访问日志策略增加只记录WAF相关访问日志选项

internal/accesslogs/storage_base.go

@@ -12,8 +12,9 @@ import (
 )
 
 type BaseStorage struct {
-	isOk    bool
-	version int
+	isOk         bool
+	version      int
+	firewallOnly bool
 }
 
 func (this *BaseStorage) SetVersion(version int) {
@@ -32,6 +33,10 @@ func (this *BaseStorage) SetOk(isOk bool) {
 	this.isOk = isOk
 }
 
+func (this *BaseStorage) SetFirewallOnly(firewallOnly bool) {
+	this.firewallOnly = firewallOnly
+}
+
 // Marshal 对日志进行编码
 func (this *BaseStorage) Marshal(accessLog *pb.HTTPAccessLog) ([]byte, error) {
 	return json.Marshal(accessLog)

internal/accesslogs/storage_command.go

@@ -61,6 +61,10 @@ func (this *CommandStorage) Write(accessLogs []*pb.HTTPAccessLog) error {
 		return err
 	}
 	for _, accessLog := range accessLogs {
+		if this.firewallOnly && accessLog.FirewallPolicyId == 0 {
+			continue
+		}
+
 		data, err := this.Marshal(accessLog)
 		if err != nil {
 			logs.Error(err)

internal/accesslogs/storage_es.go

@@ -59,6 +59,10 @@ func (this *ESStorage) Write(accessLogs []*pb.HTTPAccessLog) error {
 	indexName := this.FormatVariables(this.config.Index)
 	typeName := this.FormatVariables(this.config.MappingType)
 	for _, accessLog := range accessLogs {
+		if this.firewallOnly && accessLog.FirewallPolicyId == 0 {
+			continue
+		}
+
 		if len(accessLog.RequestId) == 0 {
 			continue
 		}

internal/accesslogs/storage_file.go

@@ -57,6 +57,9 @@ func (this *FileStorage) Write(accessLogs []*pb.HTTPAccessLog) error {
 	defer this.writeLocker.Unlock()
 
 	for _, accessLog := range accessLogs {
+		if this.firewallOnly && accessLog.FirewallPolicyId == 0 {
+			continue
+		}
 		data, err := this.Marshal(accessLog)
 		if err != nil {
 			logs.Error(err)

internal/accesslogs/storage_interface.go

@@ -12,6 +12,9 @@ type StorageInterface interface {
 	// SetVersion 设置版本
 	SetVersion(version int)
 
+	// SetFirewallOnly 设置是否只处理防火墙相关的访问日志
+	SetFirewallOnly(firewallOnly bool)
+
 	IsOk() bool
 
 	SetOk(ok bool)

internal/accesslogs/storage_manager.go

@@ -101,6 +101,7 @@ func (this *StorageManager) Loop() error {
 				}
 
 				storage.SetVersion(types.Int(policy.Version))
+				storage.SetFirewallOnly(policy.FirewallOnly == 1)
 				err := storage.Start()
 				if err != nil {
 					remotelogs.Error("ACCESS_LOG_STORAGE_MANAGER", "start policy '"+types.String(policyId)+"' failed: "+err.Error())
@@ -116,6 +117,7 @@ func (this *StorageManager) Loop() error {
 				continue
 			}
 			storage.SetVersion(types.Int(policy.Version))
+			storage.SetFirewallOnly(policy.FirewallOnly == 1)
 			this.storageMap[policyId] = storage
 			err = storage.Start()
 			if err != nil {

internal/accesslogs/storage_syslog.go

@@ -106,6 +106,9 @@ func (this *SyslogStorage) Write(accessLogs []*pb.HTTPAccessLog) error {
 	}
 
 	for _, accessLog := range accessLogs {
+		if this.firewallOnly && accessLog.FirewallPolicyId == 0 {
+			continue
+		}
 		data, err := this.Marshal(accessLog)
 		if err != nil {
 			logs.Error(err)

internal/accesslogs/storage_tcp.go

@@ -60,6 +60,9 @@ func (this *TCPStorage) Write(accessLogs []*pb.HTTPAccessLog) error {
 	defer this.writeLocker.Unlock()
 
 	for _, accessLog := range accessLogs {
+		if this.firewallOnly && accessLog.FirewallPolicyId == 0 {
+			continue
+		}
 		data, err := this.Marshal(accessLog)
 		if err != nil {
 			logs.Error(err)