CN109359093B - Rule file updating method and system - Google Patents
Rule file updating method and system Download PDFInfo
- Publication number
- CN109359093B CN109359093B CN201811556185.9A CN201811556185A CN109359093B CN 109359093 B CN109359093 B CN 109359093B CN 201811556185 A CN201811556185 A CN 201811556185A CN 109359093 B CN109359093 B CN 109359093B
- Authority
- CN
- China
- Prior art keywords
- rule file
- target
- target attribute
- file
- attribute
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a rule file updating method, which comprises the following steps: acquiring the current target attribute of a target rule file; wherein the target attribute changes with the change of the target rule file; reading a rule file record table, and determining the reference target attribute of a loaded target rule file; when the current target attribute is inconsistent with the reference target attribute, reloading the target rule file; and after the loading is finished, writing the current target attribute into the rule file record table so as to update the reference target attribute. The method can monitor whether the target rule file changes or not under the condition of no professional manager, and after the target rule file changes, the rule file is updated in an automatic loading mode, so that the rule file updating efficiency can be improved. The invention also discloses a system, equipment and a readable storage medium for updating the rule file, and the system and the equipment have corresponding technical effects.
Description
Technical Field
The invention relates to the technical field of security assurance, in particular to a method, a system, equipment and a readable storage medium for updating a rule file.
Background
The network security platform has a plurality of built-in rules, such as association model, rule model, statistical model, intelligence model, data dictionary, statistical index and the like.
These rules may change as the needs of the user change. In the existing rule file updating scheme, an operator is often required to input an instruction to reload a new rule file into a network security platform. In order to ensure the correct loading of the rule file, professional management personnel are required to participate after each rule change, the updating efficiency of the rule file is low, and errors are easy to occur.
In summary, how to effectively solve the problems of the update efficiency of the rule file of the network security platform and the like is a technical problem which needs to be solved urgently by those skilled in the art at present.
Disclosure of Invention
The invention aims to provide a method, a system and equipment for updating a rule file and a readable storage medium, so as to improve the updating efficiency of the rule file.
In order to solve the technical problems, the invention provides the following technical scheme:
a rule file update method, comprising:
acquiring the current target attribute of a target rule file; wherein the target attribute changes with the change of the target rule file;
reading a rule file record table, and determining the reference target attribute of a loaded target rule file;
when the current target attribute is inconsistent with the reference target attribute, reloading the target rule file;
and after the loading is finished, writing the current target attribute into the rule file record table so as to update the reference target attribute.
Preferably, the obtaining of the current target attribute of the target rule file includes:
when the target attribute is a file MD5 value, acquiring the target rule file, and performing MD5 calculation on the target rule file to acquire a current file MD5 value of the target rule file;
or when the target attribute is a modification date, a file size or a version number, acquiring metadata information of the target rule file, and determining the current target attribute by using the metadata information.
Preferably, the obtaining of the current target attribute of the target rule file includes:
and according to the recording sequence of the rule file recording list, taking the currently read rule file as the target rule file, and acquiring the current target attribute of the target rule file.
Preferably, when the current target attribute is consistent with the reference target attribute, the method includes:
and reading the next rule file according to the recording sequence of the rule file recording table.
Preferably, the obtaining of the current target attribute of the target rule file includes:
and acquiring the current target attribute of the target rule file according to the detection period.
Preferably, the reading the rule file record table to determine the reference target attribute of the loaded target rule file includes:
reading a target record of the target rule file from the rule file record table;
determining the reference target attribute using the target record.
Preferably, when the current target attribute is inconsistent with the reference target attribute, reloading the target rule file includes:
when the current target attribute is inconsistent with the reference target attribute, judging whether the loaded target rule file has a service in an operating state;
and if not, reloading the target rule file.
A rule file update system, comprising:
the current target attribute acquisition module is used for acquiring the current target attribute of the target rule file; wherein the target attribute changes with the change of the target rule file;
the reference target attribute acquisition module is used for reading the rule file record table and determining the reference target attribute of the loaded target rule file;
a rule file updating module, configured to reload the target rule file when the current target attribute is inconsistent with the reference target attribute;
and the rule file updating and recording module is used for writing the current target attribute into the rule file recording table after the loading is finished so as to update the reference target attribute.
A rule file updating apparatus comprising:
a memory for storing a computer program;
and the processor is used for realizing the steps of the rule file updating method when the computer program is executed.
A readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the above-described rule file updating method.
By applying the method provided by the embodiment of the invention, the current target attribute of the target rule file is obtained; wherein the target attribute changes with the change of the target rule file; reading a rule file record table, and determining the reference target attribute of a loaded target rule file; when the current target attribute is inconsistent with the reference target attribute, reloading the target rule file; and after the loading is finished, writing the current target attribute into the rule file record table so as to update the reference target attribute.
And obtaining the current target attribute of the target rule file. The current target attribute is the target attribute of the target rule file at the current moment. It should be noted that the target attribute changes with the change of the target rule file. And then, reading the rule file record table, and determining the reference target attribute of the loaded target rule file from the rule file record table, wherein the reference target attribute is the corresponding current target attribute when the target rule file is loaded. Because the target attribute can change along with the change of the target rule file, whether the target rule file changes or not can be determined by judging whether the current target attribute is consistent with the reference target attribute. When the current target attribute is inconsistent with the reference target attribute, the target rule file is changed, and at the moment, the target rule file can be reloaded to update the rule file. After the file loading is finished, the current target attribute is written into the rule record file table, so that the rule file is updated when the target rule file is changed next time. Therefore, the method can monitor whether the target rule file changes or not under the condition of no professional manager, and after the target rule file changes, the rule file is updated in an automatic loading mode, so that the rule file updating efficiency can be improved.
Accordingly, embodiments of the present invention further provide a rule file updating system, a device and a readable storage medium corresponding to the rule file updating method, which have the above technical effects and are not described herein again.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a flowchart illustrating an embodiment of a method for updating a rule file according to the present invention;
FIG. 2 is a flowchart illustrating an embodiment of a method for updating a rule file according to the present invention;
FIG. 3 is a schematic structural diagram of a rule file updating system according to an embodiment of the present invention;
FIG. 4 is a schematic structural diagram of a rule file updating apparatus according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a rule file updating apparatus according to an embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the disclosure, the invention will be described in further detail with reference to the accompanying drawings and specific embodiments. It is to be understood that the described embodiments are merely exemplary of the invention, and not restrictive of the full scope of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The first embodiment is as follows:
referring to fig. 1, fig. 1 is a flowchart illustrating a method for updating a rule file according to an embodiment of the present invention, where the method is applicable to a network security platform. The method comprises the following steps:
s101, obtaining the current target attribute of the target rule file.
Wherein the target property changes with the change of the target rule file.
The network security platform may obtain current target attributes of a target rule file within the network security platform. The target rule file can be a correlation model, a rule model, a statistical model, an intelligence model, a data dictionary, a statistical index and other files which can be changed along with the change of the requirements of the user. The target property changes with the change of the target rule file, that is, after the target rule file changes, the target property also changes. For example, the target attribute may be any one of a modification date, a file size, a version number and a file md5 value of the target rule file, and a specific selection may be selected and set by a user.
According to the difference of the target attributes, the method of obtaining the target rule file is roughly divided into the following two methods:
the first method is as follows: and when the target attribute is the value of the MD5, acquiring a target rule file, and performing MD5 calculation on the target rule file to acquire the current file MD5 value of the target rule file. Wherein, the MD5 is called Message-digest algorithm5, the MD5 is actually applied to generate a digital fingerprint (fingerprint) for a segment of byte string (Message), and the MD5 value refers to the digital fingerprint calculated by the MD 5. When the target rule file changes, the value of the current file md5 changes. That is, whether the target rule file is changed or not can be determined by comparing the file md5 values of the target rule file.
The second method comprises the following steps: and when the target attribute is the modification date, the file size or the version number, acquiring metadata information of the target rule file, and determining the current target attribute by using the metadata information. After a change is made to the target rule file, the modification date of the target rule file must change accordingly. In addition, when the target rule file is modified or adjusted, the size or the version number of the modified file is different from that before modification, so that whether the target rule file is changed or not can be judged according to the difference between the size and the version number of the file. Specifically, when the target attribute is a modification log, a file size, or a version number, metadata information of the target rule file may be directly obtained, and then the target attribute may be obtained from the metadata information. For example, when the target attribute is the file size, the metadata information is directly filtered, and the file size is removed.
Preferably, a detection period may be further set for timely updating, so that the current target attribute of the target rule file may be obtained according to the detection period. Specifically, the period size of the detection period may be set according to actual requirements, for example, the period may be set to a smaller value, for example, in units of days or hours, when the user requirement changes more frequently and the rule file is expected to be updated more timely; if the change frequency of the user requirement is low and the requirement on the timeliness of the regular file updating is not high, the period can be set to be a large value, for example, a week is taken as a unit.
After the current target attribute of the target rule file is obtained, the operation of step S102 may be executed.
S102, reading the rule file record table, and determining the reference target attribute of the loaded target rule file.
In the embodiment of the present invention, a rule file record table may be preset, where a reference target attribute corresponding to a loaded rule file is recorded in the rule file record table, where the reference target attribute is a target attribute when the rule file is loaded. Specifically, a unique identifier of the rule file such as a file name, a file ID, and a target attribute may be recorded in the rule record table. In specific setting, table 1 may be referred to, where table 1 is a rule file record table in the embodiment of the present invention.
TABLE 1
By reading the rule file record table, the reference target attribute of the loaded target rule file can be determined. Specifically, the target record of the target rule file can be read from the rule file record table; a reference target attribute is determined using the target record. For example, if the unique identifier of the target rule file is RnThen, the rule file record table can be traversed to find the unique identifier R of the target rule filenThen according to RnReading the reference target attribute as Pn。
S103, when the current target attribute is inconsistent with the reference target attribute, reloading the target rule file.
After the reference target attribute is obtained, the current target attribute and the reference target attribute can be compared to determine whether the current target attribute is consistent with the reference target attribute. If the judgment result is consistent, the target rule file is not modified or updated after the last loading, and the rule file does not need to be updated; if the judgment result is inconsistent, the situation that the target rule file is updated after the target rule file is loaded last time is indicated, so that the rule can be updated in a mode of reloading the target rule file.
Preferably, in order to avoid the occurrence of service interruption during the loading process, the following two different solutions are proposed:
the first method is as follows: when the current target attribute is inconsistent with the reference target attribute, judging whether the loaded target rule file has a service in an operating state; and if not, reloading the target rule file. That is, when it is determined that the target rule file is to be reloaded, it may be determined whether the target rule file is reloaded immediately by determining whether the loaded target rule file has a service in an operating state, that is, when there is no service in an operating state, the reloading of the target rule file does not generate an influence of service interruption. When the service in the running state exists, waiting can be carried out, and when the service in the running state does not exist, the target rule file is reloaded.
The second method comprises the following steps: in order to not interrupt the service, in the loading process, the target rule file loaded last time is adopted for the old data stream to carry out service processing, the target rule file loaded this time is adopted for the new data stream to carry out service processing, and when the old data stream does not exist, the target rule file loaded last time is not used for carrying out service processing. Therefore, the service can not be interrupted, and the user experience can be improved.
And S104, after the loading is finished, writing the current target attribute into the rule file record table to update the reference target attribute.
After loading is complete, the current target attribute may be written to the rule record table to update the reference target attribute. Therefore, repeated loading of the target rule file can be avoided, and meanwhile, the rule can be upgraded when the target rule attribute changes again.
By applying the method provided by the embodiment of the invention, the current target attribute of the target rule file is obtained; wherein the target attribute changes with the change of the target rule file; reading a rule file record table, and determining the reference target attribute of a loaded target rule file; when the current target attribute is inconsistent with the reference target attribute, reloading the target rule file; and after the loading is finished, writing the current target attribute into the rule file record table so as to update the reference target attribute.
And obtaining the current target attribute of the target rule file. The current target attribute is the target attribute of the target rule file at the current moment. It should be noted that the target attribute changes with the change of the target rule file. And then, reading the rule file record table, and determining the reference target attribute of the loaded target rule file from the rule file record table, wherein the reference target attribute is the corresponding current target attribute when the target rule file is loaded. Because the target attribute can change along with the change of the target rule file, whether the target rule file changes or not can be determined by judging whether the current target attribute is consistent with the reference target attribute. When the current target attribute is inconsistent with the reference target attribute, the target rule file is changed, and at the moment, the target rule file can be reloaded to update the rule file. After the file loading is finished, the current target attribute is written into the rule record file table, so that the rule file is updated when the target rule file is changed next time. Therefore, the method can monitor whether the target rule file changes or not under the condition of no professional manager, and after the target rule file changes, the rule file is updated in an automatic loading mode, so that the rule file updating efficiency can be improved.
It should be noted that, based on the above embodiments, the embodiments of the present invention also provide corresponding improvements. In the preferred/improved embodiment, the same steps as those in the above embodiment or corresponding steps may be referred to each other, and corresponding advantageous effects may also be referred to each other, which are not described in detail in the preferred/improved embodiment herein.
Preferably, based on the rule file updating method provided in the first embodiment, when the method is applied to a network security platform, particularly when the rule file updating needs to be performed on a plurality of rule files, the rule file updating of the entire network security platform can be completed by circulating the above steps.
Specifically, when the current target attribute of the target rule file is read, the currently read rule file may be used as the target rule file according to the recording sequence of the rule file recording table, and the current target attribute of the target rule file may be obtained. And when the current target attribute is consistent with the reference target attribute, reading the next rule file according to the recording sequence of the rule file recording table. That is to say, the target rule file may be any one of the rule files recorded in the rule file recording table, and when the rule file is updated, the current target attribute of each rule file may be sequentially read according to the recording order in the rule file recording table, and the operations from step S102 to step S104 may be sequentially performed, that is, after it is determined that the rule file has changed, the rule file is reloaded. It should be noted that, when it is determined that the rule file is not changed, the current target attribute of each rule file may be sequentially read according to the recording order in the rule file recording table. Therefore, the regular file updating of the whole network security platform can be completed by repeated execution.
Example two:
in order to facilitate those skilled in the art to better understand the rule file updating method provided by the embodiment of the present invention, the following describes the rule file updating method in detail by taking the target attribute as the md5 value as an example.
Referring to fig. 2, fig. 2 is a flowchart illustrating an embodiment of a rule file updating method according to the present invention. First, the rule file attributes are configured: the rule file attribute refers to an attribute capable of representing file change, and assuming that an md5 value is selected as the rule file attribute, an md5 value changes when a rule file is added, modified or deleted.
As shown in table 2, the rule file records table: and the rule file ID, the rule file name and the rule file attribute are recorded. When the rule file changes, the rule file record table needs to be updated.
TABLE 2
Therefore, the attribute of the rule file can be read, and specifically, the attribute function A of the read rule file can be written according to the defined attribute of the rule file.
The method comprises the steps of monitoring the attribute of a rule file, specifically, starting a timing task calling function A, and acquiring any rule file R in real timeiThe current file attribute S. For example, when the target rule file is an ioc file with an ID of 14, the md5 value of the rule file ai with an ID of 14 can be calculated: ff459d639d3883fcf843e8bb61bb6e7 f.
Comparing the rule file attributes, specifically, comparing S with R corresponding to the rule file record tableiRule file attributes: ff459d639d3883fcf843e8bb61bb6e7f, and the comparison specifically comprises the following steps:
when S ═ PiAnd if so, i is equal to i +1, and the next rule file attribute is continuously read. For example, if md5 ═ ff459d639d3883fcf843e8bb61bb6e7f of the rule file with ID 14 is equal to md5 value ═ ff459d639d38 3883fcf843e8bb61bb6e7f in the rule file record table, the file with file ID 15 is directly read.
When S ≠ PiAnd if so, indicating that the rule file is changed and needs to be upgraded. Specifically, the following processes are carried out,
step one, recording a rule file into a table RiRule file property P ofiIs updated to S.
Step two, the safety platform reloads the rule file Ri。
And step three, i is i +1, and the next rule file attribute is continuously read, namely, the step 4 is skipped.
If, the original md5 value of the rule file ai: 1d90ba5c0a6c0bbd5ff437d8aa466ee8, rule file ai current md5 value: 00645301569c468c43ecd62b3cc83d2c, it can be seen that the two are not equal, so the md5 value of ai in the rule file record table is updated as:
00645301569c468c43ecd62b3cc83d2 c; the security platform reloads the rule file Ri. And after the loading reception, judging the 15 th file.
The method has the advantages of no interruption of the service, no influence on the service operation, saving the time cost generated by restarting and completing the upgrade automatically and nondestructively.
Example three:
corresponding to the above method embodiment, the embodiment of the present invention further provides a rule file updating system, and the rule file updating system described below and the rule file updating method described above may be referred to in correspondence.
Referring to fig. 3, the system includes the following modules:
a current target attribute obtaining module 101, configured to obtain a current target attribute of a target rule file; wherein the target attribute changes with the change of the target rule file;
a reference target attribute obtaining module 102, configured to read the rule file record table, and determine a reference target attribute of a loaded target rule file;
the rule file updating module 103 is configured to reload the target rule file when the current target attribute is inconsistent with the reference target attribute;
and the rule file updating recording module 104 is configured to write the current target attribute into the rule file recording table after the loading is finished, so as to update the reference target attribute.
By applying the system and the method provided by the embodiment of the invention, the current target attribute of the target rule file is obtained; wherein the target attribute changes with the change of the target rule file; reading a rule file record table, and determining the reference target attribute of a loaded target rule file; when the current target attribute is inconsistent with the reference target attribute, reloading the target rule file; and after the loading is finished, writing the current target attribute into the rule file record table so as to update the reference target attribute.
And obtaining the current target attribute of the target rule file. The current target attribute is the target attribute of the target rule file at the current moment. It should be noted that the target attribute changes with the change of the target rule file. And then, reading the rule file record table, and determining the reference target attribute of the loaded target rule file from the rule file record table, wherein the reference target attribute is the corresponding current target attribute when the target rule file is loaded. Because the target attribute can change along with the change of the target rule file, whether the target rule file changes or not can be determined by judging whether the current target attribute is consistent with the reference target attribute. When the current target attribute is inconsistent with the reference target attribute, the target rule file is changed, and at the moment, the target rule file can be reloaded to update the rule file. After the file loading is finished, the current target attribute is written into the rule record file table, so that the rule file is updated when the target rule file is changed next time. Therefore, the system can monitor whether the target rule file changes or not under the condition of no professional manager, and after the target rule file changes, the rule file is updated in an automatic loading mode, so that the rule file updating efficiency can be improved.
In a specific embodiment of the present invention, the current target attribute obtaining module 101 is specifically configured to, when the target attribute is a file MD5 value, obtain a target rule file, and perform MD5 calculation on the target rule file to obtain a current file MD5 value of the target rule file; or when the target attribute is the modification date, the file size or the version number, acquiring metadata information of the target rule file, and determining the current target attribute by using the metadata information.
In a specific embodiment of the present invention, the current target attribute obtaining module 101 is specifically configured to take the currently read rule file as a target rule file according to a recording sequence of a rule file recording table, and obtain the current target attribute of the target rule file.
In one embodiment of the present invention, the method further comprises:
and the skip module is used for reading the next rule file according to the recording sequence of the rule file recording table when the current target attribute is consistent with the reference target attribute.
In a specific embodiment of the present invention, the current target attribute obtaining module 101 is specifically configured to obtain the current target attribute of the target rule file according to the detection period.
In a specific embodiment of the present invention, the reference target attribute obtaining module 102 is specifically configured to read a target record of a target rule file from a rule file record table; a reference target attribute is determined using the target record.
In a specific embodiment of the present invention, the rule file updating module 103 is specifically configured to determine whether the loaded target rule file has a service in an operating state when the current target attribute is inconsistent with the reference target attribute; and if not, reloading the target rule file.
Example four:
corresponding to the above method embodiment, the embodiment of the present invention further provides a rule file updating device, and a rule file updating device described below and a rule file updating method described above may be referred to in correspondence.
Referring to fig. 4, the rule file updating apparatus includes:
a memory D1 for storing computer programs;
a processor D2 for implementing the steps of the rule file updating method of the above-described method embodiments when executing the computer program.
Specifically, referring to fig. 5, fig. 5 is a schematic diagram of a specific structure of a rule file updating device provided in this embodiment, which may generate relatively large differences due to different configurations or performances, and may include one or more processors (CPUs) 322 (e.g., one or more processors) and a memory 332, and one or more storage media 330 (e.g., one or more mass storage devices) storing an application 342 or data 344. Memory 332 and storage media 330 may be, among other things, transient storage or persistent storage. The program stored on the storage medium 330 may include one or more modules (not shown), each of which may include a series of instructions operating on a data processing device. Still further, the central processor 322 may be configured to communicate with the storage medium 330 to execute a series of instruction operations in the storage medium 330 on the rule file updating apparatus 301.
The rule file updating apparatus 301 may also include one or more power supplies 326, one or more wired or wireless network interfaces 350, one or more input-output interfaces 358, and/or one or more operating systems 341. Such as Windows Server, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM, etc.
The steps in the rule file updating method described above may be implemented by the structure of the rule file updating apparatus.
Example five:
corresponding to the above method embodiment, an embodiment of the present invention further provides a readable storage medium, and a readable storage medium described below and a rule file updating method described above may be referred to in correspondence.
A readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the rule file updating method of the above-mentioned method embodiment.
The readable storage medium may be a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and various other readable storage media capable of storing program codes.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
Claims (9)
1. A method for updating a rule file, comprising:
acquiring the current target attribute of a target rule file; wherein the target attribute changes with the change of the target rule file; the target rule file is a correlation model, a rule model, a statistical model, an intelligence model, a data dictionary or a statistical index corresponding file;
reading a rule file record table, and determining the reference target attribute of a loaded target rule file;
when the current target attribute is inconsistent with the reference target attribute, reloading the target rule file;
after the loading is finished, writing the current target attribute into the rule file record table to update the reference target attribute;
the obtaining of the current target attribute of the target rule file includes:
when the target attribute is a file MD5 value, acquiring the target rule file, and performing MD5 calculation on the target rule file to acquire a current file MD5 value of the target rule file;
or when the target attribute is a modification date, a file size or a version number, acquiring metadata information of the target rule file, and determining the current target attribute by using the metadata information.
2. The method for updating a rule file according to claim 1, wherein the obtaining of the current target attribute of the target rule file comprises:
and according to the recording sequence of the rule file recording list, taking the currently read rule file as the target rule file, and acquiring the current target attribute of the target rule file.
3. The rule file updating method according to claim 2, wherein when the current target attribute is consistent with the reference target attribute, the method comprises:
and reading the next rule file according to the recording sequence of the rule file recording table.
4. The method for updating a rule file according to claim 1, wherein the obtaining of the current target attribute of the target rule file comprises:
and acquiring the current target attribute of the target rule file according to the detection period.
5. The method for updating a rule file according to claim 1, wherein the reading the rule file record table and determining the reference target attribute of the loaded target rule file comprises:
reading a target record of the target rule file from the rule file record table;
determining the reference target attribute using the target record.
6. The rule file updating method according to any one of claims 1 to 5, wherein when the current target attribute is inconsistent with the reference target attribute, reloading the target rule file comprises:
when the current target attribute is inconsistent with the reference target attribute, judging whether the loaded target rule file has a service in an operating state;
and if not, reloading the target rule file.
7. A rule file updating system, comprising:
the current target attribute acquisition module is used for acquiring the current target attribute of the target rule file; wherein the target attribute changes with the change of the target rule file; the target rule file is a correlation model, a rule model, a statistical model, an intelligence model, a data dictionary or a statistical index corresponding file;
the reference target attribute acquisition module is used for reading the rule file record table and determining the reference target attribute of the loaded target rule file;
a rule file updating module, configured to reload the target rule file when the current target attribute is inconsistent with the reference target attribute;
a rule file updating recording module, configured to write the current target attribute into the rule file recording table after the loading is finished, so as to update the reference target attribute;
the current target attribute obtaining module is specifically configured to, when the target attribute is a file MD5 value, obtain the target rule file, and perform MD5 calculation on the target rule file to obtain a current file MD5 value of the target rule file; or when the target attribute is a modification date, a file size or a version number, acquiring metadata information of the target rule file, and determining the current target attribute by using the metadata information.
8. A rule file updating apparatus, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the rule file updating method according to any one of claims 1 to 6 when executing the computer program.
9. A readable storage medium, having stored thereon a computer program which, when being executed by a processor, carries out the steps of the rule file updating method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811556185.9A CN109359093B (en) | 2018-12-19 | 2018-12-19 | Rule file updating method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811556185.9A CN109359093B (en) | 2018-12-19 | 2018-12-19 | Rule file updating method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109359093A CN109359093A (en) | 2019-02-19 |
| CN109359093B true CN109359093B (en) | 2020-09-01 |
Family
ID=65329177
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811556185.9A Active CN109359093B (en) | 2018-12-19 | 2018-12-19 | Rule file updating method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109359093B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113554414B (en) * | 2021-07-05 | 2024-07-16 | 金蝶软件(中国)有限公司 | Business rule updating method, business rule updating device, computer equipment and storage medium |
| CN114422234B (en) * | 2022-01-17 | 2024-08-30 | 北京金山云网络技术有限公司 | WAF rule loading method and device, electronic equipment and storage medium |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101661508B (en) * | 2009-09-29 | 2012-08-22 | 金蝶软件(中国)有限公司 | Method for generating memu for multi-technology platform and device thereof |
| CN102043612A (en) * | 2009-10-10 | 2011-05-04 | 英业达股份有限公司 | Version number maintenance system and maintenance method thereof |
| CN102982158A (en) * | 2012-12-04 | 2013-03-20 | 乐视致新电子科技(天津)有限公司 | Automatic updating method for loading advertisement picture |
| CN104615637A (en) * | 2014-11-20 | 2015-05-13 | 广州杰赛互教通信息技术有限公司 | Data exchange method and data exchange intermediate device |
| CN105868239A (en) * | 2015-12-10 | 2016-08-17 | 乐视网信息技术(北京)股份有限公司 | File updating method, device and terminal |
| CN106095500A (en) * | 2016-06-08 | 2016-11-09 | 江苏中威科技软件系统有限公司 | A kind of method and system of automatic software updating |
| KR102610480B1 (en) * | 2016-09-26 | 2023-12-06 | 삼성전자 주식회사 | Apparatus and method for providing streaming service |
| US10387271B2 (en) * | 2017-05-10 | 2019-08-20 | Elastifile Ltd. | File system storage in cloud using data and metadata merkle trees |
-
2018
- 2018-12-19 CN CN201811556185.9A patent/CN109359093B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN109359093A (en) | 2019-02-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11137911B2 (en) | Fast restart of applications using shared memory | |
| CN111221800B (en) | Database migration method and device, electronic equipment and storage medium | |
| CN110737594B (en) | Database standard conformance testing method and device for automatically generating test cases | |
| JP2006031109A (en) | Management system and management method | |
| CN109359093B (en) | Rule file updating method and system | |
| CN113190531A (en) | Database migration method, device, equipment and storage medium | |
| CN107729541A (en) | A kind of data processing method, device and computer-readable recording medium | |
| CN111367529A (en) | Code contribution statistical method and device | |
| CN112685275B (en) | Algorithm policy search method and device, electronic equipment and storage medium | |
| CN111078418B (en) | Operation synchronization method, device, electronic equipment and computer readable storage medium | |
| CN117194362A (en) | Log storage method and system and electronic equipment | |
| CN117271221A (en) | Database data recovery method, storage medium and device | |
| CN111694724B (en) | Test method and device of distributed form system, electronic equipment and storage medium | |
| CN115080093B (en) | Distributed system upgrading method, device, server and medium | |
| CN116156266A (en) | Multi-channel video data storage method, system, electronic equipment and storage medium | |
| CN113595762A (en) | Network card configuration storage method and device | |
| CN113655846A (en) | OpenPOWER server time synchronization method and system | |
| US8296336B2 (en) | Techniques for efficient dataloads into partitioned tables using swap tables | |
| JP2010152707A (en) | Backup method of database and database system | |
| CN114860611B (en) | BIOS upgrading test method, device and medium | |
| CN115017040B (en) | Test case screening method, system, electronic equipment and storage medium | |
| CN109032955B (en) | UI automation test method, device, equipment and readable storage medium | |
| JP2006172065A (en) | Checkpoint collection method, system and program | |
| CN118820203A (en) | Data modification method, device, equipment and medium applied to database | |
| CN117539960A (en) | Database data synchronization method, storage medium and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |