{"expand":"renderedFields,names,schema,operations,editmeta,changelog,versionedRepresentations","id":"33657","self":"https://jira.geedge.net/rest/api/2/issue/33657","key":"OMPUB-874","fields":{"issuetype":{"self":"https://jira.geedge.net/rest/api/2/issuetype/10002","id":"10002","description":"需要完成的任务。","iconUrl":"https://jira.geedge.net/secure/viewavatar?size=xsmall&avatarId=10318&avatarType=issuetype","name":"任务","subtask":false,"avatarId":10318},"components":[],"timespent":null,"timeoriginalestimate":null,"description":"排查客户（墨处）尝试配置了一条DoS Detection Profiles策略，但是拨测未产生Dos Events。\r\n\r\n排查进展：\r\n\r\n墨处配置：\r\n\r\nAttack Type:TCP SYN Flood\r\n\r\nTarget IPs：196.188.136.150\r\n\r\n \r\n\r\nPackets/second :100000\r\n\r\nBits/second:8\r\n\r\nSessions/second：100000\r\n\r\n经逐步排查确认，最终策略配置及相关更新如下后，拨测访问empower.safaricom.et，在Dos Events里查询到该DoS Detection Profiles策略的日志：\r\n\r\n1、重新配置策略：\r\n\r\n选择empower.safaricom.et的server ip：102.218.49.73 为Target IPs\r\n\r\n修改Attack Type:为ICMP Flood ，详细策略配置如下：\r\n\r\nAttack Type:ICMP Flood\r\n\r\nTarget IPs：102.218.49.73 \r\n\r\nPackets/second :100000\r\n\r\nBits/second:8\r\n\r\nSessions/second：100000\r\n\r\n2、且经排查确认Dos检测程序使用的是galaxy用户，给galaxy用户追加Dos相关的权限。\r\n\r\n新增profile-DoS Detection Profiles权限和log-Dos Events权限。\r\n\r\n \r\n\r\n ","project":{"self":"https://jira.geedge.net/rest/api/2/project/10206","id":"10206","key":"OMPUB","name":"Operation and Maintenance","projectTypeKey":"business","avatarUrls":{"48x48":"https://jira.geedge.net/secure/projectavatar?pid=10206&avatarId=10715","24x24":"https://jira.geedge.net/secure/projectavatar?size=small&pid=10206&avatarId=10715","16x16":"https://jira.geedge.net/secure/projectavatar?size=xsmall&pid=10206&avatarId=10715","32x32":"https://jira.geedge.net/secure/projectavatar?size=medium&pid=10206&avatarId=10715"},"projectCategory":{"self":"https://jira.geedge.net/rest/api/2/projectCategory/10002","id":"10002","description":"系统运维","name":"MaintenanceDev"}},"fixVersions":[],"aggregatetimespent":null,"resolution":{"self":"https://jira.geedge.net/rest/api/2/resolution/10000","id":"10000","description":"该问题的工作流程已完成。","name":"完成"},"timetracking":{},"customfield_10401":null,"customfield_10104":null,"customfield_10402":null,"customfield_10105":"0|i03v58:","customfield_10403":null,"customfield_10404":null,"attachment":[{"self":"https://jira.geedge.net/rest/api/2/attachment/36670","id":"36670","filename":"微信图片_20230327221038.png","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=liuju","name":"liuju","key":"JIRAUSER10222","emailAddress":"liuju@zdjizhi.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=32"},"displayName":"刘菊","active":false,"timeZone":"Asia/Shanghai"},"created":"2023-03-28T03:13:25.761+0800","size":123342,"mimeType":"image/png","content":"https://jira.geedge.net/secure/attachment/36670/%E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20230327221038.png","thumbnail":"https://jira.geedge.net/secure/thumbnail/36670/_thumb_36670.png"},{"self":"https://jira.geedge.net/rest/api/2/attachment/36669","id":"36669","filename":"微信图片_20230327221049.png","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=liuju","name":"liuju","key":"JIRAUSER10222","emailAddress":"liuju@zdjizhi.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=32"},"displayName":"刘菊","active":false,"timeZone":"Asia/Shanghai"},"created":"2023-03-28T03:13:25.798+0800","size":97492,"mimeType":"image/png","content":"https://jira.geedge.net/secure/attachment/36669/%E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20230327221049.png","thumbnail":"https://jira.geedge.net/secure/thumbnail/36669/_thumb_36669.png"},{"self":"https://jira.geedge.net/rest/api/2/attachment/36668","id":"36668","filename":"微信图片_20230327221054.png","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=liuju","name":"liuju","key":"JIRAUSER10222","emailAddress":"liuju@zdjizhi.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=32"},"displayName":"刘菊","active":false,"timeZone":"Asia/Shanghai"},"created":"2023-03-28T03:13:26.460+0800","size":176204,"mimeType":"image/png","content":"https://jira.geedge.net/secure/attachment/36668/%E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20230327221054.png","thumbnail":"https://jira.geedge.net/secure/thumbnail/36668/_thumb_36668.png"},{"self":"https://jira.geedge.net/rest/api/2/attachment/36667","id":"36667","filename":"微信图片_20230327221248.png","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=liuju","name":"liuju","key":"JIRAUSER10222","emailAddress":"liuju@zdjizhi.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=32"},"displayName":"刘菊","active":false,"timeZone":"Asia/Shanghai"},"created":"2023-03-28T03:13:26.461+0800","size":200837,"mimeType":"image/png","content":"https://jira.geedge.net/secure/attachment/36667/%E5%BE%AE%E4%BF%A1%E5%9B%BE%E7%89%87_20230327221248.png","thumbnail":"https://jira.geedge.net/secure/thumbnail/36667/_thumb_36667.png"}],"aggregatetimeestimate":null,"resolutiondate":"2023-05-06T16:23:54.494+0800","workratio":-1,"summary":"【E21现场】排查客户配置了一条DoS Detection Profiles策略，但是拨测未产生Dos Events","lastViewed":null,"watches":{"self":"https://jira.geedge.net/rest/api/2/issue/OMPUB-874/watchers","watchCount":4,"isWatching":false},"creator":{"self":"https://jira.geedge.net/rest/api/2/user?username=liuju","name":"liuju","key":"JIRAUSER10222","emailAddress":"liuju@zdjizhi.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=32"},"displayName":"刘菊","active":false,"timeZone":"Asia/Shanghai"},"subtasks":[],"created":"2023-03-28T03:22:26.567+0800","reporter":{"self":"https://jira.geedge.net/rest/api/2/user?username=liuju","name":"liuju","key":"JIRAUSER10222","emailAddress":"liuju@zdjizhi.com","avatarUrls":{"48x48":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=48","24x24":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=24","16x16":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=16","32x32":"https://www.gravatar.com/avatar/de39e01c583621fe2030d723f55e0e79?d=mm&s=32"},"displayName":"刘菊","active":false,"timeZone":"Asia/Shanghai"},"customfield_10000":"{summaryBean=com.atlassian.jira.plugin.devstatus.rest.SummaryBean@44110d28[summary={pullrequest=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@618b02d3[overall=PullRequestOverallBean{stateCount=0, state='OPEN', details=PullRequestOverallDetails{openCount=0, mergedCount=0, declinedCount=0}},byInstanceType={}], build=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@38d9984b[overall=com.atlassian.jira.plugin.devstatus.summary.beans.BuildOverallBean@17d9819[failedBuildCount=0,successfulBuildCount=0,unknownBuildCount=0,count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], review=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@4031dcec[overall=com.atlassian.jira.plugin.devstatus.summary.beans.ReviewsOverallBean@59d81f62[stateCount=0,state=<null>,dueDate=<null>,overDue=false,count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], deployment-environment=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@2d37cfd2[overall=com.atlassian.jira.plugin.devstatus.summary.beans.DeploymentOverallBean@4067373d[topEnvironments=[],showProjects=false,successfulCount=0,count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], repository=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@e7f5561[overall=com.atlassian.jira.plugin.devstatus.summary.beans.CommitOverallBean@17c568c3[count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}], branch=com.atlassian.jira.plugin.devstatus.rest.SummaryItemBean@49f7cb6[overall=com.atlassian.jira.plugin.devstatus.summary.beans.BranchOverallBean@7d387dc7[count=0,lastUpdated=<null>,lastUpdatedTimestamp=<null>],byInstanceType={}]},errors=[],configErrors=[]], devSummaryJson={\"cachedValue\":{\"errors\":[],\"configErrors\":[],\"summary\":{\"pullrequest\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"stateCount\":0,\"state\":\"OPEN\",\"details\":{\"openCount\":0,\"mergedCount\":0,\"declinedCount\":0,\"total\":0},\"open\":true},\"byInstanceType\":{}},\"build\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"failedBuildCount\":0,\"successfulBuildCount\":0,\"unknownBuildCount\":0},\"byInstanceType\":{}},\"review\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"stateCount\":0,\"state\":null,\"dueDate\":null,\"overDue\":false,\"completed\":false},\"byInstanceType\":{}},\"deployment-environment\":{\"overall\":{\"count\":0,\"lastUpdated\":null,\"topEnvironments\":[],\"showProjects\":false,\"successfulCount\":0},\"byInstanceType\":{}},\"repository\":{\"overall\":{\"count\":0,\"lastUpdated\":null},\"byInstanceType\":{}},\"branch\":{\"overall\":{\"count\":0,\"lastUpdated\":null},\"byInstanceType\":{}}}},\"isStale\":false}}","aggregateprogress":{"progress":0,"total":0},"customfield_10100":null,"priority":{"self":"https://jira.geedge.net/rest/api/2/priority/3","iconUrl":"https://jira.geedge.net/images/icons/priorities/medium.svg","name":"Medium","id":"3"},"customfield_10200":null,"customfield_10400":null,"labels":["E21现场"],"environment":null,"timeestimate":null,"aggregatetimeoriginalestimate":null,"versions":[],"duedate":null,"progress":{"progress":0,"total":0},"issuelinks":[],"comment":{"comments":[{"self":"https://jira.geedge.net/rest/api/2/issue/33657/comment/56468","id":"56468","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=doufenghu","name":"doufenghu","key":"JIRAUSER10107","emailAddress":"doufenghu@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?ownerId=JIRAUSER10107&avatarId=11700","24x24":"https://jira.geedge.net/secure/useravatar?size=small&ownerId=JIRAUSER10107&avatarId=11700","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&ownerId=JIRAUSER10107&avatarId=11700","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&ownerId=JIRAUSER10107&avatarId=11700"},"displayName":"窦凤虎","active":true,"timeZone":"Asia/Shanghai"},"body":"[~liuyang] TSG 系统集成时，Galaxy用户需要赋予权限，需要讨论下。目前：\r\n * 默认需要读取 DoS Detection Profiles ，基于用户自定义阈值做DoS检测\r\n * 可以支持通过API接口动态增加策略对象的能力。因属于CN SOAR业务，建议创建独立用户并分配该权限。","updateAuthor":{"self":"https://jira.geedge.net/rest/api/2/user?username=doufenghu","name":"doufenghu","key":"JIRAUSER10107","emailAddress":"doufenghu@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?ownerId=JIRAUSER10107&avatarId=11700","24x24":"https://jira.geedge.net/secure/useravatar?size=small&ownerId=JIRAUSER10107&avatarId=11700","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&ownerId=JIRAUSER10107&avatarId=11700","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&ownerId=JIRAUSER10107&avatarId=11700"},"displayName":"窦凤虎","active":true,"timeZone":"Asia/Shanghai"},"created":"2023-03-29T18:53:31.268+0800","updated":"2023-03-29T18:54:05.762+0800"},{"self":"https://jira.geedge.net/rest/api/2/issue/33657/comment/56621","id":"56621","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=liuyang","name":"liuyang","key":"JIRAUSER10102","emailAddress":"liuyang@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10341","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10341","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10341","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10341"},"displayName":"刘洋","active":true,"timeZone":"Asia/Shanghai"},"body":"[~doufenghu] OLAP和CN程序创建独立用户，请确认用户名称、对应权限，以及是否需要初始化在CM程序中","updateAuthor":{"self":"https://jira.geedge.net/rest/api/2/user?username=liuyang","name":"liuyang","key":"JIRAUSER10102","emailAddress":"liuyang@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10341","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10341","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10341","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10341"},"displayName":"刘洋","active":true,"timeZone":"Asia/Shanghai"},"created":"2023-04-04T09:20:36.077+0800","updated":"2023-04-04T09:22:34.293+0800"},{"self":"https://jira.geedge.net/rest/api/2/issue/33657/comment/56629","id":"56629","author":{"self":"https://jira.geedge.net/rest/api/2/user?username=doufenghu","name":"doufenghu","key":"JIRAUSER10107","emailAddress":"doufenghu@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?ownerId=JIRAUSER10107&avatarId=11700","24x24":"https://jira.geedge.net/secure/useravatar?size=small&ownerId=JIRAUSER10107&avatarId=11700","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&ownerId=JIRAUSER10107&avatarId=11700","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&ownerId=JIRAUSER10107&avatarId=11700"},"displayName":"窦凤虎","active":true,"timeZone":"Asia/Shanghai"},"body":"CM需初始化创建两个用户：\r\n * username：olap  Role为superreader；rule或porfile读取权限。\r\n * username：cyber_narrator  Role为Policies&Objects。后续SOAR业务。","updateAuthor":{"self":"https://jira.geedge.net/rest/api/2/user?username=doufenghu","name":"doufenghu","key":"JIRAUSER10107","emailAddress":"doufenghu@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?ownerId=JIRAUSER10107&avatarId=11700","24x24":"https://jira.geedge.net/secure/useravatar?size=small&ownerId=JIRAUSER10107&avatarId=11700","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&ownerId=JIRAUSER10107&avatarId=11700","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&ownerId=JIRAUSER10107&avatarId=11700"},"displayName":"窦凤虎","active":true,"timeZone":"Asia/Shanghai"},"created":"2023-04-04T10:22:57.257+0800","updated":"2023-04-04T10:22:57.257+0800"}],"maxResults":3,"total":3,"startAt":0},"votes":{"self":"https://jira.geedge.net/rest/api/2/issue/OMPUB-874/votes","votes":0,"hasVoted":false},"worklog":{"startAt":0,"maxResults":20,"total":0,"worklogs":[]},"assignee":{"self":"https://jira.geedge.net/rest/api/2/user?username=liuyang","name":"liuyang","key":"JIRAUSER10102","emailAddress":"liuyang@geedgenetworks.com","avatarUrls":{"48x48":"https://jira.geedge.net/secure/useravatar?avatarId=10341","24x24":"https://jira.geedge.net/secure/useravatar?size=small&avatarId=10341","16x16":"https://jira.geedge.net/secure/useravatar?size=xsmall&avatarId=10341","32x32":"https://jira.geedge.net/secure/useravatar?size=medium&avatarId=10341"},"displayName":"刘洋","active":true,"timeZone":"Asia/Shanghai"},"updated":"2024-01-12T18:11:54.284+0800","status":{"self":"https://jira.geedge.net/rest/api/2/status/10102","description":"","iconUrl":"https://jira.geedge.net/images/icons/status_generic.gif","name":"完成","id":"10102","statusCategory":{"self":"https://jira.geedge.net/rest/api/2/statuscategory/3","id":3,"key":"done","colorName":"green","name":"完成"}}}}