From 09da5bfd5f39f6e49e35f4c08a425680b317861b Mon Sep 17 00:00:00 2001
From: panlei <2799247126@qq.com>
Date: 星期四, 15 八月 2019 18:17:11 +0800
Subject: [PATCH] 抽出入侵和人员异常算法
---
ruleserver/ruleToformula.go | 67 +++++++++++++++++++++++++++++++++
1 files changed, 67 insertions(+), 0 deletions(-)
diff --git a/ruleserver/ruleToformula.go b/ruleserver/ruleToformula.go
index 97bd829..8ddec65 100644
--- a/ruleserver/ruleToformula.go
+++ b/ruleserver/ruleToformula.go
@@ -1,6 +1,7 @@
package ruleserver
import (
+ "plugin"
"ruleprocess/cache"
"ruleprocess/logger"
"ruleprocess/structure"
@@ -63,6 +64,72 @@
}
}
+func RunRule1(args *structure.SdkDatas, groupRule *protomsg.GroupRule, taskId string, message *protomsg.SdkMessage, label structure.Others) bool {
+ defer func() {
+ if err := recover(); err != nil {
+ logger.Error("姣斿瑙勫垯鏈夎", err)
+ }
+ }()
+ logger.Info("+++++++++++瑙勫垯寮�濮嬭繍琛�+++++++++++++++++褰撳墠澶ц鍒�--锛�", (*groupRule).GroupText)
+ //logger.Warn("浼犺繘鍘讳箣鍚庢槸浠�涔堝痉琛岋細",args.RuleResult["yolo"])
+ Compare(args, groupRule)
+ resultSplice := []*structure.LittleRuleResult{}
+ sdkNames := ""
+ polygonId := ""
+ // 鍏堣繃瀹屾潯浠惰鍒�
+ for j := 0; j < len(groupRule.Rules); j++ {
+ for _, sdkData := range args.Sdkdata {
+ // 鏍规嵁瑙勫垯鐨剆dkId鏌ュ嚭鍏跺搴旂殑ipcId锛岀敤ipcId鍘绘壘璇ユ瘮瀵圭殑鏁版嵁
+ sdk, err := cache.GetSdkById(groupRule.Rules[j].SdkId)
+ if err != nil {
+ logger.Error("娌℃煡鍒皊dk鐨勪俊鎭�---", err)
+ }
+ ipcId := sdk.IpcId
+ sdkName := sdk.SdkName
+ //logger.Info("瑙勫垯鐨刬pcId涓巗dkData鐨処pcId:", ipcId, "===", sdkData.IpcId)
+ if ipcId == sdkData.IpcId {
+ //logger.Info("褰撳墠璧扮殑瑙勫垯鏄�--锛�", sdkName, "---","")
+ for _, areaMap := range sdkData.AreaMapList {
+ ruleResult := CallSo(sdk.Id,groupRule.Rules[j],areaMap)
+ //ruleResult := filterRule(groupRule.Rules[j], areaMap)
+ if ruleResult.Result != "" {
+ logger.Info("鏉′欢瑙勫垯缁撴灉锛�", ruleResult.Result)
+ // 濡傛灉缁撴灉涓虹湡锛屾妸杩欐潯瑙勫垯涓殑鍖哄煙缃负鏈夋晥
+ if strings.Contains(ruleResult.Result, "true") {
+ areaMap.IsEffective = true
+ }
+ // 濡傛灉姝ょ粨鏋滀负鐪熶笖褰撳墠杩囩殑鏄痽olo绠楁硶锛屽簲璁颁笅姝よ鍒欐墍瀵瑰簲鐨剆dkName,鍙﹀锛岃繕瑕佸幓閲� (鍚庡姞锛氭妸姝ゆ潯瑙︾鐨勫尯鍩焛d涔熻褰曚笅鏉�)
+ if strings.Contains(ruleResult.Result, "true") && ipcId == "02D54B61-0F16-C604-8567-FC4BE493C523" && !strings.Contains(sdkNames, sdkName) {
+ sdkNames = sdkName + ","
+ polygonId = groupRule.Rules[j].PolygonId + ","
+ }
+ if strings.Contains(ruleResult.Result, "true") && ipcId == "02D54B61-0F16-C604-8567-FC4BE493C523" && !strings.Contains(polygonId, groupRule.Rules[j].PolygonId) {
+ polygonId = groupRule.Rules[j].PolygonId + ","
+ }
+ resultSplice = append(resultSplice, &ruleResult)
+ }
+ }
+ }
+ }
+ }
+
+}
+
+func CallSo(sdkId string,rule *protomsg.Rule, am *structure.AreaMap) structure.LittleRuleResult{
+ // 鏍规嵁sdkId鏌ュ嚭鍏跺搴旂殑sdk鐨剆oName锛岃皟鐢ㄧ浉搴攕o鐨凟ntrance鏂规硶
+ var soName = "intrusion.so"
+ p,err := plugin.Open("../algorithm/"+soName)
+ if err != nil {
+ panic(err)
+ }
+ f,err1 := p.Lookup("Entrance")
+ if err1 != nil {
+ panic("娌℃湁鎵惧埌鍏ュ彛鍑芥暟")
+ }
+ ruleResult := f.(func(rule *protomsg.Rule, am *structure.AreaMap))(rule,am)
+ return ruleResult
+}
+
func RunRule(args *structure.SdkDatas, groupRule *protomsg.GroupRule, taskId string, message *protomsg.SdkMessage, label structure.Others) bool {
defer func() {
if err := recover(); err != nil {
--
Gitblit v1.8.0