package attackevent import ( "bytes" "dt_automate/conn" "dt_automate/tool" "encoding/json" "fmt" "log" "net/url" "time" ) // var cookieStr string func Fw_event() { //当前时间 EndTime := time.Unix(tool.Timestamp("second"), 0).Format("2006-01-02T15:04:05") //今天0点 StartTime := time.Date(time.Now().Year(), time.Now().Month(), time.Now().Day(), 0, 0, 0, 0, time.Now().Location()).Format("2006-01-02T15:04:05") // 构建 x-www-form-urlencoded 格式的请求体 values := url.Values{} values.Add("xml", "

1"+StartTime+""+EndTime+"1200{"SrcZoneName":"Untrust","DestZoneName":"Trust"}

") values.Add("req_menu", "M_Monitor/M_AtkLog/M_ThreatLog") header := map[string]string{ "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8", "referer": "https://11.2.68.146/wnm/frame/index.php", "cookie": cookieStr, } datas := conn.DT_POST("https://11.2.68.146/wnm/get.j", header, bytes.NewBufferString(values.Encode()))["NTOP"].(map[string]interface{})["LogPaging"] var a map[string]interface{} for v, k := range datas.([]interface{}) { b := k.(map[string]interface{})["OutputJSON"].(string) if err := json.Unmarshal([]byte(b), &a); err != nil { log.Fatalf("Failed to unmarshal JSON: %v", err) } fmt.Println(v, a) // fmt.Printf("序号：%d,攻击时间：[%s],安全域：%s-%s##攻击源IP：%s#目的源IP：%s:%s,攻击类型：%s,应用协议：%s,请求域名：%s\n", v, a["Time"], a["SrcZoneName"], a["DestZoneName"], a["SrcIPAddr"], a["DestIPAddr"], strconv.FormatFloat(a["DestPort"].(float64), 'f', 0, 64), a["ThreatName"], a["Application"], a["HttpHost"]) } }