CN107707415A - A kind of automatic monitoring of server configuration and alarm method based on SaltStack - Google Patents

A kind of automatic monitoring of server configuration and alarm method based on SaltStack Download PDF

Info

Publication number
CN107707415A
CN107707415A CN201711183370.3A CN201711183370A CN107707415A CN 107707415 A CN107707415 A CN 107707415A CN 201711183370 A CN201711183370 A CN 201711183370A CN 107707415 A CN107707415 A CN 107707415A
Authority
CN
China
Prior art keywords
configuration
server
saltstack
content
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201711183370.3A
Other languages
Chinese (zh)
Other versions
CN107707415B (en
Inventor
吴天琦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Zhidaochuangyu Information Technology Co Ltd
Original Assignee
Chengdu Zhidaochuangyu Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Zhidaochuangyu Information Technology Co Ltd filed Critical Chengdu Zhidaochuangyu Information Technology Co Ltd
Priority to CN201711183370.3A priority Critical patent/CN107707415B/en
Publication of CN107707415A publication Critical patent/CN107707415A/en
Application granted granted Critical
Publication of CN107707415B publication Critical patent/CN107707415B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/42Mailbox-related aspects, e.g. synchronisation of mailboxes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Debugging And Monitoring (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a kind of automatic monitoring of server configuration based on SaltStack and alarm method, including:The server being managed periodically is dispatched by timed task scheduling tool, performs SaltStack Client commands;SaltStack client request SaltStack service ends, expected configuration is pulled, and contrasted with the actual disposition file on current server, return to the json format differences results of configuration and expected configuration on current server;Configuration variance analysis program is by reading result;The change state and the content write-in message queue of all change files that will determine that;Safeguard the profile list and affiliated director and mailbox message in configuration monitoring end;Read queue content in configuration monitoring end;By changing state value, if content alteration, then client and changed content are sent into alarm email to keeper.The present invention solves the safety and reliability of aol server configuration file, in the case of ensureing that file or is tampered the modification of mistake, can monitor and alert in time.

Description

A kind of automatic monitoring of server configuration and alarm method based on SaltStack
Technical field
The present invention relates to each system-based configuration and service field of configuration, particularly one kind on server node to be based on The SaltStack automatic monitoring of server configuration and alarm method.
Background technology
In order to ensure server normal operation, it is necessary to each system-based configuration file, service aid to server Configuration file of configuration file and service code etc. is managed and safeguarded, to prevent the configuration of operating personnel's bug patch from leading Cause server operation troubles or business to go wrong, be also possible to prevent server and be hacked and distort configuration file etc..
Traditional server configuration is mainly manual administration and maintenance, in deployment and follow-up maintenance, if configuration change, Need to configure by platform manual modification.Occurred some server configuration management tools, such as SaltStack in recent years, it is to pass through The mode of configuration template is write, the configuration for needing to be managed well is predefined in SlatStack service ends, then by periodically manual The command tools (salt-call orders) that SaltStack is provided are performed, by machine (client on predefined expected configuration and line End) actual disposition contrast, do not do any operation if no difference;If variant with the configuration of machine on line, Changed content can be exported under test pattern.
Although having server configuration management tool as such as SaltStack at present, their core concern Point is all the management to configuration, i.e., actual disposition on line is updated into expected configuration, facilitates the renewal and maintenance of batch.For The monitoring of configuration and alert this block, then do not provide, during per secondary inspection, it is necessary to manually operation performs order, then wait is returned Return result;Lead to not the configuration to mistake to know and correct in time, in addition if machine is hacked after, file is tampered, newly Increasing or deleting can not also know in time.
SaltStack:It is the configuration management tool of a C/S structure, it is managed by writing configuration template in service end Client can perform Client command (salt-call) installation specified services, renewal client-server on specify match somebody with somebody Put and show changed content, the operation such as cryptographic Hash of documents.
Timed task scheduling tool:Periodically perform the instrument for specifying order, such as cron command tools specifically can be with With reference to https://zh.wikipedia.org/zh-hans/Cron.
Message queue:One end produces data write-in message queue, other end consumption (reading) data, and ensure data can By property and uniformity, such as kafka instruments, https is specifically referred to://zh.wikipedia.org/wiki/Kafka.
json:A kind of text mark up language, facilitate program to read and use data.
The content of the invention
The technical problems to be solved by the invention be to provide a kind of automatic monitoring of server configuration based on SaltStack with Alarm method, solve the safety and reliability of aol server configuration file, ensure file by the modification of mistake or usurped In the case of changing, it can monitor and alert in time.
In order to solve the above technical problems, the technical solution adopted by the present invention is:
A kind of automatic monitoring of server configuration and alarm method based on SaltStack, comprise the following steps:
Step 1:The server being managed periodically is dispatched by timed task scheduling tool, is performed SaltStack Client commands;
Step 2:SaltStack clients can ask SaltStack service ends, pull expected configuration, and and current clothes Actual disposition file on business device contrasts, and returns to the json format differences results of configuration and expected configuration on current server, Resultant content is each single item configuration and its changed content;
Step 3:Result is read by variance analysis, each configuration item result is traveled through, judges whether configuration file has change Dynamic, the wherein entitled changes of field value represents changed content, if changes contents are null values, then it represents that with expected one Cause, be otherwise then the difference of change;
Step 4:The change state and the content write-in message queue of all change files that will determine that;
Step 5:The profile list and affiliated director and mailbox message are safeguarded in configuration monitoring end, if system configuration, Then director is system manager, if business configuration, then director is system manager and corresponding service director;Configuration prison Control end and read queue content, obtain the change state value and changed content of client;
Step 6:By changing state value, if client is ignored without content alteration;If content alteration, then will Client and changed content send alarm email to keeper, if business configuration, while send mail to business director Alarm;
Step 7:If it exceeds cycle time does not receive any data on being managed server in message queue, then table Show that being managed server has security risk, hair mail is alerted to keeper.
Specifically, in step 1, the timed task scheduling tool is cron.
Compared with prior art, the beneficial effects of the invention are as follows:
1) as in step 6, some operation maintenance personnel needs to change some configuration file on server, but mistake Sign in and operated in server B, cause the operation of business service mistake;At this moment client analysis program can monitor, and finally match somebody with somebody Put monitoring client and send alarm, learn and repair in the very first time.
2) as in step 6, processing business and updates upgrading, configuration needs to change, operation maintenance personnel operation lines last consignment of server, more This new configuration.After renewal, warning information can be paid close attention to, if no alarm information, then it represents that this batch server is specified Configuration is all altered correct;Otherwise represent that renewal is problematic, it is necessary to timely processing.
3) as in step 6, server A is broken through and logged into by hacker, has maliciously distorted some service configuration and one A little program files, monitoring programme similarly can be found that file is tampered.
4) as in step 7, if hacker has found the detection service of this cycle monitoring, and it is cut off make on it stops Report, but find to exceed the data for specifying the cycle not receive server A at configuration monitoring end, then it is assumed that server A, which has gone out, asks Topic, can also equally be alerted.
Brief description of the drawings
Fig. 1 is present invention monitoring and alarm method schematic flow sheet.
Embodiment
The present invention is further detailed explanation with reference to the accompanying drawings and detailed description.SaltStack has been carried Supplied an extraordinary configuration management, and the inventive method on SaltStack this layer again plus one layer of configuration variance point Analysis checks program;The difference of server configuration is obtained by SaltStack, then configuration variance analysis program is done to difference content Check, judge whether variant, alerted if variant to keeper and business director.Details are as follows:
1st, the server (client) being managed periodically is dispatched by timed task scheduling tool (such as cron), Perform SaltStack Client commands (salt-call).
2nd, SaltStack clients can ask SaltStack service ends, pull expected configuration, and and current server On actual disposition file contrast, return to the json format differences results of configuration and expected configuration on current server, as a result Content is each single item configuration and its changed content.
3rd, result is read by variance analysis, travels through each configuration item result, judge whether configuration file has variation, its The middle entitled changes of field value represents changed content, if changes contents are null values, then it represents that with expected consistent, otherwise It is then the difference of change.
For example, the core false code fragment realized by python language is as follows:
4th, the change state value that will determine that (represents whether this server has variation, as long as any one configuration has altered Then think there is variation) and all change files content write-in message queue (such as kafka).
5th, the profile list and affiliated director and mailbox message are safeguarded in configuration monitoring end, and system configuration is then responsible in this way People is system manager, and then director is system manager and corresponding service director to business configuration in this way.Read at configuration monitoring end Queue content is taken, obtains the change state value and changed content of client.
6th, by changing state value, if client is ignored without content alteration;If content alteration, then by client End and changed content send alarm email to keeper, if business configuration, while send mail alarm to business director.
7th, if it exceeds cycle time does not receive any data on being managed server in message queue, then also illustrate that Being managed server has security risk, and possible periodic duty is cut off by non-safety, should also send out mail and be accused to keeper It is alert.

Claims (2)

1. a kind of automatic monitoring of server configuration and alarm method based on SaltStack, it is characterised in that including following step Suddenly:
Step 1:The server being managed periodically is dispatched by timed task scheduling tool, performs SaltStack visitors Family sort command;
Step 2:SaltStack clients can ask SaltStack service ends, pull expected configuration, and and current server On actual disposition file contrast, return to the json format differences results of configuration and expected configuration on current server, as a result Content is each single item configuration and its changed content;
Step 3:Result is read by variance analysis, each configuration item result is traveled through, judges whether configuration file has variation, its The middle entitled changes of field value represents changed content, if changes contents are null values, then it represents that with expected consistent, otherwise It is then the difference of change;
Step 4:The change state and the content write-in message queue of all change files that will determine that;
Step 5:The profile list and affiliated director and mailbox message are safeguarded in configuration monitoring end, if system configuration, then bear It is system manager to blame people, if business configuration, then director is system manager and corresponding service director;Configuration monitoring end Queue content is read, obtains the change state value and changed content of client;
Step 6:By changing state value, if client is ignored without content alteration;If content alteration, then by client End and changed content send alarm email to keeper, if business configuration, while send mail alarm to business director;
Step 7:If it exceeds cycle time does not receive any data on being managed server in message queue, then it represents that quilt Management server has security risk, and hair mail is alerted to keeper.
2. a kind of automatic monitoring of server configuration and alarm method based on SaltStack as claimed in claim 1, its feature It is, in step 1, the timed task scheduling tool is cron.
CN201711183370.3A 2017-11-23 2017-11-23 SaltStack-based automatic monitoring and warning method for server configuration Active CN107707415B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711183370.3A CN107707415B (en) 2017-11-23 2017-11-23 SaltStack-based automatic monitoring and warning method for server configuration

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711183370.3A CN107707415B (en) 2017-11-23 2017-11-23 SaltStack-based automatic monitoring and warning method for server configuration

Publications (2)

Publication Number Publication Date
CN107707415A true CN107707415A (en) 2018-02-16
CN107707415B CN107707415B (en) 2021-03-19

Family

ID=61185708

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711183370.3A Active CN107707415B (en) 2017-11-23 2017-11-23 SaltStack-based automatic monitoring and warning method for server configuration

Country Status (1)

Country Link
CN (1) CN107707415B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109144607A (en) * 2018-08-06 2019-01-04 成都知道创宇信息技术有限公司 A kind of large-scale server automatic deployment and configuration method
CN110162510A (en) * 2019-04-26 2019-08-23 平安普惠企业管理有限公司 Transcription comparison method, device, computer equipment and storage medium
CN112579554A (en) * 2019-09-29 2021-03-30 北京金山云网络技术有限公司 Batch comparison method and device for server configuration files and electronic equipment
CN112801516A (en) * 2021-02-01 2021-05-14 天津五八到家货运服务有限公司 Policy matching method, computer device, and storage medium
CN114584600A (en) * 2022-01-20 2022-06-03 国网青海省电力公司 Data audit monitoring system
CN115168137A (en) * 2022-06-17 2022-10-11 北京结慧科技有限公司 Monitoring method and system for timing task, computer equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102916839A (en) * 2012-10-26 2013-02-06 南宁职业技术学院 Automatic monitoring system for agricultural work in sugarhouse
CN105553871A (en) * 2015-12-15 2016-05-04 厦门贝启科技有限公司 Method and system for remotely managing equipment parameters
CN105681113A (en) * 2016-03-29 2016-06-15 浪潮软件集团有限公司 Automatic operation and maintenance method based on SaltStack
WO2017053789A1 (en) * 2015-09-24 2017-03-30 Circadence Corporation Mission-based, game-implemented cyber training system and method
US20170270157A1 (en) * 2016-03-21 2017-09-21 Virtual Network Element, Inc. TCP/IP Network Automation and Orchestration Tools

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102916839A (en) * 2012-10-26 2013-02-06 南宁职业技术学院 Automatic monitoring system for agricultural work in sugarhouse
WO2017053789A1 (en) * 2015-09-24 2017-03-30 Circadence Corporation Mission-based, game-implemented cyber training system and method
CN105553871A (en) * 2015-12-15 2016-05-04 厦门贝启科技有限公司 Method and system for remotely managing equipment parameters
US20170270157A1 (en) * 2016-03-21 2017-09-21 Virtual Network Element, Inc. TCP/IP Network Automation and Orchestration Tools
CN105681113A (en) * 2016-03-29 2016-06-15 浪潮软件集团有限公司 Automatic operation and maintenance method based on SaltStack

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
李小文 等: "《基于Puppet 的自动化部署工具的设计与实现》", 《软件》 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109144607A (en) * 2018-08-06 2019-01-04 成都知道创宇信息技术有限公司 A kind of large-scale server automatic deployment and configuration method
CN110162510A (en) * 2019-04-26 2019-08-23 平安普惠企业管理有限公司 Transcription comparison method, device, computer equipment and storage medium
CN112579554A (en) * 2019-09-29 2021-03-30 北京金山云网络技术有限公司 Batch comparison method and device for server configuration files and electronic equipment
CN112801516A (en) * 2021-02-01 2021-05-14 天津五八到家货运服务有限公司 Policy matching method, computer device, and storage medium
CN114584600A (en) * 2022-01-20 2022-06-03 国网青海省电力公司 Data audit monitoring system
CN115168137A (en) * 2022-06-17 2022-10-11 北京结慧科技有限公司 Monitoring method and system for timing task, computer equipment and storage medium

Also Published As

Publication number Publication date
CN107707415B (en) 2021-03-19

Similar Documents

Publication Publication Date Title
CN107707415A (en) A kind of automatic monitoring of server configuration and alarm method based on SaltStack
CN102624570A (en) Monitoring system and method for detecting availability of web server
DE112020004623T5 (en) ML-BASED EVENT HANDLING
JP6871877B2 (en) Information processing equipment, information processing methods and computer programs
CN105205625A (en) Employee attendance checking method and system
CN105141478A (en) Method for monitoring state of sas card hard disk of linux server
CN103942547A (en) Online and real-time printing detection method for intelligent card issuing system
US9405657B2 (en) Application architecture assessment system
US20030135496A1 (en) Management program, method and apparatus for business process definition
CN111782481A (en) Universal data interface monitoring system and monitoring method
CN112949798A (en) Laboratory equipment management method and system based on RFID technology
WO2023200597A1 (en) Automated positive train control event data extraction and analysis engine for performing root cause analysis of unstructured data
US20150186809A1 (en) System and method for tracking ami assets
CN109685682A (en) The method of regulator control system inspection operation ticket is intelligently generated based on relational database
CN115187210A (en) Abnormal information handling method, device, system, electronic equipment and storage medium
CN112035315A (en) Webpage data monitoring method and device, computer equipment and storage medium
CN105678389A (en) Detection method for operation, maintenance and management
CN106372549A (en) Data processing method and device for medical apparatus
JP4363240B2 (en) Vehicle inspection management system
CN114154094B (en) Calculation method for untimely updating of website
US20230334340A1 (en) Automated positive train control event data extraction and analysis engine for performing root cause analysis of unstructured data
KR102533552B1 (en) IT infrastructure integrated history management method using the IT infrastructure integrated history management system
US20240143919A1 (en) Systems and methods for extracting data from documents
US20220163941A1 (en) Industrial commissioning procedures including loop checking
CN206696880U (en) Product test management system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP02 Change in the address of a patent holder
CP02 Change in the address of a patent holder

Address after: 9/F, Block C, No. 28 Tianfu Avenue North Section, Chengdu High tech Zone, China (Sichuan) Pilot Free Trade Zone, Chengdu City, Sichuan Province, 610000

Patentee after: CHENGDU KNOWNSEC INFORMATION TECHNOLOGY Co.,Ltd.

Address before: 610000, 11th floor, building 2, No. 219, Tianfu Third Street, hi tech Zone, Chengdu, Sichuan Province

Patentee before: CHENGDU KNOWNSEC INFORMATION TECHNOLOGY Co.,Ltd.