public_git
/
unpoller_unpoller
mirror of https://github.com/unpoller/unpoller.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

update

This commit is contained in:
davidnewhall2 2019-07-11 00:21:50 -07:00
parent 407e3daff8
commit 7de0c0db3a
2 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
core/unifi/ids.go
View File

@ -11,6 +11,9 @@ import (
"github.com/pkg/errors" "github.com/pkg/errors"
) )
// IDSList contains a list that contains all of the IDS Events on a controller.
type IDSList []IDS
// IDS holds an Intrusion Prevention System Event. // IDS holds an Intrusion Prevention System Event.
type IDS struct { type IDS struct {
ID string `json:"_id"` ID string `json:"_id"`
@ -91,8 +94,8 @@ func (u *Unifi) GetIDS(sites []Site, from, to time.Time) ([]IDS, error) {
Data []IDS `json:"data"` Data []IDS `json:"data"`
} }
u.DebugLog("Polling Controller, retreiving Unifi IDS/IPS Data, site %s (%s) ", site.Name, site.Desc) u.DebugLog("Polling Controller, retreiving Unifi IDS/IPS Data, site %s (%s) ", site.Name, site.Desc)
URIpath := fmt.Sprintf(IDSEvents, site.Name) URIpath := fmt.Sprintf(IPSEvents, site.Name)
params := fmt.Sprintf(`{"start":"%v","end":"%v","_limit":50000}`, from.UnixNano(), to.UnixNano()) params := fmt.Sprintf(`{"start":"%v000","end":"%v000","_limit":50000}`, from.Unix(), to.Unix())
req, err := u.UniReq(URIpath, params) req, err := u.UniReq(URIpath, params)
if err != nil { if err != nil {
return nil, err return nil, err
@ -118,6 +121,7 @@ func (u *Unifi) GetIDS(sites []Site, from, to time.Time) ([]IDS, error) {
response.Data[i].SiteName = site.SiteName response.Data[i].SiteName = site.SiteName
} }
data = append(data, response.Data...) data = append(data, response.Data...)
u.DebugLog("Found %d IDS entries. %s", len(data), params)
} }
return data, nil return data, nil
} }
@ -142,8 +146,18 @@ func (i IDS) Points() ([]*influx.Point, error) {
"subsystem": i.Subsystem, "subsystem": i.Subsystem,
"catname": i.Catname, "catname": i.Catname,
} }
fields := map[string]interface{}{} fields := map[string]interface{}{
pt, err := influx.NewPoint("uap_vaps", tags, fields, i.Datetime) "event_type": i.EventType,
"proto": i.Proto,
"app_proto": i.AppProto,
"usgip": i.Usgip,
"country_name": i.SrcipGeo.CountryName,
"city": i.SrcipGeo.City,
"postal_code": i.SrcipGeo.PostalCode,
"srcipASN": i.SrcipASN,
"usgipASN": i.UsgipASN,
}
pt, err := influx.NewPoint("intrusion_detect", tags, fields, i.Datetime)
if err != nil { if err != nil {
return nil, err return nil, err
} }

4
core/unifi/types.go
View File

@ -26,8 +26,8 @@ const (
UserGroupPath string = "/api/s/%s/rest/usergroup" UserGroupPath string = "/api/s/%s/rest/usergroup"
// LoginPath is Unifi Controller Login API Path // LoginPath is Unifi Controller Login API Path
LoginPath string = "/api/login" LoginPath string = "/api/login"
// IDSEvents returns Intrusion Detection Systems Events // IPSEvents returns Intrusion Detection Systems Events
IDSEvents string = "/api/s/%s/stat/ips/event" IPSEvents string = "/api/s/%s/stat/ips/event"
) )
// Logger is a base type to deal with changing log outputs. Create a logger // Logger is a base type to deal with changing log outputs. Create a logger