def analysise_ip_data_from_es(self,url,index,path,ip_viste_total = 5000,rangeMinute=5,sort_type = True,lte = datetime.datetime.now().strftime('%Y.%m.%d %H:%M:%S')): print(url) logging.info(" analysise ip address start ") logging.info(" ip limit value: %s"%ip_viste_total ) elasticsearch_service = elasticsearchLib(url) forbid_ip_address = [] all_ip = elasticsearch_service.getDataByIndex(index,path,rangeMinute,sort_type,lte) if all_ip != "notfound": suspension_ip_model = SuspensionIpModel() forbid_ip_address = [] for i in all_ip: if i[1] > ip_viste_total: logging.info(" forbid ip addrss %s"%i[0]) forbid_ip_address.append(i[0]) for i in forbid_ip_address: i = str(i) ip_exist = suspension_ip_model.check_ip_is_in_db(i) if ip_exist: logging.info(" update exist ip address ") suspension_ip_model.update_ip_status(ip_address =i,Status= 0) else: ip_data = {} ip_data['Status'] = 0; ip_data['IpAddress'] = i ip_data['SuspensionTime'] = str(datetime.datetime.now().strftime('%Y.%m.%d %H:%M:%S')) logging.info(" add ip address to redis") suspension_ip_model.add_ip_to_db(ip_data) self.add_violation_to_redis(self.hash_key,i) logging.info(" analysise ip address end ")
def get_all_website(): url = app.config.get('es_host') timeout = app.config.get('es_timeout') es_lib = elasticsearchLib(url,timeout) type = request.args.get('type'); rangetime = request.args.get('rangetime'); if rangetime == None or type == None: message = { "message":"empty value" } return json.dumps(message) else: info = "get all website" wirte_log_to_file(info) if type == 'all': data = es_lib.get_all_website_name(index="*",is_all=True,rangeminute=int(rangetime)) elif type == 'website': data = es_lib.get_all_website_name(index="*",is_all=False,rangeminute=int(rangetime)) if data == 'not found': message = { "message":"not found" } return json.dumps(message) else: message = { "message":data } return json.dumps(message)
def get_api_visit(): url = app.config.get('es_host') timeout = app.config.get('es_timeout') es_lib = elasticsearchLib(url,timeout) website = request.args.get('website'); apiname = request.args.get('apiname'); type = request.args.get('type'); info = "find website: %s +++++++ apiname:%s rangetime:%s"%(website,apiname,type) wirte_log_to_file(info) if type == None or apiname == None or website ==None: message = { "message":"empty value" } return json.dumps(message) else: data = es_lib.search_api_relatime(index="ns-*",website_name=website,api_name=apiname,type=type) if data == 'not found': message = { "message":"not found" } return json.dumps(message) else: message = { "message":data } return json.dumps(message)
def __init__(self,url,index,path,host,source,encryptionKey,validationKey,db_config): self.index = str(index) self.host = host self.path = path self.source = source self.es = elasticsearchLib(url) self.encryptionKey = encryptionKey; self.validationKey = validationKey self.crypto_lib = cryptoLib(encryptionKey,validationKey) self.star_longzhu = StarLongzhuModel(db_config)
def all_china_web_visit(): url = app.config.get('es_host') timeout = app.config.get('es_timeout') es_lib = elasticsearchLib(url,timeout) type = request.args.get('type') if type == None: message = { "message":"empty value" } return json.dumps(message) else: if type == 'chat': index = 'chat-*' elif type == 'ns': index = 'ns-*' data = es_lib.get_all_china_visit(index=index,rangeminute=5,total=10000) return json.dumps(data)
def add_suspension_qq(self,url,index,path,re_pattern = "\d{5,}-{4}.{5,17}-{4}"): logging.info(" add_suspension_qq start ") elasticsearch_service = elasticsearchLib(url) suspension_qq_model = SuspensionQQModel() suspension_qq = elasticsearch_service.get_suspension_qq(index=index,path=path,re_pattern=re_pattern) if suspension_qq != 'notfound': for i in suspension_qq: check_qq_is_exist = suspension_qq_model.check_qq_is_in_db(i) if check_qq_is_exist: if check_qq_is_exist['Password'] == suspension_qq[i]: continue else: suspension_qq_model.update_qq_password(qq=i,Password = suspension_qq[i]) else: qq_data = {} qq_data['QQ'] = i; qq_data['Password'] = suspension_qq[i] qq_data['CreatTime'] = str(datetime.datetime.now().strftime('%Y.%m.%d %H:%M:%S')) logging.info(" add qq to db") suspension_qq_model.add_qq_to_db(qq_data=qq_data)
def search_api_visit(): url = app.config.get('es_host') timeout = app.config.get('es_timeout') es_lib = elasticsearchLib(url,timeout) apiname = request.args.get('apiname'); start = request.args.get('from'); end = request.args.get('to') type = request.args.get('type') info = "find website: %s ----- rangetime:%s"%(apiname,type) wirte_log_to_file(info) if start == None or apiname == None or end == None or type ==None: message = { "message":"empty value" } return json.dumps(message) else: if apiname == 'all': apiname ="*" data = es_lib.get_realtime_api(index="ns-*",api_name=apiname,start=start,end=end,type=type) return json.dumps(data)
def search_suspension_ip(): url = app.config.get('es_host') timeout = app.config.get('es_timeout') es_lib = elasticsearchLib(url,timeout) search_time = request.args.get('time'); search_index = request.args.get('index'); search_path = request.args.get('path'); search_rangtime= request.args.get('rangtime'); if search_rangtime == None or search_path == None or search_time== None or search_index ==None: message = { "message":"empty value" } return json.dumps(message) else: search_time = str(search_time) search_time = search_time + ":00" search_time = time.mktime(time.strptime(search_time,'%Y-%m-%d %H:%M:%S')) search_time = time.strftime('%Y.%m.%d %H:%M:%S',time.localtime(int(search_time))) data = [] info = "serach ip : index->%s ,path->%s"%(search_index,search_path) wirte_log_to_file(info) data = es_lib.getDataByIndex(index=str(search_index),path=str(search_path),rangeMinute=int(search_rangtime), sort=True,lte=search_time) print(data) if data !="notfound": suspension_ips = {} for i in data: if i[1]>5000: suspension_ips[i[0]] = i[1] message = { "message":suspension_ips } print(message) return json.dumps(message) else: message = { "message":"not found" } return json.dumps(message)
def get_website_all_api(): url = app.config.get('es_host') timeout = app.config.get('es_timeout') es_lib = elasticsearchLib(url,timeout) websitename = request.args.get('websitename'); rangetime = request.args.get('rangetime'); if rangetime == None or type == None: message = { "message":"empty value" } return json.dumps(message) else: data = es_lib.get_all_api_from_website(index="*",website_name=websitename,rangeminute=int(rangetime)) if data == 'not found': message = { "message":"not found" } return json.dumps(message) else: message = { "message":data } return json.dumps(message)