CN110061876B - Optimization method and system of operation and maintenance auditing system - Google Patents

Optimization method and system of operation and maintenance auditing system Download PDF

Info

Publication number
CN110061876B
CN110061876B CN201910317452.5A CN201910317452A CN110061876B CN 110061876 B CN110061876 B CN 110061876B CN 201910317452 A CN201910317452 A CN 201910317452A CN 110061876 B CN110061876 B CN 110061876B
Authority
CN
China
Prior art keywords
module
service
machine room
node
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910317452.5A
Other languages
Chinese (zh)
Other versions
CN110061876A (en
Inventor
钱熙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Sohu New Media Information Technology Co Ltd
Original Assignee
Beijing Sohu Internet Information Service Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Sohu Internet Information Service Co Ltd filed Critical Beijing Sohu Internet Information Service Co Ltd
Priority to CN201910317452.5A priority Critical patent/CN110061876B/en
Publication of CN110061876A publication Critical patent/CN110061876A/en
Application granted granted Critical
Publication of CN110061876B publication Critical patent/CN110061876B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0246Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols
    • H04L41/0253Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols using browsers or web-pages for accessing management information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/069Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0823Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/28Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1031Controlling of the operation of servers by a load balancer, e.g. adding or removing servers that serve requests
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The invention discloses an optimization method and a system of an operation and maintenance auditing system, wherein a single sign-on service is adopted in an authentication sign-on module in the operation and maintenance auditing system, and a local sign-on mode is switched when the single sign-on service responds incorrectly, so that a unified authentication flow capable of tolerating disasters is realized; the object storage structure of the log processing module is optimized, so that different service modules can be called, and the problem of capacity expansion is solved; and the problems of difficult capacity expansion of the operation and maintenance auditing system and unstable service during access of a springboard machine room are solved by using a load balancing scheme capable of automatically identifying the newly added nodes and deploying the nodes, and a data synchronization process is optimized by adopting a data synchronization mode of an asynchronous message queue.

Description

Optimization method and system of operation and maintenance auditing system
Technical Field
The invention relates to the technical field of internet, in particular to an optimization method and system of an operation and maintenance auditing system.
Background
At present, with the continuous development of internet technology, the number of infrastructure devices inside an enterprise is rapidly increasing. Meanwhile, in the daily working environment inside an enterprise, various types of terminal devices are increasing, such as a PC, a tablet computer, a smart phone, and the like. More and more terminal devices need to access an intranet to access and operate infrastructure devices. In order to guarantee the safety of an enterprise intranet, a protective layer is constructed between terminal equipment and infrastructure equipment by the operation and maintenance auditing system, so that illegal operation behaviors of internal personnel are effectively prevented, the system is prevented from being damaged, data is prevented from being leaked, and hacker attacks and the like are avoided.
Although the application of the operation and maintenance auditing system improves the security of the terminal equipment for accessing the infrastructure equipment, the tasks of taking over and processing a large number of access requests of users, storing operation logs and videos of the users and the like are all undertaken by the operation and maintenance auditing system, so that the load of the system is continuously increased, and in the initial design of the operation and maintenance auditing system, the requirements on resources such as network, storage, calculation and the like are difficult to reasonably evaluate, so that the processing capability of the system cannot keep up with the development when the enterprise scale is enlarged, and the requirements cannot be met, therefore, the existing operation and maintenance auditing system has the problems of low expansibility, poor deployment, unstable service and the like.
Disclosure of Invention
Aiming at the problems, the invention provides an optimization method and system of an operation and maintenance auditing system, which solve the problems of poor expandability, poor deployment and low stability in the operation and maintenance auditing system.
In order to achieve the purpose, the invention provides the following technical scheme:
an optimization method of an operation and maintenance auditing system, wherein the operation and maintenance auditing system is respectively connected with terminal equipment and infrastructure equipment, and comprises an authentication login module and a log processing module, and the method comprises the following steps:
the authentication login module is controlled to receive authentication information of the terminal equipment by adopting a preset login process, the authentication information is authenticated, if the authentication is successful, the terminal equipment logs in the operation and maintenance auditing system, the preset login process comprises a single-point login service, and a local login mode is switched when the single-point login service responds to errors;
constructing an object storage structure of the log processing module, so that the operation and maintenance auditing system realizes the capacity expansion of a storage space based on the object storage structure, wherein the object storage structure comprises a programming interface layer, an object storage layer and a physical storage space layer, and the programming interface layer represents calling interfaces of different service modules;
responding to a newly added node in the operation and maintenance auditing system, registering the newly added node information into a preset storage module, and adding the newly added node into a candidate node pool with balanced load when the newly added node is monitored to be added in the storage module, so that a load balancing request is dispatched to the newly added node;
monitoring services on nodes in the candidate node pool, and deleting the nodes from the storage module when the monitored nodes do not meet preset requirements;
when a terminal device initiates a request for accessing infrastructure equipment, analyzing the request, obtaining a machine room where a server corresponding to the request is located, controlling a main load balancing node in the machine room to receive the request, forwarding the request to a board jumper module of the machine room through the main load balancing node, and realizing the connection between the terminal device and the server of the infrastructure equipment by using the board jumper module;
and storing the synchronous data into a message queue, and controlling the operation and maintenance auditing system to acquire the data from the message queue, and synchronizing and updating the data.
Optionally, the controlling the authentication login module to receive authentication information of the terminal device by using a preset login process, and authenticating the authentication information includes:
if the continuous failure frequency of the terminal equipment for logging in the operation and maintenance auditing system does not reach a preset frequency threshold value, judging whether the single sign-on service is in a normal state, if so, skipping the current login interface to the single sign-on service interface, and receiving login information of the terminal equipment through the single sign-on service interface;
responding the login information by using the single sign-on service, and controlling the terminal equipment to log in the operation and maintenance auditing system if the response is successful;
if the single sign-on service is in an abnormal state, skipping a current login interface to a local login interface, and receiving login information of the terminal equipment through the local login interface;
and if the local login is successful, controlling the terminal equipment to log in the operation and maintenance auditing system.
Optionally, the operation and maintenance auditing system further includes a WEB service module and a springboard service module, the programming interface layer includes an access log interface, a log recording interface and a log deleting interface, wherein the WEB service module calls the access log interface to query the log in the log processing module; the board jump machine service module calls the log recording interface to acquire an operation process and a log of the infrastructure equipment; and the deleting service interface is called by the WEB service module to delete the log record.
Optionally, the object storage layer includes an authentication service unit, a cache service unit, an object service unit, a data consistency management unit, and a data model management unit.
Optionally, the physical storage space layer is composed of a plurality of storage servers, the object storage layer manages storage space of the physical storage space layer, and the physical storage space layer is used for storing metadata and content of objects, so as to provide underlying storage space for the object storage.
Optionally, the registering the newly added node information in a preset storage module includes:
responding to the operation and maintenance auditing system, and further comprising a WEB service module and a board jumper service module, and automatically deploying the WEB service module or the board jumper service module on the newly added node through a preset deployment script;
sending a key application request to the WEB service module through the preset deployment script, and generating a key for the newly added node by using the WEB service module;
and registering the information of the newly added node into a storage module through the preset deployment script.
Optionally, the analyzing the request to obtain a machine room where a server corresponding to the request is located, and controlling a primary load balancing node in the machine room to receive the request includes:
responding to an access request initiated by a terminal device to a first server in a first machine room, and processing the access request through a jumper module in the first machine room to enable a main load balancing node in the first machine room to receive the request;
and if the access request cannot be processed by the board jumper module of the first machine room, distributing the access request to the board jumper module of a second machine room.
Optionally, the method further comprises:
applying for a corresponding springboard module access domain name for each machine room, and setting the corresponding domain name of each machine room to point to the load balancing node of the machine room, wherein a candidate node pool of the load balancing node of the machine room comprises service nodes of the springboard modules of all operation and maintenance auditing systems, and the priority levels of the load balancing nodes are different.
Optionally, the method further comprises:
when terminal equipment initiates an access request to infrastructure equipment, analyzing the access request to obtain an IP address of the infrastructure equipment and a corresponding machine room;
and initiating access to the infrastructure equipment by using the domain name of the jumper module of the machine room, and acquiring the IP address of the load balancing node of the machine room, so that the access request is distributed to the jumper module of the machine room where the infrastructure equipment is located for service.
An optimization system of an operation and maintenance auditing system, wherein the operation and maintenance auditing system is respectively connected with terminal equipment and infrastructure equipment, and comprises an authentication login module and a log processing module, and the system comprises:
the login control unit is used for controlling the authentication login module to receive authentication information of the terminal equipment by adopting a preset login process, authenticating the authentication information, and enabling the terminal equipment to log in the operation and maintenance auditing system if the authentication is successful, wherein the preset login process comprises single-point login service and is switched to a local login mode when the single-point login service responds to errors;
the storage construction unit is used for constructing an object storage structure of the log processing module, so that the operation and maintenance auditing system realizes the capacity expansion of a storage space based on the object storage structure, the object storage structure comprises a programming interface layer, an object storage layer and a physical storage space layer, and the programming interface layer represents calling interfaces of different service modules;
a node adding unit, configured to register, in response to a newly added node in the operation and maintenance auditing system, the newly added node information in a preset storage module, and when it is monitored that the newly added node is newly added in the storage module, add the newly added node in a candidate node pool for load balancing, so that a load balancing request is scheduled to the newly added node;
the node deleting unit is used for monitoring the service on the nodes in the candidate node pool, and deleting the nodes from the storage module when the monitored nodes do not meet the preset requirement;
the access processing unit is used for analyzing the request to obtain a machine room where a server corresponding to the request is located when the terminal equipment initiates the request for accessing the infrastructure equipment, controlling a main load balancing node in the machine room to receive the request, and forwarding the request to a board jumper module of the machine room through the main load balancing node to realize the connection between the terminal equipment and the server of the infrastructure equipment by using the board jumper module;
and the data synchronization unit is used for storing the synchronization data into a message queue, and controlling the operation and maintenance auditing system to acquire the data from the message queue and perform synchronization and updating.
Compared with the prior art, the invention provides the optimization method and the optimization system of the operation and maintenance auditing system, single sign-on service is adopted in the authentication sign-on module in the operation and maintenance auditing system, and the local sign-on mode is switched when the single sign-on service responds incorrectly, so that the disaster-tolerant unified authentication process is realized; the object storage structure of the log processing module is optimized, so that different service modules can be called, and the problem of capacity expansion of log data storage is solved; and the problems of difficult capacity expansion of the operation and maintenance auditing system and unstable service when a springboard machine room is accessed are solved by using a load balancing scheme capable of automatically identifying the newly added nodes and deploying the nodes, and a data synchronization process is optimized by adopting a data synchronization mode of an asynchronous message queue.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic flowchart of an optimization method of an operation and maintenance auditing system according to an embodiment of the present invention;
fig. 2 is a flowchart illustrating an authentication mechanism according to an embodiment of the present invention;
fig. 3 is a schematic diagram of an object storage structure applied to a log processing module according to an embodiment of the present invention;
FIG. 4 is a simplified diagram of an intelligent load balancing DNS based on access target according to an embodiment of the present invention;
FIG. 5 is a diagram illustrating data synchronization using an asynchronous message queue according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an optimization system of an operation and maintenance auditing system according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first" and "second," and the like in the description and claims of the present invention and the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "comprising" and "having," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not set forth for a listed step or element but may include steps or elements not listed.
In order to facilitate the understanding of the embodiment of the invention, the operation and maintenance auditing system is briefly described. The operation and maintenance auditing system is a technical means for collecting and monitoring user operation, system state, security events, network activities and the like of each component in the network environment in real time by various technical means so as to alarm, record, analyze and process in a centralized manner under a specific network environment in order to ensure that servers, network equipment and the like are not damaged by the system and data leakage caused by the non-compliant operation of internal legal users.
Generally, a core module of the operation and maintenance auditing system comprises an authentication authorization module, a log processing module, a WEB service module and a board jumper module, and efficient application of the operation and maintenance auditing system can be ensured only by realizing distributed high-availability deployment of the operation and maintenance auditing system and performing data synchronization and update with other business systems. The embodiment of the invention also optimizes the operation and maintenance auditing system corresponding to the aspects, so that the optimized operation and maintenance auditing system can better meet the actual requirements.
The authentication and authorization module receives a login request of a user, performs identity verification on the user and logs the user into the system. When the user uses the system, the authentication and authorization module judges the operation of the user according to the role of the user and a policy defined in advance, and allows or forbids the operation of the user.
The log processing module records and stores all operations of the user logging in the infrastructure equipment, and is a whole-course record of the user operation process.
In order to improve the high availability and expandability of the WEB service module and the jumper module of the operation and maintenance auditing system, cluster-type multi-service node deployment is often adopted, that is, a plurality of server nodes are deployed, each node is provided with a complete service module, and then a load balancing technology is combined to reasonably distribute user requests according to strategies.
And real-time data synchronization and updating are realized by mutual calling of interfaces among systems. The method is based on the HTTP protocol in implementation, meaning that each invocation is synchronous. In addition, the method requires tight coupling between systems in terms of implementation, and other business systems need to be developed according to interface definitions of the operation and maintenance management system. An asynchronous message queue is an interprocess communication means for asynchronously processing a series of inputs. Message queues provide an asynchronous communication protocol, and data containing specifications, such as time, specific input parameters, etc., are recorded in the queues. The sender and receiver of the message need not interact with the message queue at the same time. The message is kept in the queue until the recipient retrieves the message. The mode can realize the decoupling between systems and is beneficial to expansion.
Referring to fig. 1, an optimization method of an operation and maintenance auditing system provided in an embodiment of the present invention includes:
s101, controlling the authentication login module to receive authentication information of the terminal equipment by adopting a preset login process, authenticating the authentication information, and enabling the terminal equipment to log in the operation and maintenance auditing system if the authentication is successful.
The preset login process comprises single sign-on service, and the local login mode is switched to when the single sign-on service responds to errors.
When the authentication login module of the operation and maintenance auditing system is optimized, a preset login process is adopted, namely, a single sign-on service is combined with a local login mode, and the problems of low safety, low expandability, insufficient flexibility, poor distributed deployment support and the like of the existing authentication login module of the operation and maintenance auditing system are solved.
The process specifically comprises the following steps:
if the continuous failure frequency of the terminal equipment for logging in the operation and maintenance auditing system does not reach a preset frequency threshold value, judging whether the single sign-on service is in a normal state, if so, skipping the current login interface to the single sign-on service interface, and receiving login information of the terminal equipment through the single sign-on service interface;
responding the login information by using the single sign-on service, and controlling the terminal equipment to log in the operation and maintenance auditing system if the response is successful;
if the single sign-on service is in an abnormal state, skipping a current login interface to a local login interface, and receiving login information of the terminal equipment through the local login interface;
and if the local login is successful, controlling the terminal equipment to log in the operation and maintenance auditing system.
Namely, the disaster-tolerant unified authentication provided by the embodiment of the invention means that when a single sign-on service fails, the traditional local sign-on mode based on a database can be automatically switched to, so that the high availability and stability of the authentication log-in module are ensured.
Referring to fig. 2, a schematic flowchart of an authentication mechanism provided in an embodiment of the present invention specifically includes the following steps:
s201, judging whether login attempts of a user fail for three times continuously, if so, executing a step S212, otherwise, executing a step S202;
s202, displaying a login home page;
s203, judging whether the single sign-on service is in a normal health state, if so, executing S204, otherwise, executing S209;
s204, jumping to a login home page of single sign-on;
s205, a user inputs a user name and a password of the single sign-on system on a sign-on home page of the single sign-on and clicks a sign-on button;
s206, judging whether the response of the single sign-on is error, if not, executing S207, otherwise, executing S209;
s207, judging whether the response of the single sign-on is a successful sign-on response, if so, executing S208, otherwise, returning to execute S201;
s208, the user logs in successfully, enters the system and the process is finished;
s209, jumping to a login page of local login;
s210, inputting a user name and a password for local login, and clicking a login button;
s211, judging whether the local login is successful, if so, executing S208, and if not, returning to execute S201;
s212, prompting that the user is locked and can not log in.
S102, constructing an object storage structure of the log processing module, so that the operation and maintenance auditing system realizes the capacity expansion of a storage space based on the object storage structure;
the object storage structure comprises a programming interface layer, an object storage layer and a physical storage space layer, wherein the programming interface layer represents calling interfaces of different service modules.
When the log processing module is optimized in the embodiment of the invention, a log processing and editing interface layer for the operation and maintenance auditing system is constructed on the log processing module based on the object storage technology, so that the high availability and expandability of log data storage are realized, the reading, writing and deleting operations are supported, and the method is suitable for being applied to the log processing module of the operation and maintenance auditing system to record and store all operations of a user logging in infrastructure equipment.
Referring to fig. 3, a schematic diagram of an object storage structure applied to a log processing module according to an embodiment of the present invention is provided. The object storage structure is divided into three component layers, and mainly comprises a programming interface layer which provides a convenient and available programming interface for operation log recording for other core modules of the operation and maintenance auditing system. The object storage layer realizes an object storage mechanism, and the physical storage space layer is composed of a plurality of storage type servers and provides a stratum storage space for object storage. The method comprises the following specific steps:
the programming interface layer provides three types of interfaces for operating log records to be used by other core modules, generally, an access log interface is called by a WEB service module, and convenient and available log query service is provided for an administrator; the log recording interface is called by a springboard service module, and the operation process and the log of the user on the infrastructure equipment are recorded in real time; the log deleting interface is called by the WEB service module, and an administrator can configure a certain strategy to delete log records which are no longer interested at regular intervals.
And the object storage layer is a core implementation part of the object storage technology. The object storage layer comprises an authentication service unit, a cache service unit, an object service unit, a data consistency management unit and a data model management unit, namely mainly comprising the authentication service, the cache service, the object service, the data consistency management and the data module management. The authentication service is used for verifying the identity information of a user accessing the object storage programming interface layer and obtaining an object access token which is valid within a certain time; the cache service user cache comprises an object service token, and the existence information of the position of the object is not cached but the data of the object per se is not cached; the caching service can be implemented by adopting a common caching service cluster. The object service provides object metadata and a content service, the content of each object is stored in a file system of the physical storage space in the form of a file, and the metadata is stored as a file attribute. The data consistency management is to ensure that the metadata and the content of the object stored in the physical storage space maintain final consistency, and any general consistency algorithm may be adopted in a specific implementation manner. The data model manages a logical structure for constructing object storage, and reasonably organizes objects on a logical level.
And the physical storage space layer is composed of a plurality of common storage servers, manages the storage space by an upper object storage layer, is used for storing metadata and content of the object and provides a bottom storage space for object storage. Generally, 3 or more storage servers are required for implementing a three-copy object backup strategy. When capacity expansion is needed, a new storage server can be added into the physical storage space layer, the object storage layer can replan the existing object storage, and finally the objects are uniformly distributed on all the storage servers.
S103, responding to a newly added node in the operation and maintenance auditing system, registering the newly added node information into a preset storage module, and adding the newly added node into a candidate node pool with balanced load when the newly added node is monitored to be added in the storage module, so that a load balancing request is dispatched to the newly added node;
s104, monitoring services on the nodes in the candidate node pool, and deleting the nodes from the storage module when the monitored nodes do not meet the preset requirements;
s105, when the terminal equipment initiates a request for accessing the infrastructure equipment, analyzing the request, obtaining a machine room where a server corresponding to the request is located, controlling a main load balancing node in the machine room to receive the request, forwarding the request to a board jumper module of the machine room through the main load balancing node, and achieving the purpose of establishing connection between the terminal equipment and the server of the infrastructure equipment by using the board jumper module.
In order to solve the problems of poor stability, poor expandability and unstable service of the existing operation and maintenance auditing system in the aspect of distributed deployment, the embodiment of the invention adopts an intelligent load balancing scheme, namely the steps S103-S105 are included, and the intelligent load balancing scheme mainly comprises two aspects, namely automatic discovery and elimination of service and DNS based on an access target. The first aspect is to solve the problem of capacity expansion and disaster tolerance of the operation and maintenance auditing system under the condition of continuously increasing load, and the second aspect is to solve the problem that the trigger tripping module of the operation and maintenance auditing system accesses infrastructure equipment across a machine room.
The automatic capacity expansion process of intelligent load balancing, namely step S103, mainly includes:
s1031, responding to the operation and maintenance auditing system, further comprising a WEB service module and a board jumper service module, and automatically deploying the WEB service module or the board jumper service module on the newly added node through a preset deployment script;
s1032, sending a key application request to the WEB service module through the preset deployment script, and generating a key for the newly added node by using the WEB service module;
s1033, registering the information of the newly added node into a storage module through the preset deployment script.
In actual use, when the number of users and devices of the operation and maintenance auditing system is increased, the load is gradually increased, when the number of users and devices exceeds a certain preset warning value, the service needs to be expanded, and the service capacity of the operation and maintenance auditing system is improved by adding a new service node. The storage module may be a central storage system, which may be implemented by a database, a key-value type cache system, and the like, and is intended to maintain a current online service node list. The information at least includes a machine room where the node is located, an IP address of the node, a service type that the node can provide, and the like.
In addition, in another embodiment of the present invention, an automatic service discovery process is further provided, where the process further includes:
s1034, monitoring that a new node is added in the storage module by an automatic discovery program on the load balancing node;
s1035, adding the new node information into a candidate node pool of the load balancing software by the automatic discovery program;
s1036, the load balancing software starts to dispatch the request to a new node according to a certain strategy.
The embodiment of the invention also provides an intelligent load balancing automatic service removing process, which comprises the following steps:
s1041, the service detection script on the load balancing node regularly carries out health monitoring on the service on the node in the candidate node pool.
The service monitoring script can carry out multi-dimensional monitoring on the service nodes of the operation and maintenance auditing system, and generally comprises a port monitoring state, a service health state, key interface accessibility and the like.
S1042, after the service monitoring script finds out the node with the problem, the node is deleted in the central storage system.
After the node information is deleted, the request distribution to the problem node may be stopped by updating the candidate node pool similar to that described in the above-mentioned flow, and the description is not repeated here.
In another embodiment of the present invention, the analyzing the request to obtain a machine room where a server corresponding to the request is located, and controlling a primary load balancing node in the machine room to receive the request includes:
responding to an access request initiated by a terminal device to a first server in a first machine room, and processing the access request through a jumper module in the first machine room to enable a main load balancing node in the first machine room to receive the request;
and if the access request cannot be processed by the board jumper module of the first machine room, distributing the access request to the board jumper module of a second machine room.
On the basis of the above embodiment, the method further includes:
applying for a corresponding springboard module access domain name for each machine room, and setting the corresponding domain name of each machine room to point to the load balancing node of the machine room, wherein a candidate node pool of the load balancing node of the machine room comprises service nodes of the springboard modules of all operation and maintenance auditing systems, and the priority levels of the load balancing nodes are different.
On the basis of the above embodiment, the method further includes:
when terminal equipment initiates an access request to infrastructure equipment, analyzing the access request to obtain an IP address of the infrastructure equipment and a corresponding machine room;
and initiating access to the infrastructure equipment by using the domain name of the jumper module of the machine room, and acquiring the IP address of the load balancing node of the machine room, so that the access request is distributed to the jumper module of the machine room where the infrastructure equipment is located for service.
For example, referring to fig. 4, a simplified diagram of a DNS based access target for intelligent load balancing according to an embodiment of the present invention is provided. An access request initiated by a user to a server A located in the machine room 1 is preferentially processed by a server of a jumper module cluster located in the machine room 1, and the request is distributed to the jumper module cluster of other machine rooms (such as the machine room 2) for processing only when the jumper module cluster of the machine room 1 has a problem, so that the problem that the service is unstable when the jumper module crosses the machine room to access infrastructure equipment is solved. The technical means adopts a multi-domain name mode, namely, a corresponding springboard module is applied for accessing a domain name for each machine room, and the corresponding domain name of each machine room is set to point to a load balancing node of the machine room. The candidate node pool of the load balancing node of the computer room comprises the service nodes of the springboard module of all the operation and maintenance auditing systems. But the priorities are different, and the priority of the service node positioned in the machine room is higher than that of the service nodes positioned in other machine rooms. When a user accesses a target infrastructure device, a self-written script is used for packaging and modifying an access command (such as ssh, telnet and the like), the IP address of the target infrastructure device is firstly analyzed, a machine room to which the target infrastructure device belongs is determined, then, access is initiated to the domain name of the jumper module of the machine room, and the IP address of the load balancing node of the machine room is further analyzed, so that the condition that a request is preferentially distributed to the jumper module service of the machine room where the infrastructure device is located can be ensured (when the jumper module service of the machine room is unavailable, the request is distributed to the jumper module service of other machine rooms, and high availability is ensured). The specific process is as follows:
step 1: a request to access an infrastructure device, such as server a, is initiated by a user. Wherein, assume that the IP address of server a is a.
And 2, step: and analyzing the access command initiated by the user by the self-written script, analyzing the IP address A to obtain the machine room where the server A is located according to the machine room network segment rule, and assuming that the analysis result is the machine room 1. The script then initiates a request to the domain name jiflang 1.example. com to access server a.
And step 3: the DNS service resolves the domain name jiflang 1.example. com to the IP of the main load balancing node of the machine room 1, the main load balancing node receives the request of the user for accessing the server A, and preferentially distributes the request to one server in the jumper module cluster of the machine room 1 according to the set load balancing strategy.
And 4, step 4: the jumper module node which is really used for processing the request initiates access to the server A, establishes an access tunnel from the user terminal to the server A, and realizes the access of the user to the server A.
And S106, storing the synchronous data into a message queue, and controlling the operation and maintenance auditing system to acquire the data from the message queue, and synchronizing and updating the data.
When the data synchronization and updating are carried out with other business systems in an enterprise, the data updating is frequent frequently and the updating time is uncertain, the technical means is to use the message queue service to complete the data synchronization and updating operation between the operation and maintenance auditing system and other business systems, the decoupling requirement under a distributed deployment environment is met, the problems of untimely and unstable existing data synchronization modes can be solved, and the message queue service can be expanded as required when the load is high.
As shown in fig. 5, fig. 5 is a schematic diagram of data synchronization using an asynchronous message queue according to an embodiment of the present invention. And other business systems are used as producers, when data is updated, the data details and the change details of the data are put into the message queue service, the operation and maintenance auditing system is used as a consumer to read the information from the message queue service, and corresponding operation is carried out on self-managed resources according to the change details.
The invention provides an optimization method of an operation and maintenance auditing system, which adopts single sign-on service in an authentication sign-on module in the operation and maintenance auditing system, and switches to a local sign-on mode when the single sign-on service responds incorrectly, thereby realizing a unified authentication flow capable of tolerating disasters; the object storage structure of the log processing module is optimized, so that different service modules can be called, and the problem of capacity expansion of log data storage is solved; and the problems of difficult capacity expansion of the operation and maintenance auditing system and unstable service during access of a springboard machine room are solved by using a load balancing scheme capable of automatically identifying the newly added nodes and deploying the nodes, and a data synchronization process is optimized by adopting a data synchronization mode of an asynchronous message queue.
Referring to fig. 6, in an embodiment of the present invention, an optimization system of an operation and maintenance auditing system is further provided, where the operation and maintenance auditing system is respectively connected to a terminal device and an infrastructure device, and the operation and maintenance auditing system includes an authentication login module and a log processing module, and the system includes:
the login control unit 10 is configured to control the authentication login module to receive authentication information of the terminal device by using a preset login process, authenticate the authentication information, and enable the terminal device to log in the operation and maintenance auditing system if the authentication is successful, where the preset login process includes a single-point login service and is switched to a local login mode when the single-point login service responds incorrectly;
the storage construction unit 20 is configured to construct an object storage structure of the log processing module, so that the operation and maintenance auditing system implements capacity expansion of a storage space based on the object storage structure, where the object storage structure includes a programming interface layer, an object storage layer, and a physical storage space layer, and the programming interface layer represents call interfaces of different service modules;
the node adding unit 30 is configured to register newly added node information in a preset storage module in response to a newly added node in the operation and maintenance auditing system, and when it is monitored that the newly added node is newly added in the storage module, add the newly added node to a candidate node pool for load balancing so that a load balancing request is scheduled to the newly added node;
a node deleting unit 40, configured to monitor a service on a node in the candidate node pool, and delete the node from the storage module when it is monitored that the node does not meet a preset requirement;
the access processing unit 50 is configured to, when a terminal device initiates a request for accessing an infrastructure device, parse the request to obtain a machine room where a server corresponding to the request is located, control a main load balancing node in the machine room to receive the request, and forward the request to a jumper module of the machine room through the main load balancing node, so as to establish a connection between the terminal device and the server of the infrastructure device by using the jumper module;
and the data synchronization unit 60 is configured to store the synchronization data in a message queue, and control the operation and maintenance auditing system to acquire data from the message queue, synchronize and update the data.
The invention provides an optimization system of an operation and maintenance auditing system, which adopts single sign-on service in an authentication sign-on module in the operation and maintenance auditing system, and switches to a local sign-on mode when the single sign-on service responds incorrectly, thereby realizing a unified authentication flow capable of tolerating disasters; the object storage structure of the log processing module is optimized, so that different service modules can be called, and the problem of capacity expansion of log data storage is solved; and the problems of difficult capacity expansion of the operation and maintenance auditing system and unstable service when a springboard machine room is accessed are solved by using a load balancing scheme capable of automatically identifying the newly added nodes and deploying the nodes, and a data synchronization process is optimized by adopting a data synchronization mode of an asynchronous message queue.
On the basis of the above embodiment, the login control unit includes:
the first judgment subunit is used for judging whether the single sign-on service is in a normal state or not if the continuous failure frequency of the terminal equipment for logging in the operation and maintenance auditing system does not reach a preset frequency threshold value, skipping the current login interface to the single sign-on service interface if the single sign-on service is in the normal state, and receiving login information of the terminal equipment through the single sign-on service interface;
the response judgment subunit is used for responding to the login information by using the single sign-on service, and if the response is successful, the terminal equipment is controlled to log in the operation and maintenance auditing system;
an interface skip subunit, configured to skip a current login interface to a local login interface if the single sign-on service is in an abnormal state, and receive login information of a terminal device through the local login interface;
and the login control subunit is used for controlling the terminal equipment to log in the operation and maintenance auditing system if the local login is successful.
On the basis of the embodiment, the operation and maintenance auditing system further comprises a WEB service module and a springboard service module, wherein the programming interface layer comprises an access log interface, a log recording interface and a log deleting interface, and the WEB service module calls the access log interface to inquire logs in the log processing module; the board jump machine service module calls the log recording interface to acquire an operation process and a log of the infrastructure equipment; and the deleting service interface is called by the WEB service module to delete the log record.
On the basis of the above embodiment, the object storage layer includes an authentication service unit, a cache service unit, an object service unit, a data consistency management unit, and a data model management unit.
On the basis of the above embodiment, the physical storage space layer is composed of a plurality of storage servers, the object storage layer manages the storage space of the physical storage space layer, and the physical storage space layer is used for storing metadata and content of an object, so as to provide a bottom storage space for the object storage.
On the basis of the above embodiment, the node adding unit is specifically configured to:
responding to the operation and maintenance auditing system, and further comprising a WEB service module and a board jumper service module, and automatically deploying the WEB service module or the board jumper service module on the newly added node through a preset deployment script;
sending a key application request to the WEB service module through the preset deployment script, and generating a key for the newly added node by using the WEB service module;
and registering the information of the newly added node into a storage module through the preset deployment script.
On the basis of the above embodiment, the access processing unit further includes:
the first response subunit is configured to, in response to a request issued by a terminal device to a first server in a first machine room, process the access request through the jumper module in the first machine room, so that a primary load balancing node in the first machine room receives the request;
and the distribution subunit is configured to distribute the access request to a board jumper module of a second machine room if the board jumper module of the first machine room cannot process the access request.
On the basis of the above embodiment, the system further includes:
and the setting subunit is used for applying for the corresponding springboard module access domain name for each machine room and setting the corresponding domain name of each machine room to point to the load balancing node of the machine room, wherein a candidate node pool of the load balancing node of the machine room contains all springboard module service nodes of the operation and maintenance auditing system, and the priority levels of the load balancing nodes are different.
On the basis of the above embodiment, the system further includes:
the request analysis subunit is used for analyzing the access request to obtain the IP address of the infrastructure equipment and the corresponding machine room when the terminal equipment initiates the access request to the infrastructure equipment;
and the request distribution subunit is used for initiating access to the infrastructure equipment by using the domain name of the jumper module of the machine room, obtaining the IP address of the load balancing node of the machine room, and distributing the access request to the jumper module of the machine room where the infrastructure equipment is located for service.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (9)

1. An optimization method of an operation and maintenance auditing system is characterized in that the operation and maintenance auditing system is respectively connected with terminal equipment and infrastructure equipment, and comprises an authentication login module and a log processing module, and the method comprises the following steps:
the authentication login module is controlled to receive authentication information of the terminal equipment by adopting a preset login process, the authentication information is authenticated, if the authentication is successful, the terminal equipment logs in the operation and maintenance auditing system, the preset login process comprises a single-point login service, and a local login mode is switched when the single-point login service responds to errors;
constructing an object storage structure of the log processing module, so that the operation and maintenance auditing system realizes the capacity expansion of a storage space based on the object storage structure, wherein the object storage structure comprises a programming interface layer, an object storage layer and a physical storage space layer, and the programming interface layer represents calling interfaces of different service modules; the physical storage space layer is composed of a plurality of storage servers, the object storage layer manages the storage space of the physical storage space layer, and the physical storage space layer is used for storing metadata and content of objects and providing a bottom storage space for the object storage; when capacity expansion is needed, a new storage server is added into the physical storage space layer, and the object storage layer replans the existing object storage so as to uniformly distribute the objects to all the storage servers;
responding to a newly added node in the operation and maintenance auditing system, registering the newly added node information into a preset storage module, and adding the newly added node into a candidate node pool with balanced load when the newly added node is monitored to be added in the storage module, so that a load balancing request is dispatched to the newly added node;
monitoring services on nodes in the candidate node pool, and deleting the nodes from the storage module when the monitored nodes do not meet preset requirements;
when a terminal device initiates a request for accessing infrastructure equipment, analyzing the request, obtaining a machine room where a server corresponding to the request is located, controlling a main load balancing node in the machine room to receive the request, and forwarding the request to a board jumper module of the machine room through the main load balancing node, so as to establish connection between the terminal device and the server of the infrastructure equipment by using the board jumper module;
and storing the synchronous data into a message queue, and controlling the operation and maintenance auditing system to acquire the data from the message queue, and synchronizing and updating the data.
2. The method according to claim 1, wherein the controlling the authentication login module receives authentication information of the terminal device by using a preset login process, and authenticates the authentication information, comprising:
if the continuous failure frequency of the terminal equipment for logging in the operation and maintenance auditing system does not reach a preset frequency threshold value, judging whether the single sign-on service is in a normal state, if so, skipping the current login interface to the single sign-on service interface, and receiving login information of the terminal equipment through the single sign-on service interface;
responding the login information by using the single sign-on service, and controlling the terminal equipment to log in the operation and maintenance auditing system if the response is successful;
if the single sign-on service is in an abnormal state, skipping a current login interface to a local login interface, and receiving login information of the terminal equipment through the local login interface;
and if the local login is successful, controlling the terminal equipment to log in the operation and maintenance auditing system.
3. The method according to claim 1, wherein the operation and maintenance auditing system further comprises a WEB service module and a jumper service module, the programming interface layer comprises an access log interface, a log recording interface and a log deleting interface, and the WEB service module calls the access log interface to query the log in the log processing module; the board jump machine service module calls the log recording interface to acquire an operation process and a log of the infrastructure equipment; and the log deleting interface is called by the WEB service module to delete log records.
4. The method of claim 3, wherein the object store layer comprises an authentication service, a caching service, an object service, a data consistency management, and a data model management.
5. The method according to claim 1, wherein the registering the newly added node information into a preset storage module comprises:
responding to the operation and maintenance auditing system, and further comprising a WEB service module and a board jumper service module, and automatically deploying the WEB service module or the board jumper service module on the newly added node through a preset deployment script;
sending a key application request to the WEB service module through the preset deployment script, and generating a key for the newly added node by using the WEB service module;
and registering the information of the newly added node into a storage module through the preset deployment script.
6. The method according to claim 5, wherein the analyzing the request to obtain a machine room where a server corresponding to the request is located, and controlling a primary load balancing node in the machine room to receive the request comprises:
responding to an access request initiated by a terminal device to a first server in a first machine room, and processing the access request through a jumper module in the first machine room to enable a main load balancing node in the first machine room to receive the request;
and if the access request cannot be processed by the board jumper module of the first machine room, distributing the access request to the board jumper module of a second machine room.
7. The method of claim 6, further comprising:
applying for a corresponding springboard module access domain name for each machine room, and setting the corresponding domain name of each machine room to point to the load balancing node of the machine room, wherein a candidate node pool of the load balancing node of the machine room comprises service nodes of the springboard modules of all operation and maintenance auditing systems, and the priority levels of the load balancing nodes are different.
8. The method of claim 7, further comprising:
when terminal equipment initiates an access request to infrastructure equipment, analyzing the access request to obtain an IP address of the infrastructure equipment and a corresponding machine room;
and initiating access to the infrastructure equipment by using the domain name of the jumper module of the machine room, and acquiring the IP address of the load balancing node of the machine room, so that the access request is distributed to the jumper module of the machine room where the infrastructure equipment is located for service.
9. The utility model provides an operation and maintenance audit system's optimization system which characterized in that, operation and maintenance audit system connects terminal equipment and infrastructure equipment respectively, and operation and maintenance audit system includes authentication login module and log processing module, and this system includes:
the login control unit is used for controlling the authentication login module to receive authentication information of the terminal equipment by adopting a preset login process, authenticating the authentication information, and enabling the terminal equipment to log in the operation and maintenance auditing system if the authentication is successful, wherein the preset login process comprises single-point login service and is switched to a local login mode when the single-point login service responds to errors;
the storage construction unit is used for constructing an object storage structure of the log processing module, so that the operation and maintenance auditing system realizes the capacity expansion of a storage space based on the object storage structure, the object storage structure comprises a programming interface layer, an object storage layer and a physical storage space layer, and the programming interface layer represents calling interfaces of different service modules; the physical storage space layer is composed of a plurality of storage servers, the object storage layer manages the storage space of the physical storage space layer, and the physical storage space layer is used for storing metadata and content of objects and providing a bottom storage space for the object storage; when capacity expansion is needed, a new storage server is added into the physical storage space layer, and the object storage layer replans the existing object storage so as to uniformly distribute the objects to all the storage servers;
a node adding unit, configured to register, in response to a newly added node in the operation and maintenance auditing system, the newly added node information in a preset storage module, and when it is monitored that the newly added node is newly added in the storage module, add the newly added node in a candidate node pool for load balancing, so that a load balancing request is scheduled to the newly added node;
the node deleting unit is used for monitoring the service on the nodes in the candidate node pool, and deleting the nodes from the storage module when the monitored nodes do not meet the preset requirement;
the access processing unit is used for analyzing the request to obtain a machine room where a server corresponding to the request is located when the terminal equipment initiates the request for accessing the infrastructure equipment, controlling a main load balancing node in the machine room to receive the request, and forwarding the request to a springboard module of the machine room through the main load balancing node to realize the connection between the terminal equipment and the server of the infrastructure equipment by using the springboard module;
and the data synchronization unit is used for storing the synchronization data into a message queue, and controlling the operation and maintenance auditing system to acquire the data from the message queue and perform synchronization and updating.
CN201910317452.5A 2019-04-19 2019-04-19 Optimization method and system of operation and maintenance auditing system Active CN110061876B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910317452.5A CN110061876B (en) 2019-04-19 2019-04-19 Optimization method and system of operation and maintenance auditing system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910317452.5A CN110061876B (en) 2019-04-19 2019-04-19 Optimization method and system of operation and maintenance auditing system

Publications (2)

Publication Number Publication Date
CN110061876A CN110061876A (en) 2019-07-26
CN110061876B true CN110061876B (en) 2022-05-27

Family

ID=67319775

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910317452.5A Active CN110061876B (en) 2019-04-19 2019-04-19 Optimization method and system of operation and maintenance auditing system

Country Status (1)

Country Link
CN (1) CN110061876B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021174515A1 (en) * 2020-03-06 2021-09-10 Beijing Didi Infinity Technology And Development Co., Ltd. Systems and methods for data storage in the expansion of object-based storage systems
CN113626198B (en) * 2021-08-19 2024-03-26 上海观安信息技术股份有限公司 Database flow load balancing system and method
CN114553704B (en) * 2022-02-11 2023-03-24 中国科学院软件研究所 Method and system for supporting multiple devices to access server simultaneously to realize capacity expansion and contraction

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009223464A (en) * 2008-03-14 2009-10-01 Hitachi Software Eng Co Ltd Operator identification log system for computer apparatus
CN104092746A (en) * 2014-06-30 2014-10-08 江苏华大天益电力科技有限公司 Operation and maintenance auditing system and network load balancing method used for system
CN104486346A (en) * 2014-12-19 2015-04-01 北京奇艺世纪科技有限公司 Stepping stone system
CN106330554A (en) * 2016-08-31 2017-01-11 山东瑞宁信息技术股份有限公司 Operation and maintenance auditing system and operation and maintenance auditing method for monitoring and managing operation and maintenance operation process
CN106484530A (en) * 2016-09-05 2017-03-08 努比亚技术有限公司 A kind of distributed task dispatching O&M monitoring system and method
CN106936817A (en) * 2017-02-16 2017-07-07 上海帝联信息科技股份有限公司 Operation execution method, springboard machine, cluster certificate server and fort machine system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009223464A (en) * 2008-03-14 2009-10-01 Hitachi Software Eng Co Ltd Operator identification log system for computer apparatus
CN104092746A (en) * 2014-06-30 2014-10-08 江苏华大天益电力科技有限公司 Operation and maintenance auditing system and network load balancing method used for system
CN104486346A (en) * 2014-12-19 2015-04-01 北京奇艺世纪科技有限公司 Stepping stone system
CN106330554A (en) * 2016-08-31 2017-01-11 山东瑞宁信息技术股份有限公司 Operation and maintenance auditing system and operation and maintenance auditing method for monitoring and managing operation and maintenance operation process
CN106484530A (en) * 2016-09-05 2017-03-08 努比亚技术有限公司 A kind of distributed task dispatching O&M monitoring system and method
CN106936817A (en) * 2017-02-16 2017-07-07 上海帝联信息科技股份有限公司 Operation execution method, springboard machine, cluster certificate server and fort machine system

Also Published As

Publication number Publication date
CN110061876A (en) 2019-07-26

Similar Documents

Publication Publication Date Title
US11088903B2 (en) Hybrid cloud network configuration management
US11082426B2 (en) Identifying accounts having shared credentials
US10375054B2 (en) Securing user-accessed applications in a distributed computing environment
CN102947797B (en) The online service using directory feature extending transversely accesses and controls
TWI473029B (en) Extensible and programmable multi-tenant service architecture
CN112765245A (en) Electronic government affair big data processing platform
CN110061876B (en) Optimization method and system of operation and maintenance auditing system
CN112994958B (en) Network management system, method and device and electronic equipment
US11481478B2 (en) Anomalous user session detector
US20070078841A1 (en) System and method for network resource management
US9930063B2 (en) Random identifier generation for offline database
CN112291264B (en) Security control method, device, server and storage medium
CN110197075A (en) Resource access method, calculates equipment and storage medium at device
CN115189897A (en) Access processing method and device for zero trust network, electronic equipment and storage medium
CN111048164A (en) Medical big data long-term storage system
CN110210191A (en) A kind of data processing method and relevant apparatus
CN114745145B (en) Business data access method, device and equipment and computer storage medium
US10839090B2 (en) Digital data processing system for efficiently storing, moving, and/or processing data across a plurality of computing clusters
CN114995941A (en) Task scheduling method and device and readable storage medium
US11582345B2 (en) Context data management interface for contact center
CN103457771A (en) Method and device for HA virtual machine cluster management
CN109412861B (en) Method for establishing security association display of terminal network
CN108270718A (en) A kind of control method and system based on Hadoop clusters
CN115239261A (en) Account login method, device, equipment and medium
CN112153130A (en) Business resource access method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20240221

Address after: Room 1201, 12th Floor, Building 3, No. 2 Science Academy South Road, Haidian District, Beijing, 100084

Patentee after: BEIJING SOHU NEW MEDIA INFORMATION TECHNOLOGY Co.,Ltd.

Country or region after: China

Address before: 100190 1101, floor 11, building 3, No. 2 Academy of Sciences South Road, Haidian District, Beijing

Patentee before: BEIJING SOHU INTERNET INFORMATION SERVICE CO.,LTD.

Country or region before: China

TR01 Transfer of patent right