feat(sangfor-sip): add Sangfor SIP security intelligence platform service package#222
Open
K6gg wants to merge 4 commits into
Open
feat(sangfor-sip): add Sangfor SIP security intelligence platform service package#222K6gg wants to merge 4 commits into
K6gg wants to merge 4 commits into
Conversation
Member
|
Review 阻塞:这个 service package PR 有测试文件,但我没有在 PR 描述、评论或改动文件中找到真实的测试截图证据(图片链接或提交的图片文件)。请补充能证明该 service package 跑通的截图,例如 |
Member
|
结尾用 LF 而不是 CRLF |
innomentats
marked this pull request as draft
June 26, 2026 11:44
Member
|
Reviewer note: this PR currently has merge conflicts with the target branch, so it cannot be merged or reviewed safely in its current state. Please rebase or merge the latest base branch, resolve the conflicts, and make sure GitHub Actions pass again. I am marking/keeping this PR as draft until the conflicts are resolved. |
…p-service # Conflicts: # services/bin/octobus-tentacles.js # services/package.json
|
评审任务执行失败:任务执行超时。 |
K6gg
marked this pull request as ready for review
July 9, 2026 07:40
Contributor
Author
|
@eetoc 请评审 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
接入设备
深信服安全感知平台(Sangfor SIP / Security Intelligence Platform)V92+,企业级威胁感知与漏洞管理平台,提供安全事件、风险资产/终端、资产台账、IP 组、弱密码/漏洞/明文传输等数据拉取能力。服务包
services/sangfor__sip,proto 包SANGFOR_SIP。设备版本
Sangfor SIP V92+,REST API 基础路径
https://<ip>:7443(非标准 HTTPS 端口),所有数据接口均为 GET,认证接口为 POST。认证方式
三方认证(
secret.userName/secret.password/secret.platformName):randauth = sha1(rand + password + "sangfor3party" + userName).toHexString()POST /sangforinter/v1/auth/party/login→ 获取token后续所有数据请求携带
?token=<token>(query 参数)。Token 有有效期,每次 RPC 调用重新获取。SIP 通常使用自签名证书,建议配置
skipTlsVerify: true。实现方法
方式:RPC(gRPC,9 个方法)
GetSecurityEventsGET /sangforinter/v1/data/riskeventGetRiskBusinessGET /sangforinter/v1/data/riskbusinessGetRiskTerminalsGET /sangforinter/v1/data/riskterminalGetServersGET /sangforinter/v1/data/businessGetTerminalsGET /sangforinter/v1/data/terminalGetIPGroupsGET /sangforinter/v1/data/ipgroupGetWeakPasswordsGET /sangforinter/v1/data/weakpasswdGetVulnerabilitiesGET /sangforinter/v1/data/holeGetPlaintextTransmissionsGET /sangforinter/v1/data/plaintexttransmissiongoogle.protobuf.Value原样透传,无success/errorcode透传。INVALID_ARGUMENT,code 13 / HTTP 403→PERMISSION_DENIED,code 301 / 其他非零 code→FAILED_PRECONDITION,HTTP 5xx / 网络→UNAVAILABLE,非 JSON→UNKNOWN。from_time(秒级时间戳)、to_time(秒级时间戳)、max_count(默认 2000,脆弱性类接口上限 5000)。测试命令
已知限制
proof字段)及日志详情(logParams)需另行请求 SIP 内部接口,本包不包含这些二级接口。/sangforinter/v1/data/branch)已被官方标记废弃,未纳入本包。真实设备验证
联调证据:认证接口 跑通
联调证据:GetSecurityEvents 跑通
联调证据:GetRiskBusiness 跑通
联调证据:GetRiskTerminals 跑通
联调证据:GetServers 跑通
联调证据:GetTerminals 跑通
联调证据:GetIPGroups 跑通
联调证据:GetWeakPasswords 跑通
联调证据:GetVulnerabilities 跑通
联调证据:GetPlaintextTransmissions 跑通