1)
- 事物 (3)
- junit (1)
- RestTemplate (2)
- 线程 (0)
- Exception异常处理 (1)
- Exception异常注解 (1)
- lock (1)
- HashMap (1)
- 面试 (0)
- rabbitMq (1)
- rainCat (1)
- 其它 (1)
- activemq消息传送机制以及ACK机制详解 (0)
- mysql (7)
- fildder (1)
- UML (1)
- 校验 (1)
- 反射 (1)
- 切面 (1)
- springioc (1)
- urule2 (0)
- skywalking (1)
- urule (2)
- docker (2)
- 前端 (1)
- bootstrap (1)
- eureka (2)
- springcloud (16)
- jenkins (2)
- springsecurity (1)
- 数据结构 (4)
- gradle (1)
- mycat (3)
- nacos (1)
- canary (1)
- 线程池 (1)
- solr (1)
- resteasy (2)
- BI (1)
- dfs (2)
- elasticsearch (1)
- ruby (1)
- logstash (1)
- clickhouse (2)
- davinci (15)
- java (1)
- davinvi (1)
- fastdfs (1)
- vue (1)
- 《将博客搬至CSDN》 (1)
最新评论
-
nizhipeng123:
private SessionFactory sessio ...
用map接收参数的几个注意的问题
package com.ces.syslog;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.lang.reflect.Field;
import java.net.Socket;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import com.ces.zwww.entity.SafetyAlarm;
import com.ces.zwww.utils.ZwwwConst;
/**
* syslog socket客户端
*
* @author Jusin
*
*/
public class SyslogClient {
/**
* 以下变量形成配置文件
*/
private static String host = "218.242.122.196";
private String startCMD = "working";
private static int port = 20012;
private int timeout = 30*1000;
private int waitTimeout = 10*1000;
Socket client = null;
private static ObjectOutputStream out;
private static ObjectInputStream in;
public Object getSyslogMsg(){
Object message = null;
try {
Socket client = new Socket(host, port);
System.out.println("start:");
in = new ObjectInputStream(client.getInputStream());
out = new ObjectOutputStream(client.getOutputStream());
try {
message = in.readObject();
return message;
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} catch (UnknownHostException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
public static void main(String[] args){
try {
List<SafetyAlarm> list = new ArrayList<SafetyAlarm>();
Socket client = new Socket(host, port);
System.out.println("start:");
//objectoutstream
in = new ObjectInputStream(client.getInputStream());
out = new ObjectOutputStream(client.getOutputStream());
System.out.println(System.currentTimeMillis());
Object message = null;
try {
message = in.readObject();
if (message instanceof Map) {
Map<String, String> map = (Map<String, String>) message;
System.out.println("client receive message is:" + map);
} else if(message instanceof List) {
//一个map装一个对象,这样就可以用另外一个map转化,接口中不同的属性名。
List<Map<String, Object>> messageList = (List<Map<String, Object>>) message;
if(messageList != null && messageList.size()>0){
for(Map<String, Object> m : messageList){
SafetyAlarm sa = new SafetyAlarm();
//m.entrySet()把map的键值对变为list
for (Map.Entry<String, Object> entry : m.entrySet()) {// 组装参数
String fieldKey = ZwwwConst.getSyslogFieldMap().get(entry.getKey());
setField(sa, fieldKey, entry.getValue());
}
list.add(sa);
}
}
} else {
System.out.println("The type of the message is not map!");
}
} catch(Exception e){
e.printStackTrace();
//this.clientStart();
}
} catch (UnknownHostException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
//属性设值
@SuppressWarnings("rawtypes")
private static void setField(Object bean,String fieldKey,Object fieldValue){
try {
Field field = bean.getClass().getDeclaredField(fieldKey);
field.setAccessible(true);
field.set(bean, fieldValue);
} catch (SecurityException e) {
e.printStackTrace();
} catch (IllegalArgumentException e) {
e.printStackTrace();
} catch (NoSuchFieldException e) {
e.printStackTrace();
} catch (IllegalAccessException e) {
e.printStackTrace();
}
}
/**
* socket的核心区域
*
* @throws IOException
* @throws InterruptedException
*/
private void socket() throws IOException, InterruptedException {
this.client = getSocketClient();
this.client.setSoTimeout(timeout);
out = new ObjectOutputStream(client.getOutputStream());
in = new ObjectInputStream(client.getInputStream());
out.writeObject(startCMD);
out.flush();
while (true) {
Object message = null;
try {
message = in.readObject();
//this.receiveMsg(message);
} catch(Exception e){
e.printStackTrace();
this.clientStart();
}
}
}
/**
* 获取socket客户端
*
* @param client
* @return
* @throws InterruptedException
*/
private Socket getSocketClient() throws InterruptedException {
Socket client = null;
while (true) {
try {
client = new Socket(host, port);
} catch (UnknownHostException e1) {
System.out.println("socket服务器IP或端口无法识别,有可能配置错误,请检查");
e1.printStackTrace();
Thread.sleep(waitTimeout);// 当链接失败的时候,等待60秒再连接一次
continue;
} catch (IOException e1) {
e1.printStackTrace();
Thread.sleep(waitTimeout);// 当链接失败的时候,等待60秒再连接一次
continue;
} finally {
if (client != null&&!client.isConnected()) {
try {
client.close();
} catch (IOException e) {
e.printStackTrace();
}
client = null;
}
}
break;
}
return client;
}
public void clientStart() throws InterruptedException {
while (true) {
try {
this.socket();
} catch (IOException e) {
e.printStackTrace();
continue;
}
}
}
}
package com.ces.syslog;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.UnknownHostException;
import java.util.HashMap;
import java.util.Map;
public class SyslogServer {
private ServerSocket ss;
private Socket socket;
private ObjectInputStream in;
private ObjectOutputStream out;
private int port = 6688;
public void start() throws ClassNotFoundException, InterruptedException {
while (true) {
try {
ss = new ServerSocket(port);
System.out.println("端口号:" + port + " socket服务启动成功!");
socket = ss.accept();
in = new ObjectInputStream(socket.getInputStream());
out = new ObjectOutputStream(socket.getOutputStream());
while (true) {
Object obj = in.readObject();
String line = null;
if (obj instanceof String) {
line = (String) obj;
}
System.out.println("you input is : " + obj);
if ("working".equals(line)) {
int count = 0;
while (true) {
for (int i = 0; i < 10; i++) {
Map<String, String> map = new HashMap<String, String>();
map.put("START_TIME", "2009-11-20 00:00:00");
map.put("END_TIME", "2009-11-20 00:00:00");
map.put("SRC_ADDRESS", "192.168.1.1");
map.put("SRC_PORT", "2322");
map.put("DEST_ADDRESS", "192.168.1.2");
map.put("DEST_PORT", "80");
map.put("DVC_EVENT_CATEGORY", "扫描");
map.put("MESSAGE", "发现端口扫描");
out.writeObject(map);
out.flush();
count++;
System.out.println(count + "服务端发送消息:"
+ map.toString());
}
Thread.sleep(10000);
}
}
}
} catch (Exception e) {
continue;
} finally {
try {
if (in != null)
in.close();
} catch (IOException e) {
e.printStackTrace();
}
try {
if (out != null)
out.close();
} catch (IOException e) {
e.printStackTrace();
}
try {
if (socket != null)
socket.close();
} catch (IOException e) {
e.printStackTrace();
}
try {
if (ss != null)
ss.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}
/*
* Socket socketConnection = new Socket(InetAddress.getLocalHost(), 6688);
* // 使用ObjectOutputStream和ObjectInputStream进行对象数据传输 ObjectOutputStream out
* = new ObjectOutputStream( socketConnection.getOutputStream());
* ObjectInputStream ins = new ObjectInputStream(
* socketConnection.getInputStream()); List<Map<String, Object>> radlist =
* (List<Map<String, Object>>) ins .readObject();
*/
public static void main(String[] args) throws UnknownHostException,
IOException, ClassNotFoundException, InterruptedException {
SyslogServer server = new SyslogServer();
server.start();
}
}
package com.ces.zwww.utils;
import java.util.HashMap;
import java.util.Map;
public class ZwwwConst {
public static final String HIGHCHARTS_COLORS[] = {"#8085e9","#7cb5ec","#90ed7d","#f7a35c","#434348","#f15c80","#e4d354","#8085e8","#8d4653","#91e8e1"};
public static final String TOPSEC_ASSET_PARAM = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><topsec><mode>asset_list</mode></topsec>";
public static final String ITSM_TICKETS = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><itsm><mode>tickets</mode></itsm>";
private static Map<String,String> syslogFieldMap = new HashMap<String,String>();
public static Map<String,String> getSyslogFieldMap() {
if(syslogFieldMap.isEmpty()){
syslogFieldMap.put("EVENT_ID","eventId");
syslogFieldMap.put("NAME","name");
syslogFieldMap.put("START_TIME","startTime");
syslogFieldMap.put("CUSTOMER","customer");
syslogFieldMap.put("EXTERNAL_ID","externalId");
syslogFieldMap.put("APP_PROTOCOL","appProtocol");
syslogFieldMap.put("END_TIME","endTime");
syslogFieldMap.put("EVENT_TYPE","eventType");
syslogFieldMap.put("DURATION","duration");
syslogFieldMap.put("CAT1_ID","cat1Id");
syslogFieldMap.put("CAT2_ID","cat2Id");
syslogFieldMap.put("CAT3_ID","cat3Id");
syslogFieldMap.put("CAT4_ID","cat4Id");
syslogFieldMap.put("PRIORITY","priority");
syslogFieldMap.put("MSG_ID","msgId");
syslogFieldMap.put("MESSAGE","message");
syslogFieldMap.put("BYTES_IN","bytesIn");
syslogFieldMap.put("BYTES_OUT","bytesOut");
syslogFieldMap.put("PACKETS_IN","packetsIn");
syslogFieldMap.put("PACKETS_OUT","packetsOut");
syslogFieldMap.put("BASE_EVENT_COUNT","baseEventCount");
syslogFieldMap.put("GENERATOR","generator");
syslogFieldMap.put("RAW_EVENT","rawEvent");
syslogFieldMap.put("TRANS_PROTOCOL","transProtocol");
syslogFieldMap.put("SESSION_ID","sessionId");
syslogFieldMap.put("CRYPTO_SIGNATURE","cryptoSignature");
syslogFieldMap.put("SEVERITY","severity");
syslogFieldMap.put("ORIGINATOR","originator");
syslogFieldMap.put("UUID","uuid");
syslogFieldMap.put("RESPONDS","responds");
syslogFieldMap.put("AUTH","auth");
syslogFieldMap.put("ORGANIZE","organize");
syslogFieldMap.put("OBJECT_ID","objectId");
syslogFieldMap.put("OBJECT_PARAM","objectParam");
syslogFieldMap.put("SIM_RULE","simRule");
syslogFieldMap.put("RESULT","result");
syslogFieldMap.put("SIGNATURE","signature");
syslogFieldMap.put("VULNERABILITY","vulnerability");
syslogFieldMap.put("CVE","cve");
syslogFieldMap.put("BID","bid");
syslogFieldMap.put("SOLUTION","solution");
syslogFieldMap.put("RISK_FACTOR","riskFactor");
syslogFieldMap.put("RELATED_VULN_TYPE","relatedVulnType");
syslogFieldMap.put("RELATED_VULN","relatedVuln");
syslogFieldMap.put("DB_NAME","dbName");
syslogFieldMap.put("TABLE_NAME","tableName");
syslogFieldMap.put("DB_CMD","dbCmd");
syslogFieldMap.put("DB_CONTENT","dbContent");
syslogFieldMap.put("SQL_KEY","sqlKey");
syslogFieldMap.put("FLAG","flag");
syslogFieldMap.put("REASON","reason");
syslogFieldMap.put("PARENTID","parentid");
syslogFieldMap.put("CONNID","connid");
syslogFieldMap.put("POLICY","policy");
syslogFieldMap.put("NATID","natid");
syslogFieldMap.put("FWRULE","fwrule");
syslogFieldMap.put("SA","sa");
syslogFieldMap.put("SN","sn");
syslogFieldMap.put("ROLES","roles");
syslogFieldMap.put("CLIENTEVENT","clientevent");
syslogFieldMap.put("SCMEVENT","scmevent");
syslogFieldMap.put("LEFTCLIENT","leftclient");
syslogFieldMap.put("RIGHTCLIENT","rightclient");
syslogFieldMap.put("TUNNELEVENT","tunnelevent");
syslogFieldMap.put("CHECKED","checked");
syslogFieldMap.put("NAV_VIRUS","navVirus");
syslogFieldMap.put("NAV_SCAN_TYPE","navScanType");
syslogFieldMap.put("NAV_VIRUS_LOCATION","navVirusLocation");
syslogFieldMap.put("NAV_PRIMARY_ACTION","navPrimaryAction");
syslogFieldMap.put("NAV_SENDARY_ACTION","navSendaryAction");
syslogFieldMap.put("OP","op");
syslogFieldMap.put("NORMAL_OBJECT","normalObject");
syslogFieldMap.put("VIRUS_OBJECT","virusObject");
syslogFieldMap.put("INT_PATH_INFO","intPathInfo");
syslogFieldMap.put("SENDER","sender");
syslogFieldMap.put("RECEIVER","receiver");
syslogFieldMap.put("SUBJECT","subject");
syslogFieldMap.put("RELAYER","relayer");
syslogFieldMap.put("MANAGER_ID","managerId");
syslogFieldMap.put("MANAGER_RECEIPT_TIME","managerReceiptTime");
syslogFieldMap.put("AGT_DOMAIN_ID","agtDomainId");
syslogFieldMap.put("AGT_TIER_ID","agtTierId");
syslogFieldMap.put("AGT_ADDRESS","agtAddress");
syslogFieldMap.put("AGT_DESCRIPTOR_ID","agtDescriptorId");
syslogFieldMap.put("AGT_RECEIPT_TIME","agtReceiptTime");
syslogFieldMap.put("AGT_SEVERITY","agtSeverity");
syslogFieldMap.put("DVC_ADDRESS","dvcAddress");
syslogFieldMap.put("DVC_PORT","dvcPort");
syslogFieldMap.put("DVC_NAME","dvcName");
syslogFieldMap.put("DVC_MAC_ADDRESS","dvcMacAddress");
syslogFieldMap.put("DVC_DESCRIPTOR_ID","dvcDescriptorId");
syslogFieldMap.put("DVC_EVENT_CATEGORY","dvcEventCategory");
syslogFieldMap.put("DVC_EVENT_CATEGORY2","dvcEventCategory2");
syslogFieldMap.put("DVC_EVENT_CATEGORY3","dvcEventCategory3");
syslogFieldMap.put("DVC_EVENT_CLASS_ID","dvcEventClassId");
syslogFieldMap.put("DVC_TYPE","dvcType");
syslogFieldMap.put("DVC_SEVERITY","dvcSeverity");
syslogFieldMap.put("DVC_FACILITY","dvcFacility");
syslogFieldMap.put("DVC_INBOUND_INTERFACE","dvcInboundInterface");
syslogFieldMap.put("DVC_OUTBOUND_INTERFACE","dvcOutboundInterface");
syslogFieldMap.put("DVC_PRODUCT","dvcProduct");
syslogFieldMap.put("DVC_RECEIPT_TIME","dvcReceiptTime");
syslogFieldMap.put("DVC_DOMAIN","dvcDomain");
syslogFieldMap.put("DVC_VENDOR","dvcVendor");
syslogFieldMap.put("DVC_DIRECTION","dvcDirection");
syslogFieldMap.put("DVC_PAYLOAD_ID","dvcPayloadId");
syslogFieldMap.put("DVC_PROCESS_NAME","dvcProcessName");
syslogFieldMap.put("DVC_ZONE","dvcZone");
syslogFieldMap.put("DVC_TRANS_ADDRESS","dvcTransAddress");
syslogFieldMap.put("DEV_TRANS_PORT","devTransPort");
syslogFieldMap.put("DVC_TRANS_ZONE","dvcTransZone");
syslogFieldMap.put("DVC_ASSET_ID","dvcAssetId");
syslogFieldMap.put("DVC_VLAN_NAME","dvcVlanName");
syslogFieldMap.put("DVC_VLAN_NUM","dvcVlanNum");
syslogFieldMap.put("DVC_CUSTOM_STRING1","dvcCustomString1");
syslogFieldMap.put("DVC_CUSTOM_STRING2","dvcCustomString2");
syslogFieldMap.put("DVC_CUSTOM_STRING3","dvcCustomString3");
syslogFieldMap.put("DVC_CUSTOM_STRING4","dvcCustomString4");
syslogFieldMap.put("DVC_CUSTOM_STRING5","dvcCustomString5");
syslogFieldMap.put("DVC_CUSTOM_STRING6","dvcCustomString6");
syslogFieldMap.put("DVC_CUSTOM_NUMBER1","dvcCustomNumber1");
syslogFieldMap.put("DVC_CUSTOM_NUMBER2","dvcCustomNumber2");
syslogFieldMap.put("DVC_CUSTOM_NUMBER3","dvcCustomNumber3");
syslogFieldMap.put("DVC_CUSTOM_Date1","dvcCustomDate1");
syslogFieldMap.put("DVC_CUSTOM_Date2","dvcCustomDate2");
syslogFieldMap.put("FILE_NAME","fileName");
syslogFieldMap.put("FILE_PATH","filePath");
syslogFieldMap.put("FILE_ID","fileId");
syslogFieldMap.put("FILE_TYPE","fileType");
syslogFieldMap.put("FILE_SIZE","fileSize");
syslogFieldMap.put("FILE_CREATE_TIME","fileCreateTime");
syslogFieldMap.put("FILE_MODIFICATION_TIME","fileModificationTime");
syslogFieldMap.put("FILE_PERMISSION","filePermission");
syslogFieldMap.put("FILE_HASH","fileHash");
syslogFieldMap.put("OLD_FILE_NAME","oldFileName");
syslogFieldMap.put("OLD_FILE_PATH","oldFilePath");
syslogFieldMap.put("OLD_FILE_ID","oldFileId");
syslogFieldMap.put("OLD_FILE_TYPE","oldFileType");
syslogFieldMap.put("OLD_FILE_SIZE","oldFileSize");
syslogFieldMap.put("OLD_FILE_CREATE_TIME","oldFileCreateTime");
syslogFieldMap.put("OLD_FILE_MODIFICATION_TIME","oldFileModificationTime");
syslogFieldMap.put("OLD_FILE_PERMISSION","oldFilePermission");
syslogFieldMap.put("OLD_FILE_HASH","oldFileHash");
syslogFieldMap.put("REQUEST_URL","requestUrl");
syslogFieldMap.put("REQUEST_METHOD","requestMethod");
syslogFieldMap.put("USERAGENT","useragent");
syslogFieldMap.put("REFERER","referer");
syslogFieldMap.put("REQUEST_STATUS","requestStatus");
syslogFieldMap.put("REQUEST_CONTEXT","requestContext");
syslogFieldMap.put("REQUEST_CLIENT_APPLICATION","requestClientApplication");
syslogFieldMap.put("REQUEST_COOKIES","requestCookies");
syslogFieldMap.put("REQUEST_OBJECT","requestObject");
syslogFieldMap.put("REQUEST_DOMAIN","requestDomain");
syslogFieldMap.put("DEST_ADDRESS","destAddress");
syslogFieldMap.put("DEST_PORT","destPort");
syslogFieldMap.put("DEST_HOST_NAME","destHostName");
syslogFieldMap.put("DEST_DNS_DOMAIN","destDnsDomain");
syslogFieldMap.put("DEST_NT_DOMAIN","destNtDomain");
syslogFieldMap.put("DEST_MAC_ADDRESS","destMacAddress");
syslogFieldMap.put("DEST_PROCESS_NAME","destProcessName");
syslogFieldMap.put("DEST_SERVICE_NAME","destServiceName");
syslogFieldMap.put("DEST_TRANS_ADDRESS","destTransAddress");
syslogFieldMap.put("DEST_TRANS_PORT","destTransPort");
syslogFieldMap.put("DEST_TRANS_ZONE","destTransZone");
syslogFieldMap.put("DEST_ZONE","destZone");
syslogFieldMap.put("DEST_USER_PRIVILEGES","destUserPrivileges");
syslogFieldMap.put("DEST_USER_NAME","destUserName");
syslogFieldMap.put("DEST_USER_ID","destUserId");
syslogFieldMap.put("DEST_ASSET_ID","destAssetId");
syslogFieldMap.put("DEST_GEO_ID","destGeoId");
syslogFieldMap.put("DEST_MAP_ADDRESS","destMapAddress");
syslogFieldMap.put("DEST_MAP_PORT","destMapPort");
syslogFieldMap.put("DEST_VLAN_NAME","destVlanName");
syslogFieldMap.put("DEST_VLAN_NUM","destVlanNum");
syslogFieldMap.put("SRC_ADDRESS","srcAddress");
syslogFieldMap.put("SRC_PORT","srcPort");
syslogFieldMap.put("SRC_HOST_NAME","srcHostName");
syslogFieldMap.put("SRC_DNS_DOMAIN","srcDnsDomain");
syslogFieldMap.put("SRC_NT_DOMAIN","srcNtDomain");
syslogFieldMap.put("SRC_MAC_ADDRESS","srcMacAddress");
syslogFieldMap.put("SRC_PROCESS_NAME","srcProcessName");
syslogFieldMap.put("SRC_SERVICE_NAME","srcServiceName");
syslogFieldMap.put("SRC_TRANS_ADDRESS","srcTransAddress");
syslogFieldMap.put("SRC_TRANS_PORT","srcTransPort");
syslogFieldMap.put("SRC_TRANS_ZONE","srcTransZone");
syslogFieldMap.put("SRC_ZONE","srcZone");
syslogFieldMap.put("SRC_USER_PRIVILEGES","srcUserPrivileges");
syslogFieldMap.put("SRC_USER_NAME","srcUserName");
syslogFieldMap.put("SRC_USER_ID","srcUserId");
syslogFieldMap.put("SRC_ASSET_ID","srcAssetId");
syslogFieldMap.put("SRC_GEO_ID","srcGeoId");
syslogFieldMap.put("SRC_VLAN_NAME","srcVlanName");
syslogFieldMap.put("SRC_VLAN_NUM","SRCVLANNUM");
syslogFieldMap.put("FLEX_NUMBER1","flexNumber1");
syslogFieldMap.put("FLEX_NUMBER1_LABEL","flexNumber1Label");
syslogFieldMap.put("FLEX_NUMBER2","flexNumber2");
syslogFieldMap.put("FLEX_NUMBER2_LABEL","flexNumber2Label");
syslogFieldMap.put("FLEX_STRING1","flexString1");
syslogFieldMap.put("FLEX_STRING1_LABEL","flexString1Label");
syslogFieldMap.put("FLEX_STRING2","flexString2");
syslogFieldMap.put("FLEX_STRING2_LABEL","flexString2Label");
syslogFieldMap.put("FLEX_Date1","flexDate1");
syslogFieldMap.put("FLEX_Date1_LABEL","flexDate1Label");
syslogFieldMap.put("LBL_DESCRIPTOR_ID","lblDescriptorId");
syslogFieldMap.put("CUSTOM1","custom1");
syslogFieldMap.put("CUSTOM2","custom2");
syslogFieldMap.put("CUSTOM3","custom3");
syslogFieldMap.put("CUSTOM4","custom4");
syslogFieldMap.put("CUSTOM5","custom5");
syslogFieldMap.put("CUSTOM6","custom6");
syslogFieldMap.put("CUSTOM7","custom7");
syslogFieldMap.put("CUSTOM8","custom8");
syslogFieldMap.put("CUSTOM_INTEGER1","customInteger1");
syslogFieldMap.put("CUSTOM_INTEGER2","customInteger2");
syslogFieldMap.put("CUSTOM_INTEGER3","customInteger3");
syslogFieldMap.put("CUSTOM_INTEGER4","customInteger4");
syslogFieldMap.put("CUSTOM_INTEGER5","customInteger5");
syslogFieldMap.put("CUSTOM_INTEGER6","customInteger6");
syslogFieldMap.put("CUSTOM_INTEGER7","customInteger7");
syslogFieldMap.put("CUSTOM_INTEGER8","customInteger8");
syslogFieldMap.put("CUSTOM_LONG1","customLong1");
syslogFieldMap.put("CUSTOM_LONG2","customLong2");
syslogFieldMap.put("CUSTOM_LONG3","customLong3");
syslogFieldMap.put("CUSTOM_LONG4","customLong4");
syslogFieldMap.put("CUSTOM_LONG5","customLong5");
syslogFieldMap.put("CUSTOM_LONG6","customLong6");
syslogFieldMap.put("CUSTOM_LONG7","customLong7");
syslogFieldMap.put("CUSTOM_LONG8","customLong8");
syslogFieldMap.put("TABLE_SPACE","tableSpace");
syslogFieldMap.put("FILE_SYSTEM","fileSystem");
syslogFieldMap.put("STATUS","status");
syslogFieldMap.put("CAPABILITY","capability");
syslogFieldMap.put("USED","used");
syslogFieldMap.put("AVAILABLE","available");
syslogFieldMap.put("AC_PERCENT","acPercent");
syslogFieldMap.put("UC_PERCENT","ucPercent");
syslogFieldMap.put("MIN_VALUE","minValue");
syslogFieldMap.put("AVG_VALUE","avgValue");
syslogFieldMap.put("MAX_VALUE","maxValue");
syslogFieldMap.put("CPU_USED_PERCENT","cpuUsedPercent");
syslogFieldMap.put("MEM_USED_PERCENT","memUsedPercent");
syslogFieldMap.put("DISK_USED_PERCENT","diskUsedPercent");
syslogFieldMap.put("SESSION_COUNT","sessionCount");
syslogFieldMap.put("SESSION_PERCENT","sessionPercent");
}
return syslogFieldMap;
}
}
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.lang.reflect.Field;
import java.net.Socket;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import com.ces.zwww.entity.SafetyAlarm;
import com.ces.zwww.utils.ZwwwConst;
/**
* syslog socket客户端
*
* @author Jusin
*
*/
public class SyslogClient {
/**
* 以下变量形成配置文件
*/
private static String host = "218.242.122.196";
private String startCMD = "working";
private static int port = 20012;
private int timeout = 30*1000;
private int waitTimeout = 10*1000;
Socket client = null;
private static ObjectOutputStream out;
private static ObjectInputStream in;
public Object getSyslogMsg(){
Object message = null;
try {
Socket client = new Socket(host, port);
System.out.println("start:");
in = new ObjectInputStream(client.getInputStream());
out = new ObjectOutputStream(client.getOutputStream());
try {
message = in.readObject();
return message;
} catch (ClassNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} catch (UnknownHostException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return null;
}
public static void main(String[] args){
try {
List<SafetyAlarm> list = new ArrayList<SafetyAlarm>();
Socket client = new Socket(host, port);
System.out.println("start:");
//objectoutstream
in = new ObjectInputStream(client.getInputStream());
out = new ObjectOutputStream(client.getOutputStream());
System.out.println(System.currentTimeMillis());
Object message = null;
try {
message = in.readObject();
if (message instanceof Map) {
Map<String, String> map = (Map<String, String>) message;
System.out.println("client receive message is:" + map);
} else if(message instanceof List) {
//一个map装一个对象,这样就可以用另外一个map转化,接口中不同的属性名。
List<Map<String, Object>> messageList = (List<Map<String, Object>>) message;
if(messageList != null && messageList.size()>0){
for(Map<String, Object> m : messageList){
SafetyAlarm sa = new SafetyAlarm();
//m.entrySet()把map的键值对变为list
for (Map.Entry<String, Object> entry : m.entrySet()) {// 组装参数
String fieldKey = ZwwwConst.getSyslogFieldMap().get(entry.getKey());
setField(sa, fieldKey, entry.getValue());
}
list.add(sa);
}
}
} else {
System.out.println("The type of the message is not map!");
}
} catch(Exception e){
e.printStackTrace();
//this.clientStart();
}
} catch (UnknownHostException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
//属性设值
@SuppressWarnings("rawtypes")
private static void setField(Object bean,String fieldKey,Object fieldValue){
try {
Field field = bean.getClass().getDeclaredField(fieldKey);
field.setAccessible(true);
field.set(bean, fieldValue);
} catch (SecurityException e) {
e.printStackTrace();
} catch (IllegalArgumentException e) {
e.printStackTrace();
} catch (NoSuchFieldException e) {
e.printStackTrace();
} catch (IllegalAccessException e) {
e.printStackTrace();
}
}
/**
* socket的核心区域
*
* @throws IOException
* @throws InterruptedException
*/
private void socket() throws IOException, InterruptedException {
this.client = getSocketClient();
this.client.setSoTimeout(timeout);
out = new ObjectOutputStream(client.getOutputStream());
in = new ObjectInputStream(client.getInputStream());
out.writeObject(startCMD);
out.flush();
while (true) {
Object message = null;
try {
message = in.readObject();
//this.receiveMsg(message);
} catch(Exception e){
e.printStackTrace();
this.clientStart();
}
}
}
/**
* 获取socket客户端
*
* @param client
* @return
* @throws InterruptedException
*/
private Socket getSocketClient() throws InterruptedException {
Socket client = null;
while (true) {
try {
client = new Socket(host, port);
} catch (UnknownHostException e1) {
System.out.println("socket服务器IP或端口无法识别,有可能配置错误,请检查");
e1.printStackTrace();
Thread.sleep(waitTimeout);// 当链接失败的时候,等待60秒再连接一次
continue;
} catch (IOException e1) {
e1.printStackTrace();
Thread.sleep(waitTimeout);// 当链接失败的时候,等待60秒再连接一次
continue;
} finally {
if (client != null&&!client.isConnected()) {
try {
client.close();
} catch (IOException e) {
e.printStackTrace();
}
client = null;
}
}
break;
}
return client;
}
public void clientStart() throws InterruptedException {
while (true) {
try {
this.socket();
} catch (IOException e) {
e.printStackTrace();
continue;
}
}
}
}
package com.ces.syslog;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.UnknownHostException;
import java.util.HashMap;
import java.util.Map;
public class SyslogServer {
private ServerSocket ss;
private Socket socket;
private ObjectInputStream in;
private ObjectOutputStream out;
private int port = 6688;
public void start() throws ClassNotFoundException, InterruptedException {
while (true) {
try {
ss = new ServerSocket(port);
System.out.println("端口号:" + port + " socket服务启动成功!");
socket = ss.accept();
in = new ObjectInputStream(socket.getInputStream());
out = new ObjectOutputStream(socket.getOutputStream());
while (true) {
Object obj = in.readObject();
String line = null;
if (obj instanceof String) {
line = (String) obj;
}
System.out.println("you input is : " + obj);
if ("working".equals(line)) {
int count = 0;
while (true) {
for (int i = 0; i < 10; i++) {
Map<String, String> map = new HashMap<String, String>();
map.put("START_TIME", "2009-11-20 00:00:00");
map.put("END_TIME", "2009-11-20 00:00:00");
map.put("SRC_ADDRESS", "192.168.1.1");
map.put("SRC_PORT", "2322");
map.put("DEST_ADDRESS", "192.168.1.2");
map.put("DEST_PORT", "80");
map.put("DVC_EVENT_CATEGORY", "扫描");
map.put("MESSAGE", "发现端口扫描");
out.writeObject(map);
out.flush();
count++;
System.out.println(count + "服务端发送消息:"
+ map.toString());
}
Thread.sleep(10000);
}
}
}
} catch (Exception e) {
continue;
} finally {
try {
if (in != null)
in.close();
} catch (IOException e) {
e.printStackTrace();
}
try {
if (out != null)
out.close();
} catch (IOException e) {
e.printStackTrace();
}
try {
if (socket != null)
socket.close();
} catch (IOException e) {
e.printStackTrace();
}
try {
if (ss != null)
ss.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}
/*
* Socket socketConnection = new Socket(InetAddress.getLocalHost(), 6688);
* // 使用ObjectOutputStream和ObjectInputStream进行对象数据传输 ObjectOutputStream out
* = new ObjectOutputStream( socketConnection.getOutputStream());
* ObjectInputStream ins = new ObjectInputStream(
* socketConnection.getInputStream()); List<Map<String, Object>> radlist =
* (List<Map<String, Object>>) ins .readObject();
*/
public static void main(String[] args) throws UnknownHostException,
IOException, ClassNotFoundException, InterruptedException {
SyslogServer server = new SyslogServer();
server.start();
}
}
package com.ces.zwww.utils;
import java.util.HashMap;
import java.util.Map;
public class ZwwwConst {
public static final String HIGHCHARTS_COLORS[] = {"#8085e9","#7cb5ec","#90ed7d","#f7a35c","#434348","#f15c80","#e4d354","#8085e8","#8d4653","#91e8e1"};
public static final String TOPSEC_ASSET_PARAM = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><topsec><mode>asset_list</mode></topsec>";
public static final String ITSM_TICKETS = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><itsm><mode>tickets</mode></itsm>";
private static Map<String,String> syslogFieldMap = new HashMap<String,String>();
public static Map<String,String> getSyslogFieldMap() {
if(syslogFieldMap.isEmpty()){
syslogFieldMap.put("EVENT_ID","eventId");
syslogFieldMap.put("NAME","name");
syslogFieldMap.put("START_TIME","startTime");
syslogFieldMap.put("CUSTOMER","customer");
syslogFieldMap.put("EXTERNAL_ID","externalId");
syslogFieldMap.put("APP_PROTOCOL","appProtocol");
syslogFieldMap.put("END_TIME","endTime");
syslogFieldMap.put("EVENT_TYPE","eventType");
syslogFieldMap.put("DURATION","duration");
syslogFieldMap.put("CAT1_ID","cat1Id");
syslogFieldMap.put("CAT2_ID","cat2Id");
syslogFieldMap.put("CAT3_ID","cat3Id");
syslogFieldMap.put("CAT4_ID","cat4Id");
syslogFieldMap.put("PRIORITY","priority");
syslogFieldMap.put("MSG_ID","msgId");
syslogFieldMap.put("MESSAGE","message");
syslogFieldMap.put("BYTES_IN","bytesIn");
syslogFieldMap.put("BYTES_OUT","bytesOut");
syslogFieldMap.put("PACKETS_IN","packetsIn");
syslogFieldMap.put("PACKETS_OUT","packetsOut");
syslogFieldMap.put("BASE_EVENT_COUNT","baseEventCount");
syslogFieldMap.put("GENERATOR","generator");
syslogFieldMap.put("RAW_EVENT","rawEvent");
syslogFieldMap.put("TRANS_PROTOCOL","transProtocol");
syslogFieldMap.put("SESSION_ID","sessionId");
syslogFieldMap.put("CRYPTO_SIGNATURE","cryptoSignature");
syslogFieldMap.put("SEVERITY","severity");
syslogFieldMap.put("ORIGINATOR","originator");
syslogFieldMap.put("UUID","uuid");
syslogFieldMap.put("RESPONDS","responds");
syslogFieldMap.put("AUTH","auth");
syslogFieldMap.put("ORGANIZE","organize");
syslogFieldMap.put("OBJECT_ID","objectId");
syslogFieldMap.put("OBJECT_PARAM","objectParam");
syslogFieldMap.put("SIM_RULE","simRule");
syslogFieldMap.put("RESULT","result");
syslogFieldMap.put("SIGNATURE","signature");
syslogFieldMap.put("VULNERABILITY","vulnerability");
syslogFieldMap.put("CVE","cve");
syslogFieldMap.put("BID","bid");
syslogFieldMap.put("SOLUTION","solution");
syslogFieldMap.put("RISK_FACTOR","riskFactor");
syslogFieldMap.put("RELATED_VULN_TYPE","relatedVulnType");
syslogFieldMap.put("RELATED_VULN","relatedVuln");
syslogFieldMap.put("DB_NAME","dbName");
syslogFieldMap.put("TABLE_NAME","tableName");
syslogFieldMap.put("DB_CMD","dbCmd");
syslogFieldMap.put("DB_CONTENT","dbContent");
syslogFieldMap.put("SQL_KEY","sqlKey");
syslogFieldMap.put("FLAG","flag");
syslogFieldMap.put("REASON","reason");
syslogFieldMap.put("PARENTID","parentid");
syslogFieldMap.put("CONNID","connid");
syslogFieldMap.put("POLICY","policy");
syslogFieldMap.put("NATID","natid");
syslogFieldMap.put("FWRULE","fwrule");
syslogFieldMap.put("SA","sa");
syslogFieldMap.put("SN","sn");
syslogFieldMap.put("ROLES","roles");
syslogFieldMap.put("CLIENTEVENT","clientevent");
syslogFieldMap.put("SCMEVENT","scmevent");
syslogFieldMap.put("LEFTCLIENT","leftclient");
syslogFieldMap.put("RIGHTCLIENT","rightclient");
syslogFieldMap.put("TUNNELEVENT","tunnelevent");
syslogFieldMap.put("CHECKED","checked");
syslogFieldMap.put("NAV_VIRUS","navVirus");
syslogFieldMap.put("NAV_SCAN_TYPE","navScanType");
syslogFieldMap.put("NAV_VIRUS_LOCATION","navVirusLocation");
syslogFieldMap.put("NAV_PRIMARY_ACTION","navPrimaryAction");
syslogFieldMap.put("NAV_SENDARY_ACTION","navSendaryAction");
syslogFieldMap.put("OP","op");
syslogFieldMap.put("NORMAL_OBJECT","normalObject");
syslogFieldMap.put("VIRUS_OBJECT","virusObject");
syslogFieldMap.put("INT_PATH_INFO","intPathInfo");
syslogFieldMap.put("SENDER","sender");
syslogFieldMap.put("RECEIVER","receiver");
syslogFieldMap.put("SUBJECT","subject");
syslogFieldMap.put("RELAYER","relayer");
syslogFieldMap.put("MANAGER_ID","managerId");
syslogFieldMap.put("MANAGER_RECEIPT_TIME","managerReceiptTime");
syslogFieldMap.put("AGT_DOMAIN_ID","agtDomainId");
syslogFieldMap.put("AGT_TIER_ID","agtTierId");
syslogFieldMap.put("AGT_ADDRESS","agtAddress");
syslogFieldMap.put("AGT_DESCRIPTOR_ID","agtDescriptorId");
syslogFieldMap.put("AGT_RECEIPT_TIME","agtReceiptTime");
syslogFieldMap.put("AGT_SEVERITY","agtSeverity");
syslogFieldMap.put("DVC_ADDRESS","dvcAddress");
syslogFieldMap.put("DVC_PORT","dvcPort");
syslogFieldMap.put("DVC_NAME","dvcName");
syslogFieldMap.put("DVC_MAC_ADDRESS","dvcMacAddress");
syslogFieldMap.put("DVC_DESCRIPTOR_ID","dvcDescriptorId");
syslogFieldMap.put("DVC_EVENT_CATEGORY","dvcEventCategory");
syslogFieldMap.put("DVC_EVENT_CATEGORY2","dvcEventCategory2");
syslogFieldMap.put("DVC_EVENT_CATEGORY3","dvcEventCategory3");
syslogFieldMap.put("DVC_EVENT_CLASS_ID","dvcEventClassId");
syslogFieldMap.put("DVC_TYPE","dvcType");
syslogFieldMap.put("DVC_SEVERITY","dvcSeverity");
syslogFieldMap.put("DVC_FACILITY","dvcFacility");
syslogFieldMap.put("DVC_INBOUND_INTERFACE","dvcInboundInterface");
syslogFieldMap.put("DVC_OUTBOUND_INTERFACE","dvcOutboundInterface");
syslogFieldMap.put("DVC_PRODUCT","dvcProduct");
syslogFieldMap.put("DVC_RECEIPT_TIME","dvcReceiptTime");
syslogFieldMap.put("DVC_DOMAIN","dvcDomain");
syslogFieldMap.put("DVC_VENDOR","dvcVendor");
syslogFieldMap.put("DVC_DIRECTION","dvcDirection");
syslogFieldMap.put("DVC_PAYLOAD_ID","dvcPayloadId");
syslogFieldMap.put("DVC_PROCESS_NAME","dvcProcessName");
syslogFieldMap.put("DVC_ZONE","dvcZone");
syslogFieldMap.put("DVC_TRANS_ADDRESS","dvcTransAddress");
syslogFieldMap.put("DEV_TRANS_PORT","devTransPort");
syslogFieldMap.put("DVC_TRANS_ZONE","dvcTransZone");
syslogFieldMap.put("DVC_ASSET_ID","dvcAssetId");
syslogFieldMap.put("DVC_VLAN_NAME","dvcVlanName");
syslogFieldMap.put("DVC_VLAN_NUM","dvcVlanNum");
syslogFieldMap.put("DVC_CUSTOM_STRING1","dvcCustomString1");
syslogFieldMap.put("DVC_CUSTOM_STRING2","dvcCustomString2");
syslogFieldMap.put("DVC_CUSTOM_STRING3","dvcCustomString3");
syslogFieldMap.put("DVC_CUSTOM_STRING4","dvcCustomString4");
syslogFieldMap.put("DVC_CUSTOM_STRING5","dvcCustomString5");
syslogFieldMap.put("DVC_CUSTOM_STRING6","dvcCustomString6");
syslogFieldMap.put("DVC_CUSTOM_NUMBER1","dvcCustomNumber1");
syslogFieldMap.put("DVC_CUSTOM_NUMBER2","dvcCustomNumber2");
syslogFieldMap.put("DVC_CUSTOM_NUMBER3","dvcCustomNumber3");
syslogFieldMap.put("DVC_CUSTOM_Date1","dvcCustomDate1");
syslogFieldMap.put("DVC_CUSTOM_Date2","dvcCustomDate2");
syslogFieldMap.put("FILE_NAME","fileName");
syslogFieldMap.put("FILE_PATH","filePath");
syslogFieldMap.put("FILE_ID","fileId");
syslogFieldMap.put("FILE_TYPE","fileType");
syslogFieldMap.put("FILE_SIZE","fileSize");
syslogFieldMap.put("FILE_CREATE_TIME","fileCreateTime");
syslogFieldMap.put("FILE_MODIFICATION_TIME","fileModificationTime");
syslogFieldMap.put("FILE_PERMISSION","filePermission");
syslogFieldMap.put("FILE_HASH","fileHash");
syslogFieldMap.put("OLD_FILE_NAME","oldFileName");
syslogFieldMap.put("OLD_FILE_PATH","oldFilePath");
syslogFieldMap.put("OLD_FILE_ID","oldFileId");
syslogFieldMap.put("OLD_FILE_TYPE","oldFileType");
syslogFieldMap.put("OLD_FILE_SIZE","oldFileSize");
syslogFieldMap.put("OLD_FILE_CREATE_TIME","oldFileCreateTime");
syslogFieldMap.put("OLD_FILE_MODIFICATION_TIME","oldFileModificationTime");
syslogFieldMap.put("OLD_FILE_PERMISSION","oldFilePermission");
syslogFieldMap.put("OLD_FILE_HASH","oldFileHash");
syslogFieldMap.put("REQUEST_URL","requestUrl");
syslogFieldMap.put("REQUEST_METHOD","requestMethod");
syslogFieldMap.put("USERAGENT","useragent");
syslogFieldMap.put("REFERER","referer");
syslogFieldMap.put("REQUEST_STATUS","requestStatus");
syslogFieldMap.put("REQUEST_CONTEXT","requestContext");
syslogFieldMap.put("REQUEST_CLIENT_APPLICATION","requestClientApplication");
syslogFieldMap.put("REQUEST_COOKIES","requestCookies");
syslogFieldMap.put("REQUEST_OBJECT","requestObject");
syslogFieldMap.put("REQUEST_DOMAIN","requestDomain");
syslogFieldMap.put("DEST_ADDRESS","destAddress");
syslogFieldMap.put("DEST_PORT","destPort");
syslogFieldMap.put("DEST_HOST_NAME","destHostName");
syslogFieldMap.put("DEST_DNS_DOMAIN","destDnsDomain");
syslogFieldMap.put("DEST_NT_DOMAIN","destNtDomain");
syslogFieldMap.put("DEST_MAC_ADDRESS","destMacAddress");
syslogFieldMap.put("DEST_PROCESS_NAME","destProcessName");
syslogFieldMap.put("DEST_SERVICE_NAME","destServiceName");
syslogFieldMap.put("DEST_TRANS_ADDRESS","destTransAddress");
syslogFieldMap.put("DEST_TRANS_PORT","destTransPort");
syslogFieldMap.put("DEST_TRANS_ZONE","destTransZone");
syslogFieldMap.put("DEST_ZONE","destZone");
syslogFieldMap.put("DEST_USER_PRIVILEGES","destUserPrivileges");
syslogFieldMap.put("DEST_USER_NAME","destUserName");
syslogFieldMap.put("DEST_USER_ID","destUserId");
syslogFieldMap.put("DEST_ASSET_ID","destAssetId");
syslogFieldMap.put("DEST_GEO_ID","destGeoId");
syslogFieldMap.put("DEST_MAP_ADDRESS","destMapAddress");
syslogFieldMap.put("DEST_MAP_PORT","destMapPort");
syslogFieldMap.put("DEST_VLAN_NAME","destVlanName");
syslogFieldMap.put("DEST_VLAN_NUM","destVlanNum");
syslogFieldMap.put("SRC_ADDRESS","srcAddress");
syslogFieldMap.put("SRC_PORT","srcPort");
syslogFieldMap.put("SRC_HOST_NAME","srcHostName");
syslogFieldMap.put("SRC_DNS_DOMAIN","srcDnsDomain");
syslogFieldMap.put("SRC_NT_DOMAIN","srcNtDomain");
syslogFieldMap.put("SRC_MAC_ADDRESS","srcMacAddress");
syslogFieldMap.put("SRC_PROCESS_NAME","srcProcessName");
syslogFieldMap.put("SRC_SERVICE_NAME","srcServiceName");
syslogFieldMap.put("SRC_TRANS_ADDRESS","srcTransAddress");
syslogFieldMap.put("SRC_TRANS_PORT","srcTransPort");
syslogFieldMap.put("SRC_TRANS_ZONE","srcTransZone");
syslogFieldMap.put("SRC_ZONE","srcZone");
syslogFieldMap.put("SRC_USER_PRIVILEGES","srcUserPrivileges");
syslogFieldMap.put("SRC_USER_NAME","srcUserName");
syslogFieldMap.put("SRC_USER_ID","srcUserId");
syslogFieldMap.put("SRC_ASSET_ID","srcAssetId");
syslogFieldMap.put("SRC_GEO_ID","srcGeoId");
syslogFieldMap.put("SRC_VLAN_NAME","srcVlanName");
syslogFieldMap.put("SRC_VLAN_NUM","SRCVLANNUM");
syslogFieldMap.put("FLEX_NUMBER1","flexNumber1");
syslogFieldMap.put("FLEX_NUMBER1_LABEL","flexNumber1Label");
syslogFieldMap.put("FLEX_NUMBER2","flexNumber2");
syslogFieldMap.put("FLEX_NUMBER2_LABEL","flexNumber2Label");
syslogFieldMap.put("FLEX_STRING1","flexString1");
syslogFieldMap.put("FLEX_STRING1_LABEL","flexString1Label");
syslogFieldMap.put("FLEX_STRING2","flexString2");
syslogFieldMap.put("FLEX_STRING2_LABEL","flexString2Label");
syslogFieldMap.put("FLEX_Date1","flexDate1");
syslogFieldMap.put("FLEX_Date1_LABEL","flexDate1Label");
syslogFieldMap.put("LBL_DESCRIPTOR_ID","lblDescriptorId");
syslogFieldMap.put("CUSTOM1","custom1");
syslogFieldMap.put("CUSTOM2","custom2");
syslogFieldMap.put("CUSTOM3","custom3");
syslogFieldMap.put("CUSTOM4","custom4");
syslogFieldMap.put("CUSTOM5","custom5");
syslogFieldMap.put("CUSTOM6","custom6");
syslogFieldMap.put("CUSTOM7","custom7");
syslogFieldMap.put("CUSTOM8","custom8");
syslogFieldMap.put("CUSTOM_INTEGER1","customInteger1");
syslogFieldMap.put("CUSTOM_INTEGER2","customInteger2");
syslogFieldMap.put("CUSTOM_INTEGER3","customInteger3");
syslogFieldMap.put("CUSTOM_INTEGER4","customInteger4");
syslogFieldMap.put("CUSTOM_INTEGER5","customInteger5");
syslogFieldMap.put("CUSTOM_INTEGER6","customInteger6");
syslogFieldMap.put("CUSTOM_INTEGER7","customInteger7");
syslogFieldMap.put("CUSTOM_INTEGER8","customInteger8");
syslogFieldMap.put("CUSTOM_LONG1","customLong1");
syslogFieldMap.put("CUSTOM_LONG2","customLong2");
syslogFieldMap.put("CUSTOM_LONG3","customLong3");
syslogFieldMap.put("CUSTOM_LONG4","customLong4");
syslogFieldMap.put("CUSTOM_LONG5","customLong5");
syslogFieldMap.put("CUSTOM_LONG6","customLong6");
syslogFieldMap.put("CUSTOM_LONG7","customLong7");
syslogFieldMap.put("CUSTOM_LONG8","customLong8");
syslogFieldMap.put("TABLE_SPACE","tableSpace");
syslogFieldMap.put("FILE_SYSTEM","fileSystem");
syslogFieldMap.put("STATUS","status");
syslogFieldMap.put("CAPABILITY","capability");
syslogFieldMap.put("USED","used");
syslogFieldMap.put("AVAILABLE","available");
syslogFieldMap.put("AC_PERCENT","acPercent");
syslogFieldMap.put("UC_PERCENT","ucPercent");
syslogFieldMap.put("MIN_VALUE","minValue");
syslogFieldMap.put("AVG_VALUE","avgValue");
syslogFieldMap.put("MAX_VALUE","maxValue");
syslogFieldMap.put("CPU_USED_PERCENT","cpuUsedPercent");
syslogFieldMap.put("MEM_USED_PERCENT","memUsedPercent");
syslogFieldMap.put("DISK_USED_PERCENT","diskUsedPercent");
syslogFieldMap.put("SESSION_COUNT","sessionCount");
syslogFieldMap.put("SESSION_PERCENT","sessionPercent");
}
return syslogFieldMap;
}
}
分享到:
发表评论
文章已被作者锁定,不允许评论。
相关推荐
Kiwi Syslog Server安装教程: 1. 运行Kiwi_Syslog_Server_9.5.0.setup.exe安装程序 2. 安装完成退出程序 3. 拷贝SolarWinds.Licensing.Framework.dll和ufmod.dll两个文件到软件安装目录,选择覆盖目的文件 4. 运行...
syslog工具(win10可以用)syslog工具(win10可以用)syslog工具(win10可以用)syslog工具(win10可以用)syslog工具(win10可以用)syslog工具(win10可以用)syslog工具(win10可以用)syslog工具(win10可以用)syslog工具(win10...
MT_Syslog MT_Syslog.exe MT_Syslog中文版 ros日志远程记录 ros日志 网上找了好久也没有找到个中文版的,很是郁闷,最后干脆我自己做个汉化要点分不好意思啊,花了我半天的时间翻译,编译的,一点辛苦,有的地方,不...
syslog receiver syslog接收测试工具 MegaLogSyslogTestReceiverV2.zip
安装过程: 运行开始安装: 至此,Kiwi Syslog server安装完成,开始激活。 3. 软件激活: 1)打开任务管理器: 2)找到文件夹下的,复制替换C:\Program Files (x86)\Syslogd下的相同文件, 3)运行Kiwi Syslog ...
kiwisyslog server 免费版本,可收集展示syslog日志统计报表
windows系统下,按照syslog协议,将客户端日志上传到服务器 步骤: 1..准备工作,从syslog-win32网站上下载源代码压缩包(syslog-win32-0.3.tar.bz2)。解压缩后,把客户端所使用的两个文件添加到使用syslog的项目中...
syslog 使用UDP 作为传输协议,通过目的端口514(也可以是其他定义的端口 号),将所有安全设备的日志管理配置发送到安装了syslog 软件系统的日志服务器,syslog 日志服务器自动接收日志数据并写到日志文件中。
redhat syslog 配置 笔记 介绍syslog.conf的配置文件格式和配置实例
软件用易语言编写,整理了主流安全厂商的syslog格式,可模拟发送安全厂商的syslog到指定的syslog服务器,服务器支持自定义端口与IP,编码格式为UTF-8
CISCO配置syslog的方法 CISCO配置syslog的方法是指在CISCO设备上配置syslog日志记录和输出的方法。syslog是unix系统中的一种日志记录协议,用于记录系统中发生的事件。CISCO设备也支持syslog协议,可以将日志信息...
SysLog日志工具术语SYSLOG:系统日志协议SYSLOG功能功能启/停用参数配置,包括使用协议、服务器地址、服务器端口、字符编码SYSLOG预置数据使用已
syslog协议是各种网络设备、服务器支持的网络日志记录标准。Syslog消息提供有关网络事件和错误的信息。系统管理员使用Syslog进行网络管理和安全审核。 通过专用的syslog服务器和syslog协议将来自整个网络的事件记录...
windows syslog测试工具
软件介绍: Kiwi Syslog Server 9.6.2官方免费版本,有使用限制,只能免费管理5台设备。Kiwi-Syslog-Server是一款应用于WINDOWS系统的系统日志守护进程,能够接收并记录系统日志,各种设备的SYSLOG消息,内置丰富的...
syslog-ng安装包及安装步骤(syslog-ng_3.3.5.tar.gz,eventlog_0.2.12.tar.gz,syslog-ng安装步骤.txt)
syslog-搭建日志服务器 安装过程 1、运行Kiwi Syslog 安装包里的Kiwi_Syslog_Server_9.2.1.Eval.setup.exe,弹出安装界面,点击"I agree" 2、选择安装模式为"Install Kiwi Syslog Server as a service",两者的区别...
syslog4j用于实现发送syslog,此包用于解决发送过程中的中文截断问题,上传至此是因为maven仓库中没有此包
[日志分析工具]Syslog Watcher 5 软件调试必备软件!!!
在syslog4j源代码的基础上进行了裁减和修改,修改了几个参数,可以发数据长度81920的日志,原设计中发送syslog时将日志交给线程发送,不能捕捉发送异常,本版本采用直接发送方式来捕捉异常。原syslog4j实现了一个...