2.1 示例
访问日志的programname包含:@userProxyLog
完整报文示例如下:
<150>Sep 7 11:09:15 localhost sdp-proxy@userProxyLog[1238]: { "network": { "sendBytes": 488, "debug": { "upstreamConnectTime": 3, "upstreamHeaderTime": 7, "upstreamResponseTime": 14 }, "responseTime": 14, "conn": { "srcPort": 52002, "dstHost": "1.1.1.1", "dstIp": "1.1.1.1", "dstPort": 80, "srcIp": "1.1.1.1" }, "protocol": "http", "app": { "type": "webapp", "id": "ee8782a0-0125-11ee-b353-0527bf15439e", "name": "企业网盘", "groupId": "default", "groupName": "默认分类" }, "recvBytes": 7397, "web": { "resContentType": "text\/html", "reqHttpHost": "webapp.com", "reqSchema": "http", "reqUrl": "http:\/\/webapp.com:80\/", "reqMethod": "GET", "reqHost": "webapp.com", "reqBackendUrl": "http:\/\/1.1.1.1:80\/", "reqBackendHost": "1.1.1.1", "reqReferer": "http:\/\/webapp.com\/", "reqXff": "1.1.1.1", "resStatusCode": 200, "resServer": "Everything HTTP Server", "reqHttpUserAgent": "Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/118.0.0.0 Safari\/537.36" } }, "actor": { "phoneNumber": "18******000", "id": "9f8146c0-8aeb-11ec-b30f-e50f6db6d9d6", "tags": [ "IdleAccount" ], "email": "8********8@qq.com", "displayName": "张三", "name": "zhangsan", "externalId": "", "directoryName": "本地用户目录", "domain": "local", "groupPath": "\/test\/99", "type": "user", "sTraceId": "cea93c87-4973-49cb-aecf-48b4a1524e94" }, "traceId": "010e9f6163fa96b9", "event": { "timestamp": 1694056155867, "_vSchema": "proxy", "subType": "user.webapp.access", "reason": "", "result": "SUCCESS", "id": "4ca64f41-ab3c-4892-9217-86e846e3dfa5", "mainType": "app" }, "src": { "preProxyIp": "1.1.1.1", "client": { "type": "SDPBrowserClient" }, "ip": "1.1.1.1", "dvc": { "os": "Windows 10", "id": "0011945c35df39ee2476394a3679968e8ac5697cf808a04bf2", "hostname": "Chrome", "modelName": "", "assetType": "", "externalId": "bb370a11-1bd8-4ebd-9f65-2944af25c426", "tags": [ "FirstDvc" ], "mac": "", "edrAgentId": "" }, "port": 63695, "loginGeo": { "tags": [ "UncommonlyLocation" ], "country": "内网IP", "province": "-", "city": "-", "organization": "内网IP" }, "loginIp": "1.1.1.1", "geo": { "country": "内网IP", "province": "-", "city": "-", "organization": "内网IP" } }, "_logId": "2545", "version": "2.0", "vendor": { "product": "aTrust", "productType": "hybrid", "productVersion": "2.3.10", "dvcId": "A14C0E10", "sourceName": "A14C0E10", "dvcIp": "1.1.1.1" } }
其中正文为:
{
"network": {
"sendBytes": 488,
"debug": {
"upstreamConnectTime": 3,
"upstreamHeaderTime": 7,
"upstreamResponseTime": 14
},
"responseTime": 14,
"conn": {
"srcPort": 52002,
"dstHost": "1.1.1.1",
"dstIp": "1.1.1.1",
"dstPort": 80,
"srcIp": "1.1.1.1"
},
"protocol": "http",
"app": {
"type": "webapp",
"id": "ee8782a0-0125-11ee-b353-0527bf15439e",
"name": "企业网盘",
"groupId": "default",
"groupName": "默认分类"
},
"recvBytes": 7397,
"web": {
"resContentType": "text/html",
"reqHttpHost": "webapp.com",
"reqSchema": "http",
"reqUrl": "http://webapp.com:80/",
"reqMethod": "GET",
"reqHost": "webapp.com",
"reqBackendUrl": "http://1.1.1.1:80/",
"reqBackendHost": "1.1.1.1",
"reqReferer": "http://webapp.com/",
"reqXff": "1.1.1.1",
"resStatusCode": 200,
"resServer": "Everything HTTP Server",
"reqHttpUserAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36"
}
},
"actor": {
"phoneNumber": "18******000",
"id": "9f8146c0-8aeb-11ec-b30f-e50f6db6d9d6",
"tags": [
"IdleAccount"
],
"email": "8********8@qq.com",
"displayName": "张三",
"name": "zhangsan",
"externalId": "",
"directoryName": "本地用户目录",
"domain": "local",
"groupPath": "/test/99",
"type": "user",
"sTraceId": "cea93c87-4973-49cb-aecf-48b4a1524e94"
},
"traceId": "010e9f6163fa96b9",
"event": {
"timestamp": 1694056155867,
"_vSchema": "proxy",
"subType": "user.webapp.access",
"reason": "",
"result": "SUCCESS",
"id": "4ca64f41-ab3c-4892-9217-86e846e3dfa5",
"mainType": "app"
},
"src": {
"preProxyIp": "1.1.1.1",
"client": {
"type": "SDPBrowserClient"
},
"ip": "1.1.1.1",
"dvc": {
"os": "Windows 10",
"id": "0011945c35df39ee2476394a3679968e8ac5697cf808a04bf2",
"hostname": "Chrome",
"modelName": "",
"assetType": "",
"externalId": "bb370a11-1bd8-4ebd-9f65-2944af25c426",
"tags": [
"FirstDvc"
],
"mac": "",
"edrAgentId": ""
},
"port": 63695,
"loginGeo": {
"tags": [
"UncommonlyLocation"
],
"country": "内网IP",
"province": "-",
"city": "-",
"organization": "内网IP"
},
"loginIp": "1.1.1.1",
"geo": {
"country": "内网IP",
"province": "-",
"city": "-",
"organization": "内网IP"
}
},
"_logId": "2545",
"version": "2.0",
"vendor": {
"product": "aTrust",
"productType": "hybrid",
"productVersion": "2.3.10",
"dvcId": "A14C0E10",
"sourceName": "A14C0E10",
"dvcIp": "1.1.1.1"
}
}