def flow_chart_get_totle_count(request): return_result = {} data = [] try: user_id = request.session['user_id'] json_data = json.loads(request.body) try: domain = json_data['domain'] req_sql = DOMAIN_REQUEST_TOTLE_COUNT%(domain) req_sql2 = DOMAIN_UPSTREAM_TOTLE_COUNT%(domain) except: req_sql = REQUEST_TOTLE_COUNT req_sql2 = UPSTREAM_TOTLE_COUNT time_zone = json_data['time_zone'] from_time = int(time() - 86400) if time_zone == "7day": from_time = int(time() - 604800) elif time_zone == "24hour": from_time = int(time() - 86400) elif time_zone == "1hour": from_time = int(time() - 3600) global_result = waf_global.objects.get(user_id=user_id) endpoint = global_result.aliyun_log_endpoint.replace('https://', '').replace('http://', '') accessKeyId = global_result.aliyun_access_id accessKey = global_result.aliyun_access_secret project = global_result.aliyun_project logstore = global_result.aliyun_logstore client = LogClient(endpoint, accessKeyId, accessKey) req = GetLogsRequest(project=project, logstore=logstore, fromTime=from_time, toTime=int(time()), topic='', query=req_sql) res = client.get_logs(req) request_count = "" for log_result in res.get_logs(): try: request_count = log_result.get_contents()['count'] except: pass client2 = LogClient(endpoint, accessKeyId, accessKey) req2 = GetLogsRequest(project=project, logstore=logstore, fromTime=from_time, toTime=int(time()), topic='', query=req_sql2) res2= client2.get_logs(req2) upstream_count = "" for log_result2 in res2.get_logs(): try: upstream_count = log_result2.get_contents()['count'] except: pass return_result['result'] = True return_result['request_count'] = request_count return_result['upstream_count'] = upstream_count return JsonResponse(return_result, safe=False) except Exception, e: return_result['result'] = False return_result['message'] = str(e) return_result['errCode'] = 400 return JsonResponse(return_result, safe=False)
def cc_chart_get_geoip(request): return_result = {} data = [] try: user_id = request.session['user_id'] json_data = json.loads(request.body) time_zone = json_data['time_zone'] from_time = int(time() - 86400) try: domain = json_data['domain'] req_sql = DOMAIN_GEO_SQL % (domain) if time_zone == "7day": from_time = int(time() - 604800) elif time_zone == "24hour": from_time = int(time() - 86400) elif time_zone == "1hour": from_time = int(time() - 3600) except: req_sql = GEO_SQL if time_zone == "7day": from_time = int(time() - 604800) elif time_zone == "24hour": from_time = int(time() - 86400) elif time_zone == "1hour": from_time = int(time() - 3600) global_result = waf_global.objects.get(user_id=user_id) endpoint = global_result.aliyun_log_endpoint.replace('https://', '').replace( 'http://', '') accessKeyId = global_result.aliyun_access_id accessKey = global_result.aliyun_access_secret project = global_result.aliyun_project logstore = global_result.aliyun_logstore client = LogClient(endpoint, accessKeyId, accessKey) req = GetLogsRequest(project=project, logstore=logstore, fromTime=from_time, toTime=int(time()), topic='', query=GEO_SQL) res = client.get_logs(req) for log_result in res.get_logs(): geo_info = log_result.get_contents()['geo'].split(",") try: data.append({ 'name': log_result.get_contents()['city'], 'ip_count': log_result.get_contents()['ip_count'], 'geo': [geo_info[1], geo_info[0]], 'count': log_result.get_contents()['count'] }) except: pass return_result['result'] = True return_result['message'] = data return JsonResponse(return_result, safe=False) except Exception, e: return_result['result'] = False return_result['message'] = str(e) return_result['errCode'] = 400 return JsonResponse(return_result, safe=False)
def attack_chart_get_type_top10(request): return_result = {} data = [] try: user_id = request.session['user_id'] json_data = json.loads(request.body) time_zone = json_data['time_zone'] from_time = int(time() - 86400) try: domain = json_data['domain'] req_sql = DOMAIN_ATT_TYPE_TOP10 % (domain) if time_zone == "7day": from_time = int(time() - 604800) elif time_zone == "24hour": from_time = int(time() - 86400) elif time_zone == "1hour": from_time = int(time() - 3600) except: req_sql = ATT_TYPE_TOP10 if time_zone == "7day": from_time = int(time() - 604800) elif time_zone == "24hour": from_time = int(time() - 86400) elif time_zone == "1hour": from_time = int(time() - 3600) global_result = waf_global.objects.get(user_id=user_id) endpoint = global_result.aliyun_log_endpoint.replace('https://', '').replace( 'http://', '') accessKeyId = global_result.aliyun_access_id accessKey = global_result.aliyun_access_secret project = global_result.aliyun_project logstore = global_result.aliyun_logstore client = LogClient(endpoint, accessKeyId, accessKey) req = GetLogsRequest(project=project, logstore=logstore, fromTime=from_time, toTime=int(time()), topic='', query=req_sql) res = client.get_logs(req) for log_result in res.get_logs(): try: data.append({ 'protection_type': log_result.get_contents()['protection_type'], 'count': log_result.get_contents()['count'], }) except: pass return_result['result'] = True return_result['message'] = data return JsonResponse(return_result, safe=False) except Exception, e: return_result['result'] = False return_result['message'] = str(e) return_result['errCode'] = 103 return JsonResponse(return_result, safe=False)
def cc_chart_get_black_ip_count(request): return_result = {} data = [] try: user_id = request.session['user_id'] json_data = json.loads(request.body) time_zone = json_data['time_zone'] from_time = int(time() - 86400) try: domain = json_data['domain'] req_sql = DOMAIN_CC_BLACK_IP_COUNT % (domain) if time_zone == "7day": from_time = int(time() - 604800) elif time_zone == "24hour": from_time = int(time() - 86400) elif time_zone == "1hour": from_time = int(time() - 3600) except: req_sql = CC_BLACK_IP_COUNT if time_zone == "7day": from_time = int(time() - 604800) elif time_zone == "24hour": from_time = int(time() - 86400) elif time_zone == "1hour": from_time = int(time() - 3600) global_result = waf_global.objects.get(user_id=user_id) endpoint = global_result.aliyun_log_endpoint.replace('https://', '').replace( 'http://', '') accessKeyId = global_result.aliyun_access_id accessKey = global_result.aliyun_access_secret project = global_result.aliyun_project logstore = global_result.aliyun_logstore client = LogClient(endpoint, accessKeyId, accessKey) req = GetLogsRequest(project=project, logstore=logstore, fromTime=from_time, toTime=int(time()), topic='', query=req_sql) res = client.get_logs(req) black_ip_count = '' for log_result in res.get_logs(): try: black_ip_count = log_result.get_contents()['black_ip_count'] except: pass return_result['result'] = True return_result['black_ip_count'] = black_ip_count return JsonResponse(return_result, safe=False) except Exception, e: return_result['result'] = False return_result['message'] = str(e) return_result['errCode'] = 400 return JsonResponse(return_result, safe=False)
def flow_chart_get_bad_upstream_count_trend(request): return_result = {} data = [] try: user_id = request.session['user_id'] json_data = json.loads(request.body) time_zone = json_data['time_zone'] from_time = int(time() - 86400) try: domain = json_data['domain'] if time_zone == "7day": from_time = int(time() - 604800) req_sql = DOMAIN_BAD_UPSTREAM_COUNT_TREND_7D%(domain) elif time_zone == "24hour": from_time = int(time() - 86400) req_sql =DOMAIN_BAD_UPSTREAM_COUNT_TREND_24H%(domain) elif time_zone == "1hour": from_time = int(time() - 3600) req_sql = DOMAIN_BAD_UPSTREAM_COUNT_TREND_1H%(domain) except: if time_zone == "7day": from_time = int(time() - 604800) req_sql = UPSTREAM_BAD_COUNT_TREND_7D elif time_zone == "24hour": from_time = int(time() - 86400) req_sql = UPSTREAM_BAD_COUNT_TREND_24H elif time_zone == "1hour": from_time = int(time() - 3600) req_sql = UPSTREAM_BAD_COUNT_TREND_1H global_result = waf_global.objects.get(user_id=user_id) endpoint = global_result.aliyun_log_endpoint.replace('https://', '').replace('http://', '') accessKeyId = global_result.aliyun_access_id accessKey = global_result.aliyun_access_secret project = global_result.aliyun_project logstore = global_result.aliyun_logstore client = LogClient(endpoint, accessKeyId, accessKey) req = GetLogsRequest(project=project, logstore=logstore, fromTime=from_time, toTime=int(time()), topic='', query=req_sql) res = client.get_logs(req) for log_result in res.get_logs(): try: data.append({'time': log_result.get_contents()['time'], 'count': log_result.get_contents()['count'], } ) except: pass return_result['result'] = True return_result['message'] = data return JsonResponse(return_result, safe=False) except Exception, e: return_result['result'] = False return_result['message'] = str(e) return_result['errCode'] = 400 return JsonResponse(return_result, safe=False)
def attack_chart_get_type_trend(request): return_result = {} data = [] try: user_id = request.session['user_id'] json_data = json.loads(request.body) time_zone = json_data['time_zone'] from_time = int(time() - 86400) try: domain = json_data['domain'] if time_zone == "7day": from_time = int(time() - 604800) req_sql = DOMAIN_ATT_TYPE_7D % (domain) elif time_zone == "24hour": from_time = int(time() - 86400) req_sql = DOMAIN_ATT_TYPE_24H % (domain) elif time_zone == "1hour": from_time = int(time() - 3600) req_sql = DOMAIN_ATT_TYPE_1H % (domain) except: if time_zone == "7day": from_time = int(time() - 604800) req_sql = ATT_TYPE_7D elif time_zone == "24hour": from_time = int(time() - 86400) req_sql = ATT_TYPE_24H elif time_zone == "1hour": from_time = int(time() - 3600) req_sql = ATT_TYPE_1H global_result = waf_global.objects.get(user_id=user_id) endpoint = global_result.aliyun_log_endpoint.replace('https://', '').replace( 'http://', '') accessKeyId = global_result.aliyun_access_id accessKey = global_result.aliyun_access_secret project = global_result.aliyun_project logstore = global_result.aliyun_logstore client = LogClient(endpoint, accessKeyId, accessKey) req = GetLogsRequest(project=project, logstore=logstore, fromTime=from_time, toTime=int(time()), topic='', query=req_sql) res = client.get_logs(req) x = [] x_exist = {} y = [] y_exist = {} for log_result in res.get_logs(): print log_result.get_contents() if not x_exist.has_key(log_result.get_contents()['time']): x.append(log_result.get_contents()['time']) x_exist[log_result.get_contents()['time']] = len(x) - 1 if not y_exist.has_key( log_result.get_contents()['protection_type']): if log_result.get_contents()['protection_type'] != 'null': y.append(log_result.get_contents()['protection_type']) y_exist[log_result.get_contents() ['protection_type']] = True result = {} for tmp in y: ss = [0] result[tmp] = ss * len(x) for log_result in res.get_logs(): for tmp in y: if log_result.get_contents()['protection_type'] == tmp: tt = result[tmp] tt[x_exist[log_result.get_contents() ['time']]] = log_result.get_contents()['count'] result[tmp] = tt return_result['result'] = True return_result['message'] = result return_result['x'] = x return_result['y'] = y return JsonResponse(return_result, safe=False) except Exception, e: return_result['result'] = False return_result['message'] = str(e) return_result['errCode'] = 103 return JsonResponse(return_result, safe=False)
class AliyunLog(): def __init__(self, endpoint, access_key_id, access_key, project=None, logstore=None, topic=None, source=None): self.logstore = logstore self.project = project self.topic = topic self.source = source assert isinstance(self.topic, str), 'topic must be string' # assert len(self.topic.split(':')) == 2, 'topic must format like xxx:xxx' self.client = LogClient(endpoint, access_key_id, access_key) # def add_log(self, item:dict): # contents为[(name1, value1), (name2, value2), ...] # log_item = LogItem(int(time.time()), list(item.items())) # log_req = PutLogsRequest(self.project, self.logstore, topic=self.topic, source=self.source, logitems=[log_item]) # self.client.put_logs(log_req) def add_log(self, item: str): # item为json.dumps(obj) log_item = LogItem(int(time.time()), [('content', item)]) log_req = PutLogsRequest(self.project, self.logstore, topic=self.topic, source=self.source, logitems=[log_item]) self.client.put_logs(log_req) def get_topics(self, fromTime=None, toTime=None): try: req = GetLogsRequest( self.project, self.logstore, fromTime=fromTime, toTime=toTime, topic=self.topic, query='*|select "__topic__" group by "__topic__"') res = self.client.get_logs(req) return [log.get_contents()['__topic__'] for log in res.get_logs()] except Exception as e: print("Get topic error: %s" % str(e)) return [] def get_logs(self, fromTime, toTime): try: req = GetLogsRequest(self.project, self.logstore, fromTime=fromTime, toTime=toTime, query='*') res = self.client.get_logs(req) return [log.get_contents() for log in res.get_logs()] except Exception as e: print("Get logs error: %s" % str(e)) return [] try: listShardRes = self.client.list_shards(self.project, self.logstore) log_list = [] for shard in listShardRes.get_shards_info(): shard_id = shard["shardID"] res = self.client.get_cursor(self.project, self.logstore, shard_id, fromTime) start_cursor = res.get_cursor() res = self.client.get_cursor(self.project, self.logstore, shard_id, toTime) end_cursor = res.get_cursor() while True: loggroup_count = 100 # 每次读取100个包 res = self.client.pull_logs(self.project, self.logstore, shard_id, start_cursor, loggroup_count, end_cursor) log_list += res.get_loggroup_json_list() next_cursor = res.get_next_cursor() if next_cursor == start_cursor: break start_cursor = next_cursor return log_list except Exception as e: print("Get topic error: %s" % str(e)) return []