CN114064429A - Audit log acquisition method and device, storage medium and server - Google Patents

Audit log acquisition method and device, storage medium and server Download PDF

Info

Publication number
CN114064429A
CN114064429A CN202111278659.XA CN202111278659A CN114064429A CN 114064429 A CN114064429 A CN 114064429A CN 202111278659 A CN202111278659 A CN 202111278659A CN 114064429 A CN114064429 A CN 114064429A
Authority
CN
China
Prior art keywords
audit
service
business
annotation
audit log
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111278659.XA
Other languages
Chinese (zh)
Inventor
雷炳立
卢利梅
戴桂灶
龙润秋
钟伟
曾广安
卢卫娟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yuanguang Software Co Ltd
Original Assignee
Yuanguang Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yuanguang Software Co Ltd filed Critical Yuanguang Software Co Ltd
Priority to CN202111278659.XA priority Critical patent/CN114064429A/en
Publication of CN114064429A publication Critical patent/CN114064429A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3466Performance evaluation by tracing or monitoring
    • G06F11/3476Data logging
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/1805Append-only file systems, e.g. using logs or journals to store data
    • G06F16/1815Journaling file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44505Configuring for program initiating, e.g. using registry, configuration files
    • G06F9/4451User profiles; Roaming

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The application discloses a method and a device for acquiring audit logs, a server and a storage medium, and relates to the field of office automation. The method comprises the steps of adding dependence of an audit assembly package in business service, collecting the audit log according to a method provided by the audit assembly package, recording the audit log into annotation of business codes of the business service, obtaining the collected audit log through the annotation, and calling a write-in service to write the audit log into a database. Therefore, the audit logs are collected through the micro-service architecture, the audit logs do not need to be collected through a network request and a network response mode, response time is prolonged, and consumption of network bandwidth is reduced.

Description

Audit log acquisition method and device, storage medium and server
Technical Field
The application relates to the field of office automation, in particular to a method, a system, a device, a storage medium and a server for collecting an audit log.
Background
In the using process of the application system, all operation logs of a user in the application system need to be recorded, managed and analyzed, and user behaviors are monitored, so that mining and safety responsibility accident confirmation can be conducted on audit logs in a subsequent set. The current method for collecting the audit logs generally comprises the following steps: the collection interface is set in the application system, and the user collects the audit log of the service system by calling the collection interface, however, the method for collecting the audit log needs to transmit a network request through a network, the response time of the application system is long, and a large amount of network bandwidth is consumed.
Disclosure of Invention
The application provides an audit log acquisition method, a related device and a storage medium, which solve the problems of long response time and high network bandwidth consumption in audit log acquisition.
In a first aspect, the present application provides a method for acquiring an audit log, including:
obtaining an audit component package;
adding the dependency information of the audit component package in a configuration file of a business service;
inquiring an annotation in a business code of the business service, and acquiring an audit log according to an attribute value of an acquisition parameter in the annotation;
and calling a writing service to write the collected audit logs into a database.
In a second aspect, the present application provides an apparatus for collecting an audit log, including:
the acquisition unit is used for acquiring the audit component package;
the dependency unit is used for adding dependency information of the audit component package in a configuration file of a business service;
the query unit is used for querying the annotation in the business code of the business service and acquiring an audit log according to the attribute value of the acquisition parameter in the annotation;
and the writing unit is used for calling a writing service to write the collected audit log into the database.
In another aspect, the present application provides an apparatus, which may implement the method for acquiring an audit log according to the first aspect. The above-described method may be implemented by software, hardware, or by executing corresponding software by hardware.
In one possible implementation manner, the structure of the apparatus includes a processor, a memory; the processor is configured to support the device to execute corresponding functions in the acquisition method of the audit log. The memory is used for coupling with the processor, which holds the necessary programs (instructions) and/or data for the device. Optionally, the apparatus may further include a communication interface for supporting communication between the apparatus and other network elements.
In another possible implementation manner, the apparatus may include a unit module for performing corresponding actions in the above method.
In yet another possible implementation, the wireless communication device includes a processor and a transceiver, the processor is coupled to the transceiver, and the processor is configured to execute a computer program or instructions to control the transceiver to receive and transmit information; the processor is further configured to implement the above-described method when the processor executes the computer program or instructions. The transceiver may be a transceiver, a transceiver circuit, or an input/output interface.
Yet another aspect of the present application provides an apparatus, comprising: a memory and a processor; wherein the memory stores a set of program codes, and the processor is configured to call the program codes stored in the memory and execute the method of the aspects.
The application further provides a terminal device comprising the above apparatus. Terminal devices include, but are not limited to, cell phones, computers, tablets, personal computers, servers or workstations, etc.
Yet another aspect of the present application provides a computer-readable storage medium having stored therein instructions, which when executed on a computer, cause the computer to perform the method of the above-described aspects.
Yet another aspect of the present application provides a computer program product containing instructions which, when run on a computer, cause the computer to perform the method of the above-described aspects.
According to the method, when the audit log needs to be acquired, the dependency of the audit component package is increased in the business service, the audit log is acquired according to the method provided by the audit component package, the audit log is recorded in the annotation of the business code of the business service, the acquired audit log is acquired through the annotation, and then the write-in service is called to write the audit log into the database. Therefore, the audit logs are collected through the micro-service architecture, the audit logs do not need to be collected through a network request and a network response mode, response time is prolonged, and consumption of network bandwidth is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a diagram of a network architecture provided by an embodiment of the present application;
FIG. 2 is a schematic flowchart of a method for collecting an audit log according to an embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of an acquisition device according to an embodiment of the present disclosure;
fig. 4 is a schematic structural diagram of a terminal device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance. It will be apparent to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
Fig. 1 shows an exemplary system architecture of an audit log collection method or an audit log collection apparatus that can be applied to the present application.
As shown in fig. 1, the system architecture is a micro-service architecture, including: the cloud-based micro-service system comprises a business service A, a business service B, a writing service and a database, wherein the business service A, the business service B and the writing service are micro-services, all the micro-services are matched with one another and call to complete specific business functions, all the micro-services are attached to a server at the cloud end, registration needs to be carried out in a registration center before the micro-services are used, and the micro-services can be issued after the registration so that other micro-services call the micro-services.
The server deploys the micro-service architecture, and the server can be realized as a distributed server cluster consisting of a plurality of servers, or can be realized as a single server.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. Any number of terminal devices, networks, and servers may be used, as desired for implementation.
In order to explain the technical solution described in the present application, the following description will be given by way of specific examples.
Referring to fig. 2, fig. 2 is a schematic flowchart of a method for acquiring an audit log according to an embodiment of the present application, where in the embodiment of the present application, the method includes:
s201, obtaining an audit component package.
The audit component package is independently deployed outside the micro service architecture of the application, for example: the audit component packages are deployed in a code warehouse, and a plurality of audit component packages and the identity of each audit component package are stored in the code warehouse. And when the audit component package is obtained, sending a query request to the code warehouse according to the identity, and obtaining the required audit component package according to the query response of the code warehouse.
S202, adding dependency information of the audit component package in a configuration file of the business service.
The configuration file is used for describing the attribute of the business service, the configuration file can be a Project Object Model (POM) file in an extensible markup language (XML) format, the dependency information represents the incidence relation between the business code of the business service and the audit component packet, and the dependency information of the audit component packet is added in the configuration file, so that the business service calls the audit component packet to collect the audit log, and the audit log is recorded in the annotation of the business code.
For example, the dependency of auditing packages may be increased by:
Figure BDA0003330495490000041
s203, inquiring the annotation in the business code of the business service, and acquiring an audit log according to the attribute value of the acquisition parameter in the annotation.
The service code of the service is used to implement the function of the service, and the annotation is queried in the service code, where the querying method may be: and traversing the placeholders in the business codes, if a specific placeholder is inquired, determining that the business codes are provided with annotations, and entering logic of a transverse tangent plane through the annotations. For example: the placeholder is @ AuditLog. Because the annotation records the audit log, the audit log is obtained according to the attribute value of the annotated acquisition parameter, and the acquisition parameter comprises: audit project name, audit type ID, audit type name and domain name. The audit log includes: user name, IP address, login time, operation date, and attribute value of operation content.
And S204, calling a writing service to write the collected audit log into a database.
The method for calling and writing the service by the service can be asynchronous calling or synchronous calling, and the database can be a relational database.
According to the method, when the audit log needs to be acquired, the dependency of the audit component package is increased in the business service, the audit log is acquired according to the method provided by the audit component package, the audit log is recorded in the annotation of the business code of the business service, the acquired audit log is acquired through the annotation, and then the write-in service is called to write the audit log into the database. Therefore, the audit logs are collected through the micro-service architecture, the audit logs do not need to be collected through a network request and a network response mode, response time is prolonged, and consumption of network bandwidth is reduced.
The above fig. 2 explains the collecting method of the audit log in detail. Correspondingly, the structure schematic diagram of an acquisition device of the embodiment of the application.
Referring to fig. 3, fig. 3 is a schematic structural diagram of an acquisition device 3 according to an embodiment of the present disclosure, where the acquisition device 3 may include: an acquisition unit 301, a dependency unit 302, a query unit 303, and a write unit 304.
An obtaining unit 301, configured to obtain an audit component package;
a dependency unit 302, configured to add dependency information of the audit component package in a configuration file of a business service;
the query unit 303 is configured to query an annotation in a business code of the business service, and acquire an audit log according to an attribute value of an acquisition parameter in the annotation;
and the writing unit 304 is used for calling a writing service to write the collected audit log into the database.
In one or more possible embodiments, the obtaining the audit component package includes:
an audit component package is obtained from a code repository.
In one or more possible embodiments, the acquisition parameters include: audit project name, audit type ID, audit type name and domain name.
In one or more possible embodiments, the configuration file is an extensible markup language, XML, formatted item object model, POM, file.
In one or more possible embodiments, the querying for annotations in the business code of the business service includes:
and inquiring the annotation in the business code of the business service according to the placeholder.
In one or more possible embodiments, the invoking the write service to write the collected audit log into the database includes:
and calling a writing service based on an asynchronous mode to write the collected audit logs into the database.
In one or more possible embodiments, the audit log comprises: user name, IP address, login time, operation date, and attribute value of operation content.
The embodiment of the present application and the embodiment of the method in fig. 2 are based on the same concept, and the technical effects brought by the embodiment are also the same, and the specific process may refer to the description of the embodiment of the method in fig. 2, and will not be described again here.
The device 3 may be a terminal device, and the device 3 may also be a field-programmable gate array (FPGA), an application-specific integrated chip (asic), a system on chip (SoC), a Central Processing Unit (CPU), a Network Processor (NP), a digital signal processing circuit, a Micro Controller Unit (MCU), or a Programmable Logic Device (PLD) or other integrated chips.
Please refer to fig. 4, which provides a schematic structural diagram of a server according to an embodiment of the present application. As shown in fig. 4, the server 400 may include: at least one processor 401, at least one network interface 404, a user interface 403, memory 405, at least one communication bus 402.
Wherein a communication bus 402 is used to enable connective communication between these components.
Optionally, the user interface 403 may include a Display screen (Display) and a Camera (Camera), and the optional user interface 403 may also include a standard wired interface and a wireless interface.
The network interface 404 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface), among others.
Processor 401 may include one or more processing cores, among others. The processor 401, using various interfaces and lines to connect various parts throughout the server 400, performs various functions of the server 400 and processes data by executing or executing instructions, programs, code sets, or instruction sets stored in the memory 405, and calling data stored in the memory 405. Alternatively, the processor 401 may be implemented in at least one hardware form of Digital Signal Processing (DSP), Field-Programmable Gate Array (FPGA), and Programmable Logic Array (PLA). The processor 401 may integrate one or more of a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), a modem, and the like. Wherein, the CPU mainly processes an operating system, a user interface, an application program and the like; the GPU is used for rendering and drawing the content required to be displayed by the display screen; the modem is used to handle wireless communications. It is understood that the modem may not be integrated into the processor 401, but may be implemented by a single chip.
The Memory 405 may include a Random Access Memory (RAM) or a Read-Only Memory (Read-Only Memory). Optionally, the memory 405 includes a non-transitory computer-readable medium. The memory 405 may be used to store instructions, programs, code sets, or instruction sets. The memory 405 may include a stored program area and a stored data area, wherein the stored program area may store instructions for implementing an operating system, instructions for at least one function (such as a touch function, a sound playing function, an image playing function, etc.), instructions for implementing the various method embodiments described above, and the like; the storage data area may store data and the like referred to in the above respective method embodiments. The memory 405 may alternatively be at least one storage device located remotely from the aforementioned processor 401. As shown in fig. 4, the memory 405, which is a type of computer storage medium, may include therein an operating system, a network communication module, a user interface module, and an application program.
In the server 400 shown in fig. 4, the user interface 403 is mainly used as an interface for providing input for a user, and acquiring data input by the user; and processor 401 may be configured to invoke applications stored in memory 405 and to perform the method embodiment of fig. 2 in particular.
The concept of this embodiment is the same as that of the embodiment of the method in fig. 2, and the technical effects brought by the embodiment are also the same, and the specific process can refer to the description of the embodiment in fig. 2, and will not be described again here.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a read-only memory or a random access memory.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present application and is not to be construed as limiting the scope of the present application, so that the present application is not limited thereto, and all equivalent variations and modifications can be made to the present application.

Claims (10)

1. A method for collecting audit logs is characterized by comprising the following steps:
obtaining an audit component package;
adding the dependency information of the audit component package in a configuration file of a business service;
inquiring an annotation in a business code of the business service, and acquiring an audit log according to an attribute value of an acquisition parameter in the annotation;
and calling a writing service to write the collected audit logs into a database.
2. The method of claim 1, wherein obtaining the audit package comprises:
an audit component package is obtained from a code repository.
3. The method of claim 1 or 2, wherein the acquisition parameters comprise: audit project name, audit type ID, audit type name and domain name.
4. The method of claim 3, wherein the configuration file is an extensible markup language (XML) formatted Project Object Model (POM) file.
5. The method of claim 4, wherein said querying annotations in the business code of the business service comprises:
and inquiring the annotation in the business code of the business service according to the placeholder.
6. The method of claim 4 or 5, wherein the invoking a write service writes the collected audit log into a database, comprising:
and calling a writing service based on an asynchronous mode to write the collected audit logs into the database.
7. The method of claim 1, wherein the audit log comprises: user name, IP address, login time, operation date, and attribute value of operation content.
8. An apparatus for collecting audit logs, comprising:
the acquisition unit is used for acquiring the audit component package;
the dependency unit is used for adding dependency information of the audit component package in a configuration file of a business service;
the query unit is used for querying the annotation in the business code of the business service and acquiring an audit log according to the attribute value of the acquisition parameter in the annotation;
and the writing unit is used for calling a writing service to write the collected audit log into the database.
9. A server comprising a processor and a memory, wherein the memory is configured to store a computer program comprising program instructions, and wherein the processor is configured to invoke the program instructions to perform the method of any of claims 1-7.
10. A computer-readable storage medium, characterized in that the computer storage medium stores a computer program comprising program instructions that, when executed by a processor, cause the processor to carry out any of claims 1-7.
CN202111278659.XA 2021-10-31 2021-10-31 Audit log acquisition method and device, storage medium and server Pending CN114064429A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111278659.XA CN114064429A (en) 2021-10-31 2021-10-31 Audit log acquisition method and device, storage medium and server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111278659.XA CN114064429A (en) 2021-10-31 2021-10-31 Audit log acquisition method and device, storage medium and server

Publications (1)

Publication Number Publication Date
CN114064429A true CN114064429A (en) 2022-02-18

Family

ID=80236395

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111278659.XA Pending CN114064429A (en) 2021-10-31 2021-10-31 Audit log acquisition method and device, storage medium and server

Country Status (1)

Country Link
CN (1) CN114064429A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115086160A (en) * 2022-06-09 2022-09-20 杭州安恒信息技术股份有限公司 Log acquisition method, terminal agent and equipment based on SaaS platform

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115086160A (en) * 2022-06-09 2022-09-20 杭州安恒信息技术股份有限公司 Log acquisition method, terminal agent and equipment based on SaaS platform

Similar Documents

Publication Publication Date Title
CN110232091B (en) Method, system and apparatus for synchronizing data
CN111125057B (en) Method and device for processing service request and computer system
CN112653579A (en) OpenResty-based gray scale publishing method and related equipment
CN110610376A (en) Behavior data response method and device, computer equipment and storage medium
CN115297183B (en) Data processing method and device, electronic equipment and storage medium
CN113873013B (en) Offline package reorganization method and system
CN114064429A (en) Audit log acquisition method and device, storage medium and server
CN113760242A (en) Data processing method, device, server and medium
CN112650804A (en) Big data access method, device, system and storage medium
CN111414154A (en) Method and device for front-end development, electronic equipment and storage medium
CN115460225A (en) Internal and external network data synchronization method and related equipment
CN113746685B (en) Stream collection processing method and device based on pulsar log and readable storage medium
CN114925120A (en) Insurance business information query method and related equipment
CN115221242A (en) Data synchronization method and device and computer readable storage medium
CN115480753A (en) Application integration system and corresponding computer device and storage medium
CN111143156B (en) Big data platform garbage task acquisition system, method and computer system
CN109799981B (en) Integrated system and method based on execution chain
CN112988872A (en) Interface document management method and device, storage medium and electronic equipment
CN112445811A (en) Data service method, device, storage medium and component based on SQL configuration
CN111651259A (en) Dependency relationship-based system management method and device and storage medium
CN116861455B (en) Event data processing method, system, electronic device and storage medium
CN117435367B (en) User behavior processing method, device, equipment, storage medium and program product
CN110191141B (en) Service calling information processing method and device and computer system
CN111459411B (en) Data migration method, device, equipment and storage medium
WO2023071857A1 (en) Playback method, recording method, and related device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination