def flow_chart_get_totle_count(request):
return_result = {}
data = []
try:
user_id = request.session['user_id']
json_data = json.loads(request.body)
try:
domain = json_data['domain']
req_sql = DOMAIN_REQUEST_TOTLE_COUNT%(domain)
req_sql2 = DOMAIN_UPSTREAM_TOTLE_COUNT%(domain)
except:
req_sql = REQUEST_TOTLE_COUNT
req_sql2 = UPSTREAM_TOTLE_COUNT
time_zone = json_data['time_zone']
from_time = int(time() - 86400)
if time_zone == "7day":
from_time = int(time() - 604800)
elif time_zone == "24hour":
from_time = int(time() - 86400)
elif time_zone == "1hour":
from_time = int(time() - 3600)
global_result = waf_global.objects.get(user_id=user_id)
endpoint = global_result.aliyun_log_endpoint.replace('https://', '').replace('http://', '')
accessKeyId = global_result.aliyun_access_id
accessKey = global_result.aliyun_access_secret
project = global_result.aliyun_project
logstore = global_result.aliyun_logstore
client = LogClient(endpoint, accessKeyId, accessKey)
req = GetLogsRequest(project=project, logstore=logstore, fromTime=from_time, toTime=int(time()), topic='',
query=req_sql)
res = client.get_logs(req)
request_count = ""
for log_result in res.get_logs():
try:
request_count = log_result.get_contents()['count']
except:
pass
client2 = LogClient(endpoint, accessKeyId, accessKey)
req2 = GetLogsRequest(project=project, logstore=logstore, fromTime=from_time, toTime=int(time()), topic='',
query=req_sql2)
res2= client2.get_logs(req2)
upstream_count = ""
for log_result2 in res2.get_logs():
try:
upstream_count = log_result2.get_contents()['count']
except:
pass
return_result['result'] = True
return_result['request_count'] = request_count
return_result['upstream_count'] = upstream_count
return JsonResponse(return_result, safe=False)
except Exception, e:
return_result['result'] = False
return_result['message'] = str(e)
return_result['errCode'] = 400
return JsonResponse(return_result, safe=False)
def cc_chart_get_geoip(request):
return_result = {}
data = []
try:
user_id = request.session['user_id']
json_data = json.loads(request.body)
time_zone = json_data['time_zone']
from_time = int(time() - 86400)
try:
domain = json_data['domain']
req_sql = DOMAIN_GEO_SQL % (domain)
if time_zone == "7day":
from_time = int(time() - 604800)
elif time_zone == "24hour":
from_time = int(time() - 86400)
elif time_zone == "1hour":
from_time = int(time() - 3600)
except:
req_sql = GEO_SQL
if time_zone == "7day":
from_time = int(time() - 604800)
elif time_zone == "24hour":
from_time = int(time() - 86400)
elif time_zone == "1hour":
from_time = int(time() - 3600)
global_result = waf_global.objects.get(user_id=user_id)
endpoint = global_result.aliyun_log_endpoint.replace('https://',
'').replace(
'http://', '')
accessKeyId = global_result.aliyun_access_id
accessKey = global_result.aliyun_access_secret
project = global_result.aliyun_project
logstore = global_result.aliyun_logstore
client = LogClient(endpoint, accessKeyId, accessKey)
req = GetLogsRequest(project=project,
logstore=logstore,
fromTime=from_time,
toTime=int(time()),
topic='',
query=GEO_SQL)
res = client.get_logs(req)
for log_result in res.get_logs():
geo_info = log_result.get_contents()['geo'].split(",")
try:
data.append({
'name': log_result.get_contents()['city'],
'ip_count': log_result.get_contents()['ip_count'],
'geo': [geo_info[1], geo_info[0]],
'count': log_result.get_contents()['count']
})
except:
pass
return_result['result'] = True
return_result['message'] = data
return JsonResponse(return_result, safe=False)
except Exception, e:
return_result['result'] = False
return_result['message'] = str(e)
return_result['errCode'] = 400
return JsonResponse(return_result, safe=False)
def attack_chart_get_type_top10(request):
return_result = {}
data = []
try:
user_id = request.session['user_id']
json_data = json.loads(request.body)
time_zone = json_data['time_zone']
from_time = int(time() - 86400)
try:
domain = json_data['domain']
req_sql = DOMAIN_ATT_TYPE_TOP10 % (domain)
if time_zone == "7day":
from_time = int(time() - 604800)
elif time_zone == "24hour":
from_time = int(time() - 86400)
elif time_zone == "1hour":
from_time = int(time() - 3600)
except:
req_sql = ATT_TYPE_TOP10
if time_zone == "7day":
from_time = int(time() - 604800)
elif time_zone == "24hour":
from_time = int(time() - 86400)
elif time_zone == "1hour":
from_time = int(time() - 3600)
global_result = waf_global.objects.get(user_id=user_id)
endpoint = global_result.aliyun_log_endpoint.replace('https://',
'').replace(
'http://', '')
accessKeyId = global_result.aliyun_access_id
accessKey = global_result.aliyun_access_secret
project = global_result.aliyun_project
logstore = global_result.aliyun_logstore
client = LogClient(endpoint, accessKeyId, accessKey)
req = GetLogsRequest(project=project,
logstore=logstore,
fromTime=from_time,
toTime=int(time()),
topic='',
query=req_sql)
res = client.get_logs(req)
for log_result in res.get_logs():
try:
data.append({
'protection_type':
log_result.get_contents()['protection_type'],
'count':
log_result.get_contents()['count'],
})
except:
pass
return_result['result'] = True
return_result['message'] = data
return JsonResponse(return_result, safe=False)
except Exception, e:
return_result['result'] = False
return_result['message'] = str(e)
return_result['errCode'] = 103
return JsonResponse(return_result, safe=False)
def cc_chart_get_black_ip_count(request):
return_result = {}
data = []
try:
user_id = request.session['user_id']
json_data = json.loads(request.body)
time_zone = json_data['time_zone']
from_time = int(time() - 86400)
try:
domain = json_data['domain']
req_sql = DOMAIN_CC_BLACK_IP_COUNT % (domain)
if time_zone == "7day":
from_time = int(time() - 604800)
elif time_zone == "24hour":
from_time = int(time() - 86400)
elif time_zone == "1hour":
from_time = int(time() - 3600)
except:
req_sql = CC_BLACK_IP_COUNT
if time_zone == "7day":
from_time = int(time() - 604800)
elif time_zone == "24hour":
from_time = int(time() - 86400)
elif time_zone == "1hour":
from_time = int(time() - 3600)
global_result = waf_global.objects.get(user_id=user_id)
endpoint = global_result.aliyun_log_endpoint.replace('https://',
'').replace(
'http://', '')
accessKeyId = global_result.aliyun_access_id
accessKey = global_result.aliyun_access_secret
project = global_result.aliyun_project
logstore = global_result.aliyun_logstore
client = LogClient(endpoint, accessKeyId, accessKey)
req = GetLogsRequest(project=project,
logstore=logstore,
fromTime=from_time,
toTime=int(time()),
topic='',
query=req_sql)
res = client.get_logs(req)
black_ip_count = ''
for log_result in res.get_logs():
try:
black_ip_count = log_result.get_contents()['black_ip_count']
except:
pass
return_result['result'] = True
return_result['black_ip_count'] = black_ip_count
return JsonResponse(return_result, safe=False)
except Exception, e:
return_result['result'] = False
return_result['message'] = str(e)
return_result['errCode'] = 400
return JsonResponse(return_result, safe=False)
def flow_chart_get_bad_upstream_count_trend(request):
return_result = {}
data = []
try:
user_id = request.session['user_id']
json_data = json.loads(request.body)
time_zone = json_data['time_zone']
from_time = int(time() - 86400)
try:
domain = json_data['domain']
if time_zone == "7day":
from_time = int(time() - 604800)
req_sql = DOMAIN_BAD_UPSTREAM_COUNT_TREND_7D%(domain)
elif time_zone == "24hour":
from_time = int(time() - 86400)
req_sql =DOMAIN_BAD_UPSTREAM_COUNT_TREND_24H%(domain)
elif time_zone == "1hour":
from_time = int(time() - 3600)
req_sql = DOMAIN_BAD_UPSTREAM_COUNT_TREND_1H%(domain)
except:
if time_zone == "7day":
from_time = int(time() - 604800)
req_sql = UPSTREAM_BAD_COUNT_TREND_7D
elif time_zone == "24hour":
from_time = int(time() - 86400)
req_sql = UPSTREAM_BAD_COUNT_TREND_24H
elif time_zone == "1hour":
from_time = int(time() - 3600)
req_sql = UPSTREAM_BAD_COUNT_TREND_1H
global_result = waf_global.objects.get(user_id=user_id)
endpoint = global_result.aliyun_log_endpoint.replace('https://', '').replace('http://', '')
accessKeyId = global_result.aliyun_access_id
accessKey = global_result.aliyun_access_secret
project = global_result.aliyun_project
logstore = global_result.aliyun_logstore
client = LogClient(endpoint, accessKeyId, accessKey)
req = GetLogsRequest(project=project, logstore=logstore, fromTime=from_time, toTime=int(time()), topic='',
query=req_sql)
res = client.get_logs(req)
for log_result in res.get_logs():
try:
data.append({'time': log_result.get_contents()['time'],
'count': log_result.get_contents()['count'],
}
)
except:
pass
return_result['result'] = True
return_result['message'] = data
return JsonResponse(return_result, safe=False)
except Exception, e:
return_result['result'] = False
return_result['message'] = str(e)
return_result['errCode'] = 400
return JsonResponse(return_result, safe=False)
def attack_chart_get_type_trend(request):
return_result = {}
data = []
try:
user_id = request.session['user_id']
json_data = json.loads(request.body)
time_zone = json_data['time_zone']
from_time = int(time() - 86400)
try:
domain = json_data['domain']
if time_zone == "7day":
from_time = int(time() - 604800)
req_sql = DOMAIN_ATT_TYPE_7D % (domain)
elif time_zone == "24hour":
from_time = int(time() - 86400)
req_sql = DOMAIN_ATT_TYPE_24H % (domain)
elif time_zone == "1hour":
from_time = int(time() - 3600)
req_sql = DOMAIN_ATT_TYPE_1H % (domain)
except:
if time_zone == "7day":
from_time = int(time() - 604800)
req_sql = ATT_TYPE_7D
elif time_zone == "24hour":
from_time = int(time() - 86400)
req_sql = ATT_TYPE_24H
elif time_zone == "1hour":
from_time = int(time() - 3600)
req_sql = ATT_TYPE_1H
global_result = waf_global.objects.get(user_id=user_id)
endpoint = global_result.aliyun_log_endpoint.replace('https://',
'').replace(
'http://', '')
accessKeyId = global_result.aliyun_access_id
accessKey = global_result.aliyun_access_secret
project = global_result.aliyun_project
logstore = global_result.aliyun_logstore
client = LogClient(endpoint, accessKeyId, accessKey)
req = GetLogsRequest(project=project,
logstore=logstore,
fromTime=from_time,
toTime=int(time()),
topic='',
query=req_sql)
res = client.get_logs(req)
x = []
x_exist = {}
y = []
y_exist = {}
for log_result in res.get_logs():
print log_result.get_contents()
if not x_exist.has_key(log_result.get_contents()['time']):
x.append(log_result.get_contents()['time'])
x_exist[log_result.get_contents()['time']] = len(x) - 1
if not y_exist.has_key(
log_result.get_contents()['protection_type']):
if log_result.get_contents()['protection_type'] != 'null':
y.append(log_result.get_contents()['protection_type'])
y_exist[log_result.get_contents()
['protection_type']] = True
result = {}
for tmp in y:
ss = [0]
result[tmp] = ss * len(x)
for log_result in res.get_logs():
for tmp in y:
if log_result.get_contents()['protection_type'] == tmp:
tt = result[tmp]
tt[x_exist[log_result.get_contents()
['time']]] = log_result.get_contents()['count']
result[tmp] = tt
return_result['result'] = True
return_result['message'] = result
return_result['x'] = x
return_result['y'] = y
return JsonResponse(return_result, safe=False)
except Exception, e:
return_result['result'] = False
return_result['message'] = str(e)
return_result['errCode'] = 103
return JsonResponse(return_result, safe=False)
class AliyunLog():
def __init__(self,
endpoint,
access_key_id,
access_key,
project=None,
logstore=None,
topic=None,
source=None):
self.logstore = logstore
self.project = project
self.topic = topic
self.source = source
assert isinstance(self.topic, str), 'topic must be string'
# assert len(self.topic.split(':')) == 2, 'topic must format like xxx:xxx'
self.client = LogClient(endpoint, access_key_id, access_key)
# def add_log(self, item:dict): # contents为[(name1, value1), (name2, value2), ...]
# log_item = LogItem(int(time.time()), list(item.items()))
# log_req = PutLogsRequest(self.project, self.logstore, topic=self.topic, source=self.source, logitems=[log_item])
# self.client.put_logs(log_req)
def add_log(self, item: str): # item为json.dumps(obj)
log_item = LogItem(int(time.time()), [('content', item)])
log_req = PutLogsRequest(self.project,
self.logstore,
topic=self.topic,
source=self.source,
logitems=[log_item])
self.client.put_logs(log_req)
def get_topics(self, fromTime=None, toTime=None):
try:
req = GetLogsRequest(
self.project,
self.logstore,
fromTime=fromTime,
toTime=toTime,
topic=self.topic,
query='*|select "__topic__" group by "__topic__"')
res = self.client.get_logs(req)
return [log.get_contents()['__topic__'] for log in res.get_logs()]
except Exception as e:
print("Get topic error: %s" % str(e))
return []
def get_logs(self, fromTime, toTime):
try:
req = GetLogsRequest(self.project,
self.logstore,
fromTime=fromTime,
toTime=toTime,
query='*')
res = self.client.get_logs(req)
return [log.get_contents() for log in res.get_logs()]
except Exception as e:
print("Get logs error: %s" % str(e))
return []
try:
listShardRes = self.client.list_shards(self.project, self.logstore)
log_list = []
for shard in listShardRes.get_shards_info():
shard_id = shard["shardID"]
res = self.client.get_cursor(self.project, self.logstore,
shard_id, fromTime)
start_cursor = res.get_cursor()
res = self.client.get_cursor(self.project, self.logstore,
shard_id, toTime)
end_cursor = res.get_cursor()
while True:
loggroup_count = 100 # 每次读取100个包
res = self.client.pull_logs(self.project, self.logstore,
shard_id, start_cursor,
loggroup_count, end_cursor)
log_list += res.get_loggroup_json_list()
next_cursor = res.get_next_cursor()
if next_cursor == start_cursor:
break
start_cursor = next_cursor
return log_list
except Exception as e:
print("Get topic error: %s" % str(e))
return []
