trapqueueprocessor.java
来自「opennms得相关源码 请大家看看」· Java 代码 · 共 954 行 · 第 1/3 页
JAVA
954 行
Snmp snmpInfo = new Snmp(); if (log.isDebugEnabled()) log.debug("V2 trap first varbind value: " + pdu.getVarBindAt(0).getValue().toString()); // time-stamp long timeVal; switch (pdu.getVarBindAt(SNMP_SYSUPTIME_OID_INDEX).getValue().typeId()) { case SnmpSMI.SMI_TIMETICKS: timeVal = ((SnmpTimeTicks) pdu.getVarBindAt(SNMP_SYSUPTIME_OID_INDEX).getValue()).getValue(); if (log.isDebugEnabled()) log.debug("V2 trap first varbind value is of type TIMETICKS (correct)"); break; case SnmpSMI.SMI_INTEGER: timeVal = ((SnmpInt32) pdu.getVarBindAt(SNMP_SYSUPTIME_OID_INDEX).getValue()).getValue(); if (log.isDebugEnabled()) log.debug("V2 trap first varbind value is of type INTEGER, casting to TIMETICKS"); break; default: log.info("V2 trap does not have the required first varbind as TIMETICKS - cannot process trap"); return; } snmpInfo.setTimeStamp(timeVal); // Get the value for the snmpTrapOID SnmpObjectId snmpTrapOid = (SnmpObjectId) pdu.getVarBindAt(SNMP_TRAP_OID_INDEX).getValue(); String snmpTrapOidValue = snmpTrapOid.toString(); // Force leading "." (dot) if not present if (!snmpTrapOidValue.startsWith(".")) { snmpTrapOidValue = "." + snmpTrapOidValue; } if (log.isDebugEnabled()) log.debug("snmpTrapOID: " + snmpTrapOidValue); // This handles hardcoded Snort PDU's where the 13th parameter is the Destination // address of the alarm, that if used as agent id.... if (snmpTrapOidValue.equals(SNORT_OID)) { String snortTarget = null; //.1.3.6.1.4.1.10234.2.1.1.1.6 boolean sensor = false ; String snortSensor = null; String snortAttack = null; String snortScan = null; String snortProto = null; for (int i = 2; i < pdu.getLength(); i++) { String name = pdu.getVarBindAt(i).getName().toString(); log.info("V2 Name : " + name + " Value " + pdu.getVarBindAt(i).getValue()); // PROTO255 = SCAN if (name.startsWith(SNORT_PROTO)) { snortProto = pdu.getVarBindAt(i).getValue().toString(); } if (name.startsWith(SNORT_SENSOR)) { snortSensor = pdu.getVarBindAt(i).getValue().toString(); } if (name.startsWith(SNORT_ATTACK_TARGET)) { snortAttack = pdu.getVarBindAt(i).getValue().toString(); } if (name.startsWith(SNORT_SCAN_TARGET)) { snortScan = pdu.getVarBindAt(i).getValue().toString(); } } if (snortProto.endsWith("PROTO255")) { snortTarget = snortScan; } else { snortTarget = snortAttack; } log.debug("V2 trap from a SNORT Sensor at " + trapInterface + " target of attack " + snortTarget); trapInterface = snortTarget; event.setHost(trapInterface); event.setSnmphost(trapInterface); event.setInterface(trapInterface); ipNodeId = TrapdIPMgr.getNodeId(trapInterface); if (ipNodeId != null) { int intNodeId = Integer.parseInt(ipNodeId); event.setNodeid((long) intNodeId); } else { event.setNodeid((long) -1); } } if (log.isDebugEnabled()) log.debug("V2 trap - trapInterface: " + trapInterface); // get the last subid int length = snmpTrapOidValue.length(); int lastIndex = snmpTrapOidValue.lastIndexOf(DOT_CHAR); String lastSubIdStr = snmpTrapOidValue.substring(lastIndex + 1); int lastSubId = -1; try { lastSubId = Integer.parseInt(lastSubIdStr); } catch (NumberFormatException nfe) { lastSubId = -1; } // Check if standard trap if (GENERIC_TRAPS.contains(snmpTrapOid)) { // set generic snmpInfo.setGeneric(lastSubId - 1); // set specific to zero snmpInfo.setSpecific(0); // if present, the 'snmpTrapEnterprise' OID occurs as // the last OID // Check the last varbind to see if it is the enterprise ID String varBindName = pdu.getVarBindAt(numVars - 1).getName().toString(); if (varBindName.equals(SNMP_TRAP_ENTERPRISE_ID)) { // if present, set the value of the varbind as the // enterprise id snmpInfo.setId(pdu.getVarBindAt(numVars - 1).getValue().toString()); } else { // if not present, set the value of the varbind as the // snmpTraps value defined as in RFC 1907 snmpInfo.setId(SNMP_TRAPS + "." + snmpTrapOidValue.charAt(snmpTrapOidValue.length() - 1)); } } else // not standard trap { // set generic to 6 snmpInfo.setGeneric(6); // set specific to lastsubid snmpInfo.setSpecific(lastSubId); // get the next to last subid int nextToLastIndex = snmpTrapOidValue.lastIndexOf(DOT_CHAR, lastIndex - 1); // check if value is zero String nextToLastSubIdStr = snmpTrapOidValue.substring(nextToLastIndex + 1, lastIndex); if (nextToLastSubIdStr.equals("0")) { // set enterprise value to trap oid minus the // the last two subids snmpInfo.setId(snmpTrapOidValue.substring(0, nextToLastIndex)); } else { snmpInfo.setId(snmpTrapOidValue.substring(0, lastIndex)); } } if (log.isDebugEnabled()) log.debug("snmp specific/generic/eid: " + snmpInfo.getSpecific() + "\t" + snmpInfo.getGeneric() + "\t" + snmpInfo.getId()); // version snmpInfo.setVersion("v2"); // community snmpInfo.setCommunity(new String(info.getCommunity().getString())); event.setSnmp(snmpInfo); Parms parms = new Parms(); for (int i = 2; i < pdu.getLength(); i++) { Value val = new Value(); String name = pdu.getVarBindAt(i).getName().toString(); SnmpSyntax obj = pdu.getVarBindAt(i).getValue(); if (obj instanceof SnmpInt32) { val.setType(EventConstants.TYPE_SNMP_INT32); val.setEncoding(EventConstants.XML_ENCODING_TEXT); val.setContent(EventConstants.toString(EventConstants.XML_ENCODING_TEXT, obj)); } else if (obj instanceof SnmpNull) { val.setType(EventConstants.TYPE_SNMP_NULL); val.setEncoding(EventConstants.XML_ENCODING_TEXT); val.setContent(EventConstants.toString(EventConstants.XML_ENCODING_TEXT, obj)); } else if (obj instanceof SnmpObjectId) { val.setType(EventConstants.TYPE_SNMP_OBJECT_IDENTIFIER); val.setEncoding(EventConstants.XML_ENCODING_TEXT); val.setContent(EventConstants.toString(EventConstants.XML_ENCODING_TEXT, obj)); } else if (obj instanceof SnmpIPAddress) { val.setType(EventConstants.TYPE_SNMP_IPADDRESS); val.setEncoding(EventConstants.XML_ENCODING_TEXT); val.setContent(EventConstants.toString(EventConstants.XML_ENCODING_TEXT, obj)); } else if (obj instanceof SnmpTimeTicks) { val.setType(EventConstants.TYPE_SNMP_TIMETICKS); val.setEncoding(EventConstants.XML_ENCODING_TEXT); val.setContent(EventConstants.toString(EventConstants.XML_ENCODING_TEXT, obj)); } else if (obj instanceof SnmpCounter32) { val.setType(EventConstants.TYPE_SNMP_COUNTER32); val.setEncoding(EventConstants.XML_ENCODING_TEXT); val.setContent(EventConstants.toString(EventConstants.XML_ENCODING_TEXT, obj)); } else if (obj instanceof SnmpGauge32) { val.setType(EventConstants.TYPE_SNMP_GAUGE32); val.setEncoding(EventConstants.XML_ENCODING_TEXT); val.setContent(EventConstants.toString(EventConstants.XML_ENCODING_TEXT, obj)); } else if (obj instanceof SnmpOpaque) { val.setType(EventConstants.TYPE_SNMP_OPAQUE); val.setEncoding(EventConstants.XML_ENCODING_BASE64); val.setContent(EventConstants.toString(EventConstants.XML_ENCODING_BASE64, obj)); } else if (obj instanceof SnmpOctetString) { // // check for non-printable characters. If they // exist then print the string out as hexidecimal // boolean asHex = false; byte[] data = ((SnmpOctetString) obj).getString(); for (int x = 0; x < data.length; x++) { byte b = data[x]; if ((b < 32 && b != 10 && b != 13 && b != 0) || b == 127) { asHex = true; break; } } data = null; String encoding = asHex ? EventConstants.XML_ENCODING_BASE64 : EventConstants.XML_ENCODING_TEXT; val.setType(EventConstants.TYPE_SNMP_OCTET_STRING); val.setEncoding(encoding); val.setContent(EventConstants.toString(encoding, obj)); // DEBUG if (!asHex && log.isDebugEnabled()) { log.debug("snmpReceivedTrap: string varbind: " + name + " " + (((SnmpOctetString) obj).toString())); } } else if (obj instanceof SnmpCounter64) { val.setType(EventConstants.TYPE_SNMP_COUNTER64); val.setEncoding(EventConstants.XML_ENCODING_TEXT); val.setContent(EventConstants.toString(EventConstants.XML_ENCODING_TEXT, obj)); } else { val.setType(EventConstants.TYPE_STRING); val.setEncoding(EventConstants.XML_ENCODING_TEXT); val.setContent(obj.toString()); } Parm parm = new Parm(); parm.setParmName(name); parm.setValue(val); parms.addParm(parm); } // end for loop event.setParms(parms); } // send the event to eventd EventIpcManagerFactory.getInstance().getManager().sendNow(event); if (log.isDebugEnabled()) log.debug("V2 Trap successfully converted and sent to eventd"); if (TrapdIPMgr.getNodeId(trapInterface) == null && m_newSuspect) { sendNewSuspectEvent(trapInterface); if (log.isDebugEnabled()) log.debug("Sent newSuspectEvent for interface: " + trapInterface); } } /** * Process a V1 trap and convert it to an event. Once the event is * formatted, send it to eventd. * * @param info * V1 trap */ private void process(Trapd.V1TrapInformation info) { Category log = ThreadCategory.getInstance(getClass()); SnmpPduTrap pdu = info.getPdu(); InetAddress agent = info.getAgent(); IPv4Address addr = new IPv4Address(agent); String trapInterface = pdu.getAgentAddress().toString(); Event event = new Event(); event.setSource("trapd"); event.setHost(addr.toString()); event.setSnmphost(trapInterface); event.setInterface(trapInterface); event.setTime(org.opennms.netmgt.EventConstants.formatToString(new java.util.Date())); String ipNodeId = TrapdIPMgr.getNodeId(trapInterface); if (ipNodeId != null) { int intNodeId = Integer.parseInt(ipNodeId); event.setNodeid((long) intNodeId); } if (log.isDebugEnabled()) log.debug("V1 trap - trapInterface: " + trapInterface); // // set the snmp information // Snmp snmpInfo = new Snmp(); // id // // NOTE: Force leading "." (dot) on all id's String entId = pdu.getEnterprise().toString(); if (!entId.startsWith(".")) { entId = "." + entId; } snmpInfo.setId(entId); // version snmpInfo.setVersion("v1"); // specific snmpInfo.setSpecific(pdu.getSpecific()); // generic snmpInfo.setGeneric(pdu.getGeneric()); // community snmpInfo.setCommunity(new String(info.getCommunity().getString())); // time-stamp snmpInfo.setTimeStamp(pdu.getTimeStamp()); event.setSnmp(snmpInfo); Parms parms = new Parms();⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?