def analysise_ip_data_from_es(self,url,index,path,ip_viste_total = 5000,rangeMinute=5,sort_type = True,lte = datetime.datetime.now().strftime('%Y.%m.%d %H:%M:%S')):
print(url)
logging.info(" analysise ip address start ")
logging.info(" ip limit value: %s"%ip_viste_total )
elasticsearch_service = elasticsearchLib(url)
forbid_ip_address = []
all_ip = elasticsearch_service.getDataByIndex(index,path,rangeMinute,sort_type,lte)
if all_ip != "notfound":
suspension_ip_model = SuspensionIpModel()
forbid_ip_address = []
for i in all_ip:
if i[1] > ip_viste_total:
logging.info(" forbid ip addrss %s"%i[0])
forbid_ip_address.append(i[0])
for i in forbid_ip_address:
i = str(i)
ip_exist = suspension_ip_model.check_ip_is_in_db(i)
if ip_exist:
logging.info(" update exist ip address ")
suspension_ip_model.update_ip_status(ip_address =i,Status= 0)
else:
ip_data = {}
ip_data['Status'] = 0;
ip_data['IpAddress'] = i
ip_data['SuspensionTime'] = str(datetime.datetime.now().strftime('%Y.%m.%d %H:%M:%S'))
logging.info(" add ip address to redis")
suspension_ip_model.add_ip_to_db(ip_data)
self.add_violation_to_redis(self.hash_key,i)
logging.info(" analysise ip address end ")
def get_all_website():
url = app.config.get('es_host')
timeout = app.config.get('es_timeout')
es_lib = elasticsearchLib(url,timeout)
type = request.args.get('type');
rangetime = request.args.get('rangetime');
if rangetime == None or type == None:
message = {
"message":"empty value"
}
return json.dumps(message)
else:
info = "get all website"
wirte_log_to_file(info)
if type == 'all':
data = es_lib.get_all_website_name(index="*",is_all=True,rangeminute=int(rangetime))
elif type == 'website':
data = es_lib.get_all_website_name(index="*",is_all=False,rangeminute=int(rangetime))
if data == 'not found':
message = {
"message":"not found"
}
return json.dumps(message)
else:
message = {
"message":data
}
return json.dumps(message)
def get_api_visit():
url = app.config.get('es_host')
timeout = app.config.get('es_timeout')
es_lib = elasticsearchLib(url,timeout)
website = request.args.get('website');
apiname = request.args.get('apiname');
type = request.args.get('type');
info = "find website: %s +++++++ apiname:%s rangetime:%s"%(website,apiname,type)
wirte_log_to_file(info)
if type == None or apiname == None or website ==None:
message = {
"message":"empty value"
}
return json.dumps(message)
else:
data = es_lib.search_api_relatime(index="ns-*",website_name=website,api_name=apiname,type=type)
if data == 'not found':
message = {
"message":"not found"
}
return json.dumps(message)
else:
message = {
"message":data
}
return json.dumps(message)
def __init__(self,url,index,path,host,source,encryptionKey,validationKey,db_config):
self.index = str(index)
self.host = host
self.path = path
self.source = source
self.es = elasticsearchLib(url)
self.encryptionKey = encryptionKey;
self.validationKey = validationKey
self.crypto_lib = cryptoLib(encryptionKey,validationKey)
self.star_longzhu = StarLongzhuModel(db_config)
def all_china_web_visit():
url = app.config.get('es_host')
timeout = app.config.get('es_timeout')
es_lib = elasticsearchLib(url,timeout)
type = request.args.get('type')
if type == None:
message = {
"message":"empty value"
}
return json.dumps(message)
else:
if type == 'chat':
index = 'chat-*'
elif type == 'ns':
index = 'ns-*'
data = es_lib.get_all_china_visit(index=index,rangeminute=5,total=10000)
return json.dumps(data)
def add_suspension_qq(self,url,index,path,re_pattern = "\d{5,}-{4}.{5,17}-{4}"):
logging.info(" add_suspension_qq start ")
elasticsearch_service = elasticsearchLib(url)
suspension_qq_model = SuspensionQQModel()
suspension_qq = elasticsearch_service.get_suspension_qq(index=index,path=path,re_pattern=re_pattern)
if suspension_qq != 'notfound':
for i in suspension_qq:
check_qq_is_exist = suspension_qq_model.check_qq_is_in_db(i)
if check_qq_is_exist:
if check_qq_is_exist['Password'] == suspension_qq[i]:
continue
else:
suspension_qq_model.update_qq_password(qq=i,Password = suspension_qq[i])
else:
qq_data = {}
qq_data['QQ'] = i;
qq_data['Password'] = suspension_qq[i]
qq_data['CreatTime'] = str(datetime.datetime.now().strftime('%Y.%m.%d %H:%M:%S'))
logging.info(" add qq to db")
suspension_qq_model.add_qq_to_db(qq_data=qq_data)
def search_api_visit():
url = app.config.get('es_host')
timeout = app.config.get('es_timeout')
es_lib = elasticsearchLib(url,timeout)
apiname = request.args.get('apiname');
start = request.args.get('from');
end = request.args.get('to')
type = request.args.get('type')
info = "find website: %s ----- rangetime:%s"%(apiname,type)
wirte_log_to_file(info)
if start == None or apiname == None or end == None or type ==None:
message = {
"message":"empty value"
}
return json.dumps(message)
else:
if apiname == 'all':
apiname ="*"
data = es_lib.get_realtime_api(index="ns-*",api_name=apiname,start=start,end=end,type=type)
return json.dumps(data)
def search_suspension_ip():
url = app.config.get('es_host')
timeout = app.config.get('es_timeout')
es_lib = elasticsearchLib(url,timeout)
search_time = request.args.get('time');
search_index = request.args.get('index');
search_path = request.args.get('path');
search_rangtime= request.args.get('rangtime');
if search_rangtime == None or search_path == None or search_time== None or search_index ==None:
message = {
"message":"empty value"
}
return json.dumps(message)
else:
search_time = str(search_time)
search_time = search_time + ":00"
search_time = time.mktime(time.strptime(search_time,'%Y-%m-%d %H:%M:%S'))
search_time = time.strftime('%Y.%m.%d %H:%M:%S',time.localtime(int(search_time)))
data = []
info = "serach ip : index->%s ,path->%s"%(search_index,search_path)
wirte_log_to_file(info)
data = es_lib.getDataByIndex(index=str(search_index),path=str(search_path),rangeMinute=int(search_rangtime),
sort=True,lte=search_time)
print(data)
if data !="notfound":
suspension_ips = {}
for i in data:
if i[1]>5000:
suspension_ips[i[0]] = i[1]
message = {
"message":suspension_ips
}
print(message)
return json.dumps(message)
else:
message = {
"message":"not found"
}
return json.dumps(message)
def get_website_all_api():
url = app.config.get('es_host')
timeout = app.config.get('es_timeout')
es_lib = elasticsearchLib(url,timeout)
websitename = request.args.get('websitename');
rangetime = request.args.get('rangetime');
if rangetime == None or type == None:
message = {
"message":"empty value"
}
return json.dumps(message)
else:
data = es_lib.get_all_api_from_website(index="*",website_name=websitename,rangeminute=int(rangetime))
if data == 'not found':
message = {
"message":"not found"
}
return json.dumps(message)
else:
message = {
"message":data
}
return json.dumps(message)
