CN101282333A - Method for switching information of distributed multiprotocol proxy and center system - Google Patents
Method for switching information of distributed multiprotocol proxy and center system Download PDFInfo
- Publication number
- CN101282333A CN101282333A CNA2008100378255A CN200810037825A CN101282333A CN 101282333 A CN101282333 A CN 101282333A CN A2008100378255 A CNA2008100378255 A CN A2008100378255A CN 200810037825 A CN200810037825 A CN 200810037825A CN 101282333 A CN101282333 A CN 101282333A
- Authority
- CN
- China
- Prior art keywords
- agency
- center
- file
- agent
- configuration file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
A distributed multiprotocol proxy in the computer network technical field and method of exchanging center system message; in the present invention, a center and agent management model are constructed; the agent sends message exchanging form XML file to the center in which comprises an unique ID identifier distributed to the agent by the center; after the center verifies that the agent is legal, the agent and the center exchange the message through the XML file; the center monitors the state of the agent in real-time through the analyzing XML file sent by the agent, and processes protocol collection data at the late stage; the center sends the configuration file, management file to the agent through synchronous mechanism so as to realize the dynamic management to the agent. The present invention realizes the independency between the application protocol and message, the independency between the center and the agent, improves the mutual operation ability between the center and the agent, strengthens the safety, reliability between the center and the distributed agent communication, effectively and rapidly solves the problems of communication and cooperating between the center and agent framework.
Description
Technical field
The present invention relates to a kind of method of technical field of the computer network, specifically is the method for a kind of distributed multi-protocols agency and centring system message.
Background technology
In the network environment of complexity, because applied environment, the application purpose difference, based on different application scenarioss, exist different application layer protocols in the network, the message format of different agreement is different, the agency is also different based on the content that different protocal analysises obtains, usual practice is the difference according to agreement, the interface at self-defined agency and center, if but agreement is very complicated, application protocol is numerous in the network, and it is very complicated that the interface of this definition will become, and the center is also numerous and complicated mixed and disorderly from the message format that agent side obtains, be unfavorable for very much the unified processing of later stage information, be unfavorable for effectively realizing the management objectives of tissue.Also having a kind of way is the exploitation middleware, finishing communication mechanism, but has done two problems like this, the one, the later stage, system development was based on middleware, inner message mechanism is shielded by middleware, if center and communications between agents have problems, will be difficult to follow the trail of; The 2nd, this communication middleware not will consider the management and the problem of cooperating between communication two ends or the multiterminal, and in center and agent communication framework applications in specific implementation, the center need be managed agency's realization, the center need communicate effective cooperation with the agency.Thereby, need the form of definition interacting message, need to adopt effective mechanism come assurance center and communications between agents in accordance with certain rules, reliable communications.XML is the simple version of SGML (standard generalized markup language), is ISO 8879 standards a kind of grammers that explanation defines to text mark.Extensible language as a kind of expression and switching network document and data, XML can be the mark of different types of documents and application program definition customization, XML DTD (DTD) can be used to the mark of stating that document is used, and it comprises element (the different message parts that document comprises), attribute (feature of information) and content model (relation between the each several part information).
Find through literature search prior art, Chinese patent application number: 200710182031.3, publication number is: CN101159760, patent name is: " realizing the method and system of communications protocol based on the XML data interchange file ", realize in this patent that communication protocol method is based on XML and carries out exchanges data, its concrete grammar is by setting up the command script storehouse that the XML mode is represented, according to command script the instruction packing that the corresponding data application layer sends is sent, the protocol data that receives is carried out corresponding unpacking return to data application layer.Its deficiency is, these method and system are more valuable aspect raising flexibility of protocol resolving program, expansion and quick realization agreement, but it is a little less than function aspect the fail safe of communication is extremely thin, do not verify whether instruction is legal because the communication party only resolves the instruction that receives, this causes malicious communication side to forge easily or a mistake valid instruction destroys operation or misoperation; Its flexibility aspect protocol resolving program is still not enough, because it carry out consolidation formization to XML format order set of scripts, but defined limited command script storehouse, be unfavorable for flexible expansion, for instance, if new communication requirement is arranged then need to increase new instruction, and need the resolving code of complete increase to this instruction; It is a little less than function aspect communicating pair or the multiparty collaboration is also extremely thin, also be not suitable for the center and act on behalf of communicating by letter of this framework, because it does not define good managing collaboration mechanism, its consideration be the equity communicating pair, do not consider center and agency's difference, having problems aspect one-to-many, the many-many communication yet.
Summary of the invention
The present invention is directed to above-mentioned the deficiencies in the prior art, a kind of distributed multi-protocols agency is provided the method with the centring system message, the agency can be different systems with the center, make its remove application protocol and exchange messages between the degree of coupling, realize independence between application protocol and the message, realization center and the independence of acting on behalf of development language, interoperability between raising center and the agency, the security reliability of communicating by letter with distributed agent in the enhancing center, by standardized messages DIF and message rules, promote that network resource information is fully shared, effectively, quick solution center with act on behalf of framework in communicate by letter and the collaborative work problem.
The present invention is achieved through the following technical solutions, the present invention includes following steps:
Step 1, constitute the secondary administrative model by center and several agencies, central distribution is at backbone node, the agency comprises the agency of various protocols type, the agency is distributed in Information Monitoring in each node of network, be responsible for the data of collection, the corresponding agreement of packing, the agency reports the center with the agreement image data by Network Transmission, and data processing is carried out at the center;
Step 2, initialization is carried out to each agency in the center, configuration file and filtering rule file among the initialization agency, configuration file and filtering rule file are the XML file;
Step 3 starts the agency, and the agency reads initial configuration file and filtering rule file, and configuration file and filtering rule file are all followed unified message form, and the agency sends synchronizing information XML file and heartbeat message XML file to the center;
Step 4, the center is according to the XML analytical framework, by filtering rule document analysis XML formatted file, carry out proxy authentication according to ID sign in the XML file of agency's transmission with these two conditions of IP address of agency, checking access agency's legitimacy, if the verification passes, the center allows the agency to insert, enter step 5, this Agent Status of center is set to online, and carry out and the synchronization mechanism of acting on behalf of according to synchronizing information XML file at the center; If checking can not be passed through, center refusal agency connects, and institute finishes in steps;
Step 5, if the center allows the agency to insert, agency's beginning acquisition protocols data, the protocol data that collects is analyzed, according to protocol type and Agent ID sign data are packed with the XML formatted file, and file is reported the center, the center receives, the analyzing XML file data, according to the agency of Agent ID spectroscopic analysis Data Source, the state that the center should be acted on behalf of is set to the reported data state, and in the heart database during data are deposited in;
Step 6, center editor's filtering rule file, and send to the agency so that new filtering rule file comes into force;
Step 7, middle mind-set agency sends configuration file, the synchronizing information XML fileinfo that the agency sends is resolved at the center, the timestamp information that wherein comprises agent configuration file, if this timestamp information is consistent with the agent configuration file timestamp information of central store, show that configuration file in the heart is consistent with the configuration file among the agency, then local corresponding agent configuration file is read at the center, and editor is transferred to the agency under the back; If the center is inconsistent with the configuration file among the agency, then the center generates the inquiry file of XML form, and is handed down to the agency, and the agency reports configuration file, and center editor's configuration file is handed down to the agency, and the agency restarts configuration file is come into force;
Step 8, the agency obtains information blanking time of giving the center reported data in the configuration file about the agency, if in blanking time, do not have to the center reported data, then act on behalf of to the center and send heartbeat message XML file, the protocol data XML file of acting on behalf of heartbeat message XML file or reporting is not received at the center in setting-up time, then this Agent Status of center-side is set to off-line.
Described agency is for comprising the proxy module of one or more protocol types.
In the step 2, initialization is carried out to each agency in described center, be specially: center registration maintenance proxy ID home banking, proxy information is read after starting in the center, if there is new agency by agreement need be deployed to acquisition protocols data in the network, give unique ID sign, initial configuration file (comprising the IP address information), the filtering rule file of agent allocation by center-side, central record Agent ID sign is preserved agent configuration file and filtering rule file.
Described center, comprise: main with server and some standby servers, in agent configuration file, comprise a main server info and a plurality of standby server information used, server info comprises server domain name, the IP address, PORT COM and description, whether be main with server info etc., the agency at first sends synchronizing information XML file and heartbeat message XML file to main with central server, do not connect the main central server of using if act on behalf of continuous three times, then select to connect other standby central server, if successful connection, then it is set to the main central server of using.
Described agent configuration file comprises: multi-protocols agency's sign, collection port, heart time and sampling keep contents such as window, wherein:
Multi-protocols agencies' sign particularly can be launched a offensive to the center in order to the data collection agent that limits camouflage in order to one of condition of each data collection agent being discerned as the center, improves security performance;
Gathering port has specified the agency to need the procotol port of monitoring;
Heart time is in order to connect between maintenance agency and the center;
Sampling keeps window in order to set the buffer time of one group of data in the agency, reports the center at short notice with the data that prevent repetition, causes central loading excessive, influences the performance of central server.
Described filtering rule file comprises the characteristic quantity of network packet, as source or purpose IP, and source or destination interface etc., the user can remove invalid data packets according to the protocol filtering rule of setting, and improves system works efficient.
In the step 3, described synchronizing information XML file comprises the timestamp information of agent configuration file and filtering rule file, is used for and synchronization mechanism is realized at the center, and it starts and is connected the back transmission with the center the agency.
In the step 3, described message form, be specially: adopt XML DTD definition, the data model of pass-along message between center and the agency is described in OO mode, with the XML file as the message formatted file, realize of the mapping of multi-protocols format information, also reserved extension framework in addition, can expanded definition exchange messages to the unified message form.
In the step 4, described XML analytical framework, be specially: for reducing the program development amount, according to message form XML file object-oriented features, the analytically dependent rule file of definition XML, the class of convenient, fast each element of realization according to regular analytic uniform XML file, is finished the XML file data by a class file after object.
In the step 4, described proxy authentication, be specially: the center is according to the legitimacy of ID sign in the XML file of agency's transmission with agency's IP address validation agency, if being identified in the ID home banking of center, Agent ID exists, and the IP address of agent communication is consistent with IP address information in existing this ID sign agent configuration file in center, then checking is passed through, and these two conditions are not as long as one possesses, and then checking is not passed through;
In the step 4, described synchronization mechanism, be specially: the center judges according to the content of synchronizing information XML file whether agency's configuration file and protocol filtering rule file lost efficacy, if configuration file or protocol filtering rule file lost efficacy, then the center is by communicating to connect that this has been set up, center default configuration file or protocol filtering rule file are handed down to the agency, if configuration file did not lose efficacy, then the center does not send information.If what receive is new configuration file or protocol filtering rule file to the agency, then agency's file that will newly receive replaces original file, and restarts it is come into force;
In the step 7, described inquiry file, comprise configuration querying file and protocol filtering rule file, these two files have been represented two operations respectively: the configuration of data being gathered proxy module is inquired about and the protocol filtering rule of data collection proxy module is inquired about, in concrete the enforcement, these two query manipulations may be incorporated in the file explains.
In the step 8, the time of described setting is three times of blanking times.
Separate between the step 7, eight, and can carry out in any time after the execution of step four.
Unified XML file message DIF is followed in communication between center described in above steps and the related description and distributed multi-protocols agency, and adopts XML document analysis framework.
The present invention adopts the file of XML form as the bridge of communicating by letter between agency and the center, and the XML file adopts level to inherit construction packages, has effectively simplified the design of system, has improved the flexibility of data parsing program, has improved the ability of system handles data; Adopt proxy authentication, Agent Status monitoring, act on behalf of mechanism such as synchronous, guaranteed fail safe, the reliability of communication; For configuration and the uploading and issuing of filtering rule file, make agency's the function of protocol data collection have more flexibility.Need not to define complicated program language development interface when on agency and framework basis, center, realizing organizational goal, the information of agent acquisition can make things convenient for, flexible configuration, the center is to agency's also very easy management, center and agency's message and system independence, effective cooperation can be carried out with the agency in the center, can simplify complicated logical construction, significantly reduce system development personnel's workload.
Compared with prior art, the present invention has following beneficial effect:
1, the method for prior art only provides reciprocity both sides' communication, the invention provides a kind of center and communicates by letter with distributed agent, can realize the communication of one-to-many, multi-to-multi;
2, prior art is not considered the fail safe of communicating by letter, the present invention acts on behalf of the means of unique ID sign by central service, IP address in conjunction with the agency, the agency of multi-protocol information collection is inserted legitimacy to be verified, to guarantee the correctness of Data Source, because the reasonability of message formal definition, but send in the message process also auth-proxy the agency;
3, prior art is not considered the uniformity of message XML file format, the present invention is based on object-oriented features, adopt level to inherit the construction packages data, help the expansion of protocol data, adopt the rule parsing framework to resolve message form XML file, help improving the performance of resolution data, also help program and realize fast;
4, prior art is not considered the management to the agency, the present invention passes through the decomposition between the different strobe utilities, different filtering rules is positioned over the different phase of agency agreement data acquisition and analysis, form with configuration file provides, realized dynamic-configuration to the agency, also strengthened the collaboration capabilities at agency and center, the present invention also further realizes effectively management to the agency by synchronization mechanism, Agent Status monitoring.
Description of drawings
Fig. 1 is center and the model structure figure that acts on behalf of composition in the embodiment of the invention.
Embodiment
Below in conjunction with accompanying drawing embodiments of the invention are elaborated: present embodiment is being to implement under the prerequisite with the technical solution of the present invention, provided detailed execution mode and concrete operating process, but protection scope of the present invention is not limited to following embodiment.
Present embodiment comprises the steps:
Step 1, constitute the secondary administrative model by center and agency, central server is distributed in backbone node, the multi-protocols agency is distributed in Information Monitoring in each node of network, the agency of various protocol types be responsible for gathering, the pack data of corresponding agreement, the agency reports the center with the agreement image data by Network Transmission, and data processing is carried out at the center.
As shown in Figure 1, in the model that center in the present embodiment and agency form, administrative center links to each other with the agency of IPSec (Intenet safety) agency by agreement, SSL (SSL) agency by agreement, SNMP (simple network management) agency by agreement, WMI (Windows management regulation) agency by agreement and other agreement respectively, has an agency can comprise the agent function module of one or more protocol types according to the difference of protocol type.
Step 2, initialization is carried out to each agency in the center, initialization agency's configuration file and filtering rule file;
Described agency's configuration file comprises: multi-protocols agency's sign, collection port, heart time and sampling keep contents such as window, wherein:
Multi-protocols agencies' sign particularly can be launched a offensive to the center in order to the data collection agent that limits camouflage in order to one of condition of each data collection agent being discerned as the center, improves security performance;
Gathering port has specified the agency to need the procotol port of monitoring;
Heart time is in order to connect between maintenance agency and the center;
Sampling keeps window in order to set the buffer time of one group of data in the agency, reports the center at short notice with the data that prevent repetition, causes central loading excessive, influences the performance of central server.
Described agency's configuration file is specially:
<!ELEMENT?agent-config(update-time,servers,client,global-sets)>
<!ELEMENT?update-time(#PCDATA)>
<!ELEMENT?servers(server+)>
<!ELEMENT?client(interface)>
<!ATTLIST?client
ip?NMTOKEN?#REQUIRED
id?NMTOKEN?#REQUIRED
name?NMTOKEN?#REQUIRED
port?NMTOKEN?#REQUIRED
>
<!ELEMENT?global-sets(time-interval)>
<!ELEMENT?interface(#PCDATA)>
<!ELEMENT?server?EMPTY>
<!ATTLIST?server
name?NMTOKEN?#REQUIRED
ip?NMTOKEN?#REQUIRED
port?NMTOKEN?#FIXED’1070’
default(yes|no)#REQUIRED
status(0|1)#REQUIRED
>
<!ELEMENT?time-interval(heartbeat,sample)>
<!ELEMENT?heartbeat(#PCDATA)>
<!ELEMENT?sample(#PCDATA)>
Described filtering rule file comprises the characteristic quantity of network packet, as source or purpose IP, and source or destination interface etc., the user can remove invalid data packets according to the protocol filtering rule of setting, and improves system works efficient, is specially:
<!ELEMENT?agent-rule
(update-time,localfilters,filters,auth-arithmetic-mappings*)>
<!ELEMENT?localfilters(localfilter+)>
<!ELEMENT?filters(filter+)>
<!ELEMENT?localfilter(#PCDATA)>
<!ELEMENT?filter(filter-name,init-param)>
<!ELEMENT?filter-name(#PCDATA)>
<!ELEMENT?init-param(param-value*)>
<!ELEMENT?param-value(#PCDATA)>
Step 3 starts the agency, and the agency reads initial configuration XML file and filtering rule XML file, and configuration file and filtering rule file are all followed unified message form, and the agency sends synchronizing information XML file and heartbeat message XML file to the center;
Described message form, be specially: adopt XML DTD definition, the data model of pass-along message between center and the agency is described in OO mode, with the XML file as the message formatted file, realize of the mapping of multi-protocols format information to the unified message form, the top class of all message formatted files is agent, the message of each type all is such subclass, agency's unique ID sign, IP address and other descriptor have been defined among the agent, give agent allocation ID by the center, as acting on behalf of one of the mandate sign at access center.In addition, also defined multiple type of message among the agent, comprise agent-config (proxy configurations message), agent-rule (agent rule message), agent-alert (agency's alarm), agent-report (proxy-reporting), agent-heartbeat (heartbeat message), agent-synch (synchronization message), also have kind of message such as inquiry, multinomial expansion in addition.Wherein except agent-config, agent-rule directly the subclass as agent, the unified of form for ease of message safeguarded, other kind of message is as the subclass of agent-reports (report message), agent-reports is directly as the subclass of agent, having comprised these message in agent-reports can expand, comprise subclass separately again respectively, to represent more detailed message.Among the agent-config, subclasses such as timestamp, server servers, eartbeat interval, report information time window have been defined, consider server balanced with active and standby usefulness, comprise multinomial server subclass among the servers, it still is other purposes with server that the element value decision by sever is used for main.For the ease of acting on behalf of flexible Information Monitoring, in agent-rule, defined a series of filtering rules of agent acquisition information, the agency determines to gather which type information, need not to gather which information according to filtering rule.Distinguishing according to the subtype implication among the alert-report is to report to the police or general report information, agent-heartbeat keeps to act on behalf of the message that normally is connected with the center, and agent-synch is the consistency for realization center and proxy message, and center and agency are importantly related to the normal operation of agency, normally content, timestamp such as report to carry out Synchronous Processing.Also reserved extension framework in addition, in agent-reports, can expanded definition exchange messages.The center receives agency's information, differentiates message format, if form is wrong, refusal is handled and the indication agency retransmits, and is specific as follows:
<!ELEMENT?agent
(agent-config|agent-rule|agent-reports|agent-synch)>
<!ATTLIST?agent
ip?CDATA?#REQUIRED
id?CDATA?#REQUIRED
name?CDATA?#REQUIRED
description?CDATA?#IMPLIED
xmltype
(agent-config|agent-rule|alert-report|agent-heartbeat|agent-synch|age
nt-query|muti-items)#REQUIRED
>
Described synchronizing information XML file comprises the timestamp information of agent configuration file and filtering rule file, is used for and synchronization mechanism is realized at the center, and it starts and is connected the back transmission with the center the agency, is specially:
<!ELEMENT?agent-reports(agent-report*)>
<!ELEMENT?agent-report(system)>
<!ATTLIST?agent-report
type(agent-synch)?#REQUIRED
description?CDATA?#IMPLIED
>
<!ELEMENT?agent-synch(config-file,rule-file)>
<!ELEMENT?config-file(update-time)>
<!ELEMENT?rule-file(update-time)>
Described Query Information XML file is specially:
<!ELEMENT?agent-reports(agent-report*)>
<!ELEMENT?agent-report(config)>
<!ATTLIST?agent-report
type(agent-query)#REQUIRED
description?CDATA?#IMPLIED
>
<!ELEMENT?config(param,summary?)>
<!ELEMENT?param(#PCDATA)>
<!ELEMENT?summary(#PCDATA)>
Described heartbeat message XML file is specially:
<!ELEMENT?agent-reports(agent-report*)>
<!ELEMENT?agent-report(system)>
<!ATTLIST?agent-report
type(agent-heartbeat)#REQUIRED
description?CDATA?#IMPLIED
>
<!ELEMENT?system(setup-time?,runtime?)>
<!ELEMENT?setup-time(#PCDATA)>
<!ELEMENT?runtime(#PCDATA)>
Step 4, the center is according to the XML analytical framework, by rule file parsing XML format file, carry out proxy authentication according to ID sign in the XML file of agency's transmission with these two conditions of IP address of agency, checking inserts agency's legitimacy, if the verification passes, the center allows the agency to insert, enter step 5, this Agent Status of center is set to online, and carry out and the synchronization mechanism of acting on behalf of according to synchronizing information XML file at the center, if checking can not be passed through, center refusal agency connects, and institute finishes in steps;
Described rule file is specially:
<?xml?version=″1.0″?>
<digester-rules>
<pattern?value=″agent″>
<object-create-rule?classname=″org.infosec.app.model.Agent″/>
<set-properties-rule>
<alias?attr-name=″ip″prop-name=″ip″/>
<alias?attr-name=″id″prop-name=″id″/>
<alias?attr-name=″name″prop-name=″name″/>
<alias?attr-name=″description″prop-name=″description″/>
<alias?attr-name=″xmltype″prop-name=″xmltype″/>
</set-properties-rule>
<pattern?value=″agent-reports″>
<object-create-rule
classname=″org.infosec.app.model.XmlAgentReport″/>
<pattern?value=″agent-report″>
<set-properties-rule>
<alias?attr-name=″type″prop-name=″type″/>
<alias?attr-name=″description″prop-name=″description″/>
</set-properties-rule>
<pattern?value=″system″>
<object-create-rule
classname=org.infosec.app.model.XmlSystem″/>
<set-properties-rule/>
<call-method-rule?pattern=″setup-time″
methodname=″setSetupTime″paramcount=″0″/>
<call-method-rule?pattern=″runtime″methodname=″setRunTime″
paramcount=″0″/>
<set-next-rule?methodname=″setXmlSystem″/>
</pattern>
</pattern>
<set-next-rule?methodname=″setAgentReport″/>
</pattern>
<pattern?value=″agent-synch″>
<object-create-rule
classname=″org.infosec.app.model.XmlAgentFileSync″/>
<set-properties-rule/>
<call-method-rule?pattern=″config-file/update-time″
methodname=″setConfigUpdateTimeStr″paramcount=″0″/>
<call-method-rule?pattern=″rule-file/update-time″
methodname=″setRuleUpdateTimeStr″paramcount=″0″/>
<set-next-rule?methodname=″setAgentFileSync″/>
</pattern>
<pattern?value=″agent-rule″>
<object-create-rule
classname=″org.infosec.app.model.XmlAgentRule″/>
<set-properties-rule/>
<call-method-rule?pattern=″update-time″
methodname=″setUpateTimeStr″paramcount=″0″/>
<set-next-rule?methodname=″setAgentRule″/>
</pattern>
<pattern?value=″agent-config″>
<object-create-rule
classname=″org.infosec.app.model.XmlAgentConfig″/>
<set-properties-rule/>
<call-method-rule?pattern=″update-time″
methodname=″setUpateTimeStr″paramcount=″0″/>
<set-next-rule?methodname=″setAgentConfig″/>
</pattern>
</pattern>
</digester-rules>
Step 5, if the center allows the agency to insert, agency's beginning acquisition protocols data, the protocol data that collects is analyzed, according to protocol type and Agent ID sign data are packed with the XML formatted file, and file is reported the center, the center receives, the analyzing XML file data, according to the agency of Agent ID spectroscopic analysis Data Source, the state that the center should be acted on behalf of is set to the reported data state, and in the heart database during data are deposited in;
Step 6, center editor's filtering rule XML file, and send to the agency so that new filtering rule XML file comes into force;
Step 7, middle mind-set agency sends configuration XML file, the synchronizing information XML fileinfo that the agency sends is resolved at the center, the timestamp information that wherein comprises agent configuration file, if this timestamp information is consistent with the agent configuration file timestamp information of central store, show that configuration file in the heart is consistent with the configuration file among the agency, then local corresponding agent configuration file is read at the center, and editor is transferred to the agency under the back; If the center is inconsistent with the configuration file among the agency, then the center generates the inquiry file of XML form, and is handed down to the agency, and the agency reports configuration file, and center editor's configuration file is handed down to the agency, and the agency restarts configuration file is come into force;
Step 8, the agency obtains information blanking time of giving the center reported data in the configuration file about the agency, if in blanking time, do not have to the center reported data, then act on behalf of to the center and send heartbeat message XML file, the protocol data XML file of acting on behalf of heartbeat message XML file or reporting is not received at the center in setting-up time, then this Agent Status of center-side is set to off-line.
Present embodiment has been realized independence between application protocol and the message, realization center and the independence of acting on behalf of development language, interoperability between raising center and the agency, the fail safe of communicating by letter with distributed agent in the enhancing center, reliability, communicating by letter and the collaborative work problem in effectively, fast solving the center and act on behalf of framework.
Claims (10)
1, the method for a kind of distributed multi-protocols agency and centring system message is characterized in that, comprises the steps:
Step 1, constitute the secondary administrative model by center and several agencies, central distribution is at backbone node, the agency comprises the agency of various protocols type, the agency is distributed in Information Monitoring in each node of network, be responsible for the data of collection, the corresponding agreement of packing, the agency reports the center with the agreement image data by Network Transmission, and data processing is carried out at the center;
Step 2, initialization is carried out to each agency in the center, configuration file and filtering rule file among the initialization agency, configuration file and filtering rule file are the XML file;
Step 3 starts the agency, and the agency reads initial configuration file and filtering rule file, and configuration file and filtering rule file are all followed unified message form, and the agency sends synchronizing information XML file and heartbeat message XML file to the center;
Step 4, the center is according to the XML analytical framework, by filtering rule document analysis XML formatted file, carry out proxy authentication according to ID sign in the XML file of agency's transmission with these two conditions of IP address of agency, checking inserts agency's legitimacy, if the verification passes, the center allows the agency to insert, enter step 5, this Agent Status of center is set to online, and carry out and the synchronization mechanism of acting on behalf of according to synchronizing information XML file at the center, if checking can not be passed through, center refusal agency connects, and institute finishes in steps;
Step 5, if the center allows the agency to insert, agency's beginning acquisition protocols data, the protocol data that collects is analyzed, according to protocol type and Agent ID sign data are packed with the XML formatted file, and file is reported the center, the center receives, the analyzing XML file data, according to the agency of Agent ID spectroscopic analysis Data Source, the state that the center should be acted on behalf of is set to the reported data state, and in the heart database during data are deposited in;
Step 6, center editor's filtering rule file, and send to the agency so that new filtering rule file comes into force;
Step 7, middle mind-set agency sends configuration file, the synchronizing information XML fileinfo that the agency sends is resolved at the center, the timestamp information that wherein comprises agent configuration file, if this timestamp information is consistent with the agent configuration file timestamp information of central store, show that configuration file in the heart is consistent with the configuration file among the agency, then local corresponding agent configuration file is read at the center, and editor is transferred to the agency under the back; If the center is inconsistent with the configuration file among the agency, then the center generates the inquiry file of XML form, and is handed down to the agency, and the agency reports configuration file, and center editor's configuration file is handed down to the agency, and the agency restarts configuration file is come into force;
Step 8, the agency obtains information blanking time of giving the center reported data in the configuration file about the agency, if in blanking time, do not have to the center reported data, then act on behalf of to the center and send heartbeat message XML file, the protocol data XML file of acting on behalf of heartbeat message XML file or reporting is not received at the center in setting-up time, then this Agent Status of center-side is set to off-line.
2, the method for distributed multi-protocols agency according to claim 1 and centring system message, it is characterized in that, in the step 2, initialization is carried out to each agency in described center, be specially: center registration maintenance proxy ID home banking, proxy information is read after starting in the center, if there is new agency by agreement need be deployed to acquisition protocols data in the network, give unique ID sign, initial configuration file, the filtering rule file of agent allocation by center-side, central record Agent ID sign is preserved agent configuration file and filtering rule file.
3, the method of distributed multi-protocols agency according to claim 1 and centring system message, it is characterized in that, described center, comprise: main with server and some standby servers, in agent configuration file, comprise a main server info and a plurality of standby server information used, server info comprises server domain name, the IP address, PORT COM and description, whether be main with server info etc., the agency at first sends synchronizing information XML file and heartbeat message XML file to main with central server, do not connect the main central server of using if act on behalf of continuous three times, then select to connect other standby central server, if successful connection, then it is set to the main central server of using.
4, the method for distributed multi-protocols agency according to claim 1 and centring system message, it is characterized in that described agent configuration file comprises: multi-protocols agency's sign, collection port, heart time and sampling keep contents such as window, wherein:
One of condition that multi-protocols agency's sign is discerned each data collection agent as the center is particularly launched a offensive to the center in order to the data collection agent that limits camouflage;
Gathering port has specified the agency to need the procotol port of monitoring;
Heart time is in order to connect between maintenance agency and the center;
Sampling keeps window in order to set the buffer time of one group of data in the agency.
5, the method for distributed multi-protocols agency according to claim 1 and centring system message is characterized in that, described filtering rule file comprises the characteristic quantity of network packet comprising source or purpose IP, source or destination interface.
6, the method for distributed multi-protocols agency according to claim 1 and centring system message, it is characterized in that, in the step 3, described synchronizing information XML file, the timestamp information that comprises agent configuration file and filtering rule file, realize agency and central synchronous mechanism, it sends after being connected in agency's startup and with the center.
7, the method for distributed multi-protocols agency according to claim 1 and centring system message, it is characterized in that, in the step 3, described message form is specially: adopt XML DTD definition, describe the data model of pass-along message between center and the agency in OO mode, with the XML file as the message formatted file, realize of the mapping of multi-protocols format information, also reserved extension framework in addition, can expanded definition exchange messages to the unified message form.
8, the method for distributed multi-protocols agency according to claim 1 and centring system message, it is characterized in that, in the step 4, described proxy authentication, be specially: the center is according to the legitimacy of ID sign in the XML file of agency's transmission with agency's IP address validation agency, exist if Agent ID is identified in the ID home banking of center, and the IP address of agent communication is consistent with IP address information in existing this ID sign agent configuration file in center, then checking is passed through.
9, the method of distributed multi-protocols agency according to claim 1 and centring system message, it is characterized in that, in the step 4, described synchronization mechanism, be specially: the center judges according to the content of synchronizing information XML file whether agency's configuration file and protocol filtering rule file lost efficacy, if configuration file or protocol filtering rule file lost efficacy, then the center is by communicating to connect that this has been set up, center default configuration file or protocol filtering rule file are handed down to the agency, if configuration file did not lose efficacy, then the center does not send information, if what the agency received is new configuration file or protocol filtering rule file, then agency's file that will newly receive replaces original file, and restarts it is come into force.
10, the method for distributed multi-protocols agency according to claim 1 and centring system message, it is characterized in that, in the step 7, described inquiry file, comprise configuration querying file and protocol filtering rule file, these two files have been represented two operations respectively: the configuration of data being gathered proxy module is inquired about and the protocol filtering rule of data collection proxy module is inquired about, and in concrete the enforcement, these two query manipulations are incorporated in the file explains.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810037825A CN101282333B (en) | 2008-05-22 | 2008-05-22 | Method for switching information of distributed multiprotocol proxy and center system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200810037825A CN101282333B (en) | 2008-05-22 | 2008-05-22 | Method for switching information of distributed multiprotocol proxy and center system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101282333A true CN101282333A (en) | 2008-10-08 |
| CN101282333B CN101282333B (en) | 2012-09-05 |
Family
ID=40014610
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200810037825A Active CN101282333B (en) | 2008-05-22 | 2008-05-22 | Method for switching information of distributed multiprotocol proxy and center system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101282333B (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101848463A (en) * | 2010-03-16 | 2010-09-29 | 苏州汉明科技有限公司 | Method for protecting access of legal user based on wireless access point |
| CN102035675A (en) * | 2010-12-07 | 2011-04-27 | 苏州迈科网络安全技术股份有限公司 | Application method of equipment distributed management system |
| CN102185715A (en) * | 2011-05-04 | 2011-09-14 | 成都勤智数码科技有限公司 | Method for centralizing distributed data |
| CN102402441A (en) * | 2010-09-16 | 2012-04-04 | 腾讯科技(深圳)有限公司 | System and method for configuring multiple computers |
| CN102571928A (en) * | 2011-12-21 | 2012-07-11 | 深信服网络科技(深圳)有限公司 | Method and device for selecting application proxy according to application identification |
| CN102693324A (en) * | 2012-01-09 | 2012-09-26 | 西安电子科技大学 | Distributed database synchronization system, synchronization method and node management method |
| CN104917768A (en) * | 2015-06-12 | 2015-09-16 | 安徽朗坤物联网有限公司 | Energy consumption data acquisition unit based on multi-protocol parallel acquisition technology and acquisition method thereof |
| CN105681108A (en) * | 2016-03-15 | 2016-06-15 | 迈普通信技术股份有限公司 | Method and equipment for achieving configuration synchronization |
| CN103888443B (en) * | 2014-02-20 | 2017-10-24 | 下一代互联网关键技术和评测北京市工程研究中心有限公司 | The method and multi-protocol analysis system of a kind of multi-protocol analysis |
| CN107689888A (en) * | 2017-08-23 | 2018-02-13 | 广州优亿信息科技有限公司 | A kind of NB equipment access server systems of multichannel polymerization |
| CN108429811A (en) * | 2018-03-19 | 2018-08-21 | 武汉虹信通信技术有限责任公司 | A kind of data unified interface management system and method based on data fusion |
| CN109510745A (en) * | 2017-09-14 | 2019-03-22 | 株洲中车时代电气股份有限公司 | A kind of configuration method and system of I/O data acquisition |
| CN111277457A (en) * | 2020-01-15 | 2020-06-12 | 平安银行股份有限公司 | Method, device and equipment for switching network environment and readable storage medium |
| CN111427905A (en) * | 2014-06-16 | 2020-07-17 | 创新先进技术有限公司 | Proxy protocol searching method and device |
| CN111447227A (en) * | 2020-03-27 | 2020-07-24 | 四川虹美智能科技有限公司 | Protocol analysis method and device of Internet of things equipment |
| CN117596175A (en) * | 2024-01-17 | 2024-02-23 | 苏州元脑智能科技有限公司 | Hierarchical monitoring method, device, equipment, system and storage medium for switch |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| FR2823932B1 (en) * | 2001-04-23 | 2003-06-27 | Intaan Technology | SYSTEM AND METHOD FOR DYNAMIC DISTRIBUTION OF DATA AND / OR SERVICES |
| US20030217096A1 (en) * | 2001-12-14 | 2003-11-20 | Mckelvie Samuel J. | Agent based application using data synchronization |
| KR100503826B1 (en) * | 2003-03-21 | 2005-07-27 | 학교법인 포항공과대학교 | Xml/snmp gateway for integrated network management |
| CN100334841C (en) * | 2005-03-23 | 2007-08-29 | 北京北方烽火科技有限公司 | LCS network management method based on hierarchical chained list and dynamic XML technique |
-
2008
- 2008-05-22 CN CN200810037825A patent/CN101282333B/en active Active
Cited By (25)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101848463A (en) * | 2010-03-16 | 2010-09-29 | 苏州汉明科技有限公司 | Method for protecting access of legal user based on wireless access point |
| CN102402441A (en) * | 2010-09-16 | 2012-04-04 | 腾讯科技(深圳)有限公司 | System and method for configuring multiple computers |
| CN102402441B (en) * | 2010-09-16 | 2014-08-20 | 腾讯科技(深圳)有限公司 | System and method for configuring multiple computers |
| CN102035675A (en) * | 2010-12-07 | 2011-04-27 | 苏州迈科网络安全技术股份有限公司 | Application method of equipment distributed management system |
| CN102035675B (en) * | 2010-12-07 | 2013-02-20 | 苏州迈科网络安全技术股份有限公司 | Application method of equipment distributed management system |
| CN102185715A (en) * | 2011-05-04 | 2011-09-14 | 成都勤智数码科技有限公司 | Method for centralizing distributed data |
| CN102571928A (en) * | 2011-12-21 | 2012-07-11 | 深信服网络科技(深圳)有限公司 | Method and device for selecting application proxy according to application identification |
| CN102571928B (en) * | 2011-12-21 | 2014-11-05 | 深信服网络科技(深圳)有限公司 | Method and device for selecting application proxy according to application identification |
| CN102693324A (en) * | 2012-01-09 | 2012-09-26 | 西安电子科技大学 | Distributed database synchronization system, synchronization method and node management method |
| CN103888443B (en) * | 2014-02-20 | 2017-10-24 | 下一代互联网关键技术和评测北京市工程研究中心有限公司 | The method and multi-protocol analysis system of a kind of multi-protocol analysis |
| CN111427905A (en) * | 2014-06-16 | 2020-07-17 | 创新先进技术有限公司 | Proxy protocol searching method and device |
| CN111427905B (en) * | 2014-06-16 | 2023-05-12 | 创新先进技术有限公司 | Proxy protocol searching method and device |
| CN104917768A (en) * | 2015-06-12 | 2015-09-16 | 安徽朗坤物联网有限公司 | Energy consumption data acquisition unit based on multi-protocol parallel acquisition technology and acquisition method thereof |
| CN105681108A (en) * | 2016-03-15 | 2016-06-15 | 迈普通信技术股份有限公司 | Method and equipment for achieving configuration synchronization |
| CN105681108B (en) * | 2016-03-15 | 2018-10-30 | 迈普通信技术股份有限公司 | A kind of method and apparatus for realizing that configuration is synchronous |
| CN107689888B (en) * | 2017-08-23 | 2020-07-03 | 广州优亿信息科技有限公司 | Multi-path aggregated NB (NB) equipment access server system |
| CN107689888A (en) * | 2017-08-23 | 2018-02-13 | 广州优亿信息科技有限公司 | A kind of NB equipment access server systems of multichannel polymerization |
| CN109510745A (en) * | 2017-09-14 | 2019-03-22 | 株洲中车时代电气股份有限公司 | A kind of configuration method and system of I/O data acquisition |
| CN108429811A (en) * | 2018-03-19 | 2018-08-21 | 武汉虹信通信技术有限责任公司 | A kind of data unified interface management system and method based on data fusion |
| CN108429811B (en) * | 2018-03-19 | 2020-11-03 | 武汉虹信通信技术有限责任公司 | Data unified interface management system and method based on data fusion |
| CN111277457A (en) * | 2020-01-15 | 2020-06-12 | 平安银行股份有限公司 | Method, device and equipment for switching network environment and readable storage medium |
| CN111277457B (en) * | 2020-01-15 | 2024-06-04 | 平安银行股份有限公司 | Method, device, equipment and readable storage medium for switching network environment |
| CN111447227A (en) * | 2020-03-27 | 2020-07-24 | 四川虹美智能科技有限公司 | Protocol analysis method and device of Internet of things equipment |
| CN117596175A (en) * | 2024-01-17 | 2024-02-23 | 苏州元脑智能科技有限公司 | Hierarchical monitoring method, device, equipment, system and storage medium for switch |
| CN117596175B (en) * | 2024-01-17 | 2024-04-16 | 苏州元脑智能科技有限公司 | Hierarchical monitoring method, device, equipment, system and storage medium for switch |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101282333B (en) | 2012-09-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101282333B (en) | Method for switching information of distributed multiprotocol proxy and center system | |
| US6253243B1 (en) | Automated trap control for a distributed network management system | |
| Yu et al. | An empirical study of the NETCONF protocol | |
| US6968553B1 (en) | Element manager common gateway architecture system and method | |
| US20100125683A1 (en) | Method of monitoring device forming information processing system, information apparatus and information processing system | |
| US20080162690A1 (en) | Application Management System | |
| CN101296124A (en) | Method, device and system for acquiring equipment information | |
| CN101227470B (en) | System and method of business management | |
| US20090013176A1 (en) | Application level integration in support of a distributed network management and service provisioning solution | |
| CN106452839A (en) | Message report method and device | |
| Konstantinou et al. | Towards self-configuring networks | |
| US8578021B2 (en) | Performance measurement and service quality monitoring server using a command line interface | |
| CN100369443C (en) | Method of following SNMP/CIM protocol intermediate piece projection | |
| CN117061384A (en) | Fuzzy test method, device, equipment and medium | |
| CN103078865A (en) | Network server communication model based on transmission control protocol (TCP) | |
| Abeck | Network management know it all | |
| CN101572624A (en) | Cross-platform cross-method SNMP extension MIB realization method | |
| WO2016091141A1 (en) | Method and apparatus for information collection | |
| US11729075B1 (en) | Time series data collection for a network management system | |
| Cisco | FlowCollector Configuration and Control Protocol | |
| Cisco | Simple Network Management Protocol | |
| Cisco | Simple Network Management Protocol | |
| Cisco | Simple Network Management Protocol | |
| Cisco | Simple Network Management Protocol | |
| Cisco | Simple Network Management Protocol |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |