CN112737825A - Log-based network device association method, system, device and storage medium - Google Patents

Log-based network device association method, system, device and storage medium Download PDF

Info

Publication number
CN112737825A
CN112737825A CN202011542780.4A CN202011542780A CN112737825A CN 112737825 A CN112737825 A CN 112737825A CN 202011542780 A CN202011542780 A CN 202011542780A CN 112737825 A CN112737825 A CN 112737825A
Authority
CN
China
Prior art keywords
account information
user account
network device
log
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011542780.4A
Other languages
Chinese (zh)
Other versions
CN112737825B (en
Inventor
张晓晨
邱志勇
张俊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ctrip Travel Information Technology Shanghai Co Ltd
Original Assignee
Ctrip Travel Information Technology Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ctrip Travel Information Technology Shanghai Co Ltd filed Critical Ctrip Travel Information Technology Shanghai Co Ltd
Priority to CN202011542780.4A priority Critical patent/CN112737825B/en
Publication of CN112737825A publication Critical patent/CN112737825A/en
Application granted granted Critical
Publication of CN112737825B publication Critical patent/CN112737825B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/069Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Computer And Data Communications (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention provides a method, a system, equipment and a storage medium for associating network equipment based on logs, wherein the method comprises the following steps: establishing a mapping relation table, wherein the mapping relation table contains mapping relations of each network device, corresponding hardware identification codes and device user account information preset by the network devices, performing log analysis to obtain user account information and hardware identification codes using the current network device, updating the current user account information into the user account information in an authentication log when the user account information in the authentication log does not match with the corresponding device user account information, recording the use time period, changing the network device into the current user account information if the total use time of the current user account information using the network devices meets a preset threshold value, and recording the history track of each network device used by each user account information. The invention can ensure the automatic updating of the matching information of the network equipment, greatly reduce the troubleshooting work and reduce the overall operation cost.

Description

Log-based network device association method, system, device and storage medium
Technical Field
The present invention relates to the field of device association, and in particular, to a method, system, device and storage medium for log-based network device association.
Background
The large-scale centralized office enterprise obtains PC position and generally has two kinds of condition, one kind is that the staff is bound, and the staff is where, and the PC is just where, and the other kind is that the seat is bound, puts PC on fixed seat position by desktop personnel, but no matter which kind, all can have obvious defect:
(1) the PC is bound with the staff, so that the position of the staff can be obtained, small enterprises are good, but large centralized office enterprises and thousands of staff generally divide an area by one department, the interior of the enterprise is automatically distributed, and the staff moves along with the attendance and the leaving of the staff, or the seats of the staff in the whole area are moved, so that the staff position information recorded in advance is disordered, and the actual position of the PC of the staff cannot be known.
(2) The PC is bound with the seat, the personnel does not have the independent seat, the seat needs to be dynamically distributed according to the working time, the seat arrangement cost is saved, the PC is generally suitable for large-scale customer service centers, 24-hour customer service is required to be on-line, workers are in shifts, and the working time is staggered respectively, so that the utilization rate of the seat can be improved. Under the condition, if the problem of network ports of seats or other field problems occurs, staff may move the PC to other seats without the PC for office work, or even exchange the PCs on different seats, and if the situation is too many, the reliability of the PC position recorded before desktop personnel or asset management personnel is gradually reduced, and when equipment needs to be searched for maintenance, the situation that the equipment cannot be found in a large batch occurs.
(3) Above two kinds of circumstances all need artifical intervention to maintain, and the data of at first manual maintenance can't guarantee the accuracy of typing in, and secondly, there is the human factor, can't retrain staff oneself and remove the seat, also can't retrain staff and remove the PC and trade the seat, so hardly guarantee the reliability of staff record data, and the condition that can't appear finding for a long time in time for a lot of PCs.
(4) In a large enterprise, generally, there is not only one office location, and the office locations may be distributed all over the country, even all over the world, and the IT teams all over the world generally divide, arrange and number the seats according to local operation habits and modes, so that only the office locations are ensured to be unique and not repeated, the network equipment cannot be ensured to be unique in the whole company, and data such as seat information and utilization rate in all the places are difficult to obtain at the headquarter level.
(5) In a large enterprise, the PC is called across departments, borrowing exists in large quantities, the PC can be used for calling across regions and cities, and if the position of the PC is recorded manually, the recording can not be tracked well obviously.
Therefore, the invention provides a method, a system, a device and a storage medium for associating network devices based on logs.
Disclosure of Invention
Aiming at the problems in the prior art, the invention aims to provide a log-based network equipment association method, a log-based network equipment association system, log-based network equipment association equipment and a log-based storage medium, so that the difficulty in the prior art is overcome, the automatic updating of the use relationship of the network equipment can be ensured, the deployment work and the guarantee troubleshooting work of desktop engineers are greatly reduced, and the operation cost is obviously reduced.
The embodiment of the invention provides a log-based network equipment association method, which comprises the following steps:
s110, providing a plurality of network devices with unique hardware identification codes, and establishing a mapping relation table in a server, wherein the mapping relation table comprises mapping relations between each network device, the corresponding hardware identification codes and device user account information preset by the network devices;
s120, receiving the authentication logs from each network device, and analyzing the logs to obtain user account information and hardware identification codes of the current network device;
s130, judging whether the user account information in the authentication log is matched with the equipment user account information corresponding to the hardware identification code, if so, executing a step S180, and if not, executing a step S140;
s140, updating the current user account information of the network equipment in the mapping relation table into the user account information in the authentication log, and recording the time period when the current user account information uses the network equipment;
s150, judging whether the total use time and/or the use frequency of the network equipment used by the current user account information meet a preset threshold value, if so, executing a step S160, and if not, executing a step S180;
s160, changing the device user account information corresponding to the network device into the current user account information; and
s170, recording the historical track of each network device used by each user account information; or recording the historical track of each user account information using each network device.
And S180, ending.
Preferably, the server includes a preset authenticated user pool, in step S120, it is determined whether the user account information included in the authentication log from the network device hits the user account information in the preset authenticated user pool, if yes, step S130 is executed, and if not, the process is ended.
Preferably, the server is a local area network server, and each user account information in the authenticated user pool includes a mobile terminal identification number;
after step S130, step S140 may further include determining whether the mobile terminal identification number corresponding to the user account information included in the authentication log hits one of the mobile terminal identification numbers already connected to the lan server, if yes, step S140 is executed, and if not, the process is ended.
Preferably, after the step S110 and before the step S150, the method further includes counting a longest duration of using all the network devices by each piece of the device user account information or a frequency of using all the network devices within a preset time period.
Preferably, in the step S150, it is determined whether the total duration of use of the network device by the current user account information is greater than or equal to the total duration of history of use of the network device by the device user account information of the network device, if yes, step S160 is executed, and if not, the process is ended.
Preferably, in the step S150, it is determined whether the frequency of using the network device by the current user account information in a preset time period is greater than or equal to a preset threshold or a preset multiple of the frequency of using the network device by the device user account information of the network device, if yes, the step S160 is executed, and if not, the step S is ended.
Preferably, the method of performing log analysis to obtain user account information using the current network device includes verifying user biometric information at the time of a user authentication operation;
the user authentication operation comprises one of equipment login operation, equipment unlocking operation and file access unlocking operation for verifying a user account and a password;
the verification of the user biological information comprises at least one of user face identification verification, user fingerprint verification, user voiceprint verification and user iris verification.
Preferably, the hardware identification code is a MAC address in the network device, but not limited thereto.
An embodiment of the present invention further provides a log-based network device association system, configured to implement the above-mentioned log-based network device association method, where the log-based network device association system includes:
the mapping relation module is used for providing a plurality of network devices with unique hardware identification codes, and establishing a mapping relation table in the server, wherein the mapping relation table comprises the mapping relation between each network device and the corresponding hardware identification code as well as equipment user account information preset by the network device;
the authentication operation module receives the authentication logs from each network device, and performs log analysis to obtain user account information and hardware identification codes of the current network device;
the first judgment module is used for judging whether the user account information in the authentication log is matched with the equipment user account information corresponding to the hardware identification code, if so, the operation is finished, and if not, the first updating module is executed;
the first updating module is used for updating the current user account information of the network equipment in the mapping relation table into the user account information in the authentication log and recording the time period of using the network equipment by the current user account information;
the second judgment module is used for judging whether the total use time and/or the use frequency of the network equipment used by the current user account information meet a preset threshold value or not, if so, executing the second updating module, and if not, ending the process;
the second updating module changes the equipment user account information corresponding to the network equipment into the current user account information; and
the track recording module is used for recording the historical track of each network device used by each user account information; or recording the historical track of each user account information using each network device.
The embodiment of the invention also provides a network equipment association device based on the log, which comprises:
a processor;
a memory having stored therein executable instructions of the processor;
wherein the processor is configured to perform the steps of the log-based network device association method described above via execution of the executable instructions.
Embodiments of the present invention also provide a computer-readable storage medium for storing a program, which when executed, implements the steps of the above-mentioned log-based network device association method.
The invention aims to provide a log-based network equipment association method, a log-based network equipment association system, a log-based network equipment association device and a log-based storage medium, which can ensure automatic update of the use relationship of network equipment, greatly reduce deployment work and guarantee troubleshooting work of desktop engineers and obviously reduce operation cost.
Drawings
Other features, objects and advantages of the present invention will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, with reference to the accompanying drawings.
FIG. 1 is a flow chart of a log-based network device association method of the present invention.
Fig. 2 and 3 are schematic diagrams of implementation processes of the log-based network device association method of the present invention.
FIG. 4 is a block diagram of the log-based network device association system of the present invention.
Fig. 5 is a schematic structural diagram of a log-based network device association device of the present invention. And
fig. 6 is a schematic structural diagram of a computer-readable storage medium according to an embodiment of the present invention.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The same reference numerals in the drawings denote the same or similar structures, and thus their repetitive description will be omitted.
FIG. 1 is a flow chart of a log-based network device association method of the present invention. As shown in fig. 1, an embodiment of the present invention provides a log-based network device association method, including the following steps:
s110, providing a plurality of network devices with unique hardware identification codes, and establishing a mapping relation table in the server, wherein the mapping relation table comprises mapping relations between each network device and corresponding hardware identification codes and device user account information preset by the network devices. Preferably, the hardware identification code is a MAC address in the network device, but not limited thereto.
S120, receiving the authentication logs from each network device, and performing log analysis to obtain user account information and hardware identification codes of the current network device.
S130, judging whether the user account information in the authentication log is matched with the equipment user account information corresponding to the hardware identification code, if so, finishing, and if not, executing the step S140.
S140, updating the current user account information of the network equipment in the mapping relation table into the user account information in the authentication log, and recording the time period when the current user account information uses the network equipment.
S150, judging whether the total use time and/or the use frequency of the network equipment used by the current user account information meet a preset threshold value, if so, executing the step S160, and if not, ending the step.
And S160, changing the device user account information corresponding to the network device into the current user account information. And
and S170, recording the historical track of each network device used by the account information of each user. Or recording the historical track of each user account information using each network device.
S180, end
In a preferred embodiment, the server includes a preset authenticated user pool, and in step S120, it is determined whether the user account information included in the authentication log from the network device hits the user account information in the preset authenticated user pool, if yes, step S130 is executed, and if not, the process is ended, but not limited thereto.
In a preferred embodiment, the server is a local area network server, and each user account information in the authenticated user pool includes a mobile terminal identification number.
After step S130, step S140 further includes determining whether the mobile terminal identification number corresponding to the user account information included in the authentication log hits one of the mobile terminal identification numbers already connected to the lan server, if yes, step S140 is executed, and if not, the process is ended. Because the user carries the mobile phone with him, the user account corresponding to the user logs in the local area network server, the mobile terminal corresponding to the user is necessarily connected to wifi of the local area network server, and the login operation is ensured by the binding detection mode to the owner of the user account, so that the condition that the user operates the user account of other people by impersonation is prevented, but the method is not limited to the situation.
In a preferred embodiment, after step S110 and before step S150, the method further includes counting a maximum time period for using all network devices by the account information of each device user or a frequency of using all network devices in a preset time period, but not limited thereto.
In a preferred embodiment, in step S150, it is determined whether the total duration of the network device used by the current user account information is greater than or equal to the total historical duration of the network device used by the device user account information of the network device, if yes, step S160 is executed, and if not, the process is ended, but not limited thereto.
In a preferred embodiment, in step S150, it is determined whether the frequency of using the network device by the current user account information in the preset time period is greater than or equal to a preset threshold or a preset multiple of the frequency of using the network device by the device user account information of the network device, if yes, step S160 is executed, and if not, the process is ended, but not limited thereto.
In a preferred embodiment, the method of performing log analysis to obtain account information of a user using a current network device includes verifying biometric information of the user during a user authentication operation. The user authentication operation includes one of a device login operation, a device unlock operation, and a file access unlock operation for verifying a user account and a password. The verifying the biometric information of the user includes at least one of a user face recognition verification, a user fingerprint verification, a user voiceprint verification, and a user iris verification, but is not limited thereto.
The invention relates to a method for dynamically acquiring the position information of a Personal Computer (PC) by matching switch port data and standardized seat data by using an Internet Protocol (IP) address or a machine access control (Mac) address in an authentication log of the PC of an employee.
Fig. 2 and 3 are schematic diagrams of a second implementation process of the log-based network device association method of the present invention. As shown in fig. 2 and 3, in a self-service office scenario in which multiple persons share a network device, a plurality of network devices having unique hardware identification codes are provided, and a mapping relationship table is established in the server 1, where the mapping relationship table includes mapping relationships between each network device and corresponding hardware identification codes and device user account information preset by the network device, and the hardware identification codes are MAC addresses in the network devices. The device user account information of the MAC address 11 is the user 31, the device user account information of the MAC address 12 is the user 32, and the device user account information of the MAC address 13 is the user 33. The mapping table also contains a binding of each MAC address to a network device: MAC address 11 is bound to computer 21, MAC address 12 is bound to computer 22, and MAC address 13 is bound to computer 23. When the user 34 logs in to his own account using the computer 21, the server 1 obtains an authentication log of the computer 21 including a login authentication operation from the MAC address 11. Because the user account information (user account information of the user 34) included in the login authentication operation does not match the preset device user account information (user account information of the user 31), the current user account information of the MAC address in the mapping relation table is updated to the user account information in the authentication operation, and the time period when the current user account information uses the MAC address is recorded. If the total time of the usage time of the current user account information (user account information of the user 34) using the MAC address exceeds 12 hours in three days, and the device user account information (user account information of the user 31) does not use the MAC address in this period, it is considered that the current user account information occupies the computer 21 corresponding to the MAC address 11, and the device user account information (user account information of the user 31) of the MAC address 11 is changed to the current user account information (user account information of the user 34). Through the process, the history track of each network device used by the account information of each user is recorded. Or recording the historical track of each user account information using each network device.
The invention can unify the agent data of branch companies and headquarters in the whole group by formulating a standardized agent data format, and input the agent data and the switch and port number in the domain in an associated way, the embodiment mode is that one agent number and the agent port number are more than one to one, and the agent digital port number and the switch port number are matched one to one, and the specific key field is designed as follows:
site (city), Location, Floor, Seat number, DPort, Seat number port number, SwitchName, switch name, SwitchPort and switch port number;
site is the meaning of a Site, generally at a city level, so that the definition of the Site is proper by using city names, and the data needs to be encoded and internationalized in consideration of the international strategy of enterprises, so that the encoding specification is that if the Site is a city in China, pinyin is encoded and the initials are written in capital, and if the Site is a city outside the sea, the city English name is used as the encoding, and then the Chinese name and the English name are given as follows:
site_code name_zh name_en
Shanghai shanghai province Shanghai
Edinburgh Edinburgh Edinburgh
Location is the meaning of a region, because a city may have a plurality of office points, so Location needs to be subdivided below the city, enterprise international strategy also needs to be considered, data coding and internationalization need to be realized, and the Location is different from Site coding, because the name of Location is generally very long, the Location cannot be coded by pinyin full spelling or English name, we can select to splice city three-letter code and two key initial letters into five-letter code, each Location is guaranteed to be globally unique, and then the Chinese name and the English name are given, specifically as follows:
location_code site_code name_zh name_en
SHALK Shanghai Shanghai-SOHO building Shanghai-SOHO
EDIFB Edinburgh British Edinburgh Edinburgh-Fountainbridge
Floor means, because a plurality of buildings may exist in one office, a building number needs to be brought in front of a Floor, and if a specific Floor number is a single digit number, zero padding processing is performed, and the specific form is as follows: 2#02F,12# 10F;
the Seat in the standardized Seat is defined in a standardized way, the Seat is the meaning of the Seat, the Seat needs to be only ensured under the same Location, the existing Seat can be directly used for coding because the existing Seat can be numbered in various places, and if the position without the code exists, the Seat can be defined according to the following format, such as: 2#02F011,12#10F 188;
DPort is the meaning of a digital port, which is matched with a switch name + a switch port one by one, so that it is necessary to make the whole company unique, the policy given by us is Location + Floor + dxx, XXX is a plurality of numbers in the actual situation, according to the actual situation, the number of digital ports owned by one Floor is defined, it is necessary to ensure that the number of digits of ports under the same Location and Floor are consistent, and the number of unsatisfied digits is processed in a zero-padding manner, such as: SHAK-1 #01F-D016, SHAK-12 # 03F-222;
the SwitchName is the meaning of the switch name, and may be directly the hostname of the network switch, specifically as follows: SWI1234HW5700, SWI5678CS 2960;
the SwitchPort means a switch port, and may directly take the actual port number of the network switch as a full name, specifically as follows: GigabitEthernet0/0/1, FastEthernet 0/16;
the normalized complete agent data is specifically as follows:
Figure BDA0002855109330000091
consuming a log with an IP address or an MAC address of a PC, developing a set of program for consuming the log, matching an arp table and a cam table in a switch management system by using the IP address or the MAC address, and acquiring two key data of a switch name and a switch port;
directly carrying out one-to-one matching on the acquired port information of the switch and standardized Seat data, acquiring Seat data corresponding to a PC (personal computer), generating log data for performing database dropping operation, and simultaneously updating the matching times of the PC and Location + Seat + 1;
the log data format is as follows:
PcName Location Seat Log Time Create Time
the log times statistic format is as follows (where Flag is used to mark whether this pairing relationship has aged, Update Time is the log Time of the last match of the PC with the agent):
PcName Location Seat LogCount Flag Create Time Update Time
according to the statistical data of the matching times of the PcName and the Location + Seat, the most PC-related seats can be counted by taking the times as dimensions, and the last PC-located Seat can also be counted by starting from Update Time;
after the PC is moved and positioned, the last used agent model data can be quickly reacted and reflected, and the most used model data needs a long time to react, because the old agent has been used for a long time, the new agent needs the same time length under the same user PC log consumption scene to push away the original most used agent, so that problems can occur when the downstream needs to know the most models of the effective agents recently used by the staff under certain scenes. Therefore, the regular aging operation needs to be performed on the statistical data of the matching times, and the specific strategy is as follows:
when the seats with the most PC relevance have no relevance records for more than 5 days;
and the number of associations of new agents recently associated by the PC has exceeded 5
And the last time of association of the new seat recently associated by the PC is within 5 days;
aging the statistical data of the agent times with the most PC relevance;
once the PC is associated with the original seat, the aging state is recovered to be a normal state, and election is added;
the method for acquiring the seat position information of the PC does not depend on an asset manager or an IT department staff to record the position of the PC, and does not need to update new seat information into a manually recorded table after the position of the PC is changed.
When the position of a certain device needs to be inquired for an asset or IT, the position of the certain device only needs to be searched in a system according to the name of the device, not only the last time that the PC is matched with the seat information can be obtained, but also the most recently matched seat information can be obtained, even detailed data of the matched seat can be obtained, the time is accurate to the hour, the minute and the second, and the experience is that one piece of data cannot be compared through manual recording. When the whole checking is needed in the middle or at the end of the year, only the equipment name list needing checking is required to be imported into the system, detailed data can be automatically generated, the matched seats are what, and the last matching time is when, the detailed data can be clear at a glance, and then the manual recheck can be carried out on the PC which is not associated with the seats for a long time, so that the PC registration of each floor one by one is completely unnecessary, and the workload and the complexity of related work are greatly reduced.
FIG. 4 is a block diagram of the log-based network device association system of the present invention. As shown in fig. 4, an embodiment of the present invention further provides a log-based network device association system, which is configured to implement the above-mentioned log-based network device association method, where the log-based network device association system 5 includes:
the mapping relationship module 51 provides a plurality of network devices having unique hardware identification codes, and establishes a mapping relationship table in the server, where the mapping relationship table includes mapping relationships between each network device and corresponding hardware identification codes and device user account information preset by the network device.
And the authentication operation module 52 receives the authentication logs from each network device, and performs log analysis to obtain the user account information and the hardware identification code of the current network device.
The first determining module 53 determines whether the user account information in the authentication log matches the device user account information corresponding to the hardware identification code, if so, the process is ended, and if not, the first updating module is executed.
The first updating module 54 updates the current user account information of the network device in the mapping relationship table to the user account information in the authentication log, and records a time period when the current user account information uses the network device.
The second determination module 55 determines whether the total usage duration and/or the usage frequency of the network device using the current user account information satisfy a preset threshold, if so, executes the second update module, and if not, ends the process.
The second updating module 56 changes the device user account information corresponding to the network device into the current user account information. And
and the track recording module 57 records the historical track of each network device used by the account information of each user. Or recording the historical track of each user account information using each network device.
The invention can ensure the automatic update of the use relationship of the network equipment, greatly reduce the deployment work and the guarantee troubleshooting work of desktop engineers and obviously reduce the operation cost.
The embodiment of the invention also provides log-based network equipment association equipment, which comprises a processor. A memory having stored therein executable instructions of the processor. Wherein the processor is configured to perform the steps of the log-based network device association method via execution of the executable instructions.
As described above, the embodiment can ensure automatic update of the use relationship of the network device, greatly reduce deployment work and guarantee troubleshooting work of desktop engineers, and significantly reduce operation cost.
As will be appreciated by one skilled in the art, aspects of the present invention may be embodied as a system, method or program product. Thus, various aspects of the invention may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" platform.
Fig. 5 is a schematic structural diagram of a log-based network device association device of the present invention. An electronic device 600 according to this embodiment of the invention is described below with reference to fig. 5. The electronic device 600 shown in fig. 5 is only an example and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 5, the electronic device 600 is embodied in the form of a general purpose computing device. The components of the electronic device 600 may include, but are not limited to: at least one processing unit 610, at least one memory unit 620, a bus 630 connecting the different platform components (including the memory unit 620 and the processing unit 610), a display unit 640, etc.
Wherein the storage unit stores program code executable by the processing unit 610 to cause the processing unit 610 to perform steps according to various exemplary embodiments of the present invention described in the above-mentioned electronic prescription flow processing method section of the present specification. For example, processing unit 610 may perform the steps as shown in fig. 1.
The storage unit 620 may include readable media in the form of volatile memory units, such as a random access memory unit (RAM)6201 and/or a cache memory unit 6202, and may further include a read-only memory unit (ROM) 6203.
The memory unit 620 may also include a program/utility 6204 having a set (at least one) of program modules 6205, such program modules 6205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 630 may be one or more of several types of bus structures, including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 600 may also communicate with one or more external devices 700 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 600, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 600 to communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 650. Also, the electronic device 600 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the Internet) via the network adapter 660. The network adapter 660 may communicate with other modules of the electronic device 600 via the bus 630. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device 600, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage platforms, to name a few.
The embodiment of the invention also provides a computer readable storage medium for storing a program, and the steps of the log-based network device association method are realized when the program is executed. In some possible embodiments, the aspects of the present invention may also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps according to various exemplary embodiments of the present invention described in the above-mentioned electronic prescription flow processing method section of this specification, when the program product is run on the terminal device.
As shown above, when the program of the computer-readable storage medium of this embodiment is executed, the deployment work and the guarantee troubleshooting work of the desktop engineer are greatly reduced by ensuring the automatic update of the usage relationship of the network device, and the operation cost is obviously reduced.
Fig. 6 is a schematic structural diagram of a computer-readable storage medium of the present invention. Referring to fig. 6, a program product 800 for implementing the above method according to an embodiment of the present invention is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present invention is not limited in this regard and, in the present document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable storage medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable storage medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
In summary, the present invention is directed to provide a method, a system, a device and a storage medium for associating network devices based on logs, which can ensure automatic update of a usage relationship of the network devices, greatly reduce deployment work and troubleshooting work of desktop engineers, and significantly reduce operation cost.
The foregoing is a more detailed description of the invention in connection with specific preferred embodiments and it is not intended that the invention be limited to these specific details. For those skilled in the art to which the invention pertains, several simple deductions or substitutions can be made without departing from the spirit of the invention, and all shall be considered as belonging to the protection scope of the invention.

Claims (10)

1. A log-based network device association method is characterized by comprising the following steps:
s110, providing a plurality of network devices with unique hardware identification codes, and establishing a mapping relation table in a server, wherein the mapping relation table comprises mapping relations between each network device, the corresponding hardware identification codes and device user account information preset by the network devices;
s120, receiving the authentication logs from each network device, and analyzing the logs to obtain user account information and hardware identification codes of the current network device;
s130, judging whether the user account information in the authentication log is matched with the equipment user account information corresponding to the hardware identification code, if so, finishing, and if not, executing the step S140;
s140, updating the current user account information of the network equipment in the mapping relation table into the user account information in the authentication log, and recording the time period when the current user account information uses the network equipment;
s150, judging whether the total use time and/or the use frequency of the network equipment used by the current user account information meet a preset threshold value, if so, executing the step S160, and if not, ending the step;
s160, changing the device user account information corresponding to the network device into the current user account information; and
s170, recording the historical track of each network device used by each user account information; or recording the historical track of each user account information using each network device.
2. The log-based network device association method of claim 1, wherein: the server includes a preset authenticated user pool, and in step S120, it is determined whether user account information included in the authentication log from the network device hits user account information in the preset authenticated user pool, if yes, step S130 is executed, and if not, the process is ended.
3. The log-based network device association method of claim 2, wherein: the server is a local area network server, and each user account information in the authentication user pool comprises a mobile terminal identification number;
after step S130, step S140 may further include determining whether the mobile terminal identification number corresponding to the user account information included in the authentication log hits one of the mobile terminal identification numbers already connected to the lan server, if yes, step S140 is executed, and if not, the process is ended.
4. The log-based network device association method of claim 1, wherein: after step S110 and before step S150, the method further includes counting a longest time period for each piece of device user account information to use all the network devices or a frequency for using all the network devices in a preset time period.
5. The log-based network device association method of claim 4, wherein: in the step S150, it is determined whether the total usage duration of the current user account information using the network device is greater than or equal to the total historical usage duration of the device user account information using the network device, if yes, step S160 is executed, and if not, the process is ended.
6. The log-based network device association method of claim 1, wherein: in the step S150, it is determined whether the frequency of the current user account information using the network device in a preset time period is greater than or equal to a preset threshold or a preset multiple of the frequency of the device user account information using the network device, if yes, step S160 is executed, and if not, the process is ended.
7. The log-based network device association method of claim 1, wherein: the method for obtaining the user account information using the current network equipment by log analysis comprises the steps of verifying the biological information of the user during the user authentication operation;
the user authentication operation comprises one of equipment login operation, equipment unlocking operation and file access unlocking operation for verifying a user account and a password;
the verification of the user biological information comprises at least one of user face identification verification, user fingerprint verification, user voiceprint verification and user iris verification.
8. A log-based network device association system for implementing the log-based network device association method of claim 1, comprising:
the mapping relation module is used for providing a plurality of network devices with unique hardware identification codes, and establishing a mapping relation table in the server, wherein the mapping relation table comprises the mapping relation between each network device and the corresponding hardware identification code as well as equipment user account information preset by the network device;
the authentication operation module receives the authentication logs from each network device, and performs log analysis to obtain user account information and hardware identification codes of the current network device;
a first judging module, configured to judge whether the user account information in the authentication log matches the device user account information corresponding to the hardware identification code, if yes, ending the process, and if not, executing step S140;
the first updating module is used for updating the current user account information of the network equipment in the mapping relation table into the user account information in the authentication log and recording the time period of using the network equipment by the current user account information;
a second judgment module, configured to judge whether a total usage duration and/or a usage frequency of the network device used by the current user account information satisfy a preset threshold, if yes, execute step S160, and if not, end the process;
the second updating module changes the equipment user account information corresponding to the network equipment into the current user account information; and
the track recording module is used for recording the historical track of each network device used by each user account information; or recording the historical track of each user account information using each network device.
9. A log-based network device association apparatus, comprising:
a processor;
a memory having stored therein executable instructions of the processor;
wherein the processor is configured to perform the steps of the log-based network device association method of any of claims 1 to 7 via execution of the executable instructions.
10. A computer readable storage medium storing a program which when executed performs the steps of the log based network device association method of any of claims 1 to 7.
CN202011542780.4A 2020-12-23 2020-12-23 Log-based network device association method, system, device and storage medium Active CN112737825B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011542780.4A CN112737825B (en) 2020-12-23 2020-12-23 Log-based network device association method, system, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011542780.4A CN112737825B (en) 2020-12-23 2020-12-23 Log-based network device association method, system, device and storage medium

Publications (2)

Publication Number Publication Date
CN112737825A true CN112737825A (en) 2021-04-30
CN112737825B CN112737825B (en) 2022-12-02

Family

ID=75604720

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011542780.4A Active CN112737825B (en) 2020-12-23 2020-12-23 Log-based network device association method, system, device and storage medium

Country Status (1)

Country Link
CN (1) CN112737825B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113271315A (en) * 2021-06-08 2021-08-17 工银科技有限公司 Virtual private network abnormal use detection method and device and electronic equipment
CN113890821A (en) * 2021-09-24 2022-01-04 绿盟科技集团股份有限公司 Log association method and device and electronic equipment
WO2022268226A1 (en) * 2021-06-25 2022-12-29 联洲集团有限公司 Client identification method and apparatus, and storage medium and network device
CN115794836A (en) * 2023-01-09 2023-03-14 北京数势云创科技有限公司 ID making-up method and device based on graph network, electronic device and storage medium
CN116595235A (en) * 2023-05-15 2023-08-15 重庆市敏城电子有限公司 Communication control method and device of network filter and electronic equipment
CN117255031A (en) * 2023-11-17 2023-12-19 广东广宇科技发展有限公司 Network communication authentication method based on multiple mapping

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110093923A1 (en) * 2009-10-16 2011-04-21 Herman Yau System and method for access control of network devices across multi-platform access lists
CN103365893A (en) * 2012-03-31 2013-10-23 百度在线网络技术(北京)有限公司 Method and device for searching individual information of user
CN103873454A (en) * 2012-12-18 2014-06-18 中国移动通信集团山东有限公司 Authentication method and equipment
US9231962B1 (en) * 2013-11-12 2016-01-05 Emc Corporation Identifying suspicious user logins in enterprise networks
WO2016119275A1 (en) * 2015-01-30 2016-08-04 深圳市华傲数据技术有限公司 Network account identifying and matching method
CN107295067A (en) * 2017-05-26 2017-10-24 北京京东尚科信息技术有限公司 Across the method and apparatus of screen identification user
CN107526581A (en) * 2016-07-28 2017-12-29 腾讯科技(深圳)有限公司 Data update notifying method and device
CN107633386A (en) * 2017-09-21 2018-01-26 携程旅游信息技术(上海)有限公司 Management method, system, equipment and the storage medium of network terminal information
CN108471398A (en) * 2018-02-01 2018-08-31 四川大学 A kind of network device management method and system
CN108494799A (en) * 2018-04-18 2018-09-04 家园网络科技有限公司 data sharing method and system
CN109040146A (en) * 2018-10-25 2018-12-18 平安科技(深圳)有限公司 Account logs in authorization method, server, computer equipment and storage medium
CN112104663A (en) * 2020-10-30 2020-12-18 上海连尚网络科技有限公司 Method and equipment for managing login user and user equipment

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110093923A1 (en) * 2009-10-16 2011-04-21 Herman Yau System and method for access control of network devices across multi-platform access lists
CN103365893A (en) * 2012-03-31 2013-10-23 百度在线网络技术(北京)有限公司 Method and device for searching individual information of user
CN103873454A (en) * 2012-12-18 2014-06-18 中国移动通信集团山东有限公司 Authentication method and equipment
US9231962B1 (en) * 2013-11-12 2016-01-05 Emc Corporation Identifying suspicious user logins in enterprise networks
WO2016119275A1 (en) * 2015-01-30 2016-08-04 深圳市华傲数据技术有限公司 Network account identifying and matching method
CN107526581A (en) * 2016-07-28 2017-12-29 腾讯科技(深圳)有限公司 Data update notifying method and device
CN107295067A (en) * 2017-05-26 2017-10-24 北京京东尚科信息技术有限公司 Across the method and apparatus of screen identification user
CN107633386A (en) * 2017-09-21 2018-01-26 携程旅游信息技术(上海)有限公司 Management method, system, equipment and the storage medium of network terminal information
CN108471398A (en) * 2018-02-01 2018-08-31 四川大学 A kind of network device management method and system
CN108494799A (en) * 2018-04-18 2018-09-04 家园网络科技有限公司 data sharing method and system
CN109040146A (en) * 2018-10-25 2018-12-18 平安科技(深圳)有限公司 Account logs in authorization method, server, computer equipment and storage medium
CN112104663A (en) * 2020-10-30 2020-12-18 上海连尚网络科技有限公司 Method and equipment for managing login user and user equipment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
屈德建等: "电力信息网络中IP地址状态管理及终端台账自动更新方法", 《电子技术与软件工程》 *
章思宇等: "统一身份认证日志集中管理与账号风险检测", 《东南大学学报(自然科学版)》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113271315A (en) * 2021-06-08 2021-08-17 工银科技有限公司 Virtual private network abnormal use detection method and device and electronic equipment
WO2022268226A1 (en) * 2021-06-25 2022-12-29 联洲集团有限公司 Client identification method and apparatus, and storage medium and network device
CN113890821A (en) * 2021-09-24 2022-01-04 绿盟科技集团股份有限公司 Log association method and device and electronic equipment
CN113890821B (en) * 2021-09-24 2023-11-17 绿盟科技集团股份有限公司 Log association method and device and electronic equipment
CN115794836A (en) * 2023-01-09 2023-03-14 北京数势云创科技有限公司 ID making-up method and device based on graph network, electronic device and storage medium
CN115794836B (en) * 2023-01-09 2023-06-09 北京数势云创科技有限公司 ID (identity) opening method and device based on graph network, electronic setting and storage medium
CN116595235A (en) * 2023-05-15 2023-08-15 重庆市敏城电子有限公司 Communication control method and device of network filter and electronic equipment
CN116595235B (en) * 2023-05-15 2024-01-30 重庆市敏城电子有限公司 Communication control method and device of network filter and electronic equipment
CN117255031A (en) * 2023-11-17 2023-12-19 广东广宇科技发展有限公司 Network communication authentication method based on multiple mapping
CN117255031B (en) * 2023-11-17 2024-02-09 广东广宇科技发展有限公司 Network communication authentication method based on multiple mapping

Also Published As

Publication number Publication date
CN112737825B (en) 2022-12-02

Similar Documents

Publication Publication Date Title
CN112737825B (en) Log-based network device association method, system, device and storage medium
US20030074585A1 (en) Method for supporting single sign on
CN111651784A (en) Log desensitization method, device, equipment and computer readable storage medium
CN111340402B (en) Group insurance service management method, system, device and storage medium
CN109376873B (en) Operation and maintenance method, operation and maintenance device, electronic equipment and computer readable storage medium
CN107633386B (en) Method, system, equipment and storage medium for managing network terminal information
WO2022073508A1 (en) Method and device for voice information entry, electronic device, and storage medium
CN112751976B (en) Agent association method, system, equipment and storage medium based on authentication log
CN107944293A (en) Fictitious assets guard method, system, equipment and storage medium
CN110837635A (en) Method, device, equipment and storage medium for equipment verification
CN112445775A (en) Fault analysis method, device, equipment and storage medium of photoetching machine
CN109754224A (en) Organizational affiliation map construction method, apparatus and computer storage medium
CN112258197A (en) Account management method, device, terminal and storage medium based on artificial intelligence
CN110442466B (en) Method, device, computer equipment and storage medium for preventing repeated access request
CN109739724B (en) Data monitoring method, system, electronic device and storage medium
CN112867148B (en) Positioning method and system for employee seat, electronic device and storage medium
JP2020087129A (en) Entry management system and entry management method
CN114493901A (en) Data access application processing method and device, computer equipment and storage medium
CN112637378B (en) User-based network address association method, system, device and storage medium
CN114418641A (en) Automatic dispatching method and device for stock customer access work order and electronic equipment
CN114331661A (en) Data verification method and device, electronic equipment and storage medium
CN114240677A (en) Medical data risk identification method and device, electronic equipment and storage medium
CN113946601A (en) Personnel data query method, device, equipment and storage medium
CN114281849B (en) Data query method and device
CN111800409A (en) Interface attack detection method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant