CN111177096A - Log management method and device, computer equipment and storage medium - Google Patents
Log management method and device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN111177096A CN111177096A CN201911268770.3A CN201911268770A CN111177096A CN 111177096 A CN111177096 A CN 111177096A CN 201911268770 A CN201911268770 A CN 201911268770A CN 111177096 A CN111177096 A CN 111177096A
- Authority
- CN
- China
- Prior art keywords
- log information
- log
- block chain
- storage
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title abstract description 108
- 238000000034 method Methods 0.000 claims abstract description 37
- 238000004590 computer program Methods 0.000 claims description 13
- 238000013139 quantization Methods 0.000 claims description 5
- 230000007246 mechanism Effects 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 9
- 238000012795 verification Methods 0.000 description 6
- 238000012544 monitoring process Methods 0.000 description 5
- 238000010276 construction Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 230000009191 jumping Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000003032 molecular docking Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/18—File system types
- G06F16/1805—Append-only file systems, e.g. using logs or journals to store data
- G06F16/1815—Journaling file systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/11—File system administration, e.g. details of archiving or snapshots
- G06F16/113—Details of archiving
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Abstract
The application relates to a log management method, a log management device, computer equipment and a storage medium. The method comprises the following steps: the cloud management platform acquires log information of the cloud platform and a target storage directory of the log information, wherein the log information is used for representing an operation record of the cloud platform, and then stores the log information into the block chain according to the target storage directory. According to the method, a cloud management platform deploys a block chain in a cloud platform, a target storage directory is used for indicating a storage address of log information in the block chain, the cloud management platform stores the log information of the cloud platform into the block chain according to the target storage directory of the log information, and by means of a decentralized trust mechanism of the block chain, the problems that the log information of the cloud platform is possibly illegally tampered by hackers or artificially and wrongly operated and deleted are solved, and the safety of the log information is improved.
Description
Technical Field
The present application relates to the field of internet technologies, and in particular, to a log management method and apparatus, a computer device, and a storage medium.
Background
With the development of the technology of the internet of things, the cloud computing platform becomes a core part of the internet of things and occupies an important position in the application of the internet of things. The cloud computing platform is also called a cloud platform, and is a service based on hardware resources and software resources, and provides computing, network and storage capabilities. Cloud platforms can be divided into 3 classes: the cloud computing platform comprises a storage type cloud platform taking data storage as a main part, a computing type cloud platform taking data processing as a main part and a comprehensive cloud computing platform taking computing and data storage processing into consideration.
No matter which type of functional cloud platform, log files are generated during the operation of the cloud platform, and specifically include an operation log file of the cloud platform itself, a log file of the native monitoring of the cloud platform, a log file of the cloud platform in docking with other platforms, and the like, and the log file of the cloud platform has important roles in processing historical data, tracing a diagnostic problem, understanding the activity of the cloud platform, and the like. The log file can be illegally tampered in the processes of generation, transmission and storage of the cloud platform, and the problem that how to improve the security of the log file becomes a hotspot is solved.
In the prior art, a method for improving the security of a log file generally includes encrypting and transmitting the log file, and if a loophole exists in an encryption algorithm, the security of the log file is difficult to guarantee.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a log management method, apparatus, computer device and storage medium for solving the above technical problems.
In a first aspect, the present application provides a log management method, including:
acquiring log information of a cloud platform; the log information is used for representing the operation record of the cloud platform;
acquiring a target storage directory of log information; the target storage directory is used for indicating the storage address of the log information in the block chain;
and storing the log information into the block chain according to the target storage directory.
In one embodiment, the method further comprises:
acquiring deployment information of a block chain; the deployment information is used for representing path information and parameter information of the block chain;
and according to the deployment information, deploying the block chain into a log storage server.
In one embodiment, the block chain is a private chain.
In one embodiment, the obtaining of the target storage directory of the log information includes:
acquiring an initial storage directory of log information; the initial storage directory is used for indicating the storage address of the log information in the cloud platform;
modifying the storage address of the initial storage directory according to the deployment information of the block chain to obtain a modified storage directory;
and determining the modified storage directory as a target storage directory.
In one embodiment, after storing the log information into the block chain according to the target storage directory, the method further includes:
performing security check on log information in the block chain; the security check includes checking whether a storage space in a block chain corresponding to the target storage directory is empty and checking whether log information in the storage space is complete.
In one embodiment, the performing security check on the log information includes:
verifying whether a storage space in a block chain corresponding to a target storage directory is empty;
if the storage space is empty, returning to execute the step of deploying the block chain into the log storage server according to the deployment information;
and if the storage space is not empty, verifying whether the log information in the storage space is complete.
In one embodiment, the verifying whether the log information in the storage space is complete includes:
acquiring a volume value of log information in a storage space; the capacity value is used for indicating the memory quantization value of the log information;
comparing the capacity value to a first threshold; the first threshold value is used for indicating an initial capacity value of the log information;
if the capacity value is not equal to the first threshold value, determining that the content of the log information in the storage space is incomplete, and returning to the step of acquiring the log information of the cloud platform.
In a second aspect, the present application provides a log management apparatus, including:
the first acquisition module is used for acquiring the log information of the cloud platform; the log information is used for representing the operation record of the cloud platform;
the second acquisition module is used for acquiring a target storage directory of the log information; the target storage directory is used for indicating the storage address of the log information in the block chain;
and the storage module is used for storing the log information into the block chain according to the target storage directory.
In a third aspect, the present application provides a computer device, including a memory and a processor, where the memory stores a computer program, and the processor implements the log management method provided in any one of the embodiments of the first aspect when executing the computer program.
In a fourth aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, which, when executed by a processor, implements the log management method provided in any one of the embodiments of the first aspect.
According to the log management method, the log management device, the computer equipment and the storage medium, the cloud management platform acquires the log information of the cloud platform and the target storage directory of the log information, and then stores the log information into the block chain according to the target storage directory. According to the method, the cloud management platform deploys the block chain in the cloud platform, the target storage directory is used for indicating the storage address of the log information in the block chain, the log information of the cloud platform is stored in the block chain according to the storage directory of the log information of the cloud platform in the block chain, the decentralized trust mechanism of the block chain is utilized, the problems that the log information of the cloud platform is possibly illegally tampered by a hacker, or artificially and wrongly operated and wrongly deleted are solved, and the safety of the log information is improved.
Drawings
FIG. 1 is a diagram of an application environment of a log management method in one embodiment;
FIG. 2 is a flow diagram that illustrates a method for log management, according to one embodiment;
FIG. 3 is a flowchart illustrating a log management method according to another embodiment;
FIG. 4 is a flowchart illustrating a log management method according to another embodiment;
FIG. 5 is a flowchart illustrating a log management method according to another embodiment;
FIG. 6 is a flowchart illustrating a log management method according to another embodiment;
FIG. 7 is a block diagram showing the structure of a log management apparatus according to an embodiment;
FIG. 8 is a block diagram showing the construction of a log management apparatus according to another embodiment;
FIG. 9 is a block diagram showing the construction of a log management apparatus according to another embodiment;
FIG. 10 is a block diagram showing the construction of a log management apparatus according to another embodiment;
FIG. 11 is a block diagram showing the construction of a log management apparatus according to another embodiment;
FIG. 12 is a diagram illustrating an internal structure of a computer device according to an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The log management method provided by the application can be applied to the application environment shown in fig. 1. Fig. 1 is an architecture diagram of a whole cloud platform, including a physical server 01, a cloud host 02, a cloud management platform 03, a cloud monitoring platform 04, and a log storage server 05, where the physical server 01 is deployed on a physical layer of the cloud platform, the cloud host 02 and the log storage server 05 are deployed on a virtual layer of the cloud platform, and a block chain is deployed in the log storage server 05. After the physical server 01 generates log information, the log information is sent to the cloud host 02 through network communication, the cloud host 02 transmits the log information to the cloud management platform 03 through the network communication, and the cloud management platform 03 is responsible for storing the log information into a block chain of the log storage server 05 corresponding to the log storage directory according to the log storage directory.
In the whole process of generating, transmitting and storing the log information of the cloud platform, the cloud platform is likely to be attacked by hackers, so that the log information is illegally tampered or artificially and wrongly deleted, and the log information is used as a basic basis for operation record of the cloud platform and plays an important role in maintaining normal operation of the cloud platform. The application provides a log management method, which solves the problem that log information of a cloud platform is possibly subjected to illegal tampering in a log storage process.
The following describes in detail the technical solutions of the present application and how the technical solutions of the present application solve the above technical problems by embodiments and with reference to the drawings. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. It should be noted that in the log management method provided in the embodiments of fig. 2 to fig. 6 of the present application, an execution main body of the log management method may be the cloud management platform 03, or may be a log management device, and the log management device may be a part or all of the cloud management platform 03 through software, hardware, or a combination of software and hardware. In the following method embodiments, the execution subject is the cloud pipe platform 03 as an example.
In an embodiment, as shown in fig. 2, a log management method is provided, where the embodiment relates to a specific process in which a cloud management platform stores log information into a blockchain storage space according to a blockchain storage address corresponding to the log information of the cloud platform, and the specific process includes the following steps:
s201, acquiring log information of a cloud platform; the log information is used for representing the operation record of the cloud platform.
The log information of the cloud platform refers to a record file generated by the cloud platform during operation, monitoring and docking with other platforms, and may include an operation log file of the cloud platform itself, where the operation log file refers to a native log file that records whether the cloud platform is operated or not operated, such as a bottom-layer log file; the cloud platform management system can further comprise an operation log file of the cloud platform, wherein the operation log file comprises operation records aiming at the cloud platform, such as operation aiming at a cloud console, account login and logout records, mirror image operation records and the like; log files for native monitoring of the cloud platform, such as operation log files for cloud monitoring, may also be included; the method can also comprise log files of the cloud platform and other platforms, such as log records of the bastion machine on the cloud platform, records of the unified login platform and the like. The log information of the cloud platform may be presented in any form, which is not limited in this embodiment.
In this embodiment, the cloud management platform may send a request for log transmission to the cloud host in real time to obtain the log information sent by the cloud host; the cloud management platform may also preset a time sequence mechanism for the cloud host to send the log information, for example, the cloud management platform preset that the cloud host sends the log information to the cloud host every 24 hours, which is not limited in this embodiment.
S202, acquiring a target storage directory of log information; the target storage directory is used for indicating the storage address of the log information in the block chain.
The block chain is deployed in a log storage server, and the target storage directory is used for pointing to a storage space for storing log information in the block chain. The target storage directory is different from the initial storage directory, and the initial storage directory refers to a storage address of log information in a log storage server without a block chain; when the cloud management platform acquires the log information of the cloud platform, preferably, the initial storage directory corresponding to the log information and the capacity information of the log information can be simultaneously acquired, and the log information is stored in the storage space indicated by the initial storage directory. In order to prevent the log information from being illegally tampered, a block chain can be deployed in a log storage server of the cloud platform, an initial storage directory of the log information is modified into a storage directory in the block chain, and the modified storage directory is used as a target storage directory and used for storing a subsequent log file into the target storage directory of the block chain; the log information in the storage space corresponding to the initial storage directory may also be stored in a specified storage space of the block chain, the storage directory corresponding to the storage space and the initial storage directory are replaced, and the storage directory of the block chain is used as a target storage target to correspondingly store the subsequent log file in the storage space of the block chain, which is not limited in this embodiment.
For example, the cloud management platform may first obtain deployment parameters of a block chain in the log storage server, where the deployment parameters may include environment parameters, path parameters, other initial parameters, and the like of the block chain, then modify a pointing address of an initial storage directory into the block chain pointing to the log storage server according to the path parameters in the deployment parameters, and determine the modified storage directory as a target storage directory, which is not limited in this embodiment.
And S203, storing the log information into the block chain according to the target storage directory.
The storage of the log information into the block chain means that the cloud management platform stores the log information into a storage space corresponding to the block chain pointed by the target storage directory.
In this embodiment, for example, the log information includes a plurality of types of log files, and if each type of log file corresponds to a different target storage directory, after the cloud management platform acquires the target storage directory corresponding to each log file, the cloud management platform respectively stores the log file into the storage space of the block chain corresponding to the log file according to the corresponding relationship between each type of log file and the target storage directory; if the log files of each type correspond to the same target storage directory, the cloud management platform directly stores the log files of all types in the log information into a storage space of the block chain according to the target storage directory, which is not limited in this embodiment.
In the log management method, the cloud management platform acquires the log information of the cloud platform and a target storage directory of the log information, and then stores the log information into the block chain according to the target storage directory. In this embodiment, the cloud management platform deploys the block chain in the cloud platform, and because the target storage directory is used to indicate the storage address of the log information in the block chain, the log information of the cloud platform is stored in the block chain according to the storage directory of the log information of the cloud platform in the block chain, and by using the decentralized trust mechanism of the block chain, the problem that the log information of the cloud platform may be illegally tampered by a hacker, or artificially and erroneously operated, or erroneously deleted is avoided, and the security of the log information is improved.
The precondition for the cloud management platform to store the log information into the block chain is that the block chain has been deployed in the cloud platform, and the deployment manner of the block chain includes multiple types, and in one embodiment, as shown in fig. 3, the log management method further includes:
s301, acquiring deployment information of the block chain; the deployment information is used for representing path information and parameter information of the block chain.
The deployment information refers to information required for deploying the blockchain to the log server, and the deployment information includes initial environment parameter information, management path information and the like of the blockchain configuration. Specifically, the initial environment parameter information may include parameters such as a blockchain container cluster and version information, the management parameter information may include parameters such as blockchain node organization information and the number of consensus nodes, and the management path information includes parameters such as a storage path of a blockchain.
Alternatively, the blockchain mode is generally classified into three types, i.e., a public chain, a federation chain, and a private chain, according to the degree of centralization. Public links refer to blockchains that allow any node to join freely, view any information on the chain, and have no central authority or central server. A federation chain refers to a blockchain in which only authorized nodes can join and view information on the chain in accordance with the granted permissions. Private chain refers to a blockchain where all nodes of all blockchains work with internal permissions, procedures and rules. Different types of blockchains correspond to different deployment modes and deployment information.
In this embodiment, considering that the access right of the private chain is strictly controlled, and under the condition of no right, anyone cannot obtain the personal data on the blockchain, the cloud management platform may select to obtain the deployment information of the private chain.
S302, according to the deployment information, deploying the block chain into a log storage server.
The log storage server is a server which is connected with the cloud management platform through network communication and used for storing log information, and the block chain can be deployed in the log storage server.
In this embodiment, the cloud management platform may deploy the blockchain into the log storage server according to the deployment information of the blockchain, so as to meet the requirement of storing the log information in the blockchain. The specific way to deploy the blockchain includes various ways, for example, the deployment process may include configuring an initial block peers json of the blockchain, starting a Database Availability Group (DAG), creating a directory, placing the initial block peers json of the blockchain under the directory, configuring an interface between the blockchain and the cloud platform, and the like. After the block chain is deployed in the log storage server, the cloud management platform can store the log information into the storage space of the block chain by modifying the initial storage direction of the log information; the cloud management platform can also directly store the acquired log information into a designated storage space of the block chain.
Optionally, the cloud management platform selects a private chain for deployment, and the private chain has the characteristics of high transaction efficiency, privacy guarantee, low cost and the like compared with other types of block chains, so that more requirements on cloud platform log information safety are met to a certain extent.
After the cloud management platform deploys the block chain to the cloud platform, the cloud management platform can store the log information into the block chain according to the storage directory; and acquiring the storage address of the log information in the blockchain as a storage directory of the log information. In one embodiment, as shown in fig. 4, the step S202 "obtaining the target storage directory of the log information" includes:
s401, acquiring an initial storage directory of log information; the initial storage directory is used for indicating the storage address of the log information in the cloud platform.
Wherein the initial directory address points to a storage address in the cloud platform where the blockchain is not deployed. In this embodiment, when the cloud management platform acquires the log information from the cloud host, the cloud management platform may simultaneously acquire an initial storage directory corresponding to the log information; the log information includes multiple types of log files, optionally, different types of log files may correspond to different initial storage directories, or may correspond to the same initial storage directory, and if the cloud management platform acquires different initial storage directories, preferably, the cloud management platform may store corresponding relationships between the different types of log files and the different initial storage directories.
S402, modifying the storage address of the initial storage directory according to the deployment information of the block chain to obtain the modified storage directory.
In this embodiment, the cloud management platform may set a path in the block chain path information to be used for storing the log information according to the deployment information of the block chain, modify the initial storage directory according to a certain storage rule after the initial storage directory of the log information is acquired, and point the modified storage directory to the storage space in the block chain, where the storage rule may be a storage rule determined according to the type of the log information, or a storage rule set according to the storage time of the log information, and this embodiment is not limited thereto.
And S403, determining the modified storage directory as a target storage directory.
In this embodiment, the modified storage directory points to a storage space in the block chain, the target storage directory is a storage address for storing the log information in the block chain, and after the initial storage directory of the log information is modified by the cloud management platform, the modified storage directory is determined as the target storage directory for the cloud management platform to perform security verification on the log information according to the target storage directory.
In this embodiment, the cloud management platform modifies the initial storage directory of the log information into a target storage directory corresponding to the storage space in the block chain, so that the log information can be successfully stored in the block chain, and based on the characteristics of the block chain, the log information is not tampered.
The method comprises the steps that a block chain is deployed in a cloud platform, log information of the cloud platform is stored in the block chain, and in order to ensure that the log information is safely and effectively stored in the block chain, the cloud management platform can verify the effectiveness of deployment of the block chain and can also verify the safety of the log information. In an embodiment, after the step S203 "storing the log information of the cloud platform into the block chain according to the target storage directory", the method further includes: performing security check on log information in the block chain; the security check includes checking whether a storage space in a block chain corresponding to the target storage directory is empty and checking whether log information in the storage space is complete.
Wherein, the log information in the block chain refers to the log information already stored in the block chain storage space. Whether the storage space in the block chain is empty or not refers to whether the storage space stores the log information or not, whether the log information is complete or not refers to whether the content of the log information is lost or not, and whether the log information is stored wrongly or not.
In this embodiment, after the cloud management platform stores the log information into the storage space of the block chain, preferably, the cloud management platform needs to perform security check on the log information, and the cloud management platform can check whether the storage space corresponding to the log information is empty to determine whether the log information is successfully stored in the storage space of the block chain, and also can determine whether the block chain is successfully deployed in the log storage server, where the check may be based on the memory occupancy of the storage space; the cloud management platform can also check whether the log information is wrong, namely, whether the content of the log information is complete is judged, and the check basis can be the volume value of the log information.
Optionally, in an embodiment, as shown in fig. 5, the performing security check on the log information includes:
s501, verifying whether a storage space in a block chain corresponding to a target storage directory is empty; if the storage space is empty, executing S502; if the storage space is not empty, S503 is executed.
The verification of whether the storage space in the block chain is empty is to judge whether the log information is successfully stored in the storage space of the block chain, and meanwhile, whether the block chain is successfully deployed in the log storage server can be judged.
In this embodiment, the cloud management platform may determine whether the storage space is empty according to the memory occupancy of the storage space, and if the current memory occupancy of the storage space is 0, it may determine that the storage space is empty, and as a result, the block chain deployment may fail, which may result in that log information is not stored in the storage space, or may result in that a storage directory is incorrect, which may result in that the log information is not stored in the storage space, and the cloud management platform performs step S502; if the current memory occupancy of the storage space is not 0, it may be determined that the storage space is not empty, and the log information is already stored in the storage space, then step S503 is executed.
And S502, returning to execute the step of deploying the block chain into the log storage server according to the deployment information.
In this embodiment, the cloud management platform determines that the storage space of the log information in the blockchain is empty, which means that the log information may not be stored in the storage space due to failure in deployment of the blockchain, or the log information may not be stored in the storage space due to an error in the storage directory, and in any case, the cloud management platform needs to redeploy the blockchain, update the target storage directory according to the redeployed blockchain, that is, return to execute the step of deploying the blockchain into the log storage server according to the deployment information.
S503, verifying whether the log information in the storage space is complete.
In this embodiment, the cloud management platform determines that the storage space of the log information in the block chain is not empty, which means that the log information has been successfully stored in the storage space of the block chain, and further, to ensure that the log information is complete and error-free, the cloud management platform needs to verify whether the log information is complete.
In this embodiment, the cloud management platform performs integrity check on the storage space in the block chain corresponding to the target storage directory, verifies whether the storage space is empty, and returns to relocate the block chain if the storage space is empty, so that the success of deploying the block chain is ensured, and meanwhile, the success of storing log information into the block chain is also ensured.
After the computer verifies that the storage space in the block chain corresponding to the target storage directory is not empty, i.e. after determining that the block chain deployment is successful, optionally, in an embodiment, as shown in fig. 6, the verifying whether the log information in the storage space is complete includes:
s601, acquiring a volume value of log information in a storage space; the capacity value is used for indicating the memory quantization value of the log information.
The capacity value of the log information refers to a current quantization value of the memory occupied by the content of the log information in the block chain storage space.
In this embodiment, after the cloud management platform ensures that the log information is stored in the storage space of the block chain, the cloud management platform needs to check the further integrity of the log information. The cloud management platform may obtain a current capacity value corresponding to the log information from the storage space, and if the log information includes a plurality of log files of different types, and each log file has a target storage directory and a current capacity value corresponding thereto, the cloud management platform needs to obtain the current capacity values of the log files of different storage spaces, and verify the integrity of each log file respectively, which is not limited in this embodiment.
S602, comparing the capacity value with a first threshold value; the first threshold value is used to indicate an initial volume value of the log information.
The first threshold value refers to an initial capacity value corresponding to the acquired log information when the cloud management platform acquires the log information.
In this embodiment, when acquiring the log information from the cloud host, the cloud management platform may acquire an initial capacity value corresponding to the log information at the same time, determine the initial capacity value as the first threshold, meanwhile, the cloud management platform may store a corresponding relationship between each type of log file in the log information and the initial capacity value corresponding thereto, and when verifying the integrity of the log information, compare the current capacity value of each type of log file with the first threshold, respectively.
S603, if the capacity value is not equal to the first threshold value, determining that the content of the log information in the storage space is incomplete, and returning to the step of acquiring the log information of the cloud platform.
In this embodiment, the cloud management platform compares the current capacity value of each type of log file in the log information with a first threshold, and if the current capacity value is not equal to the first threshold, there are two cases, one case is that the current capacity value is smaller than the first threshold, which indicates that the log file may have a content missing problem, and the other case is that the current capacity value is larger than the first threshold, which indicates that the log file may have a content repeating problem, and both cases may be regarded as that the content of the log file is incomplete, and the cloud management platform needs to return to a step of obtaining the log information from the cloud host again.
In this embodiment, the cloud management platform verifies integrity of log information in the block chain storage space according to the volume value of the log information, and if the log information includes a plurality of log files, the cloud management platform checks the integrity of each log file according to the volume value of each log file, and ensures that the log information in the block chain storage space is stored without errors through the above-mentioned checks.
It should be understood that although the various steps in the flow charts of fig. 2-6 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2-6 may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed in turn or alternating with other steps or at least some of the sub-steps or stages of other steps.
In one embodiment, as shown in fig. 7, there is provided a log management apparatus including: a first obtaining module 701, a second obtaining module 702, and a storing module 703, wherein:
a first obtaining module 701, configured to obtain log information of a cloud platform; the log information is used for representing the operation record of the cloud platform;
a second obtaining module 702, configured to obtain a target storage directory of the log information; the target storage directory is used for indicating the storage address of the log information in the block chain;
the storage module 703 is configured to store the log information into the block chain according to the target storage directory.
In one embodiment, as shown in fig. 8, the log management apparatus further includes a third obtaining module 704 and a deploying module 705, wherein:
a third obtaining module 704, configured to obtain deployment information of the blockchain; the deployment information is used for representing path information and parameter information of the block chain;
the deployment module 705 is configured to deploy the blockchain into the log storage server according to the deployment information.
In one embodiment, the block chain is a private chain.
In one embodiment, as shown in fig. 9, the second obtaining module 702 includes a obtaining unit 7021, a modifying unit 7022, and a determining unit 7023, where:
an obtaining unit 7021 configured to obtain an initial storage directory of the log information; the initial storage directory is used for indicating the storage address of the log information in the cloud platform;
a modifying unit 7022, configured to modify the storage address of the initial storage directory according to the deployment information of the block chain, so as to obtain a modified storage directory;
a determining unit 7023 is configured to determine the modified storage directory as the target storage directory.
In one embodiment, as shown in fig. 10, the log management apparatus further includes a verification module 706, configured to perform security check on log information in the blockchain; the security check includes checking whether a storage space in a block chain corresponding to the target storage directory is empty and checking whether log information in the storage space is complete.
In one embodiment, as shown in fig. 11, the verification module 706 includes a first verification unit 7061, a jumping unit 7062, and a second verification unit 7063, where:
a first verifying unit 7061, configured to verify whether a storage space in a block chain corresponding to the target storage directory is empty;
a skipping unit 7062, configured to return to execute the step of deploying the block chain to the log storage server according to the deployment information if the storage space is empty;
a second verifying unit 7063, configured to verify whether log information in the storage space is complete if the storage space is not empty.
In one embodiment, the second verifying unit 7063 includes an acquiring subunit, a comparing subunit, and a jumping subunit, where:
the acquisition subunit is used for acquiring the volume value of the log information in the storage space; the capacity value is used for indicating the memory quantization value of the log information;
a comparison subunit, configured to compare the capacity value with a first threshold value; the first threshold value is used for indicating an initial capacity value of the log information;
and the jumping subunit is used for returning to execute the step of acquiring the log information of the cloud platform if the capacity value is not equal to the first threshold value and the content of the log information in the storage space is determined to be incomplete.
The implementation principle and technical effect of all the embodiments of the log management device are similar to those of the embodiments corresponding to the log management method, and are not described herein again.
For the specific definition of the log management device, reference may be made to the above definition of the log management method, which is not described herein again. The respective modules in the log management apparatus may be wholly or partially implemented by software, hardware, and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, where the computer device may be a cloud platform server or a terminal, and its internal structure diagram may be as shown in fig. 12. The computer device comprises a processor, a memory, a network interface, a database, a display screen and an input device which are connected through a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing log management data. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a method of log management. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.
Those skilled in the art will appreciate that the architecture shown in fig. 12 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, comprising a memory and a processor, the memory having a computer program stored therein, the processor implementing the following steps when executing the computer program:
acquiring log information of a cloud platform; the log information is used for representing the operation record of the cloud platform;
acquiring a target storage directory of log information; the target storage directory is used for indicating the storage address of the log information in the block chain;
and storing the log information into the block chain according to the target storage directory.
The implementation principle and technical effect of the computer device provided by the above embodiment are similar to those of the above method embodiment, and are not described herein again.
In one embodiment, a computer-readable storage medium is provided, having a computer program stored thereon, which when executed by a processor, performs the steps of:
acquiring log information of a cloud platform; the log information is used for representing the operation record of the cloud platform;
acquiring a target storage directory of log information; the target storage directory is used for indicating the storage address of the log information in the block chain;
and storing the log information into the block chain according to the target storage directory.
The implementation principle and technical effect of the computer-readable storage medium provided by the above embodiments are similar to those of the above method embodiments, and are not described herein again.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A method of log management, the method comprising:
acquiring log information of a cloud platform; the log information is used for representing the operation record of the cloud platform;
acquiring a target storage directory of the log information; the target storage directory is used for indicating the storage address of the log information in a block chain;
and storing the log information into the block chain according to the target storage directory.
2. The method of claim 1, further comprising:
acquiring deployment information of the block chain; the deployment information is used for representing path information and parameter information of the block chain;
and deploying the block chain into a log storage server according to the deployment information.
3. The method of claim 2, wherein the block chain is a private chain.
4. The method of claim 2, wherein obtaining the target storage directory of the log information comprises:
acquiring an initial storage directory of the log information; the initial storage directory is used for indicating the storage address of the log information in the cloud platform;
modifying the storage address of the initial storage directory according to the deployment information of the block chain to obtain a modified storage directory;
and determining the modified storage directory as the target storage directory.
5. The method of claim 2, wherein after storing the log information into a blockchain according to the target storage directory, the method further comprises:
performing security check on the log information in the block chain; the security check includes checking whether a storage space in a block chain corresponding to the target storage directory is empty and checking whether log information in the storage space is complete.
6. The method of claim 5, wherein the performing a security check on the log information comprises:
verifying whether the storage space in the block chain corresponding to the target storage directory is empty;
if the storage space is empty, returning to execute the step of deploying the block chain into a log storage server according to the deployment information;
and if the storage space is not empty, verifying whether the log information in the storage space is complete.
7. The method of claim 6, wherein the verifying whether log information in the storage space is complete comprises:
acquiring a volume value of log information in the storage space; the capacity value is used for indicating a memory quantization value of the log information;
comparing the capacity value to a first threshold; the first threshold value is used for indicating an initial capacity value of the log information;
if the capacity value is not equal to the first threshold value, determining that the content of the log information in the storage space is incomplete, and returning to execute the step of obtaining the log information of the cloud platform.
8. An apparatus for log management, the apparatus comprising:
the first acquisition module is used for acquiring the log information of the cloud platform; the log information is used for representing the operation record of the cloud platform;
the second acquisition module is used for acquiring a target storage directory of the log information; the target storage directory is used for indicating the storage address of the log information in a block chain;
and the storage module is used for storing the log information into the block chain according to the target storage directory.
9. A computer device comprising a memory and a processor, the memory storing a computer program, wherein the processor implements the steps of the method of any one of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911268770.3A CN111177096A (en) | 2019-12-11 | 2019-12-11 | Log management method and device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911268770.3A CN111177096A (en) | 2019-12-11 | 2019-12-11 | Log management method and device, computer equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111177096A true CN111177096A (en) | 2020-05-19 |
Family
ID=70657248
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911268770.3A Pending CN111177096A (en) | 2019-12-11 | 2019-12-11 | Log management method and device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111177096A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111897786A (en) * | 2020-05-27 | 2020-11-06 | 深圳市广和通无线股份有限公司 | Log reading method and device, computer equipment and storage medium |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108322306A (en) * | 2018-03-17 | 2018-07-24 | 北京工业大学 | A kind of cloud platform reliable journal auditing method towards secret protection based on trusted third party |
| CN109189658A (en) * | 2018-08-20 | 2019-01-11 | 厦门集微科技有限公司 | A kind of log storing method, control node and computer readable storage medium |
| CN109190410A (en) * | 2018-09-26 | 2019-01-11 | 华中科技大学 | A kind of log behavior auditing method based on block chain under cloud storage environment |
| CN109325331A (en) * | 2018-09-13 | 2019-02-12 | 北京航空航天大学 | Transaction system is acquired based on the big data of block chain and credible calculating platform |
| CN109375944A (en) * | 2018-08-28 | 2019-02-22 | 苏州浪潮智能软件有限公司 | A kind of terminal software distribution verification method based on block chain data structure |
| CN109614806A (en) * | 2018-12-03 | 2019-04-12 | 北京工业大学 | Log Administration System based on block chain |
| CN109729168A (en) * | 2018-12-31 | 2019-05-07 | 浙江成功软件开发有限公司 | A kind of data share exchange system and method based on block chain |
| CN109947855A (en) * | 2019-04-03 | 2019-06-28 | 上海中商网络股份有限公司 | Data synchronizing processing method, device, server and storage medium |
| CN110149323A (en) * | 2019-05-06 | 2019-08-20 | 山东公链信息科技有限公司 | A kind of processing unit with millions TPS contract processing capacity |
-
2019
- 2019-12-11 CN CN201911268770.3A patent/CN111177096A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108322306A (en) * | 2018-03-17 | 2018-07-24 | 北京工业大学 | A kind of cloud platform reliable journal auditing method towards secret protection based on trusted third party |
| CN109189658A (en) * | 2018-08-20 | 2019-01-11 | 厦门集微科技有限公司 | A kind of log storing method, control node and computer readable storage medium |
| CN109375944A (en) * | 2018-08-28 | 2019-02-22 | 苏州浪潮智能软件有限公司 | A kind of terminal software distribution verification method based on block chain data structure |
| CN109325331A (en) * | 2018-09-13 | 2019-02-12 | 北京航空航天大学 | Transaction system is acquired based on the big data of block chain and credible calculating platform |
| CN109190410A (en) * | 2018-09-26 | 2019-01-11 | 华中科技大学 | A kind of log behavior auditing method based on block chain under cloud storage environment |
| CN109614806A (en) * | 2018-12-03 | 2019-04-12 | 北京工业大学 | Log Administration System based on block chain |
| CN109729168A (en) * | 2018-12-31 | 2019-05-07 | 浙江成功软件开发有限公司 | A kind of data share exchange system and method based on block chain |
| CN109947855A (en) * | 2019-04-03 | 2019-06-28 | 上海中商网络股份有限公司 | Data synchronizing processing method, device, server and storage medium |
| CN110149323A (en) * | 2019-05-06 | 2019-08-20 | 山东公链信息科技有限公司 | A kind of processing unit with millions TPS contract processing capacity |
Non-Patent Citations (3)
| Title |
|---|
| 王千阁等: "区块链系统的数据存储与查询技术综述", 《计算机科学》 * |
| 董祥千;郭兵;沈艳;段旭良;申云成;张洪;: "一种高效安全的去中心化数据共享模型" * |
| 韩菊茹等: "基于区块链的可信日志存储与验证系统", 《计算机工程》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111897786A (en) * | 2020-05-27 | 2020-11-06 | 深圳市广和通无线股份有限公司 | Log reading method and device, computer equipment and storage medium |
| CN111897786B (en) * | 2020-05-27 | 2024-03-15 | 深圳市广和通无线股份有限公司 | Log reading method, device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11144398B2 (en) | Testing engine for automated operations management | |
| Sadeghi et al. | TCG inside? A note on TPM specification compliance | |
| CN110598446A (en) | Block chain based test method and device, storage medium and computer equipment | |
| US9811037B2 (en) | Methods and systems for determining authenticity of a consumable product | |
| US11829469B2 (en) | Software integrity checking systems and methods | |
| CN110166543B (en) | Application program processing method and device and computer equipment | |
| US20100313011A1 (en) | Identity Data Management in a High Availability Network | |
| CN106549957B (en) | terminal application copyright authentication method and system | |
| CN110378105A (en) | Security upgrading method, system, server and car-mounted terminal | |
| CN112347472B (en) | Behavior credibility measuring method and device based on power edge calculation | |
| CN111614548A (en) | Message pushing method and device, computer equipment and storage medium | |
| CN111291345A (en) | Voiceprint data processing method and device, computer equipment and storage medium | |
| CN111177096A (en) | Log management method and device, computer equipment and storage medium | |
| CN117032908B (en) | Integrated computing device deployment operation method and system based on redundancy architecture | |
| KR20220041706A (en) | Authentication method and device, computing equipment and medium | |
| CN113922975A (en) | Security control method, server, terminal, system and storage medium | |
| CN109582454A (en) | Permission releasing control method, device and equipment in a kind of distributed storage cluster | |
| CN115935414A (en) | Block chain based data verification method and device, electronic equipment and storage medium | |
| CN112543194B (en) | Mobile terminal login method and device, computer equipment and storage medium | |
| CN112732676A (en) | Data migration method, device, equipment and storage medium based on block chain | |
| CN112464225A (en) | Request processing method, request processing device and computer readable storage medium | |
| KR20160137032A (en) | Apparatus and method for authenticating remote of between networking devices | |
| KR102602230B1 (en) | Method and system for authenticating client device | |
| CN111124429A (en) | Continuous delivery method and device | |
| CN111309978A (en) | Transformer substation system safety protection method and device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: Room 1901, building 5, Shenzhen new generation industrial park, 136 Zhongkang Road, Meidu community, Meilin street, Futian District, Shenzhen, Guangdong 518000 Applicant after: Zhaoyin yunchuang Information Technology Co.,Ltd. Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.) Applicant before: MBCLOUD (SHENZHEN) INFORMATION TECHNOLOGY Co.,Ltd. |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200519 |