diff --git a/attackevent/fw_data.go b/attackevent/fw_data.go
index 3d902c1..bf0ea3d 100644
--- a/attackevent/fw_data.go
+++ b/attackevent/fw_data.go
@@ -2,9 +2,12 @@ package attackevent
import (
"bytes"
+ "database/sql"
"dt_automate/conn"
+ "dt_automate/dbpool"
"dt_automate/tool"
"encoding/json"
+ "fmt"
"log"
"math"
"net/url"
@@ -21,7 +24,7 @@ import (
// var err error
// 传入cookie
-func Fw_event(cookieStr string) {
+func Fw_event(cookieStr, timeStr string) {
ss := spreadsheet.New()
sheet := ss.AddSheet()
// sheet.SetFrozen(true, false)
@@ -53,55 +56,44 @@ func Fw_event(cookieStr string) {
sheet.Cell("O1").SetString("参数")
sheet.Cell("P1").SetString("源ip地区")
log.Println("生成表格列名完成")
- //当前时间
- EndTime := time.Unix(tool.Timestamp("second"), 0).Format("2006-01-02T15:04:05")
- //今天0点
- StartTime := time.Date(time.Now().Year(), time.Now().Month(), time.Now().Day(), 0, 0, 0, 0, time.Now().Location()).Format("2006-01-02T15:04:05")
- //昨天23点59分59秒
- EndTime_1 := time.Date(time.Now().Year(), time.Now().Month(), time.Now().Day(), 0, 0, 0, 0, time.Now().Location()).Add(-1 * time.Second).Format("2006-01-02T15:04:05")
- StartTime_1 := time.Date(time.Now().Year(), time.Now().Month(), time.Now().Day(), 0, 0, 0, 0, time.Now().Location()).Add(-8 * time.Hour).Format("2006-01-02T15:04:05")
- // log.Println(EndTime_1)
- // log.Println(StartTime_1)
- // 构建 x-www-form-urlencoded 格式的请求体
- //今天0点到现在的攻击事件
- values := url.Values{}
- values.Add("xml", "1"+StartTime+""+EndTime+"1200{"SrcZoneName":"Untrust","DestZoneName":"Trust"}")
- values.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
- //昨天下午16点到晚上23点59分59秒的攻击事件
- values_1 := url.Values{}
- values_1.Add("xml", "1"+StartTime_1+""+EndTime_1+"1200{"SrcZoneName":"Untrust","DestZoneName":"Trust"}")
- values_1.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
- header := map[string]string{
- "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
- "referer": "https://11.2.68.146/wnm/frame/index.php",
- "cookie": cookieStr,
- }
- //先查询昨天的事件
- yesterday := conn.DT_POST("https://11.2.68.146/wnm/get.j", header, bytes.NewBufferString(values_1.Encode()))
- // log.Println(string(body))
- // log.Println(yesterday)
+ //计算时间范围(2023-01-01-2023-01-05)示例
+ //2023-01-01
+ startTime, _ := time.Parse("2006-01-02", timeStr) //之前的时间
+ endTime, _ := time.Parse("2006-01-02", time.Unix(tool.Timestamp("second"), 0).Format("2006-01-02")) //当前时间
+ //获取当前事件
- var Con int //插入总数
- //存储昨日攻击事件
- num, _ := strconv.Atoi(Date_v(yesterday).NTOP.LogPaging[0].TotalCounts)
- if num > 200 {
- var nums = 1 //页数
- a, err := strconv.ParseFloat(Date_v(yesterday).NTOP.LogPaging[0].TotalCounts, 64)
- if err != nil {
- log.Println(err)
+ // 计算时间段分成一天一段
+ for current := startTime; current.Before(endTime) || current.Equal(endTime); {
+ // 当天的开始时间(00:00:00)
+
+ dayStart := time.Date(current.Year(), current.Month(), current.Day(), 0, 0, 0, 0, current.Location())
+ // 当天的结束时间(23:59:59)
+ dayEnd := dayStart.AddDate(0, 0, 1).Add(-1 * time.Nanosecond)
+
+ // 如果当前计算的结束时间超过endTime,则将endTime作为结束时间
+ if dayEnd.After(endTime) {
+ dayEnd = time.Date(endTime.Year(), endTime.Month(), endTime.Day(), 23, 59, 59, 999999999, endTime.Location())
}
- log.Println("昨日查询到总条数:", a)
- totalPages := int(math.Floor(float64(a))/float64(200) + 1)
- log.Println(totalPages)
- for i := 1; i < totalPages+1; i++ {
- values_1 := url.Values{}
- values_1.Add("xml", "1"+StartTime_1+""+EndTime_1+""+strconv.Itoa(nums)+"200{"SrcZoneName":"Untrust","DestZoneName":"Trust"}")
- values_1.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
- yesterday := conn.DT_POST("https://11.2.68.146/wnm/get.j", header, bytes.NewBufferString(values_1.Encode()))
- log.Println(values_1, i)
- var nums = 1 //页数
- for _, k := range Date_v(yesterday).NTOP.LogPaging {
- log.Println(len(sheet.Rows()))
+
+ fmt.Printf("从 %s 到 %s\n", dayStart.Format("2006-01-02T15:04:05"), dayEnd.Format("2006-01-02T15:04:05"))
+
+ // 构建 x-www-form-urlencoded 格式的请求体
+ values := url.Values{}
+ values.Add("xml", "1"+dayStart.Format("2006-01-02T15:04:05")+""+dayEnd.Format("2006-01-02T15:04:05")+"1200{"SrcZoneName":"Untrust","DestZoneName":"Trust"}")
+ values.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
+ //请求头信息
+ header := map[string]string{
+ "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
+ "referer": "https://11.2.68.146/wnm/frame/index.php",
+ "cookie": cookieStr,
+ }
+ //查询数据//请求数据体
+ security_event_data := conn.DT_POST("https://11.2.68.146/wnm/get.j", header, bytes.NewBufferString(values.Encode()))
+ //获取页数
+ count_pages, _ := strconv.Atoi(Date_v(security_event_data).NTOP.LogPaging[0].TotalCounts)
+ if count_pages < 200 {
+ for _, k := range Date_v(security_event_data).NTOP.LogPaging {
+ // log.Println(len(sheet.Rows()))
con := len(sheet.Rows()) + 1
// IP := conn.DT_GET("http://ip-api.com/json/"+k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string)+"?lang=zh-CN", nil, nil)
sheet.Cell("A" + strconv.Itoa(con)).SetString(strconv.Itoa(con - 1)) // 第一列 (A1)
@@ -120,108 +112,123 @@ func Fw_event(cookieStr string) {
sheet.Cell("N" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string))
sheet.Cell("O" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Payload"].(string))
// sheet.Cell("P" + strconv.Itoa(Con)).SetString(Date_get(IP).(map[string]interface{})["country"].(string) + "." + Date_get(IP).(map[string]interface{})["city"].(string) + "/" + Date_get(IP).(map[string]interface{})["isp"].(string))
- log.Println("开始插入昨日数据:", Con, k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
+ log.Printf("开始插入%s数据:%d %s", dayStart.Format("2006-01-02T15:04:05"), con, k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
+ //查询数据库中是否有重复数据
+ //查询sql 获取用户信息
+ rows, err := dbpool.QueryRows("SELECT `DT_TIME` FROM `dt_zgdz`.`dt_attack_event` WHERE DT_TIME = ?;", k.OutputJSON.(map[string]interface{})["Time"].(string))
+ if err != nil {
+ log.Println(err)
+ }
+ defer rows.Close()
+ var timeStr sql.NullString
+ // var typecho_userss []string
+ for rows.Next() {
+ if err := rows.Scan(&timeStr); err != nil {
+ log.Println(err)
+ }
+ // typecho_userss = append(typecho_userss, timeStr)
+ }
+ log.Println(timeStr)
+ if err := rows.Err(); err != nil {
+ log.Fatal(err)
+ }
+ if k.OutputJSON.(map[string]interface{})["Time"].(string) != timeStr.String {
+ //调用ExecteSQL函数执行插入语句
+ result, err := dbpool.ExecuteSQL("INSERT INTO `dt_zgdz`.`dt_attack_event` (`DT_ID`, `DT_TIME`, `DT_SRCZONENAME`, `DT_DESTZONENAME`, `DT_SRCIPADDR`, `DT_DESTIPADDR`, `DT_DESTPORT`, `DT_THREATNAME`, `DT_METHODNAMECN`, `DT_METHODSUBNAMECN`, `DT_AOOLICATION`, `DT_CVE`, `DT_HTTPHOST`, `DT_HTTPFIRSTLINE`, `DT_PAYLOAD`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);", strconv.Itoa(con-1), k.OutputJSON.(map[string]interface{})["Time"].(string), k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string), k.OutputJSON.(map[string]interface{})["DestZoneName"].(string), k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string), k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string), strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64), k.OutputJSON.(map[string]interface{})["ThreatName"].(string), k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string), k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string), k.OutputJSON.(map[string]interface{})["Application"].(string), k.OutputJSON.(map[string]interface{})["CVE"].(string), k.OutputJSON.(map[string]interface{})["HttpHost"].(string), k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string), k.OutputJSON.(map[string]interface{})["Payload"].(string))
+ if err != nil {
+ log.Println(err)
+ }
+ // 获取插入操作的最后插入ID和受影响的行数
+ lastInsertId, err := result.LastInsertId()
+ if err != nil {
+ log.Fatal(err)
+ }
+ rowsAffected, err := result.RowsAffected()
+ if err != nil {
+ log.Fatal(err)
+ }
+ log.Printf("Last Insert ID: %d, Rows Affected: %d\n", lastInsertId, rowsAffected)
+ }
}
- nums++
- }
- } else {
- for _, k := range Date_v(yesterday).NTOP.LogPaging {
- log.Println(len(sheet.Rows()))
- con := len(sheet.Rows()) + 1
- // IP := conn.DT_GET("http://ip-api.com/json/"+k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string)+"?lang=zh-CN", nil, nil)
- sheet.Cell("A" + strconv.Itoa(con)).SetString(strconv.Itoa(con - 1)) // 第一列 (A1)
- sheet.Cell("B" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Time"].(string))
- sheet.Cell("C" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string))
- sheet.Cell("D" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestZoneName"].(string))
- sheet.Cell("E" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
- sheet.Cell("F" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string))
- sheet.Cell("G" + strconv.Itoa(con)).SetString(strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64))
- sheet.Cell("H" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["ThreatName"].(string))
- sheet.Cell("I" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string))
- sheet.Cell("J" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string))
- sheet.Cell("K" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Application"].(string))
- sheet.Cell("L" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["CVE"].(string))
- sheet.Cell("M" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpHost"].(string))
- sheet.Cell("N" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string))
- sheet.Cell("O" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Payload"].(string))
- // sheet.Cell("P" + strconv.Itoa(Con)).SetString(Date_get(IP).(map[string]interface{})["country"].(string) + "." + Date_get(IP).(map[string]interface{})["city"].(string) + "/" + Date_get(IP).(map[string]interface{})["isp"].(string))
- log.Println("开始插入昨日数据:", Con, k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
- }
- }
+ } else {
+ //计算页数
+ totalPages := int(math.Floor(float64(count_pages))/float64(200) + 1)
+ for i := 0; i < totalPages; i++ {
+ values := url.Values{}
+ values.Add("xml", "1"+dayStart.Format("2006-01-02T15:04:05")+""+dayEnd.Format("2006-01-02T15:04:05")+""+strconv.Itoa(i+1)+"200{"SrcZoneName":"Untrust","DestZoneName":"Trust"}")
+ values.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
+ //请求头信息
+ header := map[string]string{
+ "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
+ "referer": "https://11.2.68.146/wnm/frame/index.php",
+ "cookie": cookieStr,
+ }
+ //获取当天每页数据
+ daydata := conn.DT_POST("https://11.2.68.146/wnm/get.j", header, bytes.NewBufferString(values.Encode()))
+ for _, k := range Date_v(daydata).NTOP.LogPaging {
+ // log.Println(len(sheet.Rows()))
+ con := len(sheet.Rows()) + 1
+ // IP := conn.DT_GET("http://ip-api.com/json/"+k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string)+"?lang=zh-CN", nil, nil)
+ sheet.Cell("A" + strconv.Itoa(con)).SetString(strconv.Itoa(con - 1)) // 第一列 (A1)
+ sheet.Cell("B" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Time"].(string))
+ sheet.Cell("C" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string))
+ sheet.Cell("D" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestZoneName"].(string))
+ sheet.Cell("E" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
+ sheet.Cell("F" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string))
+ sheet.Cell("G" + strconv.Itoa(con)).SetString(strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64))
+ sheet.Cell("H" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["ThreatName"].(string))
+ sheet.Cell("I" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string))
+ sheet.Cell("J" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string))
+ sheet.Cell("K" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Application"].(string))
+ sheet.Cell("L" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["CVE"].(string))
+ sheet.Cell("M" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpHost"].(string))
+ sheet.Cell("N" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string))
+ sheet.Cell("O" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Payload"].(string))
+ // sheet.Cell("P" + strconv.Itoa(Con)).SetString(Date_get(IP).(map[string]interface{})["country"].(string) + "." + Date_get(IP).(map[string]interface{})["city"].(string) + "/" + Date_get(IP).(map[string]interface{})["isp"].(string))
+ log.Printf("开始插入%s数据:%d %s", dayStart.Format("2006-01-02T15:04:05"), con, k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
+ // 调用ExecuteSQL函数执行插入操作
+ //查询数据库中是否有重复数据
+ //查询sql 获取用户信息
+ rows, err := dbpool.QueryRows("SELECT `DT_TIME` FROM `dt_zgdz`.`dt_attack_event` WHERE DT_TIME = ?;", k.OutputJSON.(map[string]interface{})["Time"].(string))
+ if err != nil {
+ log.Println(err)
+ }
+ defer rows.Close()
+ var timeStr sql.NullString
+ // var typecho_userss []string
+ for rows.Next() {
+ if err := rows.Scan(&timeStr); err != nil {
+ log.Println(err)
+ }
+ // typecho_userss = append(typecho_userss, timeStr)
+ }
+ if err := rows.Err(); err != nil {
+ log.Fatal(err)
+ }
+ if k.OutputJSON.(map[string]interface{})["Time"].(string) != timeStr.String {
+ result, err := dbpool.ExecuteSQL("INSERT INTO `dt_zgdz`.`dt_attack_event` (`DT_ID`, `DT_TIME`, `DT_SRCZONENAME`, `DT_DESTZONENAME`, `DT_SRCIPADDR`, `DT_DESTIPADDR`, `DT_DESTPORT`, `DT_THREATNAME`, `DT_METHODNAMECN`, `DT_METHODSUBNAMECN`, `DT_AOOLICATION`, `DT_CVE`, `DT_HTTPHOST`, `DT_HTTPFIRSTLINE`, `DT_PAYLOAD`, `DT_CUNTRY`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);", strconv.Itoa(con-1), k.OutputJSON.(map[string]interface{})["Time"].(string), k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string), k.OutputJSON.(map[string]interface{})["DestZoneName"].(string), k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string), k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string), strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64), k.OutputJSON.(map[string]interface{})["ThreatName"].(string), k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string), k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string), k.OutputJSON.(map[string]interface{})["Application"].(string), k.OutputJSON.(map[string]interface{})["CVE"].(string), k.OutputJSON.(map[string]interface{})["HttpHost"].(string), k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string), k.OutputJSON.(map[string]interface{})["Payload"].(string))
+ if err != nil {
+ log.Println(err)
+ }
+ // 获取插入操作的最后插入ID和受影响的行数
+ lastInsertId, err := result.LastInsertId()
+ if err != nil {
+ log.Fatal(err)
+ }
+ rowsAffected, err := result.RowsAffected()
+ if err != nil {
+ log.Fatal(err)
+ }
+ log.Printf("Last Insert ID: %d, Rows Affected: %d\n", lastInsertId, rowsAffected)
+ }
- //存储今日攻击事件
- today := conn.DT_POST("https://11.2.68.146/wnm/get.j", header, bytes.NewBufferString(values.Encode()))
- num_1, _ := strconv.Atoi(Date_v(today).NTOP.LogPaging[0].TotalCounts) //获取总页数
- if num_1 > 200 {
-
- a, err := strconv.ParseFloat(Date_v(today).NTOP.LogPaging[0].TotalCounts, 64)
- if err != nil {
- log.Println(err)
- }
- log.Println("今日查询到总条数:", a)
- totalPages := int(math.Floor(float64(a))/float64(200) + 1)
- log.Println(totalPages)
- var nums = 1 //页数
- for i := 1; i < totalPages+1; i++ {
- values_1 := url.Values{}
- values_1.Add("xml", "1"+StartTime+""+EndTime+""+strconv.Itoa(nums)+"200{"SrcZoneName":"Untrust","DestZoneName":"Trust"}")
- values_1.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog")
- today := conn.DT_POST("https://11.2.68.146/wnm/get.j", header, bytes.NewBufferString(values.Encode()))
- log.Println(values_1, i)
- for _, k := range Date_v(today).NTOP.LogPaging {
- log.Println(len(sheet.Rows()))
- con := len(sheet.Rows()) + 1
- // IP := conn.DT_GET("http://ip-api.com/json/"+k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string)+"?lang=zh-CN", nil, nil)
- sheet.Cell("A" + strconv.Itoa(con)).SetString(strconv.Itoa(con - 1)) // 第一列 (A1)
- sheet.Cell("B" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Time"].(string))
- sheet.Cell("C" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string))
- sheet.Cell("D" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestZoneName"].(string))
- sheet.Cell("E" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
- sheet.Cell("F" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string))
- sheet.Cell("G" + strconv.Itoa(con)).SetString(strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64))
- sheet.Cell("H" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["ThreatName"].(string))
- sheet.Cell("I" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string))
- sheet.Cell("J" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string))
- sheet.Cell("K" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Application"].(string))
- sheet.Cell("L" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["CVE"].(string))
- sheet.Cell("M" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpHost"].(string))
- sheet.Cell("N" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string))
- sheet.Cell("O" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Payload"].(string))
- // sheet.Cell("P" + strconv.Itoa(Con+v)).SetString(Date_get(IP).(map[string]interface{})["country"].(string) + "." + Date_get(IP).(map[string]interface{})["city"].(string) + "/" + Date_get(IP).(map[string]interface{})["isp"].(string))
- log.Println("开始插入今日数据:", con, k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
+ }
}
- nums++
- // log.Println(Date_v(JsonStr).NTOP.LogPaging)
}
- } else {
- for _, k := range Date_v(today).NTOP.LogPaging {
- log.Println(len(sheet.Rows()))
- con := len(sheet.Rows()) + 1
- // IP := conn.DT_GET("http://ip-api.com/json/"+k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string)+"?lang=zh-CN", nil, nil)
- sheet.Cell("A" + strconv.Itoa(con)).SetString(strconv.Itoa(con - 1)) // 第一列 (A1)
- sheet.Cell("B" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Time"].(string))
- sheet.Cell("C" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcZoneName"].(string))
- sheet.Cell("D" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestZoneName"].(string))
- sheet.Cell("E" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
- sheet.Cell("F" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["DestIPAddr"].(string))
- sheet.Cell("G" + strconv.Itoa(con)).SetString(strconv.FormatFloat(k.OutputJSON.(map[string]interface{})["DestPort"].(float64), 'f', -1, 64))
- sheet.Cell("H" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["ThreatName"].(string))
- sheet.Cell("I" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodNameCN"].(string))
- sheet.Cell("J" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["MethodSubNameCN"].(string))
- sheet.Cell("K" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Application"].(string))
- sheet.Cell("L" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["CVE"].(string))
- sheet.Cell("M" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpHost"].(string))
- sheet.Cell("N" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["HttpFirstLine"].(string))
- sheet.Cell("O" + strconv.Itoa(con)).SetString(k.OutputJSON.(map[string]interface{})["Payload"].(string))
- // sheet.Cell("P" + strconv.Itoa(Con+v)).SetString(Date_get(IP).(map[string]interface{})["country"].(string) + "." + Date_get(IP).(map[string]interface{})["city"].(string) + "/" + Date_get(IP).(map[string]interface{})["isp"].(string))
- log.Println("开始插入今日数据:", con, k.OutputJSON.(map[string]interface{})["SrcIPAddr"].(string))
- }
-
- // log.Println(Date_v(JsonStr).NTOP.LogPaging)
+ // 移动到下一天
+ current = current.AddDate(0, 0, 1)
}
-
// 保存修改后的 Excel 文件
-
if err := ss.Validate(); err != nil {
log.Fatalf("验证文件时出错: %s", err)
}
diff --git a/ceshi.xlsx b/ceshi.xlsx
deleted file mode 100644
index 40dad5b..0000000
Binary files a/ceshi.xlsx and /dev/null differ
diff --git a/conf/test.yaml b/conf/test.yaml
index 26ed344..fdb1cbb 100644
--- a/conf/test.yaml
+++ b/conf/test.yaml
@@ -1,4 +1,4 @@
-cookie: vindex==3f=10=0AB00=0R;supportLang=cn%2Cen;lang=cn;sessionid=200001f4be302ec689309d258f6ee6c0d187;loginid=a72a7ae33c1374e7d9f70b68cacd62be;200001f4be302ec689309d258f6ee6c0d187=true;abcd1234=true;login=false;
+cookie: vindex==41=10=0AB00=0R;supportLang=cn%2Cen;lang=cn;sessionid=200001c53906386d042ccfb219dd9f942b72;loginid=4b66b6a063127e0810278173fc7e4200;200001c53906386d042ccfb219dd9f942b72=true;abcd1234=true;login=false;
mysql:
port: 3306
url: 127.0.0.1
diff --git a/damo/damo.go b/damo/damo.go
new file mode 100644
index 0000000..86953fa
--- /dev/null
+++ b/damo/damo.go
@@ -0,0 +1,34 @@
+package damo
+
+import (
+ "fmt"
+ "log"
+ "math"
+ "time"
+)
+
+func Damo() {
+ startTime, _ := time.Parse("2006-01-02", "2023-01-01") //之前的时间
+ endTime, _ := time.Parse("2006-01-02", "2023-01-05") //当前时间
+
+ // 计算时间段分成一天一段
+ for current := startTime; current.Before(endTime) || current.Equal(endTime); {
+ // 当天的开始时间(00:00:00)
+ dayStart := time.Date(current.Year(), current.Month(), current.Day(), 0, 0, 0, 0, current.Location())
+ // 当天的结束时间(23:59:59)
+ dayEnd := dayStart.AddDate(0, 0, 1).Add(-1 * time.Nanosecond)
+
+ // 如果当前计算的结束时间超过endTime,则将endTime作为结束时间
+ if dayEnd.After(endTime) {
+ dayEnd = time.Date(endTime.Year(), endTime.Month(), endTime.Day(), 23, 59, 59, 999999999, endTime.Location())
+ }
+
+ fmt.Printf("从 %s 到 %s\n", dayStart.Format("2006-01-02T15:04:05"), dayEnd.Format("2006-01-02T15:04:05"))
+
+ // 移动到下一天
+ current = current.AddDate(0, 0, 1)
+ }
+ totalPages := int(math.Floor(float64(610))/float64(200) + 1)
+ log.Println(totalPages)
+ log.Println(time.Date(time.Now().Year(), time.Now().Month(), time.Now().Day(), 0, 0, 0, 0, time.Now().Location()))
+}
diff --git a/dbpool/mysqldb.go b/dbpool/mysqldb.go
index 531e4ea..52e8b65 100644
--- a/dbpool/mysqldb.go
+++ b/dbpool/mysqldb.go
@@ -7,14 +7,14 @@ import (
_ "github.com/go-sql-driver/mysql"
)
-var DB *sql.DB
+var db *sql.DB
func init() {
- DB, _ = sql.Open("mysql", "root:Lc753951!!@tcp(fanyu.online:53306)/douy?charset=utf8&parseTime=True&loc=Local")
- DB.SetMaxOpenConns(20)
- DB.SetMaxIdleConns(10)
- DB.SetConnMaxLifetime(100)
- err := DB.Ping()
+ db, _ = sql.Open("mysql", "root:Lc753951!!@tcp(fanyu.online:53306)/?charset=utf8&parseTime=True&loc=Local")
+ db.SetMaxOpenConns(20)
+ db.SetMaxIdleConns(10)
+ // DB.SetConnMaxLifetime(100)
+ err := db.Ping()
if err != nil {
log.Println("database init failed, err: ", err)
return
@@ -25,7 +25,7 @@ func init() {
// QueryRows 是一个通用的查询函数,它执行SQL查询并返回结果集
func QueryRows(query string, args ...any) (*sql.Rows, error) {
- rows, err := DB.Query(query, args...)
+ rows, err := db.Query(query, args...)
if err != nil {
return nil, err
}
@@ -36,7 +36,7 @@ func QueryRows(query string, args ...any) (*sql.Rows, error) {
// ExecuteSQL 是一个通用的插入函数,它执行SQL插入并返回结果集
func ExecuteSQL(query string, args ...any) (sql.Result, error) {
- result, err := DB.Exec(query, args...)
+ result, err := db.Exec(query, args...)
if err != nil {
return nil, err
}
diff --git a/img/afc2000_1.png b/img/afc2000_1.png
index 2dd615a..2428b39 100644
Binary files a/img/afc2000_1.png and b/img/afc2000_1.png differ
diff --git a/img/afc2000_2.png b/img/afc2000_2.png
index 159fc3b..361b9f7 100644
Binary files a/img/afc2000_2.png and b/img/afc2000_2.png differ
diff --git a/img/capt.png b/img/capt.png
deleted file mode 100644
index 2e6eccc..0000000
Binary files a/img/capt.png and /dev/null differ
diff --git a/img/hw_baolj.png b/img/hw_baolj.png
index 30e37d4..cf1cad0 100644
Binary files a/img/hw_baolj.png and b/img/hw_baolj.png differ
diff --git a/img/hw_dtcloud_01.png b/img/hw_dtcloud_01.png
index d2a1535..bde4814 100644
Binary files a/img/hw_dtcloud_01.png and b/img/hw_dtcloud_01.png differ
diff --git a/img/hw_dtcloud_02.png b/img/hw_dtcloud_02.png
index 09a4fa0..4763a85 100644
Binary files a/img/hw_dtcloud_02.png and b/img/hw_dtcloud_02.png differ
diff --git a/img/hw_dtcloud_03.png b/img/hw_dtcloud_03.png
index 17b3353..2ce0d5e 100644
Binary files a/img/hw_dtcloud_03.png and b/img/hw_dtcloud_03.png differ
diff --git a/img/hw_dtcloud_04.png b/img/hw_dtcloud_04.png
index 9c4e060..f6076a7 100644
Binary files a/img/hw_dtcloud_04.png and b/img/hw_dtcloud_04.png differ
diff --git a/img/hw_dtcloud_05.png b/img/hw_dtcloud_05.png
index 5bbc8dd..b550f4a 100644
Binary files a/img/hw_dtcloud_05.png and b/img/hw_dtcloud_05.png differ
diff --git a/img/hw_dtcloud_06.png b/img/hw_dtcloud_06.png
index 125ca67..7edca37 100644
Binary files a/img/hw_dtcloud_06.png and b/img/hw_dtcloud_06.png differ
diff --git a/img/hw_dtcloud_07.png b/img/hw_dtcloud_07.png
index 3d87efe..fbc991c 100644
Binary files a/img/hw_dtcloud_07.png and b/img/hw_dtcloud_07.png differ
diff --git a/img/hw_dtcloud_08.png b/img/hw_dtcloud_08.png
index 8ba5c71..8818cd5 100644
Binary files a/img/hw_dtcloud_08.png and b/img/hw_dtcloud_08.png differ
diff --git a/img/hw_dtcloud_man.png b/img/hw_dtcloud_man.png
index d4651a4..b2d70ef 100644
Binary files a/img/hw_dtcloud_man.png and b/img/hw_dtcloud_man.png differ
diff --git a/img/hw_fw1.png b/img/hw_fw1.png
index 1bb9a04..e880f3a 100644
Binary files a/img/hw_fw1.png and b/img/hw_fw1.png differ
diff --git a/img/hw_tsgz.png b/img/hw_tsgz.png
index 8de0289..a65368b 100644
Binary files a/img/hw_tsgz.png and b/img/hw_tsgz.png differ
diff --git a/img/zww_baolj.png b/img/zww_baolj.png
index d21c17d..6cdfd8b 100644
Binary files a/img/zww_baolj.png and b/img/zww_baolj.png differ
diff --git a/img/zww_dtcloud_01.png b/img/zww_dtcloud_01.png
index 354d178..3079ea7 100644
Binary files a/img/zww_dtcloud_01.png and b/img/zww_dtcloud_01.png differ
diff --git a/img/zww_dtcloud_02.png b/img/zww_dtcloud_02.png
index 75b9210..4c0b9f0 100644
Binary files a/img/zww_dtcloud_02.png and b/img/zww_dtcloud_02.png differ
diff --git a/img/zww_dtcloud_03.png b/img/zww_dtcloud_03.png
index e142458..8dff5a2 100644
Binary files a/img/zww_dtcloud_03.png and b/img/zww_dtcloud_03.png differ
diff --git a/img/zww_dtcloud_04.png b/img/zww_dtcloud_04.png
index 34bbd5a..b26ca3e 100644
Binary files a/img/zww_dtcloud_04.png and b/img/zww_dtcloud_04.png differ
diff --git a/img/zww_dtcloud_05.png b/img/zww_dtcloud_05.png
index f585b40..360a810 100644
Binary files a/img/zww_dtcloud_05.png and b/img/zww_dtcloud_05.png differ
diff --git a/img/zww_dtcloud_06.png b/img/zww_dtcloud_06.png
index edc2396..869eaf3 100644
Binary files a/img/zww_dtcloud_06.png and b/img/zww_dtcloud_06.png differ
diff --git a/img/zww_dtcloud_07.png b/img/zww_dtcloud_07.png
index c866ffe..aceaa93 100644
Binary files a/img/zww_dtcloud_07.png and b/img/zww_dtcloud_07.png differ
diff --git a/img/zww_dtcloud_man.png b/img/zww_dtcloud_man.png
index 95b9ad7..ab2e163 100644
Binary files a/img/zww_dtcloud_man.png and b/img/zww_dtcloud_man.png differ
diff --git a/img/zww_fw1.png b/img/zww_fw1.png
index 676c126..05b5d8d 100644
Binary files a/img/zww_fw1.png and b/img/zww_fw1.png differ
diff --git a/img/zww_tsgz.png b/img/zww_tsgz.png
index ea6fdc3..03b4178 100644
Binary files a/img/zww_tsgz.png and b/img/zww_tsgz.png differ
diff --git a/main.go b/main.go
index 1632161..6cde263 100644
--- a/main.go
+++ b/main.go
@@ -66,26 +66,26 @@ func main() {
} else {
log.Printf("授权未到期,剩余时间:%d天 %d小时 %d分钟 %d秒", days, hours, minutes, secod)
//可执行程序位置
- // 互联网区截图
+ // // 互联网区截图
// method.HW_FAC1() //截取流量清洗的图片
- // method.HW_FW1() //截取防火墙的图片
+ // method.HW_FW1() //截取防火墙的图片
// method.HW_TSGZ() //截取态势感知的图片
// method.HW_DTCLOUD() //截取运维中心的图片
// method.HW_BAOLJ() //截取堡垒机的图片
- //政务网区截图
+ // //政务网区截图
// method.ZWW_FW1() //截取防火墙的图片
- // method.ZWW_TSGZ() //截取态势感知的图片
+ // method.ZWW_TSGZ() //截取态势感知的图片
// method.ZWW_DTCLOUD() //截取运维中心的图片
// method.ZWWW_BAOLJ() //截取堡垒机的图片
// 互联网区运维巡检文档生成
// wps.HW_SYS_Word() //运维平台word文档生成
- // // //政务网区运维巡检文档生成
+ // // // //政务网区运维巡检文档生成
// wps.ZWW_SYS_Word() //运维平台word文档生成
- // // //安全巡检文档生成
+ // // // //安全巡检文档生成
// wps.SAFET_Word() //安全巡检文档生成
//安全事件表格生成(需要先执行互联网区防火墙截图)
- // attackevent.Fw_event(attackevent.HW_fw1_cookie()) //将防火墙安全事件存放到xlsx文件中
+ // attackevent.Fw_event(attackevent.HW_fw1_cookie(), "2025-03-10") //将防火墙安全事件存放到xlsx文件中
//nessus的csv文件生成docx报告
// wps.CSV_damo()
//翻译模块调用腾讯xt翻译月500万字限制
@@ -97,6 +97,7 @@ func main() {
// dtcloud.Memory() //获取单个ecs的memory使用情况
// dtcloud.Cpu() ///获取单个ecs的cpu使用情况
// dtcloud.TenantList() //获取租户列表(完成)
+ // damo.Damo()
}
} else {
diff --git a/method/hw_dtcloud.go b/method/hw_dtcloud.go
index d867fa9..bbfeb58 100644
--- a/method/hw_dtcloud.go
+++ b/method/hw_dtcloud.go
@@ -62,7 +62,7 @@ func HW_DTCLOUD() {
if err := page.Locator(".el-button.login-form-item.login-btn.el-button--primary").Click(); err != nil {
log.Fatalf("could not click button: %v", err)
}
- page.WaitForTimeout(7000)
+ page.WaitForTimeout(10000)
//运维中心主页
page.Screenshot(playwright.PageScreenshotOptions{
Path: playwright.String("img/hw_dtcloud_man.png"),
diff --git a/method/hw_fw1.go b/method/hw_fw1.go
index 86dcfa2..110ce3c 100644
--- a/method/hw_fw1.go
+++ b/method/hw_fw1.go
@@ -1,9 +1,7 @@
package method
import (
- "dt_automate/conf"
"dt_automate/tool"
- "fmt"
"log"
"github.com/playwright-community/playwright-go"
@@ -105,18 +103,18 @@ func HW_FW1() {
log.Fatalf("could not get title: %v", err)
}
log.Printf("Page title is: %s\n", title)
- cookies, err := page.Context().Cookies("https://11.2.68.146/wnm/get.j")
- if err != nil {
- log.Println(err)
- }
- var cookieStr string
- for i, cookie := range cookies {
- cookieStr += fmt.Sprintf("%s=%s;", cookie.Name, cookie.Value)
- log.Printf("Cookie %d: %+v", i, cookie)
- }
- log.Println(cookieStr)
+ // cookies, err := page.Context().Cookies("https://11.2.68.146/wnm/get.j")
+ // if err != nil {
+ // log.Println(err)
+ // }
+ // var cookieStr string
+ // for i, cookie := range cookies {
+ // cookieStr += fmt.Sprintf("%s=%s;", cookie.Name, cookie.Value)
+ // log.Printf("Cookie %d: %+v", i, cookie)
+ // }
+ // log.Println(cookieStr)
// attackevent.Fw_event(cookieStr)
- conf.SET_Config_yaml("cookie", cookieStr) //临时存放数据
+ // conf.SET_Config_yaml("cookie", cookieStr) //临时存放数据
// StartBlocker()
page.WaitForTimeout(5000)
}
diff --git a/tool/util.go b/tool/util.go
index aada021..cb00465 100644
--- a/tool/util.go
+++ b/tool/util.go
@@ -14,7 +14,7 @@ func Auth_main() map[string]string {
fmt.Println("电脑序列号:", machine_code.Machine.BoardSerialNumber)
if machine_code.Machine.BoardSerialNumber != "" {
//查询sql 获取用户信息
- rows, err := dbpool.QueryRows("SELECT * FROM douy_info WHERE serialNumber = ?;", machine_code.Machine.BoardSerialNumber)
+ rows, err := dbpool.QueryRows("SELECT * FROM `douy`.`douy_info` WHERE serialNumber = ?;", machine_code.Machine.BoardSerialNumber)
if err != nil {
log.Println(err)
}
diff --git a/防火墙安全事件20250310.xlsx b/防火墙安全事件20250310.xlsx
new file mode 100644
index 0000000..455050f
Binary files /dev/null and b/防火墙安全事件20250310.xlsx differ