CN113765750A - Non-invasive system survival monitoring system - Google Patents
Non-invasive system survival monitoring system Download PDFInfo
- Publication number
- CN113765750A CN113765750A CN202111041690.1A CN202111041690A CN113765750A CN 113765750 A CN113765750 A CN 113765750A CN 202111041690 A CN202111041690 A CN 202111041690A CN 113765750 A CN113765750 A CN 113765750A
- Authority
- CN
- China
- Prior art keywords
- service
- module
- monitoring
- application service
- monitored
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/50—Testing arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/04—Processing captured monitoring data, e.g. for logfile generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0817—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Health & Medical Sciences (AREA)
- Data Mining & Analysis (AREA)
- Environmental & Geological Engineering (AREA)
- Debugging And Monitoring (AREA)
Abstract
The present invention relates to a monitoring system, and more particularly to a non-invasive system survival monitoring system. It is an object of the present invention to provide a system for monitoring survival that is low cost and non-invasive. A non-invasive system survival monitoring system comprises a timing task scheduling module, a communication connection establishing module, a detection request sending module and the like; the service state judging module and the abnormal alarming module; a timing task scheduling module: scheduling monitoring tasks at regular time; communication connection establishes the module: establishing a connection with the monitored service; a probe request sending module: for constructing a probe request packet and sending the request packet to the monitored service. The monitored application only carries out normal business service response in the monitoring process, and has no program intrusion on the monitored application service.
Description
Technical Field
The present invention relates to a monitoring system, and more particularly to a non-invasive system survival monitoring system.
Background
At present, an IT information technology is in a high-speed development state, application services become a center of the Internet era, the operation of each key node of the Internet era is borne, one-time calling of a front end can often trigger dozens of or even hundreds of times of calling of a plurality of background services, and the continuous and uninterrupted operation of the services is the most basic and one of the most important parts in an operation and maintenance system. The technology for monitoring the service survival state similar to the technology of the invention at present is that the application service to be monitored sends heartbeat and state packets to the monitoring service regularly or irregularly, if the heartbeat data is not received for a period of time, the agent is considered to have a problem probably.
In the prior art, a heartbeat packet is sent to a monitoring service by a monitored application service, and a reply message returned by the monitoring service is received to judge the state of the monitored application service. In practice, it is found that in the prior art, monitored application services need to be code-embedded, a heartbeat function is increased, certain intrusiveness is achieved, and the operation cost may be higher for an online environment.
There is therefore a need to develop a system for monitoring survival that is cost effective and non-invasive.
Disclosure of Invention
In order to overcome the disadvantages of certain invasiveness and high operation cost for the online environment, the technical problems are as follows: a system for monitoring the survival of a system is provided which is low cost and non-invasive.
The technical scheme is as follows: a non-invasive system survival monitoring system comprises a timing task scheduling module, a communication connection establishing module, a detection request sending module, a service state judging module and an abnormal alarm module; a timing task scheduling module: scheduling monitoring tasks at regular time; communication connection establishes the module: establishing a connection with the monitored service; a probe request sending module: for constructing a probe request packet and sending the request packet to the monitored service. A service state judgment module: for determining the status of the service; an abnormality alarm module: and when the abnormity is detected, alarming in time to inform operation and maintenance personnel.
Optionally, a monitoring service is further included, as a special application service, the monitoring service establishes a communication connection with the monitored application service through a built-in communication connection establishment module.
Optionally, the system for monitoring the application service state further comprises a standby monitoring service, and the monitoring service and the standby service cooperate in a hot standby mode. The monitoring service establishes communication connection with the standby monitoring service through the communication connection establishing module.
Optionally, the method further includes that the monitoring service actively detects the survival status of the application service, the monitoring service establishes a communication connection with the monitored application service, and respectively requests different information of the monitored application service, and the monitored application service returns response information or does not return information.
Optionally, a special application service for monitoring is also included, the service including: the timing module is used for sending a monitoring detection instruction at regular time; the communication connection establishing module is used for establishing connection with the monitored application service; and the state analyzing and judging module is used for analyzing the information responded by the monitored application service and judging the state of the application service.
Optionally, the system further includes a mechanism for determining and monitoring the state of the application service, and the state of each current module of the application service is determined by formulating module information of the application service acquired from each module address of the application service, so as to evaluate and determine the overall state of the application service.
Optionally, the system for monitoring the application service state is further included, the monitoring system includes a standby service, and the monitoring service domain standby service cooperates with the monitoring service domain standby service in a hot standby mode.
The invention has the following advantages:
the monitored application only carries out normal business service response in the monitoring process, does not have any program intrusion to the monitored application service, does not need to carry out additional program development and program maintenance on the monitored application service, and further reduces the development cost and the maintenance cost of the application service for most of the application services.
Drawings
Fig. 1 is a monitoring service workflow diagram.
FIG. 2 is a flow chart of a state resolution determination module.
Fig. 3 is a flow chart of monitoring application service system operation.
Fig. 4 is a flow chart of information interaction between a monitoring service and a standby monitoring service.
Fig. 5 is a flow chart of the backup monitoring service when a monitoring service is out of order.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example 1
A non-invasive system survival monitoring system, as shown in fig. 1-2, includes a timed task scheduling module, a communication connection establishing module, a detection request sending module, a service status judging module and an abnormal alarm module; a timing task scheduling module: scheduling monitoring tasks at regular time; communication connection establishes the module: establishing a connection with the monitored service; a probe request sending module: for constructing a probe request packet and sending the request packet to the monitored service. A service state judgment module: for determining the status of the service; an abnormality alarm module: and when the abnormity is detected, alarming in time to inform operation and maintenance personnel.
The monitored service in the invention is a web service providing HTTP access to the outside, and a plurality of services can be operated on one host computer and distinguished by IP addresses and port numbers. The communication between the monitoring service and the monitored service can adopt a wired or wireless communication mode, and the wired communication mode comprises but is not limited to Ethernet and MODEM communication; wireless communication means include, but are not limited to: WIFI, 2G, 3G, 4G and 5G. No matter what communication method is adopted, the communication between the monitoring service and the monitored service can be realized.
A timing task scheduling module: after a scheduling period is appointed for a global timing task module, the timing scheduling module can perform monitoring task scheduling execution; communication connection establishes the module: establishing connection with the monitored service according to the connection service type provided by the monitored service; a probe request sending module: the module acquires a protocol, a domain name or an IP address, a port, a service address and the like used by the monitored service from a database to construct a detection request packet and sends the detection request packet to the detected service; a service state judgment module: and judging the current state of the application service according to the information returned by the monitored service and by combining with a judgment rule, wherein the judgment rule comprises timeout, 404, 200, 50X, response time and the like. An abnormality alarm module: and after the service state judgment module judges that the abnormal condition exists, prompting the abnormal condition with striking red on a monitoring system interface immediately, inquiring related operation and maintenance personnel and sending abnormal alarm information.
Example 2
On the basis of embodiment 1, as shown in fig. 3, a monitoring service is further included, as a special application service, and the monitoring service establishes a communication connection with the monitored application service through a built-in communication connection establishment module.
When the monitoring service establishes communication connection with the application service to be monitored through the built-in communication connection establishing module, the timing module sends detection requests of different types and different addresses to the application service to be monitored at regular time, and the state analyzing and judging module acquires information of each module of the application service from the address of each module of the application service to judge the current state of each module of the application service, so that the overall state of the application service is evaluated and judged. For example, the address of the login page is requested, and whether basic equipment such as a gateway of the application service is normal or not can be judged; the verification code is requested to obtain an address, and whether a background control system and a cache system of the application service are normal or not can be judged; the request for the order list address may determine whether the database in communication with the application service is normal.
Example 3
On the basis of embodiment 2, as shown in fig. 4, a system for monitoring the application service state is further included, which includes a standby monitoring service, and the monitoring service and the standby service cooperate in a hot standby manner. The monitoring service establishes communication connection with the standby monitoring service through the communication connection establishing module.
When the monitoring service is successfully connected with the standby monitoring service through the communication connection establishing module, the monitoring service sends a monitoring service survival information packet to the standby monitoring service, the standby monitoring service returns service survival information to the monitoring service, the monitoring service monitors and judges the received service survival information, if the survival information is normally received, the standby service is alive, otherwise, the standby service has a problem, needs to give an alarm to inform operation and maintenance personnel, and can detect and monitor the survival state of the main monitoring service.
Example 4
Based on embodiment 3, as shown in fig. 5, a method for actively detecting the survival status of the application service by the monitoring service is further included, the monitoring service establishes a communication connection with the monitored application service, and respectively requests different information of the monitored application service, and the monitored application service returns response information or does not return information.
Also included are special application services for monitoring, including: the timing module is used for sending a monitoring detection instruction at regular time; the communication connection establishing module is used for establishing connection with the monitored application service; and the state analyzing and judging module is used for analyzing the information responded by the monitored application service and judging the state of the application service.
The system also comprises a mechanism for judging and monitoring the state of the application service, and the state of each current module of the application service is judged by formulating the information of each module of the application service acquired from each module address of the application service, so that the overall state of the application service is evaluated and judged.
The system for monitoring the application service state comprises a standby service, and the standby service of the monitoring service domain is matched in a hot standby mode.
The invention can find some possible safety problems by analyzing the information responded by the application service, and the specific analysis method mainly comprises the following steps: the monitored service returns service software information used by the monitored service, including the type and version of the service software, inquires the version and the safety risk list of the service software, and can know the possible safety risk of the monitored service; the monitored service returns cookie information currently set by the monitored service, for some application services with high security requirements, the cookie needs to be disabled, or the cookie cannot contain some sensitive information, and whether the current service has potential safety hazards can be judged by checking whether the cookie exists or not or whether the cookie contains the sensitive information. The monitored service returns the cache information configured by the monitored service, the real-time request cannot be cached, and whether the current cache setting is reasonable or not can be judged by checking the cache information. Meanwhile, when the monitored application service is abnormal and can not work normally or can not work normally, the abnormal state of the monitored application service can be reported to operation and maintenance personnel, the operation and maintenance personnel can know the abnormal information of the monitored application service conveniently, and the application service can be recovered quickly.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (7)
1. A non-invasive system survival monitoring system, characterized by: the system comprises a timing task scheduling module, a communication connection establishing module, a detection request sending module, a service state judging module and an abnormal alarm module; a timing task scheduling module: scheduling monitoring tasks at regular time; communication connection establishes the module: establishing a connection with the monitored service; a probe request sending module: for constructing a probe request packet and sending the request packet to the monitored service. A service state judgment module: for determining the status of the service; an abnormality alarm module: and when the abnormity is detected, alarming in time to inform operation and maintenance personnel.
2. The non-invasive system survival monitoring system according to claim 1, wherein: the monitoring service is used as a special application service, and the monitoring service establishes communication connection with the monitored application service through a built-in communication connection establishing module.
3. A non-invasive system survival monitoring system according to claim 2, wherein: the system for monitoring the application service state comprises a standby monitoring service, and the monitoring service and the standby service are matched in a hot standby mode. The monitoring service establishes communication connection with the standby monitoring service through the communication connection establishing module.
4. A non-invasive system survival monitoring system according to claim 3, wherein: the monitoring service establishes communication connection with the monitored application service, respectively requests different information of the monitored application service, and the monitored application service returns response information or does not return information.
5. The non-invasive system survival monitoring system according to claim 4, wherein: also included are special application services for monitoring, including: the timing module is used for sending a monitoring detection instruction at regular time; the communication connection establishing module is used for establishing connection with the monitored application service; and the state analyzing and judging module is used for analyzing the information responded by the monitored application service and judging the state of the application service.
6. The non-invasive system survival monitoring system according to claim 5, wherein: the system also comprises a mechanism for judging and monitoring the state of the application service, and the state of each current module of the application service is judged by formulating the information of each module of the application service acquired from each module address of the application service, so that the overall state of the application service is evaluated and judged.
7. The non-invasive system survival monitoring system according to claim 6, wherein: the system for monitoring the application service state comprises a standby service, and the standby service of the monitoring service domain is matched in a hot standby mode.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111041690.1A CN113765750A (en) | 2021-09-07 | 2021-09-07 | Non-invasive system survival monitoring system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111041690.1A CN113765750A (en) | 2021-09-07 | 2021-09-07 | Non-invasive system survival monitoring system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113765750A true CN113765750A (en) | 2021-12-07 |
Family
ID=78793310
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111041690.1A Pending CN113765750A (en) | 2021-09-07 | 2021-09-07 | Non-invasive system survival monitoring system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113765750A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114429676A (en) * | 2022-01-27 | 2022-05-03 | 山东纬横数据科技有限公司 | Medical institution disinfection supply room personnel identity and behavior recognition system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1791034A (en) * | 2004-12-13 | 2006-06-21 | 华为技术有限公司 | Detecting method |
CN103926893A (en) * | 2014-04-14 | 2014-07-16 | 浪潮电子信息产业股份有限公司 | Cloud container data center monitoring system |
CN108566317A (en) * | 2018-04-27 | 2018-09-21 | 深信服科技股份有限公司 | Business monitoring method, Cloud Server, storage medium and device |
-
2021
- 2021-09-07 CN CN202111041690.1A patent/CN113765750A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1791034A (en) * | 2004-12-13 | 2006-06-21 | 华为技术有限公司 | Detecting method |
CN103926893A (en) * | 2014-04-14 | 2014-07-16 | 浪潮电子信息产业股份有限公司 | Cloud container data center monitoring system |
CN108566317A (en) * | 2018-04-27 | 2018-09-21 | 深信服科技股份有限公司 | Business monitoring method, Cloud Server, storage medium and device |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114429676A (en) * | 2022-01-27 | 2022-05-03 | 山东纬横数据科技有限公司 | Medical institution disinfection supply room personnel identity and behavior recognition system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1643876B (en) | Method and system for reducing the false alarm rate of network intrusion detection systems | |
JP2004021549A (en) | Network monitoring system and program | |
CN111600863B (en) | Network intrusion detection method, device, system and storage medium | |
EP1890427B1 (en) | A system and method for monitoring the device port state | |
CN104219091A (en) | System and method for network operation fault detection | |
CN102291275A (en) | Server cluster monitoring technology and method | |
CN105045700A (en) | Method for monitoring user experience index of application system in real time | |
JP6220625B2 (en) | Delay monitoring system and delay monitoring method | |
CN113765750A (en) | Non-invasive system survival monitoring system | |
JP2020149390A (en) | Cyber attack detector | |
JP2010198491A (en) | Virtual machine server, and virtual machine network monitoring system using the same | |
CN111131203B (en) | External connection monitoring method and device | |
CN103731315A (en) | Server failure detecting method | |
JP2016197309A (en) | Relay and program | |
CN116055303A (en) | Link monitoring processing method and device, electronic equipment and storage medium | |
CN115174189A (en) | Abnormality detection method, abnormality detection device, electronic apparatus, and storage medium | |
JPH1145195A (en) | Computer system, abnormality detector and recording medium | |
CN110521233A (en) | Network failure discovery | |
JP3757072B2 (en) | Monitoring method of computer constituting network system | |
JP4034436B2 (en) | Client / server system and client operation monitoring method | |
JP5155986B2 (en) | Monitoring system, monitoring method, monitoring program | |
JP2007148477A (en) | Monitoring system | |
JP2020170946A (en) | Data collection status monitoring device, data collection status monitoring program, data collection status monitoring method, and data collection status monitoring system | |
CN113630396B (en) | Method, device and system for processing network security alarm information | |
JP5787730B2 (en) | Device monitoring server, management method, and program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |