CN103902422B - Method and device for monitoring user operation behaviors and cloud computer system - Google Patents
Method and device for monitoring user operation behaviors and cloud computer system Download PDFInfo
- Publication number
- CN103902422B CN103902422B CN201210572984.1A CN201210572984A CN103902422B CN 103902422 B CN103902422 B CN 103902422B CN 201210572984 A CN201210572984 A CN 201210572984A CN 103902422 B CN103902422 B CN 103902422B
- Authority
- CN
- China
- Prior art keywords
- virtual machine
- snapshot
- snapshot document
- monitoring
- user operation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention relates to a method and device for monitoring user operation behaviors and a cloud computer system. The method includes the steps that after a virtual machine is created in the cloud computer system, a monitoring request sent by a user is received, and virtual machine identification information is carried in the monitoring request; a corresponding virtual display card is obtained according to the virtual machine identification information; data of the virtual display card are snapshot and recorded according to a set time interval, and are stored in different files; duplicate removal operation is carried out on the stored files so as to delete the same snapshoot files. By means of the method and device for monitoring the user operation behaviors and the cloud computer system, real-time monitoring of the user operation behaviors can be guaranteed.
Description
Technical field
It relates to cloud computing application, especially, is related to a kind of method, device being monitored to user operation behavior
With cloud computer system.
Background technology
Intel Virtualization Technology be it is a kind of using software come the technology of analog computer hardware, computing element is on the basis of virtual
Rather than it is real on the basis of run, such that it is able to be planned again limited fixed resource according to different demands, to reach
Maximize to resource utilization.Since Intel Virtualization Technology obtains the support of hardware vendor, this software analog hardware
Performance obtains huge lifting.
In Intel Virtualization Technology, physical hardware is referred to as PM(Physical Machine, physical machine), virtual hardware claimed
For VM(Virtual Machine virtual machines), the operating system run on a virtual machine is referred to as GOS(Guest OS, Bin Kecao
Make system), manage virtual machine software be referred to as VMM(Virtual Machine Monitor virtual machine managers).
The performance of virtual machine can be dynamically adjusted by Intel Virtualization Technology.In a physical machine for configuring higher, can
It is multiple with different configuration of virtual machine to create.For taking the less application of computer resource, can only distribution one it is low
The virtual machine of configuration;And the application more for computer resource is taken, then can distribute the virtual machine of a high configuration.When should
When load changes, the configuration of virtual machine can also be dynamically changed to meet demand.
Had based on the cloud computer system of Intel Virtualization Technology inexpensive with elastomeric advantage.In terms of cost, as long as with
Family can be with access network, it is possible to connect cloud computer by multiple terminal, so that enterprise can be by purchasing low side PC
Mode reducing hardware acquisition cost.Further, since cloud computer build with safeguard etc. work all transfer to service provider to complete,
Also follow-up human cost is saved for enterprise.In terms of elasticity, when business expansion, user can apply for more cloud computers
Rapidly to meet demand;And be not in the spare time of hardware resource as long as reducing the rental of cloud computer when business is shunk
Put.When current cloud computer configuration is unsatisfactory for demand, it is also possible to easily change configuration.
In view of above-mentioned advantage, existing some companies have carried out similar service.But the field higher for some safety requirements
Scape, for example, O&M of production system etc. needs to be monitored the behavior of operator, to ensure the safe O&M of system.In order to
Ensure safe O&M, the method for adopting at present is one monitoring software of installation on GOS, however these softwares be easy to by around
Open, especially when operator has administrator right.For example, operator can with the operation of the temporary close software, so as to
Monitor in real time cannot be carried out.Further, since monitoring software wide variety, is not that every kind of monitoring software can support various operations
System, accordingly, it is possible to the incompatible situation of software occurs.
The content of the invention
The disclosure is in view of at least one of problem above proposes new technical scheme.
The disclosure its on one side provide a kind of method that user operation behavior is monitored, it can be ensured that to
Family operation behavior carries out monitor in real time.
The disclosure its on the other hand provide a kind of device that user operation behavior is monitored, it can be ensured that to
Family operation behavior carries out monitor in real time.
The disclosure provides a kind of cloud computer system at its another aspect, it can be ensured that user operation behavior is carried out in real time
Monitoring.
According to the disclosure, there is provided a kind of method being monitored to user operation behavior, including:
After virtual machine is created in cloud computer system, the monitoring request that receive user is initiated is taken in monitoring request
Band virtual machine identification information;
Corresponding virtual video card is obtained according to virtual machine identification information;
Being spaced the data to virtual video card according to setting time carries out snapshot record, and is saved on different files;
File to being preserved carries out deduplication operation, to delete identical snapshot document.
In some embodiments of the present disclosure, the method also includes:
Archival compression is carried out to remaining snapshot document, to form complete video monitoring file.
In some embodiments of the present disclosure, the file to being preserved carries out deduplication operation, to delete identical snapshot text
The step of part, includes:
Carrying out to the data of virtual video card every time after snapshot record finishes, by the snapshot document of new record with it is the last
The snapshot document of record is compared;
If adjacent snapshot document twice is identical, the snapshot document of new record is deleted.
According to the disclosure, a kind of device being monitored to user operation behavior is additionally provided, including:
Monitoring request reception unit, for creating virtual machine in cloud computer system after, receive user initiate prison
Control request, in monitoring request virtual machine identification information is carried;
Virtual video card acquiring unit, for obtaining corresponding virtual video card according to virtual machine identification information;
Snapshot recording unit, for being spaced the data to virtual video card according to setting time snapshot record is carried out, and is preserved
To on different files;
File duplicate removal unit, for carrying out deduplication operation to the file for being preserved, to delete identical snapshot document.
In some embodiments of the present disclosure, the device also includes:
Archival compression unit, for carrying out archival compression to remaining snapshot document, to form complete video monitoring text
Part.
In some embodiments of the present disclosure, file duplicate removal unit includes:
Snapshot document comparing subunit, for carrying out to the data of virtual video card every time after snapshot record finishes, will be new
The snapshot document of record is compared with the snapshot document of the last record;
Delete processing subelement, if identical for adjacent snapshot document twice, deletes the snapshot of new record
File.
In the technical scheme of the disclosure, due to being not that monitoring software is arranged on inside GOS, and GOS is provided in
Below, i.e. monitoring data is directly obtained by the virtual video card being connected with virtual machine, this mode can avoid having pipe
The operator of reason device authority closes monitoring function, and then causes behavior that can not be in real time to operator to be monitored, and reduces certain
The security of a little application scenarios.
Description of the drawings
Accompanying drawing described herein is used for providing further understanding of the disclosure, constitutes the part of the application.Attached
In figure:
Fig. 1 is the structural representation of disclosure cloud computer system.
Fig. 2 is the schematic flow sheet of the method being monitored to user operation behavior of disclosure one embodiment.
Fig. 3 is the schematic flow sheet of the method being monitored to user operation behavior of another embodiment of the disclosure.
Fig. 4 is the structural representation of the device being monitored to user operation behavior of disclosure one embodiment.
Fig. 5 is the structural representation of the device being monitored to user operation behavior of another embodiment of the disclosure.
Fig. 6 is the structural representation of the device being monitored to user operation behavior of the another embodiment of the disclosure.
Fig. 7 is the structural representation of the cloud computer system of disclosure one embodiment.
Specific embodiment
The disclosure is described below with reference to accompanying drawings.It should be noted that description below is only in itself explanatory and shows
Example property, never as to the disclosure and its application or any restriction for using.Unless stated otherwise, otherwise, implementing
The part illustrated in example and the positioned opposite and numerical expression and numerical value of step are not intended to limit the scope of the present disclosure.In addition,
Technology well known by persons skilled in the art, method and apparatus may not be discussed in detail, but be meant as in appropriate circumstances
A part for specification.
Inventors noted that the low cost of cloud computing technology, high resiliency, the easily characteristic such as deployment, easy care are enterprise's IT bases
The erection of Infrastructure brings great convenience, therefore, many enterprises are wished to from the operation mode of this rental IT services
Benefit is obtained, for example, there is provided the enterprise of monitoring service.
At present existing monitoring software is all mounted in inside GOS, and GOS allows to be used by an operator, therefore
This there is the risk that GOS is changed by operator.For example, if operator is familiar with the use of GOS, the monitoring can be closed
Software, causes monitoring to be normally carried out.In addition, there is some to use some special instructions based on the monitoring software of GOS
And environment so that it is not compatible with other application.
And the following embodiments of the disclosure are then based on Hypervisor(It is that one kind operates in basic physicses server and operation
Intermediate software layer between system, can allow multiple operating systems and Application share hardware, also referred to as VMM)Layer technology, GOS
Do not know that the virtual hardware environment for oneself being run has been trapped completely, operator unlikely carry out it is any forbid monitor
, there is no any compatibility issue, as shown in Figure 1 in action yet.
Fig. 2 is the schematic flow sheet of the method being monitored to user operation behavior of disclosure one embodiment.
As shown in Fig. 2 the embodiment may comprise steps of:
S202, after virtual machine is created in cloud computer system, the monitoring request that receive user is initiated please in the monitoring
Seek middle carrying virtual machine identification information;
S204, according to virtual machine identification information inquiry corresponding virtual video card is obtained;
Data in virtual video card are carried out snapshot record by S206 according to setting time interval, and each snapshot is recorded
It is saved on different files;
S208, the different files to being preserved carry out deduplication operation, to delete identical snapshot document.
In this embodiment, due to being not that monitoring software is arranged on inside GOS, and it is provided in below GOS,
That is, monitoring data is directly obtained by the virtual video card being connected with virtual machine, this mode can avoid being weighed with manager
The operator of limit closes monitoring function, and then causes behavior that can not be in real time to operator to be monitored, and reduces some applications
The security of scene.
After step S208, archival compression can also be carried out to remaining snapshot document, to form complete video prison
Control file.
In step S208, the file to being preserved carries out deduplication operation, can the step of to delete identical snapshot document
To include:
Carrying out to the data of virtual video card every time after snapshot record finishes, by the snapshot document of new record with it is the last
The snapshot document of record is compared;
If adjacent snapshot document twice is identical, the snapshot document of new record is deleted.
Fig. 3 is the schematic flow sheet of the method being monitored to user operation behavior of another embodiment of the disclosure.
As shown in figure 3, the embodiment may comprise steps of:
S302, cloud computer system receives the startup cloud computer request that user sends;
S304, user profile of the cloud computer system in request creates a corresponding virtual machine on backstage;
S306, cloud computer system receives the monitoring request that user sends, and in the monitoring request virtual machine mark is carried;
S308, cloud computer system identifies the virtual video card information for obtaining designated virtual machine according to virtual machine;
S310, cloud computer system carries out snapshot record to the data in the virtual video card of virtual machine, and is saved on file;
S312, at set intervals execution step S210, obtains continuous virtual video card snapshot document;
S314, because the picture that monitored may be not changed within a period of time, i.e., continuous two width or multi-picture
The same, therefore, need to listed files in each file carry out deduplication operation, i.e. delete duplicate snapshot document;
S316, archival compression is carried out to remaining snapshot document, forms a video file.
Next, being described in detail by an instantiation.
Step one, it is assumed that virtual machine uses VirtualBox, when cloud computer system receives user cloud computer is started
A virtual machine can be created after request, call instruction is as follows:
VBoxManage createvm--name<name>[--uuid<uuid>]
Wherein, in the operation of cloud computer system, cloud computer system can at any time inquire the virtual machine being currently running, and call
Order is as follows:
VBoxManage list[--long|-l]vms|runningvms
Step 2, when cloud computer system receives Client-initiated monitoring request, in the virtual video card of designated virtual machine
Data carry out shot operation, call instruction is as follows:
VBoxManage controlvm<uuid>screenshotpng<file>
The shot operation being continually performed in step 2, will obtain a series of files, and the filename of these files is all
Be with timestamp as suffix, for example, 142-sf-134134.20120404161345.Wherein, 142-sf-134134 is virtual
The UUID of machine(Universal Unique Identifier, universal unique identifier), suffix 20120404161345 represents
45 seconds April 4 day 16 point 13 minute in 2012.
These files during sectional drawing, are scanned two-by-two in real time by step 3, if adjacent two pictures are removed adopted
Collection time point is different outer, and image content is identical, then delete file corresponding with latter pictures.For example, if 142-sf-
134134.20120404161345 it is identical with the picture recorded in 142-sf-134134.20120404161354, then by the latter
Delete, after processing by this series of duplicate removal, a series of new sectional drawing files can be obtained, in the sectional drawing file no longer
The pictorial information of the identical content comprising redundancy.
Duplicate removal process in step 3 is carried out simultaneously with above-mentioned sectional drawing process, and such file will not accumulate excessive.
Step 4, these is carried out the sectional drawing file after duplicate removal process and is packed into video file, is available for watching in the future.
It will appreciated by the skilled person that realize the whole and part steps of said method embodiment can pass through
Completing, aforesaid program can be stored in a computing device read/write memory medium the related hardware of programmed instruction, the journey
Sequence upon execution, performs the step of including said method embodiment, and aforesaid storage medium can include ROM, RAM, magnetic disc
It is various with CD etc. can be with the medium of store program codes.
Fig. 4 is the structural representation of the device being monitored to user operation behavior of disclosure one embodiment.
As shown in figure 4, the device 40 in the embodiment can include that monitoring request reception unit 402, virtual video card is obtained
Unit 404, snapshot recording unit 406 and file duplicate removal unit 408.Wherein,
Monitoring request reception unit 402, for creating virtual machine in cloud computer system after, receive user initiate
Monitoring request, in monitoring request virtual machine identification information is carried;
Virtual video card acquiring unit 404, for obtaining corresponding virtual video card according to virtual machine identification information;
Snapshot recording unit 406, for being spaced the data to virtual video card according to setting time snapshot record is carried out, and is protected
It is stored on different files;
File duplicate removal unit 408, for carrying out deduplication operation to the file for being preserved, to delete identical snapshot document.
In this embodiment, due to being not that monitoring software is arranged on inside GOS, and it is provided in below GOS,
That is, monitoring data is directly obtained by the virtual video card being connected with virtual machine, this mode can avoid being weighed with manager
The operator of limit closes monitoring function, and then causes behavior that can not be in real time to operator to be monitored, and reduces some applications
The security of scene.
Fig. 5 is the structural representation of the device being monitored to user operation behavior of another embodiment of the disclosure.
As shown in figure 5, compared with the embodiment in Fig. 4, the device 50 in the embodiment can also include:
Archival compression unit 502, for carrying out archival compression to remaining snapshot document, to form complete video monitoring
File.
Fig. 6 is the structural representation of the device being monitored to user operation behavior of the another embodiment of the disclosure.
As shown in fig. 6, compared with the embodiment in Fig. 4, the file duplicate removal unit 602 in the device 60 in the embodiment can
With including snapshot document comparing subunit 602a and delete processing subelement 602b.Wherein,
Snapshot document comparing subunit 602a, for carrying out to the data of virtual video card every time after snapshot record finishes,
The snapshot document of new record is compared with the snapshot document of the last record;
Delete processing subelement 602b, if identical for adjacent snapshot document twice, deletes new record
Snapshot document.
Fig. 7 is the structural representation of the cloud computer system of disclosure one embodiment.
As shown in fig. 7, the system 70 in the embodiment can include virtual machine 702 and virtual machine manager 704, virtual
Virtual video card 704a being connected with virtual machine 702 can be included in machine manager 704 and user operation behavior is monitored
Device 704b.
Wherein, the device 704b being monitored to user operation behavior can be realized using previous embodiment.
Each embodiment is described by the way of progressive in this specification, and what each embodiment was stressed is and it
The difference of his embodiment, identical and similar part can be with cross-reference between each embodiment.For device embodiment
For, due to itself and embodiment of the method basic simlarity, so description is fairly simple, related part may refer to embodiment of the method
Partial explanation.
Disclosure above-described embodiment not only can cause user's unaware when the operation behavior to user is monitored,
And can also be without the person of being managed user and controlled, video monitoring truly can be realized.
Although describing the disclosure with reference to exemplary embodiment, it should be appreciated that the disclosure is not limited to above-mentioned exemplary
Embodiment.It will be obvious to those skilled in the art that can change under conditions of without departing substantially from the scope of the present disclosure and spirit
Exemplary embodiments mentioned above.The scope of appended claim should be endowed most wide explanation, such to repair comprising all
The 26S Proteasome Structure and Function for changing and being equal to.
Claims (7)
1. a kind of method that user operation behavior is monitored, it is characterised in that include:
After virtual machine is created in cloud computer system, the monitoring request that receive user is initiated is taken in the monitoring request
Band virtual machine identification information;
Corresponding virtual video card is obtained according to the virtual machine identification information;
Being spaced the data to the virtual video card according to setting time carries out snapshot record, and is saved on different files;
File to being preserved carries out deduplication operation, to delete identical snapshot document.
2. the method that user operation behavior is monitored according to claim 1, it is characterised in that methods described is also wrapped
Include:
Archival compression is carried out to remaining snapshot document, to form complete video monitoring file.
3. the method that user operation behavior is monitored according to claim 1, it is characterised in that described to being preserved
File carry out deduplication operation, include the step of to delete identical snapshot document:
Carrying out to the data of the virtual video card every time after snapshot record finishes, by the snapshot document of new record with it is the last
The snapshot document of record is compared;
If adjacent snapshot document twice is identical, the snapshot document of new record is deleted.
4. a kind of device that user operation behavior is monitored, it is characterised in that include:
Monitoring request reception unit, for creating virtual machine in cloud computer system after, receive user initiate monitoring please
Ask, in the monitoring request virtual machine identification information is carried;
Virtual video card acquiring unit, for obtaining corresponding virtual video card according to the virtual machine identification information;
Snapshot recording unit, for being spaced the data to the virtual video card according to setting time snapshot record is carried out, and is preserved
To on different files;
File duplicate removal unit, for carrying out deduplication operation to the file for being preserved, to delete identical snapshot document.
5. the device that user operation behavior is monitored according to claim 4, it is characterised in that also include:
Archival compression unit, for carrying out archival compression to remaining snapshot document, to form complete video monitoring file.
6. the device that user operation behavior is monitored according to claim 4, it is characterised in that the file duplicate removal
Unit includes:
Snapshot document comparing subunit, for carrying out to the data of the virtual video card every time after snapshot record finishes, will be new
The snapshot document of record is compared with the snapshot document of the last record;
Delete processing subelement, if identical for adjacent snapshot document twice, deletes the snapshot document of new record.
7. a kind of cloud computer system, it is characterised in that including virtual machine and virtual machine manager, in the virtual machine manager
Including carrying out to user operation behavior any one of the virtual video card and claim 4-6 being connected with the virtual machine
The device of monitoring.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210572984.1A CN103902422B (en) | 2012-12-25 | 2012-12-25 | Method and device for monitoring user operation behaviors and cloud computer system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210572984.1A CN103902422B (en) | 2012-12-25 | 2012-12-25 | Method and device for monitoring user operation behaviors and cloud computer system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103902422A CN103902422A (en) | 2014-07-02 |
| CN103902422B true CN103902422B (en) | 2017-05-10 |
Family
ID=50993758
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210572984.1A Active CN103902422B (en) | 2012-12-25 | 2012-12-25 | Method and device for monitoring user operation behaviors and cloud computer system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103902422B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9946605B2 (en) * | 2015-11-25 | 2018-04-17 | Veritas Technologies Llc | Systems and methods for taking snapshots in a deduplicated virtual file system |
| CN109074692A (en) * | 2016-04-11 | 2018-12-21 | 开利公司 | When interacting with multiple access control apparatus, capturing behavior user is intended to |
| CN108647284B (en) * | 2018-05-03 | 2021-07-23 | 网易宝有限公司 | Method and device for recording user behavior, medium and computing equipment |
| WO2021012331A1 (en) * | 2019-07-24 | 2021-01-28 | 南京智能制造研究院有限公司 | Edge computing system and data storage method |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101334751B (en) * | 2007-06-29 | 2010-04-14 | 联想(北京)有限公司 | Method and device for virtual machine monitor recognizing client operating system progress |
| WO2009052424A2 (en) * | 2007-10-19 | 2009-04-23 | Kubisys Inc. | Virtual computing environments |
| US8195980B2 (en) * | 2009-03-31 | 2012-06-05 | Oracle America, Inc. | Virtual machine snapshotting and damage containment |
| CN101894150B (en) * | 2010-07-05 | 2012-03-28 | 优视科技有限公司 | Internet web page audio/video acquisition method and system for mobile communication equipment terminal |
| CN102713860B (en) * | 2011-12-30 | 2014-07-30 | 华为技术有限公司 | User experience index monitoring method and monitoring virtual machine |
-
2012
- 2012-12-25 CN CN201210572984.1A patent/CN103902422B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN103902422A (en) | 2014-07-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10824343B2 (en) | Managing access of multiple executing programs to non-local block data storage | |
| US10691554B2 (en) | Providing access to stored computing snapshots | |
| US8448219B2 (en) | Securely hosting workloads in virtual computing environments | |
| US11281393B2 (en) | Envoy for multi-tenant compute infrastructure | |
| US20200351345A1 (en) | Data storage management system for holistic protection of serverless applications across multi-cloud computing environments | |
| US10169173B2 (en) | Preserving management services with distributed metadata through the disaster recovery life cycle | |
| CN102214127B (en) | Method for intensively storing and backing up data based on operating system virtualization theory | |
| US20200034240A1 (en) | Network block device based continuous replication for kubernetes container management systems | |
| US8412678B2 (en) | Systems and methods for providing business continuity services | |
| US8683484B2 (en) | Intelligently pre-placing data for local consumption by workloads in a virtual computing environment | |
| US20140172783A1 (en) | System and method for providing computing environment delivery service with offline operations | |
| US11573863B2 (en) | Virtual machine backup and restore coordinator | |
| CN102447723A (en) | Client-side virtualization framework | |
| US10909000B2 (en) | Tagging data for automatic transfer during backups | |
| US9203700B2 (en) | Monitoring client information in a shared environment | |
| US10223218B2 (en) | Disaster recovery of managed systems | |
| CN103902422B (en) | Method and device for monitoring user operation behaviors and cloud computer system | |
| US10628070B2 (en) | Selecting and compressing target files to obtain additional free data storage space to perform an operation in a virtual machine | |
| CN103309720A (en) | Virtual machine management system for maintaining virtual data center | |
| Coyne et al. | IBM Software-Defined Storage Guide | |
| CA3183412A1 (en) | Methods and systems for managing computing virtual machine instances | |
| CN115485677A (en) | Secure data replication in a distributed data storage environment | |
| Kotka et al. | E-government services migration to the public cloud: Experiments and technical findings | |
| CN103870748A (en) | Method and device for safety processing of virtual machine | |
| CN109857345B (en) | System and method for realizing disk mounting interface scheduling management based on concurrency |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |