CN112069425A - Log management method and device, electronic equipment and readable storage medium - Google Patents
Log management method and device, electronic equipment and readable storage medium Download PDFInfo
- Publication number
- CN112069425A CN112069425A CN202010780439.6A CN202010780439A CN112069425A CN 112069425 A CN112069425 A CN 112069425A CN 202010780439 A CN202010780439 A CN 202010780439A CN 112069425 A CN112069425 A CN 112069425A
- Authority
- CN
- China
- Prior art keywords
- log
- information
- log information
- identity
- application system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
- G06F16/9566—URL specific, e.g. using aliases, detecting broken or misspelled links
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/30—Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
- G06F16/35—Clustering; Classification
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Debugging And Monitoring (AREA)
Abstract
The application provides a log management method and device, an electronic device and a readable storage medium. The method can comprise the following steps: acquiring first log information obtained by logging operation of a logging application system through a pre-configured logging log acquisition adaptation rule, wherein the first log information comprises account information and a first identity identifier of a first user terminal corresponding to the account information; acquiring adaptation rules through a pre-configured access log to acquire second log information of access operation of an access application system; when the second identity identifier which is the same as the first identity identifier exists in the second log information, the account information corresponding to the first identity identifier is associated with the log corresponding to the second identity identifier to obtain target log information, and the problem that the acquired log has information loss due to the fact that the account information cannot be acquired from the log when the Session/Cookie mechanism is adopted to store the account information can be solved.
Description
Technical Field
The invention relates to the technical field of computer log processing, in particular to a log management method and device, electronic equipment and a readable storage medium.
Background
In a browser/server architecture and a business application system logged in by using a Public Key Infrastructure (PKI)/digital certificate mode, for an application access behavior occurring on the application system logged in an account password mode, since a Session/Cookie mechanism is generally adopted to store account information, the stored user information does not have readability, and thus the account information cannot be acquired from a log. In an application system logged in an account password mode, the problem of information loss of an acquired log exists.
Disclosure of Invention
The application provides a log management method, a log management device, an electronic device and a readable storage medium, which can solve the problem that information of an acquired log is lost in an application system logged in an account password mode.
In order to achieve the above purpose, the technical solutions provided in the embodiments of the present application are as follows:
in a first aspect, an embodiment of the present application provides a log management method, where the method includes:
acquiring first log information obtained by logging operation of a logging application system through a pre-configured logging log acquisition adaptation rule, wherein the first log information comprises account information and a first identity identifier of a first user terminal corresponding to the account information;
acquiring second log information obtained by accessing the access operation of the application system through a pre-configured access log acquisition adaptation rule, wherein the second log information comprises a second identity of a second user terminal;
and when a second identity label identical to the first identity label exists in the second log information, associating the account information corresponding to the first identity label with the log corresponding to the second identity label to obtain target log information.
In the above embodiment, the first log information generated in the login application system may be acquired through the preconfigured login log collection adaptation rule, and the first log information may generally include account information. And then, second log information acquired by combining the access log acquisition adaptation rule can be acquired from an application system logged in an account password mode, so that the problem that information is lost in the acquired log due to the fact that the account information cannot be acquired from the log when the account information is stored by adopting a Session/Cookie mechanism is solved.
With reference to the first aspect, in some optional embodiments, acquiring, by using a preconfigured log collection adaptation rule, first log information obtained by logging in an application system, includes:
acquiring an adaptation rule through the login log, and determining first URL information representing the login of the application system;
acquiring log information including the account information from the first URL information;
adding a first identifier in the log information to obtain the first log information, wherein the first identifier is used for representing that the first log information is a login log.
In the above embodiment, the account information may be obtained by analyzing the URL information by obtaining the URL information that represents the login application system.
With reference to the first aspect, in some optional embodiments, acquiring, by using a preconfigured access log acquisition adaptation rule, second log information obtained by an access operation of accessing the application system includes:
acquiring an adaptation rule through the access log, and determining second URL information representing access to the application system;
acquiring log information from the second URL information;
and adding a second identifier in the log information to obtain the second log information, wherein the second identifier is used for representing that the second log information is an access log.
With reference to the first aspect, in some optional embodiments, the method further comprises:
and cleaning and classifying the target log information according to a preset cleaning and classifying strategy to obtain the cleaned and classified log information.
In the above embodiment, the preset cleaning classification strategy is convenient for a user to select the corresponding type of log information, which is beneficial to reducing the processing amount of the log.
With reference to the first aspect, in some optional embodiments, according to a preset cleaning classification policy, cleaning and classifying the target log information to obtain cleaned and classified log information includes:
and reserving data of the specified data type from the target log information, and deleting data of the non-specified data type to obtain the log information after cleaning and classification.
In the above embodiment, it is beneficial for the user to flexibly retain the corresponding type of log data according to the actual requirement, thereby being beneficial for reducing the processing amount of the log.
With reference to the first aspect, in some optional embodiments, the method further comprises:
and outputting and displaying the log information after cleaning and classification through a display module.
With reference to the first aspect, in some optional embodiments, the method further comprises:
and storing the first log information and the second log information through a key value database, wherein in the key value database, a key is the identity of the user terminal, and a value is account information.
In a second aspect, an embodiment of the present application further provides a log management apparatus, where the apparatus includes:
the system comprises a first acquisition unit, a second acquisition unit and a third acquisition unit, wherein the first acquisition unit is used for acquiring an adaptation rule through a pre-configured login log, and acquiring first log information obtained by login operation of a login application system, and the first log information comprises account information and a first identity of a first user terminal corresponding to the account information;
the second acquisition unit acquires adaptation rules through a pre-configured access log, and acquires second log information obtained by accessing the access operation of the application system, wherein the second log information comprises a second identity of a second user terminal;
and the log processing unit is used for associating the account information corresponding to the first identity with the log corresponding to the second identity to obtain target log information when the second identity identical to the first identity exists in the second log information.
In a third aspect, an embodiment of the present application further provides an electronic device, where the electronic device includes a memory and a processor coupled to each other, where the memory stores a computer program, and when the computer program is executed by the processor, the electronic device is caused to perform the above-mentioned method.
In a fourth aspect, the present application further provides a computer-readable storage medium, in which a computer program is stored, and when the computer program runs on a computer, the computer is caused to execute the above method.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the embodiments will be briefly described below. It is appreciated that the following drawings depict only certain embodiments of the application and are therefore not to be considered limiting of its scope, for those skilled in the art will be able to derive additional related drawings therefrom without the benefit of the inventive faculty.
Fig. 1 is a schematic view of a communication connection between an electronic device and an application system according to an embodiment of the present application.
Fig. 2 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Fig. 3 is a schematic flowchart of a log management method according to an embodiment of the present application.
Fig. 4 is a functional block diagram of a log management apparatus according to an embodiment of the present application.
Icon: 10-an electronic device; 11-a processing module; 12-a storage module; 13-a communication module; 100-log management means; 110-a first acquisition unit; 120-a second acquisition unit; 130-log processing unit.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application. It should be noted that the terms "first," "second," and the like are used merely to distinguish one description from another, and are not intended to indicate or imply relative importance.
The embodiments of the present application will be described in detail below with reference to the accompanying drawings. The embodiments described below and the features of the embodiments can be combined with each other without conflict.
Referring to fig. 1, an electronic device 10 is provided in an embodiment of the present application. The electronic device 10 may establish a communication connection with an application system through a network for data interaction. For example, the electronic device 10 may obtain log data from the application system for a user to log in to, access, or otherwise access the application system.
Understandably, the electronic device 10 provided in the embodiment of the present application may acquire log information including account information for application login and access that occur on an application system that logs in using a Browser/Server (B/S) architecture and using a PKI/digital certificate mode. The problem that when the application system adopts a Session/Cookie mechanism to store the account information, the account information cannot be acquired from the log, so that the acquired log has information loss can be solved.
The electronic device 10 may be, but is not limited to, a smart phone, a Personal Computer (PC), a tablet PC, a Personal Digital Assistant (PDA), a server, and the like.
The application system may establish a communication connection with the user terminal via the network. The user terminal can access the corresponding resources in the application system through the network. An application system may be understood as a server configured with application/business services. The application system can be configured according to different service scenes and application scenes. For example, the application system is a server for providing resources for video program categories, or a server for providing a shopping platform.
The user terminal may be, but is not limited to, a smart phone, a Personal Computer (PC), a tablet Computer, and the like.
Referring to fig. 2, in the present embodiment, the electronic device 10 may include a processing module 11, a storage module 12, a communication module 13, and a log management apparatus 100, and the processing module 11, the communication module 13, the storage module 12, and the log management apparatus 100 are directly or indirectly electrically connected to each other to implement data transmission or interaction. For example, the components may be electrically connected to each other via one or more communication buses or signal lines.
Understandably, the storage module 12 of the electronic device 10 stores therein a computer program, which, when executed by the processing module 11, may enable the electronic device 10 to perform the steps of the log management method described below.
Referring to fig. 3, an embodiment of the present application further provides a log management method, which can be applied to the electronic device 10, and the electronic device 10 executes or implements the steps of the method, so as to solve the problem that information is missing in an acquired log in an application system logged in an account password mode. In this embodiment, the method may comprise the steps of:
step S210, acquiring a first log information obtained by logging operation of a logging application system through a pre-configured logging log acquisition adaptation rule, wherein the first log information comprises account information and a first identity identifier of a first user terminal corresponding to the account information;
step S220, acquiring a second log information obtained by accessing the access operation of the application system through a pre-configured access log acquisition adaptation rule, wherein the second log information comprises a second identity of a second user terminal;
step S230, when a second identity identical to the first identity exists in the second log information, associating the account information corresponding to the first identity with the log corresponding to the second identity to obtain target log information.
In this embodiment, first log information generated in the login application system may be acquired through a preconfigured login log collection adaptation rule, and the first log information may generally include account information. And then, second log information acquired by combining the access log acquisition adaptation rule can be acquired from an application system logged in an account password mode, so that the problem that information is lost in the acquired log due to the fact that the account information cannot be acquired from the log when the account information is stored by adopting a Session/Cookie mechanism is solved.
The individual steps in the process are explained in detail below, as follows:
in step S210, the electronic device 10 is configured with a log collection adaptation rule in advance. The log collection adaptation rule can be set according to actual conditions and can be used for acquiring relevant information of a log application system. For example, the log collection adaptation rule may be a regular expression adaptation rule, and a log of a log operation of the log application system may be obtained through the regular expression.
For example, the electronic device 10 may obtain Uniform Resource Locator (URL) information characterizing the login application system through the regular expression adaptation rule. Understandably, when the user terminal employs a Browser/Server (B/S) architecture or an application system that logs in using a PKI/digital certificate schema, the user terminal needs to send URL information characterizing the logged-in application system to the application system. The URL information usually includes account information and an id of the user terminal, which is the first id. For example, whether a field representing account information exists in the URL information may be determined by the regular expression adaptation rule, if the field representing account information exists in the URL information, the URL information is the URL information representing the login application system, and meanwhile, the electronic device 10 may further obtain the account information in the login operation from the URL information. The first identity mark can be determined according to actual conditions and is used for marking the unique identity of the user terminal, and identity marks of different user terminals are different. For example, the first identity may be, but is not limited to, a MAC address, an IP address, etc. of the terminal device, and is not limited herein.
In this embodiment, step S210 may include: acquiring an adaptation rule through the login log, and determining first URL information representing the login of the application system; acquiring log information including the account information from the first URL information; adding a first identifier in the log information to obtain the first log information, wherein the first identifier is used for representing that the first log information is a login log.
Understandably, the log collection adaptation rules can distinguish between URL information of the logging application system and URL information of the accessing application system. The URL information of the login application system is the first URL information, and the URL information of the access application system is the second URL information described below.
For example, after acquiring the log information including the account information from the first URL information, the electronic device 10 may automatically add an identifier indicating that the log information is a log of a login operation to the log information. The identifier is the first identifier, and may be set according to an actual situation, for example, the identifier may be a number or a character, and is used for distinguishing log information of the access operation, so as to facilitate subsequent analysis processing on the login log and the access log.
In step S220, the implementation principle of the access log collection adaptation rule is similar to that of the log collection adaptation rule. The access log collection adaptation rule may be set according to actual conditions, and may be, for example, a regular expression adaptation rule for detecting an access operation. For the convenience of distinguishing, the regular expression adaptation rule of the log collection adaptation rule can be called a first regular expression adaptation rule, and the regular expression adaptation rule of the log collection adaptation rule can be called a second regular expression adaptation rule. The second regular expression adaptation rule may detect URL information or other information sent when the user terminal accesses the application system. The URL information is the second URL information described below. The first log information may be referred to as a log and the second log information may be referred to as an access log.
Step S220 may include: acquiring an adaptation rule through the access log, and determining second URL information representing access to the application system; acquiring log information from the second URL information; and adding a second identifier in the log information to obtain the second log information, wherein the second identifier is used for representing that the second log information is an access log.
In this embodiment, the second regular expression adaptation rule may perform matching detection on the corresponding field in the URL information through a regular expression. For example, it can be used to detect the MAC address, IP address of the user terminal in the matching URL information, and a field characterizing the access operation. The field for characterizing the access operation may be set according to actual situations, and is not specifically limited herein.
In this embodiment, the second regular expression adaptation rule may further detect whether a field representing the account information exists in the URL information. And if the URL information is detected to have no field representing the account information, determining the URL information as URL information corresponding to the access operation. The electronic device 10 may analyze the URL information to obtain second log information such as a second identity of the terminal device through a second regular expression adaptation rule.
In step S230, after acquiring the first log information and the second log information, the electronic device 10 may perform association processing on the log information. Understandably, since the second log information is an access log obtained by the user terminal in the access application system, account information does not exist in such log. The first log information and the second log information may generally include identification information of the user terminal. If the identity information of the same user terminal exists in the first log information and the second log information, the second log information is the log information obtained by executing corresponding operation on the account in the first log information. At this time, the account information in the first log information may be associated with the log corresponding to the second identifier, or the account information may be added to the second log information to obtain the target log information. Based on the account information, the access operation of the account is convenient to track and analyze subsequently in combination with the account information.
For example, the electronic device 10 may count, based on the target log acquired within the preset time, the number of access times, the access stay time, the access frequency, and the like of the corresponding service module in the application system within the preset time by using the same account. The preset time period can be set according to actual conditions, and for example, the preset time period can be a time period of one day, one week and the like. The service module can be determined according to actual conditions. For example, the service module may be a service module providing news, a service module providing video resources, and the like.
As an optional implementation, the method may further include: and cleaning and classifying the target log information according to a preset cleaning and classifying strategy to obtain the cleaned and classified log information.
In this embodiment, the user may set a preset cleaning classification policy according to actual service requirements, so as to filter and classify the log. The method for classifying the log information may be as follows: classifying the log information according to the account information; and classifying the log information according to the type of the module which is accessed and represented in the log. For example, the logs corresponding to the same account are classified into one large class, and the logs corresponding to different accounts are classified into different large classes. Assuming that an application system may include a plurality of service modules, the electronic device 10 may classify logs obtained by accessing different service modules, and logs accessing the same service module may be classified into a large category; accessing different business modules can be categorized into different broad categories.
In this embodiment, according to a preset cleaning classification policy, cleaning and classifying the target log information to obtain cleaned and classified log information, including: and reserving data of the specified data type from the target log information, and deleting data of the non-specified data type to obtain the log information after cleaning and classification.
Understandably, the specified data type can be set according to actual conditions. For example, the specified data type can be a data type that characterizes a specified business module in the accessing application system. The designated service module may be determined according to actual conditions, for example, a service module for providing video resources, a service module for providing audio resources, a service module for providing news resources, and the like. Based on the method, the user can flexibly reserve the corresponding types of log data according to actual requirements, and therefore the processing amount of the log can be reduced.
In another embodiment, the electronic device 10 may transmit the obtained first log information, second log information, and target log information to another server, and perform the cleaning process on the first log information, second log information, and target log information by the other server.
As an optional implementation, the method may further include: and storing the first log information and the second log information through a key value database, wherein in the key value database, a key is the identity of the user terminal, and a value is account information.
A Key-Value database may be understood as a Key-Value database. In the Key-Value database, Key is the identity of the user terminal, and Value is the account information. The Key may also include the number or identification of the application system to distinguish between different application systems. The process of the Key-Value database storing log information may be as follows:
the electronic device 10 extracts account information in the log (first log information), and stores the account information in a redis database in a form of key value (the key is the application system number _ user terminal IP; the value is account information, for example, the application system number _ user terminal IP is "100001 _ 1.1.1.1", the account information is "admin", at this time, the key is "100001 _ 1.1.1.1", and the corresponding value is "admin"). Inserting a key if the key does not exist in the redis database; if the key already exists in the redis database, the value is updated, for example, the value is increased by one to record the number of accesses of the same user terminal.
The electronic device 10 extracts the application system number _ user terminal IP (second identity) of the user terminal in the access log (second log information) to form the key described above. And according to the key, performing related query on a redis database to obtain a value of the corresponding key, namely the account information. At this time, the account information may be filled in the second log information as target log information.
In this embodiment, the obtained target log information may be stored in a corresponding cluster system, so that the user may download the corresponding log information from the cluster system subsequently according to the requirement. The cluster system can be selected according to actual conditions. For example, the cluster system may be an Elasticsearch storage cluster, and distributed storage may be implemented.
As an optional implementation, the method may further include: and outputting and displaying the log information after cleaning and classification through a display module.
In this embodiment, if the electronic device 10 is a terminal device, the terminal device may include a display module such as a display screen. The terminal equipment can output and display the log information after cleaning and classification through the display screen. The mode of displaying the log information can be set according to the actual situation. For example, the log information may be classified and presented in the form of a statistical graph (e.g., a polyline statistical graph, a histogram statistical graph, a sector statistical graph, etc.) or in the form of a text document. Understandably, the log information is visually displayed, so that a user can visually pay attention to various log information, analysis and audit of log data are facilitated, and the user experience is improved.
If the electronic device 10 is a server. The server can generate the log information after cleaning and classification to the terminal equipment with the display module, and the terminal equipment outputs and displays the log information.
Referring to fig. 4, an embodiment of the present application further provides a log management apparatus 100, which can be applied to the electronic device 10 described above and is used for executing or implementing each step in the method. The log management apparatus 100 includes at least one software functional module which can be stored in the storage module 12 in the form of software or Firmware (Firmware) or solidified in an Operating System (OS) of the electronic device 10. The processing module 11 is used for executing executable modules stored in the storage module 12, such as software functional modules and computer programs included in the log management device 100.
The log management apparatus 100 may include a first obtaining unit 110, a second obtaining unit 120, and a log processing unit 130.
The first obtaining unit 110 is configured to obtain, through a preconfigured log collection adaptation rule, first log information obtained by a log operation of a logging application system, where the first log information includes account information and a first identity identifier of a first user terminal corresponding to the account information.
The second obtaining unit 120 obtains, through a preconfigured access log collection adaptation rule, second log information obtained by an access operation of accessing the application system, where the second log information includes a second identity of the second user terminal.
A log processing unit 130, configured to, when a second identity identical to the first identity exists in the second log information, associate the account information corresponding to the first identity with a log corresponding to the second identity, so as to obtain target log information.
Optionally, the first obtaining unit 110 may be further configured to:
acquiring an adaptation rule through the login log, and determining first URL information representing the login of the application system;
acquiring log information including the account information from the first URL information;
adding a first identifier in the log information to obtain the first log information, wherein the first identifier is used for representing that the first log information is a login log.
Optionally, the second log unit may be further configured to:
acquiring an adaptation rule through the access log, and determining second URL information representing access to the application system;
acquiring log information from the second URL information;
and adding a second identifier in the log information to obtain the second log information, wherein the second identifier is used for representing that the second log information is an access log.
Optionally, the log management apparatus 100 may further include a cleaning unit, configured to perform cleaning and classification on the target log information according to a preset cleaning and classification policy, so as to obtain cleaned and classified log information.
The wash unit may also be used to: and reserving data of the specified data type from the target log information, and deleting data of the non-specified data type to obtain the log information after cleaning and classification.
Optionally, the log management apparatus 100 may further include a display unit, configured to display the log information after the cleaning classification through a display module.
Optionally, the log management apparatus 100 may further include a storage unit, configured to store the first log information and the second log information through a key-value database, where a key is an identity of the user terminal and a value is account information.
In this embodiment, the processing module 11 may be an integrated circuit chip having signal processing capability. The processing module 11 may be a general-purpose processor. For example, the Processor may be a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), a Network Processor (NP), or the like; the method, the steps and the logic block diagram disclosed in the embodiments of the present Application may also be implemented or executed by a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, or a discrete hardware component.
The communication module 13 is configured to establish a communication connection between the electronic device 10 and an application system through a network, and to transmit and receive data through the network.
The memory module 12 may be, but is not limited to, a random access memory, a read only memory, a programmable read only memory, an erasable programmable read only memory, an electrically erasable programmable read only memory, and the like. In this embodiment, the storage module 12 may be used to store log information. Of course, the storage module 12 may also be used to store a program, and the processing module 11 executes the program after receiving the execution instruction.
It should be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the electronic device 10 and the log management method described above may refer to the corresponding processes of each step in the foregoing method, and are not described in detail herein.
The embodiment of the application also provides a computer readable storage medium. The readable storage medium has stored therein a computer program which, when run on a computer, causes the computer to execute the log management method as described in the above embodiments.
From the above description of the embodiments, it is clear to those skilled in the art that the present application can be implemented by hardware, or by software plus a necessary general hardware platform, and based on such understanding, the technical solution of the present application can be embodied in the form of a software product, which can be stored in a non-volatile storage medium (which can be a CD-ROM, a usb disk, a removable hard disk, etc.), and includes several instructions to enable a computer device (which can be a personal computer, a server, or a network device, etc.) to execute the method described in the embodiments of the present application.
In summary, the present application provides a log management method, an apparatus, an electronic device and a readable storage medium. The method can comprise the following steps: acquiring first log information obtained by logging operation of a logging application system through a pre-configured logging log acquisition adaptation rule, wherein the first log information comprises account information and a first identity identifier of a first user terminal corresponding to the account information; acquiring second log information obtained by accessing the access operation of the application system through a pre-configured access log acquisition adaptation rule, wherein the second log information comprises a second identity of a second user terminal; and when a second identity label identical to the first identity label exists in the second log information, associating the account information corresponding to the first identity label with the log corresponding to the second identity label to obtain target log information. In the scheme, first log information generated in a login application system can be acquired through a pre-configured login log acquisition adaptation rule, and the first log information can usually include account information. And then, second log information acquired by combining the access log acquisition adaptation rule can be acquired from an application system logged in an account password mode, so that the problem that information is lost in the acquired log due to the fact that the account information cannot be acquired from the log when the account information is stored by adopting a Session/Cookie mechanism is solved.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus, system, and method may be implemented in other ways. The apparatus, system, and method embodiments described above are illustrative only, as the flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions. In addition, functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (10)
1. A method of log management, the method comprising:
acquiring first log information obtained by logging operation of a logging application system through a pre-configured logging log acquisition adaptation rule, wherein the first log information comprises account information and a first identity identifier of a first user terminal corresponding to the account information;
acquiring second log information obtained by accessing the access operation of the application system through a pre-configured access log acquisition adaptation rule, wherein the second log information comprises a second identity of a second user terminal;
and when a second identity label identical to the first identity label exists in the second log information, associating the account information corresponding to the first identity label with the log corresponding to the second identity label to obtain target log information.
2. The method of claim 1, wherein obtaining the first log information obtained from the login operation of the login application system through the pre-configured login log collection adaptation rule comprises:
acquiring an adaptation rule through the login log, and determining first URL information representing the login of the application system;
acquiring log information including the account information from the first URL information;
adding a first identifier in the log information to obtain the first log information, wherein the first identifier is used for representing that the first log information is a login log.
3. The method of claim 1, wherein obtaining second log information obtained from an access operation accessing the application system by using a pre-configured access log collection adaptation rule comprises:
acquiring an adaptation rule through the access log, and determining second URL information representing access to the application system;
acquiring log information from the second URL information;
and adding a second identifier in the log information to obtain the second log information, wherein the second identifier is used for representing that the second log information is an access log.
4. The method of claim 1, further comprising:
and cleaning and classifying the target log information according to a preset cleaning and classifying strategy to obtain the cleaned and classified log information.
5. The method of claim 4, wherein the cleaning and classifying the target log information according to a preset cleaning and classifying strategy to obtain the cleaned and classified log information comprises:
and reserving data of the specified data type from the target log information, and deleting data of the non-specified data type to obtain the log information after cleaning and classification.
6. The method according to claim 4 or 5, characterized in that the method further comprises:
and outputting and displaying the log information after cleaning and classification through a display module.
7. The method of claim 1, further comprising:
and storing the first log information and the second log information through a key value database, wherein in the key value database, a key is the identity of the user terminal, and a value is account information.
8. An apparatus for log management, the apparatus comprising:
the system comprises a first acquisition unit, a second acquisition unit and a third acquisition unit, wherein the first acquisition unit is used for acquiring an adaptation rule through a pre-configured login log, and acquiring first log information obtained by login operation of a login application system, and the first log information comprises account information and a first identity of a first user terminal corresponding to the account information;
the second acquisition unit acquires adaptation rules through a pre-configured access log, and acquires second log information obtained by accessing the access operation of the application system, wherein the second log information comprises a second identity of a second user terminal;
and the log processing unit is used for associating the account information corresponding to the first identity with the log corresponding to the second identity to obtain target log information when the second identity identical to the first identity exists in the second log information.
9. An electronic device, characterized in that the electronic device comprises a memory, a processor, coupled to each other, in which memory a computer program is stored which, when executed by the processor, causes the electronic device to carry out the method according to any one of claims 1-7.
10. A computer-readable storage medium, in which a computer program is stored which, when run on a computer, causes the computer to carry out the method according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010780439.6A CN112069425A (en) | 2020-08-05 | 2020-08-05 | Log management method and device, electronic equipment and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010780439.6A CN112069425A (en) | 2020-08-05 | 2020-08-05 | Log management method and device, electronic equipment and readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112069425A true CN112069425A (en) | 2020-12-11 |
Family
ID=73657156
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010780439.6A Pending CN112069425A (en) | 2020-08-05 | 2020-08-05 | Log management method and device, electronic equipment and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112069425A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113138971A (en) * | 2021-04-30 | 2021-07-20 | 深圳市度申科技有限公司 | Visual log analysis method, device and system |
| CN113194088A (en) * | 2021-04-28 | 2021-07-30 | 广东电网有限责任公司广州供电局 | Access interception method, device, log server and computer readable storage medium |
| CN113887889A (en) * | 2021-09-15 | 2022-01-04 | 北京市农林科学院信息技术研究中心 | Assessment data generation method and device |
| CN116136901A (en) * | 2023-04-19 | 2023-05-19 | 杭州美创科技股份有限公司 | Application program anti-counterfeiting method and device, computer equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104484389A (en) * | 2014-12-11 | 2015-04-01 | 焦点科技股份有限公司 | Method and system for discovering maximum likelihood geographic position of internet users |
| CN111310139A (en) * | 2020-01-21 | 2020-06-19 | 腾讯科技(深圳)有限公司 | Behavior data identification method and device and storage medium |
-
2020
- 2020-08-05 CN CN202010780439.6A patent/CN112069425A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104484389A (en) * | 2014-12-11 | 2015-04-01 | 焦点科技股份有限公司 | Method and system for discovering maximum likelihood geographic position of internet users |
| CN111310139A (en) * | 2020-01-21 | 2020-06-19 | 腾讯科技(深圳)有限公司 | Behavior data identification method and device and storage medium |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113194088A (en) * | 2021-04-28 | 2021-07-30 | 广东电网有限责任公司广州供电局 | Access interception method, device, log server and computer readable storage medium |
| CN113138971A (en) * | 2021-04-30 | 2021-07-20 | 深圳市度申科技有限公司 | Visual log analysis method, device and system |
| CN113887889A (en) * | 2021-09-15 | 2022-01-04 | 北京市农林科学院信息技术研究中心 | Assessment data generation method and device |
| CN116136901A (en) * | 2023-04-19 | 2023-05-19 | 杭州美创科技股份有限公司 | Application program anti-counterfeiting method and device, computer equipment and storage medium |
| CN116136901B (en) * | 2023-04-19 | 2023-07-14 | 杭州美创科技股份有限公司 | Application program anti-counterfeiting method and device, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112069425A (en) | Log management method and device, electronic equipment and readable storage medium | |
| CN109194671B (en) | Abnormal access behavior identification method and server | |
| CN105704005B (en) | Malicious user reporting method and device, and reported information processing method and device | |
| CN107733786B (en) | Friend recommendation method and device | |
| US11144939B2 (en) | Cross-device consumer identification and device type determination | |
| CN106294406B (en) | Method and equipment for processing application access data | |
| CN110430070B (en) | Service state analysis method, device, server, data analysis equipment and medium | |
| CN109491733B (en) | Interface display method based on visualization and related equipment | |
| CN106301975A (en) | A kind of data detection method and device thereof | |
| CN111046393B (en) | Vulnerability information uploading method and device, terminal equipment and storage medium | |
| CN109542743B (en) | Log checking method and device, electronic equipment and computer readable storage medium | |
| CN110162982B (en) | Method and device for detecting illegal rights, storage medium and electronic equipment | |
| CN112685255A (en) | Interface monitoring method and device, electronic equipment and storage medium | |
| CN111340062A (en) | Mapping relation determining method and device | |
| CN114285896B (en) | Information pushing method, device, equipment, storage medium and program product | |
| CN113923190B (en) | Equipment identification jump identification method and device, server and storage medium | |
| CN116126808A (en) | Behavior log recording method, device, computer equipment and storage medium | |
| KR101440090B1 (en) | Online board server, online board system and method for indicating spam on online board | |
| CN110020166A (en) | A kind of data analysing method and relevant device | |
| CN112135199B (en) | Video playing method based on multiple types of video sources and related equipment | |
| CN110674386B (en) | Resource recommendation method, device and storage medium | |
| CN112347066B (en) | Log processing method and device, server and computer readable storage medium | |
| CN109409090B (en) | Website background detection method and device and server | |
| CN112100534A (en) | Information processing method, device, medium and electronic equipment in page sharing | |
| CN108763291B (en) | Data management method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |