CN107357922A - A kind of NFS of distributed file system accesses auditing method and system - Google Patents

A kind of NFS of distributed file system accesses auditing method and system Download PDF

Info

Publication number
CN107357922A
CN107357922A CN201710600625.5A CN201710600625A CN107357922A CN 107357922 A CN107357922 A CN 107357922A CN 201710600625 A CN201710600625 A CN 201710600625A CN 107357922 A CN107357922 A CN 107357922A
Authority
CN
China
Prior art keywords
nfs
audit
daily record
access
accesses
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710600625.5A
Other languages
Chinese (zh)
Inventor
赵闪闪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Yunhai Information Technology Co Ltd
Original Assignee
Zhengzhou Yunhai Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Yunhai Information Technology Co Ltd filed Critical Zhengzhou Yunhai Information Technology Co Ltd
Priority to CN201710600625.5A priority Critical patent/CN107357922A/en
Publication of CN107357922A publication Critical patent/CN107357922A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/1805Append-only file systems, e.g. using logs or journals to store data
    • G06F16/1815Journaling file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/182Distributed file systems
    • G06F16/1824Distributed file systems implemented using Network-attached Storage [NAS] architecture
    • G06F16/183Provision of network file services by network file servers, e.g. by using NFS, CIFS
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

Auditing method is accessed the invention discloses a kind of NFS of distributed file system and system, method comprise the following steps:Open and access audit function;Daily record rank is set;Audit log is redirected;Restart NFS services;Journal file management.System includes accessing Audit Module, to be turned on and off accessing audit function;Daily record level block, to set daily record rank;Daily record redirects module, to be redirected to audit log;NFS server resets modules, to restart NFS services;Log management module, to be managed to journal file.All operations and implementing result of the present invention using journal file record NFS clients, improve the security and traceability of NFS access, a kind of more intuitively access is provided for user and operates monitoring, and user can check to the various operations of NFS clients and implementing result in real time.

Description

A kind of NFS of distributed file system accesses auditing method and system
Technical field
The present invention relates to a kind of NFS of distributed file system to access auditing method and system, belongs to distributed field system The NFS monitoring technologies field of system.
Background technology
Storage system is the important component of computer system, in the current big data epoch, to the performance of storage system Propose higher requirement.Cluster NAS (Network Attached Storage, network attached storage) is must in storage system One of indispensable technology, it is a kind of calculate node set for the loose couplings being made up of multiple nodes, and collaboration is got up externally High-performance, High Availabitity, the NFS storage services of high capacity equilibrium are provided.
NFS (Network File System) is NFS, and it allows to pass through between the computer in network TCP/IP network shared resources.It is achieved in that the data accessed by all users can be stored in a central main frame On (nfs server), the user on other different main frames (NFS clients) can be accessed on same central host by NFS Data.
But there is unsafe factor in NFS access mechanisms, it is therefore desirable to which a kind of NFS accesses audit measure and visited to improve NFS The security and traceability asked.
The content of the invention
For the deficiency of above-mentioned technology, the embodiments of the invention provide a kind of NFS of distributed file system to access audit Method and be, its can be provided for user it is a kind of more intuitively access operation surveillance and control measure, user can be right in real time The various operations of NFS clients and implementing result are checked.
The embodiment of the present invention solves its technical problem and adopted the technical scheme that:
On the one hand, there is provided a kind of NFS of distributed file system accesses auditing method, and it comprises the following steps:
Open and access audit function;
Daily record rank is set;
Audit log is redirected;
Restart NFS services;
Journal file management.
Alternatively, the process of the unlatching access audit function is:Audit (audit) is added in NFS configuration files to match somebody with somebody Item is put, Audit configuration items are configured to true or false, and audit is accessed to open to access audit or close.
Alternatively, the setting other process of journal stage is:Audit_Level (audit levels are added in NFS configuration files Not) configuration item, Audit_Level (audit rank) configuration item includes low daily record rank configuration item, middle daily record rank configures Item and high daily record rank configuration item.
Alternatively, it is described to be to the process that audit log redirects:Log path configuration is added in NFS configuration files , the log path configuration item includes specific deposit position and the journal file title of journal file.
Alternatively, it is described restart NFS service process be:Weight is carried out to NFS services after preserving the NFS configuration files of modification Open.
Alternatively, the process of the journal file management is:When journal file reaches certain capacity, file is carried out Packing unloading, then open a new journal file and carry out recording NFS access operations.
Alternatively, when the journal file have recorded station address in each NFS clients, the file accessed, access Between and operation result information.
On the other hand, the NFS for additionally providing a kind of distributed file system accesses auditing system, and it includes:
Audit Module is accessed, to be turned on and off accessing audit function;
Daily record level block, to set daily record rank;
Daily record redirects module, to be redirected to audit log;
NFS server resets modules, to restart NFS services;
Log management module, to be managed to journal file.
Alternatively, the daily record level block include low daily record rank configuration module, middle daily record rank configuration item module and High daily record rank configuration module.
Alternatively, when the journal file have recorded station address in each NFS clients, the file accessed, access Between and operation result information.
Technical scheme provided in an embodiment of the present invention has the advantages that:
Scheme of the embodiment of the present invention controls the opening and closing of access audit function by changing NFS configuration file, The operation of NFS clients can be recorded in the case where opening access audit function state;By being added in NFS configuration files Rank configuration item audit to set daily record rank, realizes the record operated to different stage under NFS clients;By to day of auditing Will is redirected to change specific deposit position and the journal file name of journal file, so as to the lookup of journal file;When When journal file reaches certain capacity, the packing unloading of journal file is carried out, a new journal file is reopened and carries out NFS accesses the record of operation, and the operation note of NFS clients is searched according to the period, convenient and swift, there is provided the reading of file Take efficiency.
All operations and implementing result of the scheme of the embodiment of the present invention using journal file record NFS clients, to NFS The concrete operations such as the address of each user in client, file, access time and the operating result accessed are recorded, and are improved The security and traceability that NFS is accessed, provide a kind of more intuitively access for user and operate monitoring, user can be real When the various operations of NFS clients and implementing result are checked.
Brief description of the drawings
With reference to Figure of description, the present invention will be described.
Fig. 1 is that a kind of NFS of distributed file system provided in an embodiment of the present invention accesses the flow signal of auditing method Figure;
Fig. 2 is that a kind of NFS of distributed file system provided in an embodiment of the present invention accesses the structural representation of auditing system Figure.
Embodiment
For the technical characterstic for illustrating this programme can be understood, below by embodiment, and its accompanying drawing is combined, to this hair It is bright to be described in detail.Following disclosure provides many different embodiments or example is used for realizing the different knots of the present invention Structure.In order to simplify disclosure of the invention, hereinafter the part and setting of specific examples are described.In addition, the present invention can be with Repeat reference numerals and/or letter in different examples.This repetition is that for purposes of simplicity and clarity, itself is not indicated Relation between various embodiments are discussed and/or set.It should be noted that part illustrated in the accompanying drawings is not necessarily to scale Draw.Present invention omits the description to known assemblies and treatment technology and process to avoid being unnecessarily limiting the present invention.
Fig. 1 is that a kind of NFS of distributed file system provided in an embodiment of the present invention accesses the flow signal of auditing method Figure.Referring to Fig. 1, a kind of NFS of distributed file system of the embodiment of the present invention accesses auditing method, and it comprises the following steps:
Open and access audit function;Access audit function opening process be:Audit is added in NFS configuration files (to examine Meter) configuration item, Audit configuration items are configured to true or false, to open access audit or close access audit.By repairing Change NFS configuration file and access the opening and closing of audit function to control, access can be right under audit function state opening The operation of NFS clients is recorded.
Daily record rank is set;The other setting up procedure of journal stage is:Audit_Level (audits are added in NFS configuration files Rank) configuration item, Audit_Level (audit rank) configuration item includes low daily record rank configuration item, middle daily record rank is matched somebody with somebody Put item and high daily record rank configuration item.By adding audit rank configuration item in NFS configuration files, daily record rank is set, it is real The record now operated to different stage under NFS clients.
Audit log is redirected;The process that redirects of audit log is:Daily record road is added in NFS configuration files Footpath configuration item, the log path configuration item include specific deposit position and the journal file title of journal file.By to examining Meter daily record is redirected to change specific deposit position and the journal file name of journal file, so as to looking into for journal file Look for.
Restart NFS services;NFS service restarting process be:Progress is serviced to NFS after preserving the NFS configuration files of modification Restart.
Journal file management;The management process of journal file is:When journal file reaches certain capacity, file is carried out Packing unloading, then open a new journal file carry out record NFS access operation.Timed task is added to realize daily record The packing unloading of file, when journal file reaches certain capacity, the packing unloading of journal file is carried out, reopens one New journal file carries out the record that NFS accesses operation, and the operation note of NFS clients is searched according to the period, convenient fast It is prompt, there is provided the reading efficiency of file.
Alternatively, journal file described in the embodiment of the present invention have recorded station address in each NFS clients, access File, access time and operation result information.
A kind of NFS access auditing methods of distributed file system of the embodiment of the present invention can also use following feasible Implementation, it is as follows that it implements process:
First, open access audit function and daily record rank is set
1st, the unlatching of audit function is accessed:Access audit function unlatching realized by changing NFS configuration file, Audit configuration items are added in NFS configuration files, this be configurable to true and false, come control access the unlatching audited and Close, the operation of NFS clients can be recorded under opening;
2nd, daily record rank is set:The other switch of journal stage in NFS configuration files by adding Audit_Level configuration items To realize, this can configure basic, normal, high three kinds of daily record ranks, realize the record operated to different stage under NFS clients;
3rd, audit log redirects:In NFS configuration files add log path configuration item log_path=/ Var/log/ganesha_audit.log, i.e. journal file specific deposit position and journal file name;
By adding Audit=true in the NFS configuration files of distributed file system, unlatching accesses audit function, Audit_Level=LOW/MID/HIGH (daily record rank is basic, normal, high three kinds, three kinds of optional one) is added, definition is specific Daily record rank, log path configuration item log_path=/var/log/ganesha_audit.log is added, determine the tool of daily record Body deposit position.
2nd, NFS services are restarted
Change after NFS configuration files, it is necessary to restart NFS services, the configuration file for ensureing newly to add comes into force.
3rd, daily record rank is confirmed and to journal file management
It is confirmed whether that the operation to NFS clients records according to the daily record rank of definition, carries out in recording process, when When journal file reaches certain capacity, the packing unloading of file is carried out, the function is appointed by adding timing in an operating system It is engaged in realize, after the completion of daily record unloading, the operation note that a new journal file carries out NFS clients can be opened.
During daily record rank is confirmed, the operation for client, it is confirmed whether according to the daily record rank of definition to this Item operation is recorded, and is the behaviour of rename, remove, rmdir in linux system corresponding to Audit_Level=HIGH Make;Be corresponding to Audit_Level=MID create, read, write, setfattr, link, mkdir, rename, Remove, rmdir operation;Be corresponding to Audit_Level=LOW access, commit, getfattr, lookup, Readdir, readlink, create, read, write, setfattr, link, mkdir, rename, remove, rmdir's Operation.
During journal file management, the size of journal file is judged, journal file entered more than after limitation Row packing and unloading, then a journal file is reopened, it is not above limitation and the daily record of corresponding level is just saved in daily record In file.
Fig. 2 is that a kind of NFS of distributed file system provided in an embodiment of the present invention accesses the structural representation of auditing system Figure.Referring to Fig. 2, a kind of NFS of distributed file system of the embodiment of the present invention accesses auditing system, and it includes:
Audit Module is accessed, to be turned on and off accessing audit function;
Daily record level block, to set daily record rank;
Daily record redirects module, to be redirected to audit log;
NFS server resets modules, to restart NFS services;
Log management module, to be managed to journal file.
Alternatively, the daily record level block include low daily record rank configuration module, middle daily record rank configuration item module and High daily record rank configuration module.
Alternatively, when the journal file have recorded station address in each NFS clients, the file accessed, access Between and operation result information.
All operations and implementing result of the scheme of the embodiment of the present invention using journal file record NFS clients, to NFS The concrete operations such as the address of each user in client, file, access time and the operating result accessed are recorded, and are improved The security and traceability that NFS is accessed, provide a kind of more intuitively access for user and operate monitoring, user can be real When the various operations of NFS clients and implementing result are checked.
Simply the preferred embodiment of the present invention described above, for those skilled in the art, Without departing from the principles of the invention, some improvements and modifications can also be made, these improvements and modifications are also regarded as this hair Bright protection domain.

Claims (10)

1. a kind of NFS of distributed file system accesses auditing method, it is characterized in that, comprise the following steps:
Open and access audit function;
Daily record rank is set;
Audit log is redirected;
Restart NFS services;
Journal file management.
2. a kind of NFS of distributed file system according to claim 1 accesses auditing method, it is characterized in that, it is described to open Open access audit function process be:In NFS configuration files add Audit configuration items, Audit configuration items be configured to true or False, audit is accessed to open to access audit or close.
3. a kind of NFS of distributed file system according to claim 1 accesses auditing method, it is characterized in that, it is described to set Putting the other process of journal stage is:Audit_Level configuration items, the Audit_Level configuration items are added in NFS configuration files Including low daily record rank configuration item, middle daily record rank configuration item and high daily record rank configuration item.
4. a kind of NFS of distributed file system according to claim 1 accesses auditing method, it is characterized in that, it is described right The process that audit log redirects is:Log path configuration item, the log path configuration item are added in NFS configuration files Specific deposit position and journal file title including journal file.
5. a kind of NFS of distributed file system according to claim 1 accesses auditing method, it is characterized in that, it is described heavy Opening the process that NFS is serviced is:NFS services are restarted after preserving the NFS configuration files of modification.
6. a kind of NFS of distributed file system according to claim 1 accesses auditing method, it is characterized in that, the day The process of will file management is:When journal file reaches certain capacity, the packing unloading of file is carried out, then opens one New journal file carries out recording NFS access operations.
7. a kind of NFS of distributed file system according to claim 1 to 6 any one accesses auditing method, it is special Sign is that the journal file have recorded station address, file, access time and the operation knot of access in each NFS clients Fruit information.
8. a kind of NFS of distributed file system accesses auditing system, it is characterized in that, including:
Audit Module is accessed, to be turned on and off accessing audit function;
Daily record level block, to set daily record rank;
Daily record redirects module, to be redirected to audit log;
NFS server resets modules, to restart NFS services;
Log management module, to be managed to journal file.
9. a kind of NFS of distributed file system according to claim 8 accesses auditing system, it is characterized in that, the day Will level block includes low daily record rank configuration module, middle daily record rank configuration item module and high daily record rank configuration module.
10. a kind of NFS of distributed file system according to claim 8 or claim 9 accesses auditing system, it is characterized in that, institute State journal file and have recorded station address in each NFS clients, the file, access time and the operation result information that access.
CN201710600625.5A 2017-07-21 2017-07-21 A kind of NFS of distributed file system accesses auditing method and system Pending CN107357922A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710600625.5A CN107357922A (en) 2017-07-21 2017-07-21 A kind of NFS of distributed file system accesses auditing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710600625.5A CN107357922A (en) 2017-07-21 2017-07-21 A kind of NFS of distributed file system accesses auditing method and system

Publications (1)

Publication Number Publication Date
CN107357922A true CN107357922A (en) 2017-11-17

Family

ID=60285225

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710600625.5A Pending CN107357922A (en) 2017-07-21 2017-07-21 A kind of NFS of distributed file system accesses auditing method and system

Country Status (1)

Country Link
CN (1) CN107357922A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108132815A (en) * 2017-12-25 2018-06-08 郑州云海信息技术有限公司 A kind of method, apparatus and storage medium of configuration file dynamic load
CN108920347A (en) * 2018-06-07 2018-11-30 郑州云海信息技术有限公司 A kind of access auditing method and system based on distributed memory system
CN110780857A (en) * 2019-10-23 2020-02-11 杭州涂鸦信息技术有限公司 Unified log component

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103685579A (en) * 2014-01-13 2014-03-26 浪潮(北京)电子信息产业有限公司 Shared access method of cluster NAS (network attached storage) system
CN104320401A (en) * 2014-10-31 2015-01-28 北京思特奇信息技术股份有限公司 Big data storage and access system and method based on distributed file system
CN104462349A (en) * 2014-12-05 2015-03-25 曙光信息产业(北京)有限公司 File processing method and file processing device
CN104881353A (en) * 2015-06-15 2015-09-02 成都千寻科技有限公司 Hive platform oriented user behavior auditing system and method
CN104881483A (en) * 2015-06-05 2015-09-02 南京大学 Automatic detecting and evidence-taking method for Hadoop platform data leakage attack
CN105656903A (en) * 2016-01-15 2016-06-08 国家计算机网络与信息安全管理中心 Hive platform user safety management system and application
CN105827574A (en) * 2015-01-07 2016-08-03 中国移动通信集团设计院有限公司 File access system, file access method and file access device
CN106446079A (en) * 2016-09-08 2017-02-22 中国科学院计算技术研究所 Distributed file system-oriented file prefetching/caching method and apparatus

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103685579A (en) * 2014-01-13 2014-03-26 浪潮(北京)电子信息产业有限公司 Shared access method of cluster NAS (network attached storage) system
CN104320401A (en) * 2014-10-31 2015-01-28 北京思特奇信息技术股份有限公司 Big data storage and access system and method based on distributed file system
CN104462349A (en) * 2014-12-05 2015-03-25 曙光信息产业(北京)有限公司 File processing method and file processing device
CN105827574A (en) * 2015-01-07 2016-08-03 中国移动通信集团设计院有限公司 File access system, file access method and file access device
CN104881483A (en) * 2015-06-05 2015-09-02 南京大学 Automatic detecting and evidence-taking method for Hadoop platform data leakage attack
CN104881353A (en) * 2015-06-15 2015-09-02 成都千寻科技有限公司 Hive platform oriented user behavior auditing system and method
CN105656903A (en) * 2016-01-15 2016-06-08 国家计算机网络与信息安全管理中心 Hive platform user safety management system and application
CN106446079A (en) * 2016-09-08 2017-02-22 中国科学院计算技术研究所 Distributed file system-oriented file prefetching/caching method and apparatus

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108132815A (en) * 2017-12-25 2018-06-08 郑州云海信息技术有限公司 A kind of method, apparatus and storage medium of configuration file dynamic load
CN108920347A (en) * 2018-06-07 2018-11-30 郑州云海信息技术有限公司 A kind of access auditing method and system based on distributed memory system
CN110780857A (en) * 2019-10-23 2020-02-11 杭州涂鸦信息技术有限公司 Unified log component
CN110780857B (en) * 2019-10-23 2024-01-30 杭州涂鸦信息技术有限公司 Unified log component

Similar Documents

Publication Publication Date Title
US10885007B2 (en) Custom metadata extraction across a heterogeneous storage system environment
CN103237046B (en) Support distributed file system and the implementation method of mixed cloud storage application
CN106254466B (en) HDFS distributed file sharing method based on local area network
CN106156289A (en) The method of the data in a kind of read-write object storage system and device
CN101442558B (en) Method and system for providing index service for P2SP network
CN102111285B (en) Method and system for managing log information
CN103577482B (en) A kind of webpage collection method, device and browser
CN107122377A (en) Automatic Adaptation Data collection and storage assembly
CN103888499A (en) Distributed object processing method and system
CN107357922A (en) A kind of NFS of distributed file system accesses auditing method and system
CN104239353B (en) WEB classification control and log audit method
CN109491589A (en) A kind of delamination process and device based on file content
CN107026876A (en) A kind of file data accesses system and method
Day The long-term preservation of web content
CN106850761A (en) Journal file storage method and device
CN103490978A (en) Terminal, server and message monitoring method
CN105975352A (en) Cache data processing method and server
CN103647753B (en) LAN file security management method, server and system
CN110008197A (en) A kind of data processing method, system and electronic equipment and storage medium
CN106796542A (en) Merge storage operation
CN114547204A (en) Data synchronization method and device, computer equipment and storage medium
US20230385280A1 (en) Database system with run-time query mode selection
CN108197323A (en) Applied to distributed system map data processing method
CN103714089B (en) A kind of method and system for realizing cloud rollback database
Johnston Challenges in preservation and archiving digital materials

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20171117