From 9448d54156499a60c34b8c24e9aa314178865ad2 Mon Sep 17 00:00:00 2001 From: marco370 <48531002-marco370@users.noreply.replit.com> Date: Sat, 22 Nov 2025 08:57:19 +0000 Subject: [PATCH] Add timestamp to log entries to ensure proper parsing Fixes an issue where log entries were missing timestamps, preventing the Python parser from correctly processing the data. This change modifies the rsyslog template to include the timestamp. Replit-Commit-Author: Agent Replit-Commit-Session-Id: 7a657272-55ba-4a79-9a2e-f1ed9bc7a528 Replit-Commit-Checkpoint-Type: full_checkpoint Replit-Commit-Event-Id: d449ad65-7340-48be-804d-a473dce5d0d8 Replit-Commit-Screenshot-Url: https://storage.googleapis.com/screenshot-production-us-central1/449cf7c4-c97a-45ae-8234-e5c5b8d6a84f/7a657272-55ba-4a79-9a2e-f1ed9bc7a528/6ZTQSoP --- .replit | 4 -- ...oto-TCP-SY-1763801791531_1763801791531.txt | 42 +++++++++++++++++++ 2 files changed, 42 insertions(+), 4 deletions(-) create mode 100644 attached_assets/Pasted--forward-in-pppoe-1511-1179-comunedisa-out-sfp-sfpplus2-VS-AS-connection-state-new-proto-TCP-SY-1763801791531_1763801791531.txt diff --git a/.replit b/.replit index 5c2048f..5c190e2 100644 --- a/.replit +++ b/.replit @@ -18,10 +18,6 @@ externalPort = 80 localPort = 41303 externalPort = 3002 -[[ports]] -localPort = 43089 -externalPort = 3001 - [[ports]] localPort = 43803 externalPort = 3000 diff --git a/attached_assets/Pasted--forward-in-pppoe-1511-1179-comunedisa-out-sfp-sfpplus2-VS-AS-connection-state-new-proto-TCP-SY-1763801791531_1763801791531.txt b/attached_assets/Pasted--forward-in-pppoe-1511-1179-comunedisa-out-sfp-sfpplus2-VS-AS-connection-state-new-proto-TCP-SY-1763801791531_1763801791531.txt new file mode 100644 index 0000000..2b79a47 --- /dev/null +++ b/attached_assets/Pasted--forward-in-pppoe-1511-1179-comunedisa-out-sfp-sfpplus2-VS-AS-connection-state-new-proto-TCP-SY-1763801791531_1763801791531.txt @@ -0,0 +1,42 @@ + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:15256->108.55.41.22:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:15256->108.55.41.22:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:24416->185.114.48.212:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:24416->185.114.48.212:445, len 52 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 178.22.24.64:53707->185.203.25.160:10401, len 44 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 178.22.24.64:53707->185.203.25.160:10401, len 44 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 183.147.162.78:42369->185.203.24.153:23, len 60 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 183.147.162.78:42369->185.203.24.153:23, len 60 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:, connection-state:new src-mac 18:fd:74:7c:aa:85, proto UDP, 38.242.148.189:51558->185.203.25.199:53, len 69 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:59956->185.114.64.51:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:59956->185.114.64.51:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new src-mac e4:38:83:be:c8:60, proto UDP, 10.0.254.250:64924->216.58.205.46:443, len 1228 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new src-mac e4:38:83:be:c8:60, proto UDP, 10.0.254.250:64924->216.58.205.46:443, len 1228 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:26015->85.39.11.225:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:26015->85.39.11.225:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:21538->216.0.0.11:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:21538->216.0.0.11:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:48075->108.55.66.212:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:48075->108.55.66.212:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:23250->78.107.87.197:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:23250->78.107.87.197:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:62934->172.121.122.57:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 185.203.26.201:62934->172.121.122.57:445, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.64:35308->168.138.169.206:443, len 60 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.64:35308->168.138.169.206:443, len 60 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 79.124.58.142:55556->185.203.24.204:4499, len 44 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.28.229:20400->185.203.24.25:443, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 84:d8:1b:68:7e:07, proto UDP, 185.203.25.162:57994->17.253.53.73:443, len 1378 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 84:d8:1b:68:7e:07, proto UDP, 185.203.25.162:57994->17.253.53.73:443, len 1378 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 84:d8:1b:68:7e:07, proto UDP, 185.203.25.162:57994->17.253.53.73:443, len 700 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new src-mac 84:d8:1b:68:7e:07, proto UDP, 185.203.25.162:57994->17.253.53.73:443, len 700 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.29.25:27540->185.203.24.94:443, len 52 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:VLAN53_PPOE_DATACENTER, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 170.247.29.25:27540->185.203.24.94:443, len 52 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 103.102.230.4:33260->185.203.25.227:8728, len 44 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 103.102.230.4:33260->185.203.25.227:8728, len 44 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:sfp-sfpplus1_VS_FTTO, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 68.183.27.223:43452->185.203.26.33:29092, len 52 + detected-ddos forward: in:sfp-sfpplus2_VS_AS out:sfp-sfpplus1_VS_FTTO, connection-state:new src-mac 18:fd:74:7c:aa:85, proto TCP (SYN), 68.183.27.223:43452->185.203.26.33:29092, len 52 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.214:39490->44.212.216.137:443, len 60 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.214:39490->44.212.216.137:443, len 60 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.94:47860->216.239.36.223:443, len 60 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.94:47860->216.239.36.223:443, len 60 + forward: in: out:sfp-sfpplus2_VS_AS, connection-state:new proto TCP (SYN), 10.0.254.94:47864->216.239.36.223:443, len 60 \ No newline at end of file