CN114490718A - Data output method, data output device, electronic equipment and computer readable medium - Google Patents

Data output method, data output device, electronic equipment and computer readable medium Download PDF

Info

Publication number
CN114490718A
CN114490718A CN202210127838.1A CN202210127838A CN114490718A CN 114490718 A CN114490718 A CN 114490718A CN 202210127838 A CN202210127838 A CN 202210127838A CN 114490718 A CN114490718 A CN 114490718A
Authority
CN
China
Prior art keywords
data
network asset
target
asset data
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210127838.1A
Other languages
Chinese (zh)
Inventor
马晨阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jingdong Technology Information Technology Co Ltd
Original Assignee
Jingdong Technology Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jingdong Technology Information Technology Co Ltd filed Critical Jingdong Technology Information Technology Co Ltd
Priority to CN202210127838.1A priority Critical patent/CN114490718A/en
Publication of CN114490718A publication Critical patent/CN114490718A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/242Query formulation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2453Query optimisation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution

Abstract

The embodiment of the disclosure discloses a data output method, a data output device, an electronic device and a computer readable medium. One embodiment of the method comprises: acquiring initial network asset data and a target data table to be processed, which are sent by a safety system, wherein the initial network asset data comprises: physical machine information of a target physical machine, wherein a target data table stores data information of each network asset data; generating a composite network asset data filtering condition; determining whether the initial network asset data meets a composite network asset data filtering condition; in response to determining that the initial network asset data meets the composite network asset data filtering condition, generating target network asset data corresponding to the initial network asset data and having complete network asset field information according to the physical machine information of the target physical machine and the target data table; and outputting the target network asset data. The embodiment can quickly and efficiently process the acquired data and output the processed data.

Description

Data output method, data output device, electronic equipment and computer readable medium
Technical Field
The embodiment of the disclosure relates to the technical field of computers, in particular to a data output method, a data output device, electronic equipment and a computer readable medium.
Background
Currently, the field of data security often uses an Extract-Transform-Load (ETL) technique to process data in a security system. The data warehouse technology is adopted for integrating the scattered, disordered and non-uniform original data in the business system, and providing analysis basis for the decision of subsequent enterprises. For data processing of raw data, the following methods are generally adopted: and performing data extraction, data cleaning and conversion on the original data of the business system, and outputting the processed data to be loaded to a data warehouse.
However, when the raw data is processed in the above manner, there are often the following technical problems:
part of processing flows in each processing flow for processing the original data of the service system often need to be completed by manual work, so that the problems of complexity and low efficiency exist, the data processing time is long, and the data safety guarantee performance of the safety system is influenced to a great extent.
Disclosure of Invention
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
Some embodiments of the present disclosure propose data output methods, apparatuses, electronic devices, and computer readable media to solve the technical problems mentioned in the background section above.
In a first aspect, some embodiments of the present disclosure provide a data output method, including: acquiring initial network asset data and a target data table to be processed, which are sent by a security system, wherein the initial network asset data comprises: physical machine information of a target physical machine, wherein the target data table stores data information of each network asset data; generating a composite network asset data filtering condition; determining whether the initial network asset data meets the composite network asset data filtering condition; in response to determining that the initial network asset data meets the composite network asset data filtering condition, generating target network asset data corresponding to the initial network asset data and having complete network asset field information according to the physical machine information of the target physical machine and the target data table; and outputting the target network asset data.
Optionally, the method further includes: determining whether to perform data conversion on the initial network asset data in response to determining that the initial network asset data does not satisfy a composite network asset data filtering condition; performing data conversion on the initial network asset data in response to the determination to obtain initial network asset data after the data conversion; and outputting the initial network asset data after the data conversion.
Optionally, the generating the composite network asset data filtering condition includes: acquiring a target configuration file; reading a set of field groups constituting the composite network asset data filtering condition from the target configuration file, wherein each field group in the set of field groups stores at least one condition field constituting the composite network asset data filtering condition, and the condition field types of the condition fields stored in the field groups in the set of field groups are different; and correspondingly combining each condition field corresponding to the field group set to obtain the composite network asset data filtering condition.
Optionally, the generating target network asset data corresponding to the initial network asset data and having complete information of each network asset field according to the physical machine information of the target physical machine and the target data table includes: determining data information corresponding to the physical machine information of the target physical machine from the target data table as target data information; and generating the target network asset data according to the target data information.
Optionally, the generating the target network asset data according to the target data information includes: and in response to the fact that the information vacancy exists in each data field included in the initial network asset data, performing data complementation on the data field with the information vacancy in the initial network asset data according to the target data information to obtain complemented network asset data, wherein the complemented network asset data is used as the target network asset data.
Optionally, the physical machine information includes at least one of: identification information of the target physical machine and an internet protocol address of the target physical machine; and the determining data information corresponding to the physical machine information of the target physical machine from the target data table includes: and determining data information associated with the identification information of the target physical machine and/or the Internet protocol address of the target physical machine from the target data table.
Optionally, the target data table is generated by: connecting a network asset data store; and generating the target data table according to the network asset data in the network asset data repository, wherein the data information in the target data table is updated synchronously with the network asset data in the network asset data repository.
In a second aspect, some embodiments of the present disclosure provide a data output apparatus, including: the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is configured to acquire initial network asset data and a target data table to be processed, which are sent by a security system, and the initial network asset data comprises: physical machine information of a target physical machine, wherein the target data table stores data information of each network asset data; a first generating unit configured to generate a composite network asset data filtering condition; a determining unit configured to determine whether the initial network asset data satisfies the composite network asset data filtering condition; a second generating unit configured to generate target network asset data corresponding to the initial network asset data and having complete field information of each network asset, according to the physical machine information of the target physical machine and the target data table, in response to determining that the initial network asset data satisfies the composite network asset data filtering condition; and the output unit is configured to output the target network asset data.
Optionally, the apparatus further comprises: determining whether to perform data conversion on the initial network asset data in response to determining that the initial network asset data does not satisfy a composite network asset data filtering condition; performing data conversion on the initial network asset data in response to the determination to obtain initial network asset data after the data conversion; and outputting the initial network asset data after the data conversion.
Optionally, the first generating unit may be further configured to: acquiring a target configuration file; reading a set of field groups constituting the composite network asset data filtering condition from the target configuration file, wherein each field group in the set of field groups stores at least one condition field constituting the composite network asset data filtering condition, and the condition field types of the condition fields stored in the field groups in the set of field groups are different; and correspondingly combining each condition field corresponding to the field group set to obtain the composite network asset data filtering condition.
Optionally, the second generating unit may be further configured to: determining data information corresponding to the physical machine information of the target physical machine from the target data table as target data information; and generating the target network asset data according to the target data information.
Optionally, the second generating unit may be further configured to: and in response to the fact that the information vacancy exists in each data field included in the initial network asset data, performing data complementation on the data field with the information vacancy in the initial network asset data according to the target data information to obtain complemented network asset data, wherein the complemented network asset data is used as the target network asset data.
Optionally, the physical machine information includes at least one of: identification information of the target physical machine and an internet protocol address of the target physical machine; the second generation unit may be further configured to: and determining data information associated with the identification information of the target physical machine and/or the Internet protocol address of the target physical machine from the target data table.
Optionally, the target data table is generated by: connecting a network asset data store; and generating the target data table according to the network asset data in the network asset data repository, wherein the data information in the target data table is updated synchronously with the network asset data in the network asset data repository.
In a third aspect, some embodiments of the present disclosure provide an electronic device, comprising: one or more processors; a storage device having one or more programs stored thereon, which when executed by one or more processors, cause the one or more processors to implement the method as described in any of the implementations of the first aspect.
In a fourth aspect, some embodiments of the disclosure provide a computer readable medium having a computer program stored thereon, where the program when executed by a processor implements a method as described in any of the implementations of the first aspect.
The above embodiments of the present disclosure have the following beneficial effects: the data output method of some embodiments of the present disclosure can quickly and efficiently process acquired data and output the processed data. Specifically, the reasons for the inefficient data processing are: part of processing flows in each processing flow for processing the original data of the business system often need to be completed by manual work, so that the problems of complexity and low efficiency exist, and the data processing time is long and the data processing is not efficient enough. Based on this, the data output method of some embodiments of the present disclosure may first obtain initial network asset data and a target data table to be processed, where the initial network asset data is sent by a security system, where the initial network asset data includes: and physical machine information of the target physical machine, wherein the target data table stores data information of each network asset data. Here, a target data table is obtained for subsequent efficient processing of the initial network asset data. Then, generating composite network asset data filtering conditions for filtering the initial network asset data to determine whether the initial network asset data is qualified network asset data. Next, it is determined whether the initial network asset data satisfies the composite network asset data filtering condition for determining whether further generation of target network asset data for the initial network asset data is required. Then, in response to determining that the initial network asset data satisfies the composite network asset data filtering condition, target network asset data corresponding to the initial network asset data and having complete network asset field information can be efficiently generated according to the physical machine information of the target physical machine and the target data table. The target network asset data is generated according to the physical machine information of the target physical machine and the target data table, so that the data processing time can be greatly reduced, and the data security performance of the security system is improved laterally. Finally, the target network asset data can be efficiently output.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and elements are not necessarily drawn to scale.
FIG. 1 is a schematic diagram of one application scenario of a data output method according to some embodiments of the present disclosure;
FIG. 2 is a flow diagram of some embodiments of a data output method according to the present disclosure;
FIG. 3 is a flow chart of further embodiments of a data output method according to the present disclosure;
FIG. 4 is a flow chart of still further embodiments of data output methods according to the present disclosure;
FIG. 5 is a schematic block diagram of some embodiments of a data output device according to the present disclosure;
FIG. 6 is a schematic structural diagram of an electronic device suitable for use in implementing some embodiments of the present disclosure.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it is to be understood that the disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided for a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.
It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings. The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence relationship of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 is a schematic diagram of one application scenario of a data output method according to some embodiments of the present disclosure.
In the application scenario of fig. 1, the electronic device 101 may first obtain the initial network asset data 102 and the target data table 104 to be processed, which are sent by the security system. Wherein the initial network asset data 102 comprises: physical machine information 103 of the target physical machine, and the target data table 104 stores data information of each network asset data. In this application scenario, the data information of each network asset data may include: data information 1041 for first network asset data, data information 1042 for second network asset data, and third network asset data information 1043. The electronic device 101 may then generate composite network asset data filtering conditions. Next, the electronic device 101 may determine whether the initial network asset data 102 satisfies the composite network asset data filtering condition. Then, in response to determining that the initial network asset data 102 satisfies the composite network asset data filtering condition, the electronic device 101 may generate target network asset data 105 corresponding to the initial network asset data 102 and having complete information of each network asset field according to the physical machine information 103 of the target physical machine and the target data table 104. Finally, the electronic device 101 may output the target network asset data 105 described above.
The electronic device 101 may be hardware or software. When the electronic device is hardware, the electronic device may be implemented as a distributed cluster formed by a plurality of servers or terminal devices, or may be implemented as a single server or a single terminal device. When the electronic device is embodied as software, it may be installed in the above-listed hardware devices. It may be implemented, for example, as multiple software or software modules to provide distributed services, or as a single software or software module. And is not particularly limited herein.
It should be understood that the number of electronic devices in fig. 1 is merely illustrative. There may be any number of electronic devices, as desired for implementation.
With continued reference to fig. 2, a flow 200 of some embodiments of a data output method according to the present disclosure is shown. The data output method comprises the following steps:
step 201, acquiring initial network asset data and a target data table to be processed, which are sent by a security system.
In some embodiments, the executing entity (e.g., the electronic device 101 shown in fig. 1) of the data output method may acquire the initial network asset data and the target data table to be processed, which are sent by the security system, through a wired connection or a wireless connection. The security system may be a system for securing network security. The safety system can acquire mass initial network asset data and guarantee the network safety of the corresponding physical machine according to the processed initial network asset data. Network assets can be various targets that can be accessed in a computer (or communication) network. By way of example, the network assets may include, but are not limited to, at least one of: a host, a network device (e.g., a router, switch, etc.), a security device (e.g., a firewall, etc.), an operating system, a website, an internet of things device. The network asset data may be data associated with various targets in the network asset. For example, field information describing the target, home field information of the target, and so on. As another example, the network asset data may include: host field information, public network field information, internal network field information, external network field information, network asset attribution field information, subnet field information and network asset type field information. The initial network asset data comprises: physical machine information of the target physical machine. The target data table stores data information of each network asset data. The data information may be information of each network asset field of the network asset data, and may also be information of a storage location of each network asset field. The data format of the target data table storing the data information of each network asset data may be various formats set in advance. Such as a key-value pair format. The network asset data may be data with complete information of each network asset field. For example, the above-mentioned network asset field information is: "host field information, public network field information, internal network field information, external network field information". Each of the network asset data includes: "corresponding host field information, corresponding public network field information, corresponding internal network field information, and corresponding external network field information". In addition, each network asset field information included in each network asset data respectively meets the corresponding field format. The field format corresponding to each network asset field information in the network asset field information is preset.
Step 202, generating a composite network asset data filtering condition.
In some embodiments, the execution agent may generate composite network asset data filtering conditions. The composite network asset data filtering condition may be a condition for determining whether the initial network asset data is required by a subsequent security system.
As an example, the execution body may first obtain the respective filter condition fields. Then, the execution subject can generate the composite network asset data filtering condition by splicing the filtering condition fields directly.
As an example, the composite network asset data filtering condition is { [ public network field information: a ] and [ subnet field information: b ] }.
Step 203, determining whether the initial network asset data meets the composite network asset data filtering condition.
In some embodiments, the execution agent may determine whether the initial network asset data satisfies the composite network asset data filtering condition.
As an example, the initial network asset data may be: "physical machine information of target physical machine: c, public network field information: a, subnet field information: and B'. The composite network asset data filtering condition is { [ public network field information: a ] and [ subnet field information: b ] }. It may thus be determined that the initial network asset data satisfies the composite network asset data filtering condition.
As yet another example, the initial network asset data may be: "physical machine information of target physical machine: c, public network field information: a, subnet field information: and D'. The composite network asset data filtering condition is { [ public network field information: a ] and [ subnet field information: b ] }. It may thus be determined that the initial network asset data does not satisfy the composite network asset data filtering condition.
And 204, in response to the fact that the initial network asset data meets the composite network asset data filtering condition, generating target network asset data which corresponds to the initial network asset data and is complete in field information of each network asset according to the physical machine information of the target physical machine and the target data table.
In some embodiments, in response to determining that the initial network asset data satisfies the composite network asset data filtering condition, the execution subject may generate target network asset data corresponding to the initial network asset data and having complete network asset field information in various ways according to the physical machine information of the target physical machine and the target data table.
In some optional implementations of some embodiments, the generating target network asset data with complete information of each network asset field corresponding to the initial network asset data according to the physical machine information of the target physical machine and the target data table may include:
first, data information corresponding to the physical machine information of the target physical machine is determined from the target data table as target data information.
For example, the execution subject may determine, as the target data information, data information corresponding to the physical machine information of the target physical machine from the target data table by means of various data information queries.
And secondly, generating the target network asset data according to the target data information.
As an example, the execution principal may determine the target data information as the target network asset data in response to determining that the data information is respective network asset field information of the network asset data.
Optionally, in response to determining that each data field included in the initial network asset data has information vacancy, the execution main body may perform data padding on the data field with information vacancy in the initial network asset data according to the target data information, to obtain padded network asset data, which is used as the target network asset data.
As an example, in response to determining that the data information is each network asset field information of the network asset data, the execution subject may perform data padding on the data field with the vacant information in the initial network asset data according to the target data information to obtain padded network asset data as the target network asset data.
As another example, in response to determining that the data information is storage location information of each network asset field information, the execution subject may call each network asset field information associated with the target data information to perform data padding on data fields with empty information in the initial network asset data, so as to obtain padded network asset data as the target network asset data.
Optionally, the physical machine information includes at least one of: identification information (Id) of the target physical machine, and an Internet Protocol address (IP) of the target physical machine. The execution agent may determine, from the target data table, data information associated with the identification information of the target physical machine and/or the internet protocol address of the target physical machine.
In some optional implementations of some embodiments, the target data table is generated by:
in a first step, a network asset data repository is connected. The asset data storage library stores massive network asset data with complete information of each network asset field.
And secondly, generating the target data table according to the network asset data in the network asset data storage. Wherein, each data information in the target data table is updated synchronously with each network asset data in the network asset data repository.
As an example, the target data table is generated by referring to a data storage format corresponding to the target data table according to each network asset data in the network asset data repository.
And step 205, outputting the target network asset data.
In some embodiments, the execution agent may output the target network asset data in a predetermined manner.
As an example, the execution agent may output the target network asset data in the form of a file.
The above embodiments of the present disclosure have the following beneficial effects: the data output method of some embodiments of the present disclosure can quickly and efficiently process acquired data and output the processed data. Specifically, the reasons for the inefficient data processing are: part of processing flows in each processing flow for processing the original data of the business system often need to be completed by manual work, so that the problems of complexity and low efficiency exist, and the data processing time is long and the data processing is not efficient enough. Based on this, the data output method of some embodiments of the present disclosure may first obtain initial network asset data and a target data table to be processed, where the initial network asset data is sent by a security system, where the initial network asset data includes: and physical machine information of a target physical machine, wherein the target data table stores data information of each network asset data. Here, a target data table is obtained for subsequent efficient processing of the initial network asset data. Then, generating composite network asset data filtering conditions for filtering the initial network asset data to determine whether the initial network asset data is qualified network asset data. Next, it is determined whether the initial network asset data satisfies the composite network asset data filtering condition for determining whether further generation of target network asset data for the initial network asset data is needed. Then, in response to determining that the initial network asset data satisfies the composite network asset data filtering condition, target network asset data corresponding to the initial network asset data and having complete network asset information may be efficiently generated according to the physical machine information of the target physical machine and the target data table. The target network asset data is generated according to the physical machine information of the target physical machine and the target data table, so that the data processing time can be greatly reduced, and the data security performance of the security system is improved laterally. Finally, the target network asset data can be efficiently output.
With further reference to fig. 3, a flow 300 of further embodiments of a data output method according to the present disclosure is shown. The data output method comprises the following steps:
step 301, acquiring initial network asset data and a target data table to be processed, which are sent by a security system.
Step 302, obtain a target configuration file.
In some embodiments, the executing agent (e.g., electronic device 101 shown in fig. 1) may obtain the target profile in a wired manner or a wireless manner. The configuration file is a file preset for the composite network asset data filtering condition.
Step 303, reading the field group set forming the composite network asset data filtering condition from the target configuration file.
In some embodiments, the execution agent may read a set of field groups that constitute the composite network asset data filter criteria from the target configuration file. Wherein each field group in the field group set stores at least one condition field forming the composite network asset data filtering condition, and the condition field types of the condition fields stored between the field groups in the field group set are different.
By way of example, the field group set described above includes: a first field group, a second field group, and a third field group. Wherein, the first field set may be { public network, outer network, inner network }. The second field set may be { "a", "B", "C" }. The third field set may be { "and", "or" }. Thus, it can be obtained that the condition field corresponding to the first field group is a key in the network asset field information. The condition field corresponding to the second field set is a value in the network asset field information. And the condition field corresponding to the third field group is a condition field logical relationship.
And 304, correspondingly combining the condition fields corresponding to the field group set to obtain the composite network asset data filtering condition.
In some embodiments, the execution body may correspondingly combine the condition fields corresponding to the field group set to obtain the composite network asset data filtering condition.
As an example, the first field set is { public, external, internal }. The second field set may be { "a", "B", "C" }. The third field set may be { "and", "or" }. The execution body may combine the "public network" in the first field set with the "a" in the second field set to obtain a first combined result. For example, the first combined result is [ public network: a ]. Similarly, the execution body may combine the "extranet" in the first field set with the "B" in the second field set to obtain a second combined result. For example, the second combined result is [ outer net: b ]. Next, the execution body may combine the "intranet" in the first field set with the "C" in the second field set to obtain a third combination result. For example, the third combined result is [ intranet: c ]. And combining the first combination result, the second combination result and the 'and' in the third field set to obtain a fourth combination result. For example, the fourth combined result is "[ public network: a ] and [ outer net: b ] ". And finally, combining the fourth combination result, the third combination result and the or in the third field group to obtain a fifth combination result which is used as the filtering condition of the composite network asset data. That is, the composite network asset data filtering condition may be: "{ [ public network: a ] and [ outer net: b ] } or [ inner net: c ] ".
Step 305, determining whether the initial network asset data meets the composite network asset data filtering condition.
Step 306, in response to determining that the initial network asset data meets the composite network asset data filtering condition, generating target network asset data corresponding to the initial network asset data and having complete network asset field information according to the physical machine information of the target physical machine and the target data table.
And 307, outputting the target network asset data.
In some embodiments, the detailed implementation of steps 301 and 305 and the technical effect thereof can refer to steps 201 and 202 and 205 in the embodiment corresponding to fig. 2, which are not described herein again.
As can be seen from fig. 3, the specific steps of generating the composite network asset data filtering criteria are highlighted by the flow 300 of the data output method in some embodiments corresponding to fig. 3 compared to the description of some embodiments corresponding to fig. 2. Therefore, the scheme described in the embodiments can realize data filtering of the multi-type condition fields through the generated composite network asset data filtering conditions, and greatly improve the data processing efficiency.
With further reference to fig. 4, a flow 400 of still further embodiments of data output methods according to the present disclosure is shown. The data output method comprises the following steps:
step 401, acquiring initial network asset data and a target data table to be processed, which are sent by a security system.
Step 402, generating composite network asset data filtering conditions.
Step 403, determining whether the initial network asset data meets the composite network asset data filtering condition.
Step 404, in response to determining that the initial network asset data meets the composite network asset data filtering condition, generating target network asset data corresponding to the initial network asset data and having complete information of each network asset field according to the physical machine information of the target physical machine and the target data table.
And step 405, outputting the target network asset data.
In some embodiments, the specific implementation of steps 401 and 405 and the technical effects thereof can refer to step 201 and 205 in the embodiment corresponding to fig. 2, and are not described herein again.
Step 406, in response to determining that the initial network asset data does not satisfy the composite network asset data filtering condition, determining whether to perform data transformation on the initial network asset data.
In some embodiments, in response to determining that the initial network asset data does not satisfy the composite network asset data filtering condition, an executing entity (e.g., the electronic device shown in FIG. 1) may determine whether to data transform the initial network asset data.
As an example, in response to determining that the initial network asset data does not satisfy the composite network asset data filtering condition, the execution principal may determine whether to perform a data format conversion on each network asset field information in the initial network asset data.
Step 407, performing data conversion on the initial network asset data in response to the determination to obtain the initial network asset data after data conversion.
In some embodiments, in response to determining to perform data transformation, the execution subject may perform data transformation on the initial network asset data to obtain the data-transformed initial network asset data.
As an example, in response to determining to perform data conversion, the execution subject may perform data format conversion on part of the network asset field information in each network asset field information in the initial network asset data, so as to obtain the initial network asset data after data conversion.
And step 408, outputting the initial network asset data after the data conversion.
In some embodiments, the execution subject may output the initial network asset data after the data conversion.
As an example, the execution subject may output the initial network asset data after the data conversion in the form of a file.
As can be seen from fig. 4, the flow 400 of the data output method in some embodiments corresponding to fig. 4 highlights the specific steps of data transformation of the initial network asset data in case the initial network asset data does not satisfy the composite network asset data filtering condition, compared to the description of some embodiments corresponding to fig. 2. Thus, the embodiments describe solutions to output the initial network asset data after data conversion quickly and efficiently by performing data conversion on the initial network asset data that does not satisfy the composite network asset data filtering condition.
With further reference to fig. 5, as an implementation of the methods illustrated in the above figures, the present disclosure provides some embodiments of a data output apparatus, which correspond to those of the method embodiments illustrated in fig. 2, and which may be particularly applied in various electronic devices.
As shown in fig. 5, a data output apparatus 500 includes: an acquisition unit 501, a first generation unit 502, a determination unit 503, a second generation unit 504, and an output unit 505. The obtaining unit 501 is configured to obtain initial network asset data and a target data table to be processed, which are sent by a security system, where the initial network asset data includes: physical machine information of a target physical machine, wherein the target data table stores data information of each network asset data; a first generating unit 502 configured to generate a composite network asset data filtering condition; a determining unit 503 configured to determine whether the initial network asset data satisfies the composite network asset data filtering condition; a second generating unit 504 configured to generate target network asset data corresponding to the initial network asset data and having complete field information of each network asset, according to the physical machine information of the target physical machine and the target data table, in response to determining that the initial network asset data satisfies the composite network asset data filtering condition; and an output unit 505 configured to output the target network asset data.
In some optional implementations of some embodiments, the apparatus 500 further includes: a conversion determining unit, a data converting unit, and a data output unit (not shown). Wherein the above conversion determination unit may be configured to: and determining whether to perform data conversion on the initial network asset data in response to determining that the initial network asset data does not satisfy the composite network asset data filtering condition. The data conversion unit may be configured to: and responding to the determination of data conversion, and performing data conversion on the initial network asset data to obtain the initial network asset data after data conversion. The data output unit may be configured to: and outputting the initial network asset data after the data conversion.
In some optional implementations of some embodiments, the first generating unit 502 in the apparatus 500 may be further configured to: acquiring a target configuration file; reading a set of field groups constituting the composite network asset data filtering condition from the target configuration file, wherein each field group in the set of field groups stores at least one condition field constituting the composite network asset data filtering condition, and the condition field types of the condition fields stored in the field groups in the set of field groups are different; and correspondingly combining each condition field corresponding to the field group set to obtain the composite network asset data filtering condition.
In some optional implementations of some embodiments, the second generating unit 504 in the apparatus 500 may be further configured to: determining data information corresponding to the physical machine information of the target physical machine from the target data table as target data information; and generating the target network asset data according to the target data information.
In some optional implementations of some embodiments, the second generating unit 504 in the apparatus 500 may be further configured to: and in response to the fact that the information vacancy exists in each data field included in the initial network asset data, performing data complementation on the data field with the information vacancy in the initial network asset data according to the target data information to obtain complemented network asset data, wherein the complemented network asset data is used as the target network asset data.
In some optional implementations of some embodiments, the physical machine information includes at least one of: identification information of the target physical machine and an internet protocol address of the target physical machine; the second generating unit 504 in the apparatus 500 may be further configured to: and determining data information associated with the identification information of the target physical machine and/or the Internet protocol address of the target physical machine from the target data table.
In some optional implementations of some embodiments, the target data table is generated by: connecting a network asset data store; and generating the target data table according to the network asset data in the network asset data repository, wherein the data information in the target data table is updated synchronously with the network asset data in the network asset data repository.
It will be understood that the elements described in the apparatus 500 correspond to various steps in the method described with reference to fig. 2. Thus, the operations, features and resulting advantages described above with respect to the method are also applicable to the apparatus 500 and the units included therein, and are not described herein again.
Referring now to FIG. 6, a block diagram of an electronic device (e.g., electronic device 101 of FIG. 1)600 suitable for use in implementing some embodiments of the present disclosure is shown. The electronic device shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present disclosure.
As shown in fig. 6, electronic device 600 may include a processing means (e.g., central processing unit, graphics processor, etc.) 601 that may perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage means 608 into a Random Access Memory (RAM) 603. In the RAM603, various programs and data necessary for the operation of the electronic apparatus 600 are also stored. The processing device 601, the ROM 602, and the RAM603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
Generally, the following devices may be connected to the I/O interface 605: input devices 606 including, for example, a touch screen, touch pad, keyboard, mouse, camera, microphone, accelerometer, gyroscope, etc.; output devices 607 including, for example, a Liquid Crystal Display (LCD), a speaker, a vibrator, and the like; storage 608 including, for example, tape, hard disk, etc.; and a communication device 609. The communication means 609 may allow the electronic device 600 to communicate with other devices wirelessly or by wire to exchange data. While fig. 6 illustrates an electronic device 600 having various means, it is to be understood that not all illustrated means are required to be implemented or provided. More or fewer devices may alternatively be implemented or provided. Each block shown in fig. 6 may represent one device or may represent multiple devices as desired.
In particular, according to some embodiments of the present disclosure, the processes described above with reference to the flow diagrams may be implemented as computer software programs. For example, some embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In some such embodiments, the computer program may be downloaded and installed from a network through the communication device 609, or installed from the storage device 608, or installed from the ROM 602. The computer program, when executed by the processing device 601, performs the above-described functions defined in the methods of some embodiments of the present disclosure.
It should be noted that the computer readable medium described above in some embodiments of the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In some embodiments of the disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In some embodiments of the present disclosure, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
In some embodiments, the clients, servers may communicate using any currently known or future developed network Protocol, such as HTTP (HyperText Transfer Protocol), and may interconnect with any form or medium of digital data communication (e.g., a communications network). Examples of communication networks include a local area network ("LAN"), a wide area network ("WAN"), the Internet (e.g., the Internet), and peer-to-peer networks (e.g., ad hoc peer-to-peer networks), as well as any currently known or future developed network.
The computer readable medium may be embodied in the electronic device; or may exist separately without being assembled into the electronic device. The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: acquiring initial network asset data and a target data table to be processed, which are sent by a security system, wherein the initial network asset data comprises: physical machine information of a target physical machine, wherein the target data table stores data information of each network asset data; generating a composite network asset data filtering condition; determining whether the initial network asset data meets the composite network asset data filtering condition; in response to determining that the initial network asset data meets the composite network asset data filtering condition, generating target network asset data corresponding to the initial network asset data and having complete network asset field information according to the physical machine information of the target physical machine and the target data table; and outputting the target network asset data.
Computer program code for carrying out operations for embodiments of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in some embodiments of the present disclosure may be implemented by software, and may also be implemented by hardware. The described units may also be provided in a processor, and may be described as: a processor includes an acquisition unit, a first generation unit, a determination unit, a second generation unit, and an output unit. The names of these units do not in some cases constitute a limitation on the units themselves, and for example, the acquiring unit may also be described as a "unit that acquires initial network asset data and target data tables to be processed, which are transmitted by the security system".
The functions described herein above may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), systems on a chip (SOCs), Complex Programmable Logic Devices (CPLDs), and the like.
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the embodiments of the present disclosure is not limited to the specific combinations of the above-mentioned features, and other embodiments in which the above-mentioned features or their equivalents are combined arbitrarily without departing from the spirit of the invention are also encompassed. For example, the above features and (but not limited to) technical features with similar functions disclosed in the embodiments of the present disclosure are mutually replaced to form the technical solution.

Claims (10)

1. A data output method, comprising:
acquiring initial network asset data and a target data table to be processed, which are sent by a security system, wherein the initial network asset data comprises: the physical machine information of the target physical machine, the target data table stores the data information of each network asset data;
generating a composite network asset data filtering condition;
determining whether the initial network asset data satisfies the composite network asset data filtering condition;
in response to determining that the initial network asset data meets the composite network asset data filtering condition, generating target network asset data corresponding to the initial network asset data and having complete network asset field information according to physical machine information of the target physical machine and the target data table;
and outputting the target network asset data.
2. The method of claim 1, wherein the method further comprises:
in response to determining that the initial network asset data does not satisfy a composite network asset data filtering condition, determining whether to data convert the initial network asset data;
performing data conversion on the initial network asset data in response to the determination to obtain initial network asset data after the data conversion;
and outputting the initial network asset data after the data conversion.
3. The method of claim 1, wherein the generating composite network asset data filtering conditions comprises:
acquiring a target configuration file;
reading a set of field groups constituting the composite network asset data filtering condition from the target configuration file, wherein each field group in the set of field groups stores at least one condition field constituting the composite network asset data filtering condition, and the condition field types of the condition fields stored between the field groups in the set of field groups are different;
and correspondingly combining all condition fields corresponding to the field group set to obtain the composite network asset data filtering condition.
4. The method of claim 1, wherein the generating target network asset data corresponding to the initial network asset data with complete network asset field information according to the physical machine information of the target physical machine and the target data table comprises:
determining data information corresponding to the physical machine information of the target physical machine from the target data table as target data information;
and generating the target network asset data according to the target data information.
5. The method of claim 4, wherein the generating the target network asset data from the target data information comprises:
and in response to the fact that the information vacancy exists in each data field included in the initial network asset data, performing data complementation on the data field with the information vacancy in the initial network asset data according to the target data information to obtain complemented network asset data, wherein the complemented network asset data is used as the target network asset data.
6. The method of claim 4, wherein the physical machine information comprises at least one of: identification information of the target physical machine and an internet protocol address of the target physical machine; and
the determining data information corresponding to the physical machine information of the target physical machine from the target data table includes:
and determining data information associated with the identification information of the target physical machine and/or the Internet protocol address of the target physical machine from the target data table.
7. The method of claim 1, wherein the target data table is generated by:
connecting a network asset data store;
and generating the target data table according to each network asset data in the network asset data repository, wherein each data information in the target data table is updated synchronously with each network asset data in the network asset data repository.
8. A data output apparatus comprising:
an obtaining unit configured to obtain initial network asset data and a target data table to be processed, which are sent by a security system, wherein the initial network asset data includes: physical machine information of a target physical machine, wherein the target data table stores data information of each network asset data;
a first generating unit configured to generate a composite network asset data filtering condition;
a determining unit configured to determine whether the initial network asset data satisfies the composite network asset data filtering condition;
a second generating unit configured to generate target network asset data corresponding to the initial network asset data and having complete field information of each network asset according to physical machine information of the target physical machine and the target data table in response to determining that the initial network asset data satisfies the composite network asset data filtering condition;
an output unit configured to output the target network asset data.
9. An electronic device, comprising:
one or more processors;
a storage device having one or more programs stored thereon,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
10. A computer-readable medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method of any one of claims 1-7.
CN202210127838.1A 2022-02-11 2022-02-11 Data output method, data output device, electronic equipment and computer readable medium Pending CN114490718A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210127838.1A CN114490718A (en) 2022-02-11 2022-02-11 Data output method, data output device, electronic equipment and computer readable medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210127838.1A CN114490718A (en) 2022-02-11 2022-02-11 Data output method, data output device, electronic equipment and computer readable medium

Publications (1)

Publication Number Publication Date
CN114490718A true CN114490718A (en) 2022-05-13

Family

ID=81480850

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210127838.1A Pending CN114490718A (en) 2022-02-11 2022-02-11 Data output method, data output device, electronic equipment and computer readable medium

Country Status (1)

Country Link
CN (1) CN114490718A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116668042A (en) * 2023-07-31 2023-08-29 北京众驰伟业科技发展有限公司 Production data information transmission method for D-dimer and FDP composite quality control product

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116668042A (en) * 2023-07-31 2023-08-29 北京众驰伟业科技发展有限公司 Production data information transmission method for D-dimer and FDP composite quality control product

Similar Documents

Publication Publication Date Title
CN111291103B (en) Interface data analysis method and device, electronic equipment and storage medium
CN111581291A (en) Data processing method and device, electronic equipment and readable medium
CN110909521A (en) Synchronous processing method and device for online document information and electronic equipment
CN110928934A (en) Data processing method and device for business analysis
CN113268761A (en) Information encryption method and device, electronic equipment and computer readable medium
CN114490718A (en) Data output method, data output device, electronic equipment and computer readable medium
CN111858381A (en) Application program fault tolerance capability test method, electronic device and medium
CN111241137A (en) Data processing method and device, electronic equipment and storage medium
CN112699111B (en) Report generation method and device, electronic equipment and computer readable medium
CN113553206B (en) Data event execution method and device, electronic equipment and computer readable medium
CN112257039B (en) Identity attribute adding method and device and electronic equipment
CN112115154A (en) Data processing and data query method, device, equipment and computer readable medium
CN113760927A (en) Data processing method and device, electronic equipment and computer readable medium
CN112163176A (en) Data storage method and device, electronic equipment and computer readable medium
CN111580890A (en) Method, apparatus, electronic device, and computer-readable medium for processing features
CN115102992B (en) Data publishing method and device, electronic equipment and computer readable medium
CN112507676B (en) Method and device for generating energy report, electronic equipment and computer readable medium
CN112203113B (en) Video stream structuring method and device, electronic equipment and computer readable medium
CN112311833B (en) Data updating method and device
CN113472565B (en) Method, apparatus, device and computer readable medium for expanding server function
CN113342837B (en) Data transmission method, device, electronic equipment and computer readable medium
CN114398437A (en) User information processing method and device, electronic equipment and computer readable medium
CN112182002A (en) Data disaster tolerance method and device, electronic equipment and computer readable medium
CN112069438A (en) Message merging method, message processing method and device, equipment and medium
CN113568936A (en) Real-time streaming data storage method and device and terminal equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination