package com.infosec.warning.component;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.ApplicationArguments;
import org.springframework.boot.ApplicationRunner;
import org.springframework.stereotype.Component;
@Component
public class SchedulerWarningComponent implements ApplicationRunner{
@Autowired
private NetAuthWarningUtil netAuthWarningUtil;
@Override
public void run(ApplicationArguments args) throws Exception {
//启动弱密码检测预警通知
netAuthWarningUtil.warningAndNoticeWeakPasswordWithSchedulerEvent();
//启动在线用户检测预警通知
netAuthWarningUtil.warningAndNoticeOnlineUserWithSchedulerEvent();
//启动cpu使用率预警通知
netAuthWarningUtil.warningAndCpuWithSchedulerEvent();
//启动内存使用率预警通知
netAuthWarningUtil.warningAndMemoryWithSchedulerEvent();
}
}
package com.infosec.warning.component;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.infosec.user.entity.UserExtensionBean;
import com.infosec.user.service.user.IUserExtensionService;
import com.infosec.warning.abs.NetAuthWarningNotice;
import com.infosec.warning.abs.NetAuthWarningNoticeEventType;
import com.infosec.warning.abs.impl.NetAuthFrequentlyLoginWarning;
import com.infosec.warning.abs.impl.NetAuthLoginErrorWarning;
import com.infosec.warning.abs.impl.NetAuthModifyPasswordWarning;
import com.infosec.warning.abs.impl.NetAuthPolicyEvaluateWarning;
import com.infosec.warning.abs.impl.NetAuthResourceLoginWarning;
import com.infosec.warning.abs.impl.NetAuthResourceSyncErrorWarning;
import com.infosec.warning.abs.notice.impl.SimpleNetAuthWarningNotice;
import com.infosec.warning.scheduler.job.NetAuthCpuUtilizationWarning;
import com.infosec.warning.scheduler.job.NetAuthMemoryUtilizationWarning;
import com.infosec.warning.scheduler.job.NetAuthOnlineUserWarning;
import com.infosec.warning.scheduler.job.NetAuthWeakPasswordWarning;
import com.infosec.warning.service.IWarningRuleConfigService;
import com.netauth.utils.component.Db3CacheUtils;
@Component
public class NetAuthWarningUtil {
@Autowired
private Db3CacheUtils db3CacheUtils;
@Autowired
private WarningRedisKeyProperties warningRedisKeyProperties;
@Autowired
private IWarningRuleConfigService iWarningRuleConfigService;
@Autowired
private IUserExtensionService userExtensionService;
/**
* 同一用户登录失败事件触发
* @param loginname 用户登录名
*/
public void warningAndNoticeSameUserLoginErrorEvent(String loginname,String ip) {
String userName = "";
UserExtensionBean user = userExtensionService.findByLoginName(loginname);
if(user !=null) {
userName = user.getUsername()==null ?"" :user.getUsername();
}
NetAuthLoginErrorWarning warning = new NetAuthLoginErrorWarning(iWarningRuleConfigService.findOneById(1), warningRedisKeyProperties, db3CacheUtils,userName,ip);
NetAuthWarningNotice netAuthWarningNotice=new SimpleNetAuthWarningNotice(NetAuthWarningNoticeEventType.LOGINERRORNOTICE.getEvent());
warning.setLoginname(loginname);
warning.setNetAuthNotice(netAuthWarningNotice);
warning.warning();
}
/**
* 同一用户频繁登录触发事件方法
* @param loginname 用户登录名
*/
public void warningAndNoticeSameUserFrequentlyLoginErrorEvent(String loginname,String ip) {
String userName = "";
UserExtensionBean user = userExtensionService.findByLoginName(loginname);
if(user !=null) {
userName = user.getUsername()==null ?"" :user.getUsername();
}
NetAuthFrequentlyLoginWarning warning = new NetAuthFrequentlyLoginWarning(iWarningRuleConfigService.findOneById(1), warningRedisKeyProperties, db3CacheUtils,loginname,userName,ip);
NetAuthWarningNotice netAuthWarningNotice=new SimpleNetAuthWarningNotice(NetAuthWarningNoticeEventType.FREQUENTLYLOGINNOTICE.getEvent());
warning.setNetAuthNotice(netAuthWarningNotice);
warning.warning();
}
/**
* 同一用户多次修改密码触发事件方法
* @param loginname 用户登录名
*/
public void warningAndNoticeModifyPasswordEvent(String loginname,String ip) {
String userName = "";
UserExtensionBean user = userExtensionService.findByLoginName(loginname);
if(user !=null) {
userName = user.getUsername()==null ?"" :user.getUsername();
}
NetAuthModifyPasswordWarning warning = new NetAuthModifyPasswordWarning(iWarningRuleConfigService.findOneById(1), warningRedisKeyProperties, db3CacheUtils,loginname,userName,ip);
NetAuthWarningNotice netAuthWarningNotice=new SimpleNetAuthWarningNotice(NetAuthWarningNoticeEventType.UPDATEPASSWORDNOTICE.getEvent());
warning.setNetAuthNotice(netAuthWarningNotice);
warning.warning();
}
/**
* 用户登录资源系统触发事件方法
* @param loginname 用户登录名
* @param systemTag 资源编码
*/
public void warningAndNoticeResourceSystemLoginEvent(String loginname,String systemTag,String ip) {
String userName = "";
UserExtensionBean user = userExtensionService.findByLoginName(loginname);
if(user !=null) {
userName = user.getUsername()==null ?"" :user.getUsername();
}
NetAuthResourceLoginWarning warning = new NetAuthResourceLoginWarning(iWarningRuleConfigService.findOneById(1), warningRedisKeyProperties, db3CacheUtils,loginname,systemTag,userName,ip);
NetAuthWarningNotice netAuthWarningNotice=new SimpleNetAuthWarningNotice(NetAuthWarningNoticeEventType.RESOURCESYSTEMLOGINNOTICE.getEvent());
warning.setNetAuthNotice(netAuthWarningNotice);
warning.warning();
}
/**
* 帐号同步/部门同步/岗位同步失败触发事件方法
* @param systemTag 资源编码
* @param syncType 同步类型 1:帐号同步 2:部门同步 3:岗位同步
* @param code 帐号/部门/岗位编码
*/
public void warningAndNoticeResourceSyncErrorEvent(String systemTag,int syncType,String code) {
NetAuthResourceSyncErrorWarning warning = new NetAuthResourceSyncErrorWarning(iWarningRuleConfigService.findOneById(1), warningRedisKeyProperties, db3CacheUtils,systemTag,syncType,code);
NetAuthWarningNotice netAuthWarningNotice=new SimpleNetAuthWarningNotice(NetAuthWarningNoticeEventType.RESOURCESYNCERRORNOTICE.getEvent());
warning.setNetAuthNotice(netAuthWarningNotice);
warning.warning();
}
/**
* 弱密码定时任务监控方法
*/
public void warningAndNoticeWeakPasswordWithSchedulerEvent() {
NetAuthWeakPasswordWarning warning = new NetAuthWeakPasswordWarning(iWarningRuleConfigService);
NetAuthWarningNotice netAuthWarningNotice=new SimpleNetAuthWarningNotice(NetAuthWarningNoticeEventType.WEAKPASSWORDNOTICE.getEvent());
warning.setNetAuthNotice(netAuthWarningNotice);
warning.warning();
}
/**
* 在线用户定时任务监控方法
*/
public void warningAndNoticeOnlineUserWithSchedulerEvent() {
NetAuthOnlineUserWarning warning = new NetAuthOnlineUserWarning(iWarningRuleConfigService);
NetAuthWarningNotice netAuthWarningNotice=new SimpleNetAuthWarningNotice(NetAuthWarningNoticeEventType.ONLINEUSERNOTICE.getEvent());
warning.setNetAuthNotice(netAuthWarningNotice);
warning.warning();
}
/**
* cpu使用率监控
*/
public void warningAndCpuWithSchedulerEvent() {
NetAuthCpuUtilizationWarning warning = new NetAuthCpuUtilizationWarning(iWarningRuleConfigService);
NetAuthWarningNotice netAuthWarningNotice=new SimpleNetAuthWarningNotice(NetAuthWarningNoticeEventType.CPUNOTICE.getEvent());
warning.setNetAuthNotice(netAuthWarningNotice);
warning.warning();
}
/**
* 内存使用率监控
*/
public void warningAndMemoryWithSchedulerEvent() {
NetAuthMemoryUtilizationWarning warning = new NetAuthMemoryUtilizationWarning(iWarningRuleConfigService);
NetAuthWarningNotice netAuthWarningNotice=new SimpleNetAuthWarningNotice(NetAuthWarningNoticeEventType.MEMORYNOTICE.getEvent());
warning.setNetAuthNotice(netAuthWarningNotice);
warning.warning();
}
/**
* 策略评估触发事件方法
*/
public void warningAndNoticePolicyEvaluateWithSchedulerEvent(String factorName,String disposalStrategy,String ip,String details) {
NetAuthPolicyEvaluateWarning warning = new NetAuthPolicyEvaluateWarning(iWarningRuleConfigService.findOneById(1), warningRedisKeyProperties, db3CacheUtils
,factorName,disposalStrategy,ip,details);
NetAuthWarningNotice netAuthWarningNotice=new SimpleNetAuthWarningNotice(NetAuthWarningNoticeEventType.UEBAPOLICYEVALUATENOTICE.getEvent());
warning.setNetAuthNotice(netAuthWarningNotice);
warning.warning();
}
}
package com.infosec.warning.scheduler.job;
import org.quartz.JobBuilder;
import org.quartz.JobDataMap;
import org.quartz.JobDetail;
import org.quartz.Scheduler;
import org.quartz.SchedulerException;
import org.quartz.SchedulerFactory;
import org.quartz.SimpleScheduleBuilder;
import org.quartz.Trigger;
import org.quartz.TriggerBuilder;
import org.quartz.TriggerKey;
import org.quartz.impl.StdSchedulerFactory;
import com.infosec.warning.scheduler.AbstractNetAuthSchedulerWarning;
import com.infosec.warning.scheduler.job.detail.MemoryUtilizationWarningJobDetail;
import com.infosec.warning.service.IWarningRuleConfigService;
/**
*
* <p>
* 内存使用率预警调度
* </p>
*
* <p>
* 版权所有:北京信安世纪科技股份有限公司 (c) 2022
* </p>
*
* @author jlcui
* @date: 26-八月-22 上午 11:42
*
*/
public class NetAuthMemoryUtilizationWarning extends AbstractNetAuthSchedulerWarning {
public NetAuthMemoryUtilizationWarning(IWarningRuleConfigService iWarningRuleConfigService) {
super(iWarningRuleConfigService);
}
@Override
public void startWarning() {
SchedulerFactory schedulerFactory = new StdSchedulerFactory();
try {
Scheduler scheduler = schedulerFactory.getScheduler();
JobDataMap jobDataMap = new JobDataMap();
jobDataMap.put("warning", this);
JobDetail cpuJobDetail = JobBuilder.newJob(MemoryUtilizationWarningJobDetail.class).usingJobData(jobDataMap)
.withIdentity("weakMemoryJob", "weakMemoryGroup").build();
Trigger oldtrigger = scheduler
.getTrigger(TriggerKey.triggerKey("weakMemoryTrigger", "weakMemoryTriggerGroup"));
Trigger trigger = TriggerBuilder.newTrigger().withIdentity("weakMemoryTrigger", "weakMemoryTriggerGroup")
.startNow()
.withSchedule(SimpleScheduleBuilder.simpleSchedule()
.withIntervalInMinutes(iWarningRuleConfigService.findOneById(1).getMemoryUtilizationTime())
.repeatForever())
.build();
if (null != oldtrigger) {
scheduler.rescheduleJob(TriggerKey.triggerKey("weakMemoryTrigger", "weakMemoryTriggerGroup"), trigger);
} else {
scheduler.scheduleJob(cpuJobDetail, trigger);
// 启动定时任务
scheduler.start();
}
;
} catch (SchedulerException e) {
e.printStackTrace();
}
}
}
package com.infosec.warning.scheduler;
import com.infosec.warning.abs.NetAuthWarning;
import com.infosec.warning.abs.NetAuthWarningNotice;
import com.infosec.warning.entity.WarningRuleConfig;
import com.infosec.warning.service.IWarningRuleConfigService;
/**
* 定时检测类预警通知的抽象类
* @author 丁影
*
*/
public abstract class AbstractNetAuthSchedulerWarning implements NetAuthWarning{
protected NetAuthWarningNotice netAuthNotice;
protected IWarningRuleConfigService iWarningRuleConfigService;
public AbstractNetAuthSchedulerWarning(IWarningRuleConfigService iWarningRuleConfigService) {
super();
this.iWarningRuleConfigService = iWarningRuleConfigService;
}
/**
* 通过子类实现具体的预警逻辑
*/
public abstract void startWarning();
/**
* 是否开启预警通知
* @return
*/
public boolean isOpenWarning() {
WarningRuleConfig warningRuleConfig = iWarningRuleConfigService.findOneById(1);
return warningRuleConfig.getEnabled();
};
@Override
public void warning() {
if(isOpenWarning()) {
startWarning();
}
}
public void setNetAuthNotice(NetAuthWarningNotice netAuthNotice) {
this.netAuthNotice = netAuthNotice;
}
public NetAuthWarningNotice getNetAuthNotice() {
return netAuthNotice;
}
public IWarningRuleConfigService getiWarningRuleConfigService() {
return iWarningRuleConfigService;
}
}
package com.infosec.warning.abs;
/**
*
* @author 丁影
*
*/
public interface NetAuthWarning {
/**
* 预警方法
*/
void warning();
}
package com.infosec.warning.abs;
/**
* 事件类型
* @author dingying
* @date 创建时间:2020年6月2日 下午5:38:23
*/
public enum NetAuthWarningNoticeEventType {
/**
* 登录失败预警通知
*/
LOGINERRORNOTICE("loginErrorNotice","登录失败预警通知"),
/**
* 频繁登录预警通知
*/
FREQUENTLYLOGINNOTICE("frequentlyLoginNotice","频繁登录预警通知"),
/**
* 修改密码预警通知
*/
UPDATEPASSWORDNOTICE("updatePasswordNotice","修改密码预警通知"),
/**
* 弱密码预警通知
*/
WEAKPASSWORDNOTICE("weakPasswordNotice","弱密码预警通知"),
/**
* 业务系统登录预警通知
*/
RESOURCESYSTEMLOGINNOTICE("resourceSystemLoginNotice","业务系统登录预警通知"),
/**
* 在线用户预警通知
*/
ONLINEUSERNOTICE("onlineUserNotice","在线用户预警通知"),
/**
* CPU使用率
*/
CPUNOTICE("cpuUtilizationNotice","cpu使用率"),
/**
* 内存使用率
*/
MEMORYNOTICE("memoryUtilizationNotice","内存使用率"),
/**
* 业务系统帐号同步失败预警通知
*/
RESOURCESYNCERRORNOTICE("resourceSyncErrorNotice","业务系统帐号同步失败预警通知"),
/**
* 业务系统同步接口预警通知
*/
SYNCINTERFACECHECKERRORNOTICE("syncInterfaceCheckErrorNotice","业务系统同步接口预警通知"),
/**
* 策略评估预警通知
*/
UEBAPOLICYEVALUATENOTICE("policyEvaluateNotice","策略评估预警通知");
String event;
String name;
NetAuthWarningNoticeEventType(String event,String name) {
this.event = event;
this.name = name;
}
public String getEvent() {
return event;
}
public String getName() {
return name;
}
}
浙公网安备 33010602011771号