CN112333188A - Data service interface, log supervision method, system, storage medium and terminal - Google Patents

Data service interface, log supervision method, system, storage medium and terminal Download PDF

Info

Publication number
CN112333188A
CN112333188A CN202011215277.8A CN202011215277A CN112333188A CN 112333188 A CN112333188 A CN 112333188A CN 202011215277 A CN202011215277 A CN 202011215277A CN 112333188 A CN112333188 A CN 112333188A
Authority
CN
China
Prior art keywords
interface
log
request information
service
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011215277.8A
Other languages
Chinese (zh)
Other versions
CN112333188B (en
Inventor
周道华
詹飞
杨陈
周涛
曾俊
黄泓蓓
李武鸿
黄维
伏彦林
刘杰
王小腊
洪江
彭容
罗玉
周林
张明娟
许江泽
吴婷婷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Zhongke Daqi Software Co ltd
Original Assignee
Chengdu Zhongke Daqi Software Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Zhongke Daqi Software Co ltd filed Critical Chengdu Zhongke Daqi Software Co ltd
Priority to CN202011215277.8A priority Critical patent/CN112333188B/en
Publication of CN112333188A publication Critical patent/CN112333188A/en
Application granted granted Critical
Publication of CN112333188B publication Critical patent/CN112333188B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/547Remote procedure calls [RPC]; Web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a data service interface, a log supervision method, a system, a storage medium and a terminal, belonging to the technical field of data exchange.A system comprises an interface monitoring unit, a log supervision unit and a log supervision unit, wherein the interface monitoring unit is used for acquiring an interface calling IP (Internet protocol) and tracking the position of an interface calling IP address; the log statistics management unit is used for carrying out statistics analysis on the calling number, calling times, starting time, ending time and flow consumption of the current interface; and the supervision control unit is used for analyzing according to the result information fed back by the interface monitoring unit and the log statistics management unit, and disconnecting the abnormal interface in time when the abnormal interface is monitored. According to the invention, the interface calling IP is tracked, the current interface calling log condition is analyzed, the supervision control unit analyzes according to the result information fed back by the interface monitoring unit and the log statistical management unit, the abnormal interface can be accurately judged, the connection of the abnormal interface is timely disconnected, and the system is prevented from being paralyzed due to malicious attack.

Description

Data service interface, log supervision method, system, storage medium and terminal
Technical Field
The invention relates to the technical field of data exchange, in particular to a data service interface, a log supervision method, a system, a storage medium and a terminal.
Background
With the increasing improvement of living standard and the acceleration of life rhythm, the demand of entertainment consumption is unprecedentedly improved, tourism becomes the first entertainment item of people, and the tourism has become one of the most powerful and largest-scale industries in the global economy. The industrial status and economic effect of the tourism industry in urban economy are gradually enhanced, the dragging property of the tourism industry to the urban economy, the driving force of social employment and the promotion effect to culture and environment are increasingly shown, and various text and travel service platforms are generated under the large environment.
In order to meet the requirement of the travel service of people, the travel service platform server needs to collect a large amount of travel data for different users to access, and then the server searches corresponding data information from the server according to the access requirement of the users and returns the data information to the corresponding users. The document travel service platform server is used as a data exchange center, and if the document travel service platform server is attacked maliciously in the data exchange process, the whole data exchange is paralyzed, so that the interface call and the log of the document travel service platform need to be supervised urgently.
Disclosure of Invention
The invention aims to solve the problem that a data exchange center is easily attacked by malicious attacks in the existing data exchange process, and provides a data service interface, a log monitoring method, a system, a storage medium and a terminal.
The purpose of the invention is realized by the following technical scheme: a data service interface, journal supervisory system, the system includes the supervisory control unit specifically, interface monitoring unit and journal that is connected with said supervisory control unit count the administrative unit; the interface monitoring unit is used for acquiring an interface calling IP, tracking the position of the interface calling IP address and transmitting the position to the monitoring control unit; the log statistical management unit is used for carrying out statistical analysis on the current interface calling number, calling times, starting time, ending time and flow consumption and transmitting the current interface calling number, the calling times, the starting time, the ending time and the flow consumption to the supervisory control unit; and the supervision control unit analyzes according to result information fed back by the interface monitoring unit and the log statistics management unit, and disconnects the abnormal interface in time when the abnormal interface is monitored.
As an option, the system further comprises a monitoring display unit connected with the interface monitoring unit and the log statistics management unit, and configured to display the monitoring result of the interface monitoring unit and the statistical analysis result of the log statistics management unit in a graphical form.
As an option, the system further comprises a service receiving unit and a data processing control unit which are connected in sequence, wherein the data processing control unit comprises a task analysis control module, a service query module and a flow control module which are connected in sequence; the service receiving unit is used for receiving the service request information and transmitting the service request information to the data processing control unit; the task analysis control module is used for analyzing and processing the service request information, classifying the service request information according to an analysis result, adding the service request information to a corresponding task queue, and updating the current task queue information; the service inquiry module is used for providing a corresponding API interface according to the service request information; and the flow control module performs flow control processing on the API according to the current task queue information.
As an option, the system further comprises an authentication unit for verifying the access right of the service request information and transmitting the verification result to the data processing control unit.
As an option, the authentication unit further includes an authority configuration module, configured to receive the service application request information, determine validity of the service application request information, and issue an access token when the service application request information is determined to be valid.
It should be further noted that the technical features corresponding to the above-mentioned system options can be combined with each other or replaced to form a new technical solution.
The invention also comprises a data service interface and a log supervision method, wherein the method comprises the following steps:
acquiring an interface calling IP and tracking the position of the interface calling IP address; counting and analyzing the number of calls of the current interface, the number of calls, the starting time, the ending time and the flow consumption; and analyzing the calling number, the calling times, the starting time, the ending time and the flow consumption of the current interface according to the IP called by the interface and the position of the IP address called by the interface, and disconnecting the abnormal interface in time when the abnormal interface is monitored.
As an option, the method further comprises receiving service request information; analyzing the service request information, classifying the service request information according to the analysis result, adding the service request information to a corresponding task queue, and updating the current task queue information; providing a corresponding API interface according to the service request information; and performing flow control processing on the API according to the current task queue information.
As an option, the method further comprises the step of authenticating:
and verifying the access authority of the service request information, and transmitting a verification result to the data processing control unit.
It should be further noted that the technical features corresponding to the above-mentioned method options can be combined with each other or replaced to form a new technical solution.
The invention also includes a storage medium having stored thereon computer instructions which, when executed, perform the steps of any one of the options of the data service interface, log monitoring method described above.
The invention also comprises a terminal which comprises a memory and a processor, wherein the memory is stored with computer instructions capable of running on the processor, and the processor executes the steps of any option of the data service interface and the log supervision method when running the computer instructions.
Compared with the prior art, the invention has the beneficial effects that:
(1) the invention tracks the interface calling IP to obtain the position of the interface calling IP, and can quickly position the interface calling IP when the interface calling IP carries out malicious attack on the system; meanwhile, the log statistical management unit further analyzes the condition of the current interface calling log, and the supervisory control unit analyzes according to the result information fed back by the interface monitoring unit and the log statistical management unit, so that an abnormal interface can be accurately judged, the connection of the abnormal interface is timely disconnected, and the system is prevented from being paralyzed due to malicious attack.
(2) The invention provides a corresponding API interface according to the service request information, and has a function of three-party data calling; the flow control processing is carried out on the API according to the current task queue information, the data transmission flow of the corresponding API can be effectively distributed, the data transmission tasks with high priority and high urgency are preferentially processed, the data transmission flow direction of the corresponding API is further limited by combining with the network quality parameters, then reasonable data transmission distribution is carried out, and the congestion of a data transmission channel is effectively avoided.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention.
FIG. 1 is a block diagram of a system according to embodiment 1 of the present invention;
FIG. 2 is a flowchart of a method of example 2 of the present invention;
FIG. 3 is a flowchart of the method of embodiment 2 of the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the accompanying drawings, and it should be understood that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the description of the present invention, it should be noted that directions or positional relationships indicated by "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", and the like are directions or positional relationships described based on the drawings, and are only for convenience of description and simplification of description, and do not indicate or imply that the device or element referred to must have a specific orientation, be configured and operated in a specific orientation, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it should be noted that, unless otherwise explicitly stated or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be, for example, fixedly connected, detachably connected, or integrally connected; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
In addition, the technical features involved in the different embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
Example 1
As shown in fig. 1, in embodiment 1, a data service interface and log monitoring system specifically includes a monitoring control unit, an interface monitoring unit connected to the monitoring control unit, and a log statistics management unit; the interface monitoring unit is used for acquiring an interface calling IP, tracking the position of an interface calling IP address and transmitting the position to the monitoring control unit; the log counting and managing unit is used for counting and analyzing the calling number, calling times, starting time, ending time and flow consumption of the current interface and transmitting the counting and analyzing result to the monitoring and controlling unit; and the supervision control unit analyzes according to result information fed back by the interface monitoring unit and the log statistics management unit, and disconnects the abnormal interface in time when the abnormal interface is monitored. Specifically, the IP address is obtained according to the service request information sent by the interface calling terminal, and the specific position of the IP address can be analyzed through the three-party software. The supervision control unit analyzes whether a current (API) interface is abnormal according to result information fed back by the interface monitoring unit and the log statistics management unit, namely the IP address, the specific position of the IP address, the calling number of interfaces, the calling times, the starting time, the ending time and the flow consumption information, and any parameter abnormality indicates that the current API interface is an abnormal interface, for example, the position of the IP address is not in the system authentication area, or the flow consumption information is too large, and the like indicates that the API interface is an abnormal API interface, and the connection between the API interface and a service request end is immediately disconnected.
Furthermore, the system also comprises a monitoring display unit which is connected with the interface monitoring unit and the log statistics management unit and is used for displaying the monitoring result of the interface monitoring unit and the statistical analysis result of the log statistics management unit in a graphical mode, so that the current interface call log condition can be more intuitively reflected, and support is provided for interface monitoring.
Furthermore, the system also comprises a service receiving unit and a data processing control unit which are connected in sequence, wherein the data processing control unit comprises a task analysis control module, a service query module and a flow control module which are connected in sequence. The service receiving unit is used for receiving the service request information and transmitting the service request information to the data processing control unit; the task analysis control module is used for analyzing the service request information, classifying the service request information according to the analysis result, adding the service request information to a corresponding task queue, and updating the current task queue information; the service inquiry module is used for providing a corresponding API interface according to the service request information; and the flow control module performs flow control processing on the API according to the current task queue information.
The invention provides a corresponding API interface according to the service request information, and has a function of three-party data calling; the flow control processing is carried out on the API according to the current task queue information, the data transmission flow of the corresponding API can be effectively distributed, the data transmission tasks with high priority and high urgency are preferentially processed, the data transmission flow direction of the corresponding API is further limited by combining with the network quality parameters, then reasonable data transmission distribution is carried out, and the congestion of a data transmission channel is effectively avoided.
Specifically, the service receiving unit is configured to receive different types of service request information sent by a service request end, where the different types of service request information include data transmission request information and control request information. The service request end is specifically a user terminal, or other data service platforms or a certain operating system, the service request information is sent based on an HTTP/HTTPS or FTP/SFTP protocol, and the service receiving unit is used for monitoring and receiving the service request information sent by the service request end, and transmitting the service request information to the task analysis control module for further analysis of the service request information. The service query module queries the system database of the invention by adopting a uniform structured query language, acquires the URL address corresponding to the service request information (data transmission request information), further outputs the corresponding API interface, and returns the API interface information to the service request terminal. The flow control module specifies a corresponding flow control strategy through the current task queue information, associates the specific flow control strategy with the corresponding API interface, and further realizes the flow control of the API interface, for example, for a certain API interface, the upper limit of the data transmission flow is 10M.
Further, the analyzing and processing of the service request information by the task analysis control module specifically includes:
analyzing and judging whether the type of the service request information is a data transmission request, if so, adding the corresponding service request to a data transmission task queue, otherwise, adding the corresponding service request to other task queues, such as a control request queue, so as to establish the data transmission task queue, and further obtain the task queue information which needs to be subjected to data transmission currently.
Further, performing flow control processing on the API interface according to the current task queue information specifically includes:
and sequencing the priority of the current task queue information, and controlling the flow of the API interface by combining the current task processing process and the network quality parameter. Specifically, the data processing control unit stores task priority information of different service request terminals, and/or service request messages sent by the service request terminals carry data transmission parameter information, that is, whether urgent transmission is required or not is indicated; the system also comprises a network quality parameter monitoring unit used for acquiring real-time network parameter information, on the basis, the flow control module sequences tasks needing data transmission currently according to the priority information, the network quality parameter information and the data transmission parameter information, the priority order is greater than the data transmission parameter information as an option, then corresponding flow distribution is carried out on different API interfaces by combining the current network quality parameter information, if the API with the priority order of 1 and corresponding to the service request marked as urgent transmission is sent preferentially, the transmission flow upper limit of the API information is improved by combining the current network quality parameter information, or the transmission flow upper limit limitation of the API interface is cancelled. More specifically, to satisfy the data transmission service of other service request terminals, the validity period and the calling frequency of the flow control policy may be limited, for example, the validity period is limited to one hour, and the calling frequency is 6/m. More specifically, the validity period of the API interface may be further limited, for example, to one month, so as to ensure the security of data transmission.
Furthermore, the system also comprises an authentication unit which is used for verifying the access authority of the service request information and transmitting the verification result to the data processing control unit so as to ensure the safety of data transmission. Specifically, the authentication unit performs access token (token) verification on a service request end sending the service request information, that is, verifies the network ID, the key information and the validity period information of the service request end, and if any access token fails to verify, that is, if the verification fails, the service request information of the service request end is rejected; and if the verification is successful, transmitting the service request information to a task analysis control module to analyze and process the service request information.
Furthermore, the authentication unit also comprises an authority configuration module which is used for receiving the service application request information, judging the legality of the service application request information and issuing an access token when the service application request information is judged to be legal. Specifically, the authority configuration module judges the validity of the service application request information according to the user name and the password of the service request end, if the service application request information is legal, the corresponding access token information, the envelope ID, the key information and the validity period information are sent to the service request end, otherwise, the service application request is rejected, namely the service application module needs to send the service application request information before sending the service request information to the system of the invention, and needs to apply the legal user name and the password to the system of the invention before sending the service application request information.
The invention tracks the interface calling IP to obtain the position of the interface calling IP, and can quickly position the interface calling IP when the interface calling IP carries out malicious attack on the system; meanwhile, the log statistical management unit further analyzes the condition of the current interface calling log, and the supervisory control unit analyzes according to the result information fed back by the interface monitoring unit and the log statistical management unit, so that an abnormal interface can be accurately judged, the connection of the abnormal interface is timely disconnected, and the system is prevented from being paralyzed due to malicious attack.
Example 2
The present embodiment has the same inventive concept as embodiment 1, and provides a data service interface and log supervision method based on embodiment 1, as shown in fig. 2, the method specifically includes the following steps:
s01: acquiring an interface calling IP and tracking the position of the interface calling IP address; specifically, the IP address is obtained according to the service request information sent by the interface calling terminal, and the specific position of the IP address can be analyzed through the three-party software.
S02: counting and analyzing the number of calls of the current interface, the number of calls, the starting time, the ending time and the flow consumption;
s03: and analyzing the calling number, the calling times, the starting time, the ending time and the flow consumption of the current interface according to the IP called by the interface and the position of the IP address called by the interface, and disconnecting the abnormal interface in time when the abnormal interface is monitored. Specifically, whether the current API interface is abnormal is analyzed according to result information fed back by the interface monitoring unit and the log statistics management unit, that is, the IP address, the specific location of the IP address, the number of interface calls, the number of calls, the start time, the end time, and the traffic consumption information, where any one of the above parameters is abnormal, which indicates that the current API interface is an abnormal interface, for example, the location of the IP address is not in the region authenticated by the system of the present invention, or the traffic consumption information is too large, which indicates that the API interface is an abnormal API interface, and immediately disconnects the API from the service request end.
Further, after the step S02, the method further includes the monitoring display step:
the monitoring result of the interface monitoring unit and the statistical analysis result of the log statistical management unit are displayed in a graphical mode, so that the current log calling situation of the interface can be reflected more visually, and support is provided for interface monitoring.
Further, as shown in fig. 3, the method of the present invention further comprises the steps of:
s11: receiving service request information; specifically, the service receiving unit is configured to receive different types of service request information sent by a service request end, where the different types of service request information include data transmission request information and control request information. The service request end is specifically a user terminal, or other data service platforms or a certain operating system, the service request information is sent based on an HTTP/HTTPS or FTP/SFTP protocol, and the service receiving unit is used for monitoring and receiving the service request information sent by the service request end, and transmitting the service request information to the task analysis control module for further analysis of the service request information.
S12: analyzing the service request information, classifying the service request information according to the analysis result, adding the service request information to a corresponding task queue, and updating the current task queue information; specifically, the execution subject of step S02 is specifically a task analysis control module.
S13: providing a corresponding API interface according to the service request information; specifically, the service query module queries the system database of the present invention by using a unified structured query language, obtains a URL address corresponding to the service request information (data transmission request information), further outputs a corresponding API interface, and returns the API interface information to the service request terminal.
S14: and performing flow control processing on the API according to the current task queue information. Specifically, the flow control module specifies a corresponding flow control policy through the current task queue information, associates the specific flow control policy with the corresponding API interface, and further implements flow control of the API interface, for example, for a certain API interface, the upper limit of the data transmission flow is 10M.
Further, step S01 is preceded by:
s100: receiving the service application request information, judging the legality of the service application request information, and issuing an access token when the service application request information is judged to be legal; specifically, the execution subject of step S001 is an authority configuration module, which determines validity of the service application request information according to the user name and password of the service request end, and if the validity is valid, sends corresponding access token information, envelope ID, key information, and validity period information to the service request end, otherwise, rejects the service application request.
S101: and verifying the access authority of the service request information, and transmitting a verification result to the data processing control unit. Specifically, the main execution body of the step is an authentication unit, which performs access token (token) verification on a service request end sending service request information, that is, verifies the network ID, key information and validity period information of the service request end, and rejects the service request information of the service request end if any access token fails to verify, that is, if the verification fails to be determined; and if the verification is successful, transmitting the service request information to a task analysis control module to analyze and process the service request information.
Further, step S12 is to analyze the service request information through the task analysis control module, which specifically includes:
analyzing and judging whether the type of the service request information is a data transmission request, if so, adding the corresponding service request to a data transmission task queue, otherwise, adding the corresponding service request to other task queues, such as a control request queue, so as to establish the data transmission task queue, and further obtain the task queue information which needs to be subjected to data transmission currently.
Further, the execution subject of the flow control processing on the API interface according to the current task queue information in step S14 is a flow control module, and specifically includes:
and sequencing the priority of the current task queue information, and controlling the flow of the API interface by combining the current task processing process and the network quality parameter. Specifically, the data processing control unit stores task priority information of different service request terminals, and/or service request messages sent by the service request terminals carry data transmission parameter information, that is, whether urgent transmission is required or not is indicated; the system also comprises a network quality parameter monitoring unit used for acquiring real-time network parameter information, on the basis, the flow control module sequences tasks needing data transmission currently according to the priority information, the network quality parameter information and the data transmission parameter information, the priority order is greater than the data transmission parameter information as an option, then corresponding flow distribution is carried out on different API interfaces by combining the current network quality parameter information, if the API with the priority order of 1 and corresponding to the service request marked as urgent transmission is sent preferentially, the transmission flow upper limit of the API information is improved by combining the current network quality parameter information, or the transmission flow upper limit limitation of the API interface is cancelled. More specifically, to satisfy the data transmission service of other service request terminals, the validity period and the calling frequency of the flow control policy may be limited, for example, the validity period is limited to one hour, and the calling frequency is 6/m. More specifically, the validity period of the API interface may be further limited, for example, to one month, so as to ensure the security of data transmission.
Example 3
The present embodiment provides a storage medium, which has the same inventive concept as embodiment 2, and has stored thereon computer instructions, which when executed, perform the steps of the data service interface and the log monitoring method in embodiment 2.
Based on such understanding, the technical solution of the present embodiment or parts of the technical solution may be essentially implemented in the form of a software product, which is stored in a storage medium and includes several instructions to enable a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method of the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
Example 4
The present embodiment also provides a terminal, which has the same inventive concept as that in embodiment 2, and includes a memory and a processor, where the memory stores computer instructions executable on the processor, and the processor executes the steps of the data service interface and the log monitoring method in embodiment 2 when executing the computer instructions. The processor may be a single or multi-core central processing unit or a specific integrated circuit, or one or more integrated circuits configured to implement the present invention.
Each functional unit in the embodiments provided by the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The above detailed description is for the purpose of describing the invention in detail, and it should not be construed that the detailed description is limited to the description, and it will be apparent to those skilled in the art that various modifications and substitutions can be made without departing from the spirit of the invention.

Claims (10)

1. A data service interface, log supervisory systems which characterized in that: the system comprises a supervisory control unit, an interface monitoring unit and a log statistical management unit, wherein the interface monitoring unit and the log statistical management unit are connected with the supervisory control unit;
the interface monitoring unit is used for acquiring an interface calling IP, tracking the position of the interface calling IP address and transmitting the position to the monitoring control unit;
the log statistical management unit is used for carrying out statistical analysis on the current interface calling number, calling times, starting time, ending time and flow consumption and transmitting the current interface calling number, the calling times, the starting time, the ending time and the flow consumption to the supervisory control unit;
and the supervision control unit analyzes according to result information fed back by the interface monitoring unit and the log statistics management unit, and disconnects the abnormal interface in time when the abnormal interface is monitored.
2. A data service interface, log administration system as claimed in claim 1, wherein: the system also comprises a monitoring display unit which is connected with the interface monitoring unit and the log statistical management unit and is used for displaying the monitoring result of the interface monitoring unit and the statistical analysis result of the log statistical management unit in a graphical form.
3. A data service interface, log administration system as claimed in claim 1, wherein: the system also comprises a service receiving unit and a data processing control unit which are connected in sequence, wherein the data processing control unit comprises a task analysis control module, a service query module and a flow control module which are connected in sequence;
the service receiving unit is used for receiving the service request information and transmitting the service request information to the data processing control unit;
the task analysis control module is used for analyzing and processing the service request information, classifying the service request information according to an analysis result, adding the service request information to a corresponding task queue, and updating the current task queue information; the service inquiry module is used for providing a corresponding API interface according to the service request information; and the flow control module performs flow control processing on the API according to the current task queue information.
4. A data service interface, log administration system as claimed in claim 3, wherein: the system also comprises an authentication unit used for verifying the access authority of the service request information and transmitting the verification result to the data processing control unit.
5. The data service interface, log administration system of claim 4, wherein: the authentication unit also comprises an authority configuration module which is used for receiving the service application request information, judging the legality of the service application request information and issuing an access token when the service application request information is judged to be legal.
6. A data service interface and log supervision method is characterized in that: the method comprises the following steps:
acquiring an interface calling IP and tracking the position of the interface calling IP address;
counting and analyzing the number of calls of the current interface, the number of calls, the starting time, the ending time and the flow consumption;
and analyzing the calling number, the calling times, the starting time, the ending time and the flow consumption of the current interface according to the IP called by the interface and the position of the IP address called by the interface, and disconnecting the abnormal interface in time when the abnormal interface is monitored.
7. A data service interface, log administration method as claimed in claim 6, wherein: the method further comprises the following steps:
receiving service request information;
analyzing the service request information, classifying the service request information according to the analysis result, adding the service request information to a corresponding task queue, and updating the current task queue information;
providing a corresponding API interface according to the service request information;
and performing flow control processing on the API according to the current task queue information.
8. A data service interface, log administration method as claimed in claim 7, wherein: the method further comprises the authentication step of:
and verifying the access authority of the service request information, and transmitting a verification result to the data processing control unit.
9. A storage medium having stored thereon computer instructions, characterized in that: the computer instructions when executed perform the steps of a data service interface, log administration method as claimed in any one of claims 6 to 8.
10. A terminal comprising a memory and a processor, the memory having stored thereon computer instructions executable on the processor, the terminal comprising: the processor, when executing the computer instructions, performs the steps of a data service interface, log administration method of any of claims 6-8.
CN202011215277.8A 2020-11-04 2020-11-04 Data service interface, log supervision method, system, storage medium and terminal Active CN112333188B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011215277.8A CN112333188B (en) 2020-11-04 2020-11-04 Data service interface, log supervision method, system, storage medium and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011215277.8A CN112333188B (en) 2020-11-04 2020-11-04 Data service interface, log supervision method, system, storage medium and terminal

Publications (2)

Publication Number Publication Date
CN112333188A true CN112333188A (en) 2021-02-05
CN112333188B CN112333188B (en) 2022-11-18

Family

ID=74323574

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011215277.8A Active CN112333188B (en) 2020-11-04 2020-11-04 Data service interface, log supervision method, system, storage medium and terminal

Country Status (1)

Country Link
CN (1) CN112333188B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112905261A (en) * 2021-03-05 2021-06-04 南京领行科技股份有限公司 API (application program interface) control method and device and electronic equipment
CN113114490A (en) * 2021-03-30 2021-07-13 海信集团控股股份有限公司 API call abnormity warning method, device, equipment and medium
CN113596600A (en) * 2021-08-03 2021-11-02 广州繁星互娱信息科技有限公司 Security management method, device, equipment and storage medium for live broadcast embedded program

Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060098675A1 (en) * 2004-11-05 2006-05-11 Michitaka Okuno Traffic control method for network equipment
US20100205285A1 (en) * 2004-05-03 2010-08-12 Verizon Business Global Llc Systems and methods for managing multicast data transmissions
CN105262760A (en) * 2015-10-30 2016-01-20 北京奇虎科技有限公司 Method and device for preventing action of maliciously visiting login/register interface
CN105591970A (en) * 2015-08-31 2016-05-18 杭州华三通信技术有限公司 Traffic control method and device
CN106686660A (en) * 2015-11-06 2017-05-17 北京三星通信技术研究有限公司 Traffic control method and device
CN107992398A (en) * 2017-12-22 2018-05-04 宜人恒业科技发展(北京)有限公司 The monitoring method and monitoring system of a kind of operation system
CN108712329A (en) * 2018-05-02 2018-10-26 山东汇贸电子口岸有限公司 A kind of gateway and log recording retrieval device based on Elasticsearch
CN108737549A (en) * 2018-05-25 2018-11-02 江苏联盟信息工程有限公司 A kind of log analysis method and device of big data quantity
CN109885399A (en) * 2019-01-17 2019-06-14 平安普惠企业管理有限公司 Data processing method, electronic device, computer equipment and storage medium
CN110069464A (en) * 2019-03-16 2019-07-30 平安普惠企业管理有限公司 Log analysis processing method, device, equipment and readable storage medium storing program for executing
CN110321273A (en) * 2019-07-09 2019-10-11 政采云有限公司 A kind of business statistical method and device
CN111049673A (en) * 2019-11-21 2020-04-21 山东健康医疗大数据有限公司 Method and system for counting and monitoring API call in service gateway
CN111866148A (en) * 2020-07-23 2020-10-30 浪潮云信息技术股份公司 Message queue flow control system

Patent Citations (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100205285A1 (en) * 2004-05-03 2010-08-12 Verizon Business Global Llc Systems and methods for managing multicast data transmissions
US20060098675A1 (en) * 2004-11-05 2006-05-11 Michitaka Okuno Traffic control method for network equipment
CN105591970A (en) * 2015-08-31 2016-05-18 杭州华三通信技术有限公司 Traffic control method and device
CN105262760A (en) * 2015-10-30 2016-01-20 北京奇虎科技有限公司 Method and device for preventing action of maliciously visiting login/register interface
CN106686660A (en) * 2015-11-06 2017-05-17 北京三星通信技术研究有限公司 Traffic control method and device
CN107992398A (en) * 2017-12-22 2018-05-04 宜人恒业科技发展(北京)有限公司 The monitoring method and monitoring system of a kind of operation system
CN108712329A (en) * 2018-05-02 2018-10-26 山东汇贸电子口岸有限公司 A kind of gateway and log recording retrieval device based on Elasticsearch
CN108737549A (en) * 2018-05-25 2018-11-02 江苏联盟信息工程有限公司 A kind of log analysis method and device of big data quantity
CN109885399A (en) * 2019-01-17 2019-06-14 平安普惠企业管理有限公司 Data processing method, electronic device, computer equipment and storage medium
CN110069464A (en) * 2019-03-16 2019-07-30 平安普惠企业管理有限公司 Log analysis processing method, device, equipment and readable storage medium storing program for executing
CN110321273A (en) * 2019-07-09 2019-10-11 政采云有限公司 A kind of business statistical method and device
CN111049673A (en) * 2019-11-21 2020-04-21 山东健康医疗大数据有限公司 Method and system for counting and monitoring API call in service gateway
CN111866148A (en) * 2020-07-23 2020-10-30 浪潮云信息技术股份公司 Message queue flow control system

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
YONGJIAN REN等: ""QoS evaluation of prioritized data plane service employing queueing model"", 《2017 IEEE/ACM 25TH INTERNATIONAL SYMPOSIUM ON QUALITY OF SERVICE (IWQOS)》 *
YONGJIAN REN等: ""QoS evaluation of prioritized data plane service employing queueing model"", 《2017 IEEE/ACM 25TH INTERNATIONAL SYMPOSIUM ON QUALITY OF SERVICE (IWQOS)》, 7 July 2017 (2017-07-07) *
李娜: ""基于业务优先级带宽控制的实现"", 《电脑知识与技术》 *
李娜: ""基于业务优先级带宽控制的实现"", 《电脑知识与技术》, 15 December 2011 (2011-12-15) *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112905261A (en) * 2021-03-05 2021-06-04 南京领行科技股份有限公司 API (application program interface) control method and device and electronic equipment
CN113114490A (en) * 2021-03-30 2021-07-13 海信集团控股股份有限公司 API call abnormity warning method, device, equipment and medium
CN113114490B (en) * 2021-03-30 2023-10-27 海信集团控股股份有限公司 API call abnormity warning method, device, equipment and medium
CN113596600A (en) * 2021-08-03 2021-11-02 广州繁星互娱信息科技有限公司 Security management method, device, equipment and storage medium for live broadcast embedded program

Also Published As

Publication number Publication date
CN112333188B (en) 2022-11-18

Similar Documents

Publication Publication Date Title
CN112333188B (en) Data service interface, log supervision method, system, storage medium and terminal
US9763093B2 (en) System and method for an automated system for continuous observation, audit and control of user activities as they occur within a mobile network
US20170265076A1 (en) System and method for an automated system for continuous observation, audit and control of user activities as they occur within a mobile network
CN112217738A (en) Flow control method, system, storage medium and terminal for text and travel data service
US9374372B2 (en) Systems and methods for profiling client devices
CN110554927A (en) Micro-service calling method based on block chain
CN109302434B (en) Prompt message pushing method and device, service platform and storage medium
US20060020816A1 (en) Method and system for managing authentication attempts
CN110069388A (en) Alarm information processing method, device, equipment and computer readable storage medium
CN106790291B (en) Intrusion detection prompting method and device
CN110892675B (en) Method and apparatus for monitoring block chains
CN110049031B (en) Interface security authentication method, server and authentication center server
US7254387B2 (en) Management and control of telecommunication services delivery
CN114268957A (en) Abnormal business data processing method, device, server and storage medium
CN114780214B (en) Task processing method, device, system and equipment
CN110365634B (en) Abnormal data monitoring method, device, medium and electronic equipment
EP2387262B1 (en) System and method for multi-certificate and certificate authority strategy
CN116647572B (en) Access endpoint switching method, device, electronic equipment and storage medium
EP3984186A1 (en) Executing real-time message monitoring to identify potentially malicious messages and generate instream alerts
WO2016191369A1 (en) Automated system for continuous observation, audit and control of user activities within a mobile network
CN115951923A (en) Subscription event management method and related product
CN111510431B (en) Universal terminal access control platform, client and control method
EP4093076A1 (en) Method, mobile equipment, and system for vulnerability detection and prevention in a sim, and storage media
CN115603938A (en) Attack protection method, terminal device and computer readable storage medium
CN111866003B (en) Risk assessment method and device for terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant