CN114564358A - Method, apparatus, device, medium and product for checking compliance of change operations - Google Patents

Method, apparatus, device, medium and product for checking compliance of change operations Download PDF

Info

Publication number
CN114564358A
CN114564358A CN202210193021.4A CN202210193021A CN114564358A CN 114564358 A CN114564358 A CN 114564358A CN 202210193021 A CN202210193021 A CN 202210193021A CN 114564358 A CN114564358 A CN 114564358A
Authority
CN
China
Prior art keywords
change
change event
compliance
examination
log information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210193021.4A
Other languages
Chinese (zh)
Inventor
周澄
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202210193021.4A priority Critical patent/CN114564358A/en
Publication of CN114564358A publication Critical patent/CN114564358A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3065Monitoring arrangements determined by the means or processing involved in reporting the monitored data
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The present application relates to a compliance review method, apparatus, computer device, storage medium, and computer program product for alteration operations, which can be used in the field of information security, in-control compliance, or in the financial field, and can also be used in any field other than the financial field, such as the big data field. The method comprises the following steps: acquiring log information of change events of a software system in a production environment; performing compliance review on the log information based on a pre-constructed detection model to obtain a review result; the detection model is determined according to a pre-configured problem detection rule base; and generating an examination report of the change event based on the examination result. By adopting the method, the automatic examination of the change operation can be realized, and the efficiency of the compliance examination of the change operation is improved. Furthermore, compared with the traditional manual examination, the automatic examination mode avoids the influence of human factors and improves the reliability of the change operation compliance examination.

Description

Method, apparatus, device, medium and product for checking compliance of change operations
Technical Field
The present application relates to the field of information security, big data, internal control compliance, or other fields, and in particular, to a method and an apparatus for examining compliance of change operations, a computer device, a storage medium, and a computer program product.
Background
The change refers to the change of equipment, a system, a network, application, operation flow, configuration and parameters, access control and the like in a production environment, and the production environment refers to various business systems for providing external and internal services for enterprise or group management and maintenance, and systems, network equipment, machine room environment facilities and the like required for supporting the operation of the business systems. Change management refers to a process in which a project organization performs corresponding partial or total changes on a project plan to adapt to changes of various factors related to the project in the process of operating the project, so as to ensure the realization of project objectives, and organizes project implementation according to changed requirements. Due to the diversity and complexity of the change steps, there is a certain control risk in the change management, and therefore, the change operation needs to be checked to ensure the compliance of the change operation.
Currently, the compliance of the change operation is checked manually, so the compliance checking method of the change operation has the problem of low efficiency.
Disclosure of Invention
The application provides a method and a device for checking the compliance of change operation, a computer device, a storage medium and a computer program product, which can automatically check the compliance of the change operation and improve the efficiency of checking the compliance of the change operation.
In a first aspect, the present application provides a method for compliance review of alteration operations. The method comprises the following steps:
acquiring log information of change events of a software system in a production environment;
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result; the detection model is determined according to a pre-configured problem detection rule base;
and generating an examination report of the change event based on the examination result.
In one embodiment, performing compliance review on log information based on a pre-constructed detection model to obtain a review result includes: and based on the detection model, carrying out change flow detection and/or change operation detection on the log information to obtain an examination result.
In one embodiment, the change process detection of the log information based on the detection model includes: and detecting whether the flow of the change event and the change scheme included in the log information conform to the problem detection rule base or not based on the detection model.
In one embodiment, the change operation detection on the log information based on the detection model comprises: and detecting whether the actual change operation of the change event included in the log information conforms to the change scheme of the change event or not based on the detection model.
In one embodiment, generating an audit report of change events based on the audit result includes: if the examination result is a non-compliance examination result of the change event, generating question confirmation information based on the non-compliance examination result, and sending the question confirmation information to the target terminal; receiving problem feedback information sent by a target terminal, wherein the problem feedback information is feedback information input by a user based on problem confirmation information; an audit report of the change event is generated based on the issue feedback information and the non-compliance audit result.
In one embodiment, performing compliance review on log information based on a pre-constructed detection model to obtain a review result includes: and in at least one of the conditions of submitting the change event, implementing the change event and completing the change event, performing compliance examination on the log information based on the detection model to obtain an examination result.
In one embodiment, the log information includes at least one of process-related information of the change event, actual change operation information, a change scheme, a change emergency fallback scheme, a change level, and principal information of each process of the change event.
In one embodiment, the problem detection rule base comprises at least one of: the difference between the implementation time of the change event and the proposed time of the change event is smaller than a preset time lead threshold; a conflict exists between the change risk of the change event and at least one of the change level and the integrity of the change emergency fallback scheme; the change scheme of the change event is not approved after being updated; the examination and approval time of the change event is positioned after the implementation starting time of the change event; the change event is implemented in advance or delayed without being approved; the change of the change event implements unchecked control.
In a second aspect, the present application also provides a compliance audit device for altering operations. The device includes:
the acquisition module is used for acquiring the log information of the change events of the software system in the production environment;
the examination module is used for carrying out compliance examination on the log information based on a pre-constructed detection model to obtain an examination result; the detection model is determined according to a pre-configured problem detection rule base;
and the generating module is used for generating an examination report of the change event based on the examination result.
In a third aspect, the present application also provides a computer device. The computer device comprises a memory and a processor, the memory stores a computer program, and the processor realizes the following steps when executing the computer program:
acquiring log information of change events of a software system in a production environment;
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result; the detection model is determined according to a pre-configured problem detection rule base;
and generating an examination report of the change event based on the examination result.
In a fourth aspect, the present application further provides a computer-readable storage medium. The computer-readable storage medium, on which a computer program is stored, which computer program, when being executed by a processor, carries out the steps of:
acquiring log information of change events of a software system in a production environment;
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result; the detection model is determined according to a pre-configured problem detection rule base;
and generating an examination report of the change event based on the examination result.
In a fifth aspect, the present application further provides a computer program product. The computer program product comprising a computer program which when executed by a processor performs the steps of:
acquiring log information of change events of a software system in a production environment;
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result; the detection model is determined according to a pre-configured problem detection rule base;
and generating an examination report of the change event based on the examination result.
The method, the device, the computer equipment, the storage medium and the computer program product for checking the compliance of the change operation are not limited to the application field. The method can collect the log information of the change events of equipment, systems, networks, applications and the like in a production environment, then carry out compliance examination on the collected log information of the change events based on a pre-constructed detection model, examine whether the log information conforms to a pre-configured problem detection rule base, and generate an examination report of the change events based on the examination result. Therefore, the automatic review of the change operation can be realized through the detection model, and the efficiency of the compliance review of the change operation is improved. Furthermore, compared with the traditional manual examination, the automatic examination mode avoids the influence of human factors and improves the reliability of the change operation compliance examination.
Drawings
FIG. 1 is a diagram of an application environment for a compliance review method of change operations in one embodiment;
FIG. 2 is a flowchart illustrating a compliance review method for modifying operations according to an embodiment of the present disclosure;
fig. 3 is a schematic flowchart of an examination report generation method according to an embodiment of the present disclosure;
FIG. 4 is a flowchart illustrating another compliance review method for altering operations according to an embodiment of the present application;
fig. 5 is a block diagram of a compliance checking apparatus for changing operations according to an embodiment of the present application;
FIG. 6 is a diagram illustrating an internal structure of a computer device according to an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of and not restrictive on the broad application.
The compliance checking method for alteration operation provided by the embodiment of the application can be applied to the application environment as shown in fig. 1. Referring to fig. 1, fig. 1 is a diagram of an application environment of a compliance audit method of a change operation in an embodiment, where the application environment includes a server 10 and a terminal 20. The server 10 may perform compliance review on the change operation and send the review result to the terminal 20; the terminal 20 may receive the review result sent by the server 10 and return feedback information. Wherein the server 10 can communicate with the terminal 20 through a network. The server 10 may be implemented by an independent server or a server cluster composed of a plurality of servers, and the terminal 20 may be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, and the like, which is not limited in this embodiment of the present application.
In the prior art, the compliance of the change operation is often checked manually, but the manual checking mode has low efficiency. Therefore, the current problem is that the efficiency of compliance examination is low.
Based on the above, the present application provides a method, an apparatus, a computer device, a storage medium, and a computer program product for checking the compliance of a change operation, which can automatically check the compliance of the change operation, thereby improving the efficiency of checking the compliance of the change operation. Fig. 2 is a flowchart illustrating a compliance checking method for changing operations according to an embodiment of the present application, including the following steps:
step 201, obtaining the log information of the change event of the software system in the production environment.
The change refers to the change of equipment, a system, a network, an application, an operation flow, configuration and parameters, access control and the like in a production environment, and the production environment refers to various business systems for providing external and internal services for enterprise or group management and maintenance, and systems, network equipment, machine room environment facilities and the like required for supporting the operation of the business systems. The change event is the whole implementation process of the change operation.
In a specific implementation, the server 10 may directly call the log information of the change events of various devices, systems, networks, etc. in the production environment through the interface, or may manually collect the log information of the change events of various devices, systems, networks, etc. in the production environment and input the log information into the server 10.
In a possible implementation manner, after the collected log information of the change event, the server 10 may perform format unification operation on the log information, so that formats of all the collected log information are consistent, and thus, subsequent compliance examination is performed on the log information based on the format consistency, and format matching between the log information and the problem detection rule base is achieved, thereby solving the problem that the compliance examination of the log information cannot be performed across systems due to multiple types of devices, huge number of devices, and complex change operation scenes, and improving integrity and effectiveness of the compliance examination of the change operation.
The log information may include at least one of process-related information of the change event, actual change operation information, a change scheme, a change emergency fallback scheme, a change level, and information of a person in charge of each process of the change event. The process-related information of the change event may include: change event application, acceptance, scheme making, approval, implementation, feedback, closing and other information. The actual change operations may include: the system, the equipment and the like automatically change according to the codes, and the operator manually changes the related system, the application, the network equipment and the like. The change scheme is an execution scheme of a preset change operation. The change emergency rollback scheme is a preset scheme for solving the problems in the change operation execution process. The change level may characterize the importance of a change event. The responsible persons for changing the processes of the event may include a responsible person for changing an event application process, a responsible person for changing an event reception process, a responsible person for changing an event scheme setting process, a responsible person for changing an event approval process, a responsible person for changing an event implementation process, a responsible person for changing an event feedback process, a responsible person for changing an event closing process, and the like.
Step 202, performing compliance examination on the log information based on a pre-constructed detection model to obtain an examination result; the detection model is determined according to a pre-configured problem detection rule base.
In a specific implementation, the server 10 may perform compliance checking on the collected log information of the change event based on a pre-constructed detection model, check whether the log information conforms to various rules in a pre-configured problem detection rule base, and generate a checking result of the change event based on each change event according to the log information of the change event and the conforming condition of various rules in the problem detection rule base.
The detection model is determined according to a pre-configured problem detection rule base. The problem detection rule base is configured according to the requirements of system specifications and by combining the past experience of workers. In some embodiments, the problem detection rule base may include at least one of: the difference between the implementation time of the change event and the proposed time of the change event is smaller than a preset time lead threshold; a conflict exists between the change risk of the change event and at least one of the change level and the integrity of the change emergency fallback scheme; the change scheme of the change event is not approved after being updated; the examination and approval time of the change event is positioned after the implementation starting time of the change event; the change event is implemented in advance or delayed without being approved; the change of the change event implements unchecked control.
And step 203, generating an examination report of the change event based on the examination result.
The examination results can be classified into compliance and non-compliance. The compliance review results may include: the information of the identifier of the change event, the review time of the change event, the review compliance identifier of the change event, and the like. The non-compliance review results may include: the information comprises identification of a change event, review time of the change event, review non-compliance identification of the change event, non-compliance content of the change event, specific rules which are not met by the non-compliance content of the change event, and a person in charge corresponding to the process node where the non-compliance content of the change event is located.
In one possible implementation, the server 10 may generate an audit report of the change event based on the type of the audit result of the change event. For example, the review result of a compliant change event may be determined as a review report for the review event; the review report of the change event can be generated by adding information such as the correction measure of the change event which is not in compliance to the review result.
The method for checking the compliance of the change operation provided by the embodiment of the application can collect the log information of the change events of equipment, systems, networks, applications and the like in a production environment, then perform compliance checking on the collected log information of the change events based on a pre-constructed detection model, check whether the log information conforms to a pre-configured problem detection rule base, and generate a checking report of the change events based on the checking result. Therefore, the automatic review of the change operation can be realized through the detection model, and the efficiency of the compliance review of the change operation is improved. Furthermore, compared with the traditional manual examination, the automatic examination mode avoids the influence of human factors and improves the reliability of the change operation compliance examination.
In the embodiments described above, a scheme of examining compliance of log information based on a pre-constructed detection model and generating an examination result is described. In another embodiment of the present application, compliance review may be divided into two aspects, altered flow detection and altered operation detection. For example, the "performing compliance review on log information based on a pre-constructed detection model to obtain review results" as described above may include the following steps a:
and step A, based on the detection model, carrying out change flow detection and/or change operation detection on the log information to obtain an examination result.
In a specific implementation, the change process detection is based on a detection model, and the compliance of process related information in the log information is examined. Specifically, the change flow detection may include: detecting at least one of whether the flow related information of the change event in the log information conforms to the rules in the pre-configured problem detection rule base, whether the change scheme of the change event in the log information conforms to the rules in the pre-configured problem detection rule base, and whether the change emergency fallback scheme of the change event in the log information conforms to the rules in the pre-configured problem detection rule base. The change scheme of the change event and the change emergency rollback scheme in the log information are schemes provided in the process of making the scheme in the process related information.
In a specific implementation, the change operation detection is based on a detection model, and the compliance of the actual change operation in the log information is checked. Specifically, the detecting of the change operation may include detecting whether an actual change operation of the change event included in the log information conforms to a change scheme of the change event based on a detection model, that is, detecting whether the change operation is executed according to the established change scheme in the implementation process.
In one possible implementation manner, when performing compliance review on log information, only change flow detection may be performed on the log information based on a detection model, whether at least one of flow related information, a change scheme, and a change emergency fallback scheme of a change event in the log information meets a rule in a pre-configured problem detection rule base is detected, and a review result corresponding to each change event is generated after the detection is completed.
In one possible implementation manner, when performing compliance review on log information, only change operation detection may be performed on the log information based on a detection model, whether actual change operation of change events in the log information conforms to a preset change scheme is detected, and a review result corresponding to each change event is generated after the detection is completed.
In a possible implementation manner, when performing compliance review on log information, change process detection and change operation detection may be performed on the log information at the same time based on a detection model, and whether at least one of the process-related information, the change scheme, and the change emergency fallback scheme of a change event in the log information conforms to a rule in a pre-configured problem detection rule base, and whether the actual change operation of the change event conforms to a pre-established change scheme, and a review result corresponding to each change event is generated after the detection is completed.
The scheme provided by the embodiment of the application can divide the compliance examination into two aspects of change flow detection and change operation detection. When the log information is subjected to compliance review, the flow related information and/or the actual change operation in the log information may be subjected to compliance review. Specifically, when the log information is subjected to compliance review, it may be detected whether at least one of the flow related information, the change scheme, and the change emergency fallback scheme in the log information meets a rule in a pre-configured problem detection rule base, and/or whether the actual change operation meets a pre-established change scheme. Therefore, the method and the device for checking the log information of the change event can check the compliance of the log information of the change event through at least one of the two aspects of detection of the change process and detection of the change operation, and the comprehensiveness and reliability of the compliance check of the change operation are improved.
In the embodiments described above, a scheme of examining compliance of log information based on a pre-constructed detection model and generating an examination result is described. In another embodiment of the present application, compliance review can be divided into submitting a change event, during the implementation of the change event, and three occasions after the change event is completed. For example, the "performing compliance review on log information based on a pre-constructed detection model to obtain review results" as described above may include the following steps B:
and step B, performing compliance examination on the log information based on the detection model under at least one condition of submitting the change event, the implementation process of the change event and after the change event is completed, and obtaining an examination result.
In a possible implementation manner, the detection model may be called to perform pre-detection on the flow related information in the log information when the change event is submitted. Specifically, when a change event is submitted, the change scheme and the change emergency fallback scheme submitted in the process of the scheme formulation in the process related information are subjected to compliance examination, whether the change scheme and the change emergency fallback scheme meet rules in a pre-configured problem detection rule base or not is detected, and an examination result corresponding to each change event is generated after the detection is completed.
In one possible implementation, the detection model may be invoked to review the log information of the change event during the implementation of the change event. Specifically, a specific flow node may be preset, based on a currently completed part of the change event, compliance examination may be performed on information of the flow node part in the log information according to the preset flow node, whether the information of the flow node part conforms to a rule in a pre-configured problem detection rule base is detected, and an examination result corresponding to each change event is generated after the detection is completed; or setting specific operation parameters in advance, performing compliance review on the actual operation information corresponding to the operation parameters in the log information according to the preset operation parameters based on the currently completed part of the change event, detecting whether the actual operation information corresponding to the operation parameters is executed according to the established change scheme, and generating a review result corresponding to each change event after the detection is completed.
In one possible implementation, the detection model may be invoked to review the log information of the change event after the change event is completed. Specifically, by setting a specific process node or a specific operation parameter in advance, in the log information of the change event, the information of the process node portion or the actual operation information corresponding to the operation parameter is subjected to compliance review according to the rules in the problem detection rule base, and the review result corresponding to each change event is generated after the detection is completed. Or calling all rules or part of rules in the problem detection rule base, performing compliance examination on the log information of the change events, and generating an examination result corresponding to each change event after detection is completed.
Wherein, the flow nodes and the operation parameters can be selected according to the importance degree.
According to the scheme provided by the embodiment of the application, the compliance examination can be carried out on the log information of the change event at any one of the three moments in the implementation process of submitting the change event and after the change event is completed, and all or part of the log information of the change event can be also carried out at any one moment, so that the flexibility of the compliance examination of the change operation is improved.
The foregoing embodiments describe a scheme for generating an audit report of a change event based on the type of audit result (compliant or non-compliant). In another embodiment of the present application, if the review result is a non-compliance review result, a review report of the change event may be generated based on the review result and the issue feedback information. For example, the "generating an audit report of a change event based on an audit result" described above may include the steps shown in fig. 3, where fig. 3 is a flowchart of an audit report generating method provided in an embodiment of the present application, and the method includes the following steps:
step 301, if the inspection result is a non-compliance inspection result of the change event, generating question confirmation information based on the non-compliance inspection result, and transmitting the question confirmation information to the target terminal.
In a specific implementation, if any of the examination results is a non-compliance examination result corresponding to the change event, the non-compliance examination result may be determined as question confirmation information corresponding to the change event, and the question confirmation information may be transmitted to the target terminal. And the target terminal is a terminal used by a responsible person corresponding to the process node where the non-compliance content of the change event is located in the non-compliance examination result.
Step 302, receiving question feedback information sent by the target terminal, wherein the question feedback information is feedback information input by a user based on the question confirmation information.
In a specific implementation, a person in charge corresponding to a process node where the non-compliant content of the change event is located may confirm whether to approve the review result of the corresponding change event based on the content of the question confirmation information displayed on the target terminal, and at the same time, generate question feedback information of the change event, and send the question feedback information to the server 10 through the target terminal. The server 10 may receive the question feedback information transmitted by the target terminal. The question feedback information may be an approved or disapproved result of the examination.
And step 303, generating an inspection report of the change event based on the problem feedback information and the non-compliance inspection result.
In a specific implementation, if the review result of the change event is fed back as the non-approved review result, the review report of the change event generated based on the question feedback information and the non-compliant review result may include: the information comprises information such as identification of a change event, review time of the change event, review non-compliance identification of the change event, non-compliance content of the change event, specific rules which are not met by the non-compliance content of the change event, a responsible person corresponding to the process node where the non-compliance content of the change event is located, question feedback (non-approval review result) and the like.
If the review result of the change event is fed back as the approved review result and the change operation can be modified currently, the responsible person can provide corresponding correction measures based on the non-compliant content information of the change event in the review result of the change event. The review report for the change event generated by the server 10 based on the issue feedback information and the non-compliance review result may include: the information comprises information such as identification of a change event, review time of the change event, review non-compliance identification of the change event, non-compliance content of the change event, specific rules which are not met by the non-compliance content of the change event, a responsible person corresponding to a process node where the non-compliance content of the change event is located, question feedback (approved review result), and adjustment and modification measures of the change event.
If the review result of the change event is fed back as the approved review result and the change operation cannot be modified, the responsible person can summarize the corresponding experience based on the non-compliant content information of the change event in the review result of the change event and update the problem detection rule base. The review report for the change event generated by the server 10 based on the issue feedback information and the non-compliance review result may include: the information comprises information such as identification of a change event, review time of the change event, review non-compliance identification of the change event, non-compliance content of the change event, specific rules which are not met by the non-compliance content of the change event, a responsible person corresponding to the process node where the non-compliance content of the change event is located, question feedback (approved review result) and the like.
The scheme provided by the embodiment of the application can generate the review report of the change event based on the non-compliance review result and the problem feedback information of the change event. Specifically, the question feedback information may be added to the review result of the change event, so as to generate a review report corresponding to the change event. Therefore, when the examination result is the non-compliance examination result corresponding to the change event, the embodiment of the application further confirms the examination result to the relevant responsible person, and finally determines the examination result of the change event according to the non-compliance examination result and the question feedback information of the responsible person, so that the reliability of the change operation compliance examination is improved. In addition, the embodiment of the application can greatly reduce the labor cost of repeated labor and improve the examination efficiency of the change event by realizing the automatic problem analysis, the automatic initiation confirmation, the automatic generation of the examination result and the examination report of the change event.
In one embodiment, the flow related information and the actual operation information of the same change event are often originated from different software systems, and are associated through the identification of the change event. If any change event does not have the change event identifier, the relation between the flow related information of the change event and the actual operation information can be established through other information such as implementation time, information of a responsible person and the like.
In one embodiment, if an automatically implemented change event fails multiple times in a flow node, the subsequent change operations are manually completed. In this case, the relationship between the log information of the change event automation implementation part and the log information of the manual operation part can be established through the information such as the identification, implementation time, and the responsible person of the change event, so that the change event with failed automation implementation can be subjected to compliance inspection, and the reliability of the compliance inspection of the change event is improved.
Referring to fig. 4, fig. 4 is a flowchart illustrating another method for reviewing compliance of a change operation according to an embodiment of the present application, where the method for reviewing a change operation according to an embodiment of the present application may include the following steps:
s1, collecting log information of change events of the software system in the production environment, wherein the log information can comprise at least one item of information of process related information, actual change operation information, change scheme, change emergency rollback scheme, change level and information of responsible persons of each process of the change events;
s2, the detection model detects the change process and/or change operation of the log information at any time of the three times of submitting the change event, the implementation process of the change event and the completion of the change event according to the problem detection rule base, so as to sequentially realize the advance warning and interception, the in-process warning and feedback, the post check and the audit of the change event, and generate the examination result of the change event after the examination is completed; the problem detection rule base is configured according to the system specification requirements and the past experience of workers.
S3, generating an examination report of the change event based on the compliance examination result; alternatively, an audit report of change events is generated based on the non-compliance audit result and the issue feedback information.
It should be understood that, although the steps in the flowcharts related to the embodiments as described above are sequentially displayed as indicated by arrows, the steps are not necessarily performed sequentially as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least a part of the steps in the flowcharts related to the embodiments described above may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the execution order of the steps or stages is not necessarily sequential, but may be rotated or alternated with other steps or at least a part of the steps or stages in other steps.
Based on the same inventive concept, the embodiment of the present application further provides a compliance audit device for implementing the change operation of the compliance audit method of the change operation. The implementation scheme for solving the problem provided by the device is similar to the implementation scheme described in the method, so specific limitations in the embodiment of the compliance inspection device for one or more modification operations provided below can be referred to the above limitations on the compliance inspection method for modification operations, and are not described herein again.
In one embodiment, as shown in fig. 5, fig. 5 is a block diagram of a compliance audit device for changing operation according to an embodiment of the present application, and provides a compliance audit device for changing operation, including: the device comprises an acquisition module, an examination module and a generation module, wherein:
an obtaining module 501, configured to obtain log information of a change event of a software system in a production environment;
the examination module 502 is configured to perform compliance examination on the log information based on a pre-constructed detection model to obtain an examination result; the detection model is determined according to a pre-configured problem detection rule base;
a generating module 503, configured to generate an audit report of the change event based on the audit result.
In one embodiment, performing compliance review on the log information based on a pre-constructed detection model to obtain a review result, including: and based on the detection model, carrying out change flow detection and/or change operation detection on the log information to obtain an examination result.
In one embodiment, based on the detection model, the log information is subjected to change flow detection, which includes: and detecting whether the flow of the change event and the change scheme included in the log information conform to the problem detection rule base or not based on the detection model.
In one embodiment, based on a detection model, change operation detection is performed on log information, and the change operation detection comprises the following steps: based on the detection model, whether the actual change operation of the change event included in the log information conforms to the change scheme of the change event is detected.
In one embodiment, generating an audit report of change events based on the audit results includes: if the examination result is a non-compliance examination result of the change event, generating question confirmation information based on the non-compliance examination result, and sending the question confirmation information to the target terminal; receiving problem feedback information sent by a target terminal, wherein the problem feedback information is feedback information input by a user based on problem confirmation information; an audit report of the change event is generated based on the issue feedback information and the non-compliance audit result.
In one embodiment, performing compliance review on the log information based on a pre-constructed detection model to obtain a review result, including: and in at least one of the conditions of submitting the change event, implementing the change event and completing the change event, performing compliance examination on the log information based on the detection model to obtain an examination result.
In one embodiment, the log information includes at least one of flow related information of the change event, actual change operation information, a change scenario, a change emergency fallback scenario, a change level, and principal information of each flow of the change event.
In one embodiment, the problem detection rule base includes at least one of: the difference between the implementation time of the change event and the proposed time of the change event is smaller than a preset time lead threshold; a conflict exists between the change risk of the change event and at least one of the change level and the integrity of the change emergency fallback scheme; the change scheme of the change event is not approved after being updated; the examination and approval time of the change event is positioned after the implementation starting time of the change event; the change event is implemented in advance or delayed without being approved; the change of the change event implements unchecked control.
The modules in the compliance checking device for the change operation may be implemented in whole or in part by software, hardware, or a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as shown in fig. 6. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing relevant information of flow related information, actual change operation information, change schemes, change emergency fallback schemes, change levels, and responsible persons of all flows of change events related to the compliance review method for change operations provided by the application. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a compliance audit method of alteration operations.
It will be appreciated by those skilled in the art that the configuration shown in fig. 6 is a block diagram of only a portion of the configuration associated with the present application, and is not intended to limit the computing device to which the present application may be applied, and that a particular computing device may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, comprising a memory and a processor, the memory having a computer program stored therein, the processor implementing the following steps when executing the computer program:
acquiring log information of change events of a software system in a production environment;
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result; the detection model is determined according to a pre-configured problem detection rule base;
and generating an examination report of the change event based on the examination result.
In one embodiment, the processor, when executing the computer program, further performs the steps of:
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result, wherein the review result comprises the following steps: and based on the detection model, carrying out change flow detection and/or change operation detection on the log information to obtain an examination result.
In one embodiment, the processor when executing the computer program further performs the steps of:
based on the detection model, the log information is subjected to change flow detection, which comprises the following steps: and detecting whether the flow of the change event and the change scheme included in the log information conform to the problem detection rule base or not based on the detection model.
In one embodiment, the processor, when executing the computer program, further performs the steps of:
based on the detection model, the method for detecting the change operation of the log information comprises the following steps: and detecting whether the actual change operation of the change event included in the log information conforms to the change scheme of the change event or not based on the detection model.
In one embodiment, the processor when executing the computer program further performs the steps of:
generating an audit report of the change event based on the audit result, comprising: if the examination result is a non-compliance examination result of the change event, generating question confirmation information based on the non-compliance examination result, and sending the question confirmation information to the target terminal; receiving problem feedback information sent by a target terminal, wherein the problem feedback information is feedback information input by a user based on problem confirmation information; an audit report of the change event is generated based on the issue feedback information and the non-compliance audit result.
In one embodiment, the processor, when executing the computer program, further performs the steps of:
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result, wherein the review result comprises the following steps: and in at least one of the conditions of submitting the change event, implementing the change event and completing the change event, performing compliance examination on the log information based on the detection model to obtain an examination result.
In one embodiment, the processor, when executing the computer program, further performs the steps of:
the log information includes at least one item of information among flow related information of the change event, actual change operation information, a change scenario, a change emergency fallback scenario, a change level, and information of a person in charge of each flow of the change event.
In one embodiment, the processor when executing the computer program further performs the steps of:
the problem detection rule base includes at least one of: the difference between the implementation time of the change event and the proposed time of the change event is smaller than a preset time lead threshold; a conflict exists between the change risk of the change event and at least one of the change level and the integrity of the change emergency fallback scheme; the change scheme of the change event is not approved after being updated; the examination and approval time of the change event is positioned after the implementation starting time of the change event; the change event is implemented in advance or delayed without being approved; the change of the change event implements unchecked control.
In one embodiment, a computer-readable storage medium is provided, having a computer program stored thereon, which when executed by a processor, performs the steps of:
acquiring log information of change events of a software system in a production environment;
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result; the detection model is determined according to a pre-configured problem detection rule base;
and generating an examination report of the change event based on the examination result.
In one embodiment, the computer program when executed by the processor further performs the steps of:
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result, wherein the review result comprises the following steps: and based on the detection model, carrying out change flow detection and/or change operation detection on the log information to obtain an examination result.
In one embodiment, the computer program when executed by the processor further performs the steps of:
based on the detection model, the log information is subjected to change flow detection, which comprises the following steps: and detecting whether the flow of the change event and the change scheme included in the log information conform to the problem detection rule base or not based on the detection model.
In one embodiment, the computer program when executed by the processor further performs the steps of:
based on the detection model, the method for detecting the change operation of the log information comprises the following steps: and detecting whether the actual change operation of the change event included in the log information conforms to the change scheme of the change event or not based on the detection model.
In one embodiment, the computer program when executed by the processor further performs the steps of:
generating an audit report of the change event based on the audit result, comprising: if the examination result is a non-compliance examination result of the change event, generating question confirmation information based on the non-compliance examination result, and sending the question confirmation information to the target terminal; receiving problem feedback information sent by a target terminal, wherein the problem feedback information is feedback information input by a user based on problem confirmation information; an audit report of the change event is generated based on the issue feedback information and the non-compliance audit result.
In one embodiment, the computer program when executed by the processor further performs the steps of:
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result, wherein the review result comprises the following steps: and in at least one of the conditions of submitting the change event, implementing the change event and completing the change event, performing compliance examination on the log information based on the detection model to obtain an examination result.
In one embodiment, the computer program when executed by the processor further performs the steps of:
the log information includes at least one item of information among flow related information of the change event, actual change operation information, a change scenario, a change emergency fallback scenario, a change level, and information of a person in charge of each flow of the change event.
In one embodiment, the computer program when executed by the processor further performs the steps of:
the problem detection rule base includes at least one of: the difference between the implementation time of the change event and the proposed time of the change event is smaller than a preset time lead threshold; a conflict exists between the change risk of the change event and at least one of the change level and the integrity of the change emergency fallback scheme; the change scheme of the change event is not approved after being updated; the examination and approval time of the change event is positioned after the implementation starting time of the change event; the change event is implemented in advance or delayed without being approved; the change of the change event implements unchecked control.
In one embodiment, a computer program product is provided, comprising a computer program which when executed by a processor performs the steps of:
acquiring log information of change events of a software system in a production environment;
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result; the detection model is determined according to a pre-configured problem detection rule base;
and generating an examination report of the change event based on the examination result.
In one embodiment, the computer program when executed by the processor further performs the steps of:
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result, wherein the review result comprises the following steps: and based on the detection model, carrying out change flow detection and/or change operation detection on the log information to obtain an examination result.
In one embodiment, the computer program when executed by the processor further performs the steps of:
based on the detection model, the log information is subjected to change flow detection, which comprises the following steps: and detecting whether the flow of the change event and the change scheme included in the log information conform to the problem detection rule base or not based on the detection model.
In one embodiment, the computer program when executed by the processor further performs the steps of:
based on the detection model, the log information is subjected to change operation detection, and the method comprises the following steps: and detecting whether the actual change operation of the change event included in the log information conforms to the change scheme of the change event or not based on the detection model.
In one embodiment, the computer program when executed by the processor further performs the steps of:
generating an audit report of the change event based on the audit result, comprising: if the examination result is a non-compliance examination result of the change event, generating question confirmation information based on the non-compliance examination result, and sending the question confirmation information to the target terminal; receiving problem feedback information sent by a target terminal, wherein the problem feedback information is feedback information input by a user based on problem confirmation information; an audit report of the change event is generated based on the issue feedback information and the non-compliance audit result.
In one embodiment, the computer program when executed by the processor further performs the steps of:
performing compliance review on the log information based on a pre-constructed detection model to obtain a review result, wherein the review result comprises the following steps: and in at least one of the conditions of submitting the change event, implementing the change event and completing the change event, performing compliance examination on the log information based on the detection model to obtain an examination result.
In one embodiment, the computer program when executed by the processor further performs the steps of:
the log information includes at least one item of information among flow related information of the change event, actual change operation information, a change scenario, a change emergency fallback scenario, a change level, and information of a person in charge of each flow of the change event.
In one embodiment, the computer program when executed by the processor further performs the steps of:
the problem detection rule base includes at least one of: the difference between the implementation time of the change event and the proposed time of the change event is smaller than a preset time lead threshold; a conflict exists between the change risk of the change event and at least one of the change level and the integrity of the change emergency fallback scheme; the change scheme of the change event is not approved after being updated; the examination and approval time of the change event is positioned after the implementation starting time of the change event; the change event is implemented in advance or delayed without being approved; the change of the change event implements unchecked control.
It should be noted that, the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, presented data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high-density embedded nonvolatile Memory, resistive Random Access Memory (ReRAM), Magnetic Random Access Memory (MRAM), Ferroelectric Random Access Memory (FRAM), Phase Change Memory (PCM), graphene Memory, and the like. Volatile Memory can include Random Access Memory (RAM), external cache Memory, and the like. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others. The databases referred to in various embodiments provided herein may include at least one of relational and non-relational databases. The non-relational database may include, but is not limited to, a block chain based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic devices, quantum computing based data processing logic devices, etc., without limitation.
All possible combinations of the technical features in the above embodiments may not be described for the sake of brevity, but should be considered as being within the scope of the present disclosure as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present application. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present application shall be subject to the appended claims.

Claims (12)

1. A method for reviewing compliance of change operations, the method comprising:
acquiring log information of change events of a software system in a production environment;
performing compliance examination on the log information based on a pre-constructed detection model to obtain an examination result; the detection model is determined according to a pre-configured problem detection rule base;
generating an audit report of the change event based on the audit result.
2. The method of claim 1, wherein the performing a compliance review on the log information based on a pre-constructed detection model to obtain a review result comprises:
and based on the detection model, carrying out change flow detection and/or change operation detection on the log information to obtain the examination result.
3. The method of claim 2, wherein the detecting the log information for the change process based on the detection model comprises:
and detecting whether the flow and the change scheme of the change event included in the log information conform to the problem detection rule base or not based on the detection model.
4. The method of claim 2, wherein the detecting the change operation of the log information based on the detection model comprises:
and detecting whether the actual change operation of the change event included in the log information conforms to the change scheme of the change event or not based on the detection model.
5. The method of claim 1, wherein generating an audit report of change events based on the audit results comprises:
if the examination result is a non-compliance examination result of the change event, generating question confirmation information based on the non-compliance examination result, and sending the question confirmation information to a target terminal;
receiving question feedback information sent by the target terminal, wherein the question feedback information is feedback information input by a user based on the question confirmation information;
generating a review report for the change event based on the issue feedback information and the non-compliance review result.
6. The method according to any one of claims 1 to 5, wherein the performing a compliance review on the log information based on a pre-constructed detection model to obtain a review result comprises:
and in at least one of the conditions of submitting the change event, the implementation process of the change event and after the change event is completed, performing compliance examination on the log information based on the detection model to obtain the examination result.
7. The method according to any one of claims 1 to 5, wherein the log information includes at least one of process-related information of the change event, actual change operation information, change scheme, change emergency fallback scheme, change level, and principal information of each process of the change event.
8. The method of any of claims 1-5, wherein the problem detection rule base comprises at least one of:
the difference between the implementation time of the change event and the proposed time of the change event is smaller than a preset time lead threshold;
a conflict exists between the change risk of the change event and at least one of a change level and the integrity of a change emergency fallback scheme;
the change scheme of the change event is not approved after being updated;
the approval time of the change event is positioned after the implementation starting time of the change event;
the implementation of the change event in advance or delayed is not approved;
the change implementation of the change event is not subject to audit control.
9. A compliance audit device of alteration operations, the device comprising:
the acquisition module is used for acquiring the log information of the change events of the software system in the production environment;
the examination module is used for carrying out compliance examination on the log information based on a pre-constructed detection model to obtain an examination result; the detection model is determined according to a pre-configured problem detection rule base;
and the generating module is used for generating an examination report of the change event based on the examination result.
10. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the method of any of claims 1 to 8.
11. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 8.
12. A computer program product comprising a computer program, characterized in that the computer program realizes the steps of the method of any one of claims 1 to 8 when executed by a processor.
CN202210193021.4A 2022-02-28 2022-02-28 Method, apparatus, device, medium and product for checking compliance of change operations Pending CN114564358A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210193021.4A CN114564358A (en) 2022-02-28 2022-02-28 Method, apparatus, device, medium and product for checking compliance of change operations

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210193021.4A CN114564358A (en) 2022-02-28 2022-02-28 Method, apparatus, device, medium and product for checking compliance of change operations

Publications (1)

Publication Number Publication Date
CN114564358A true CN114564358A (en) 2022-05-31

Family

ID=81715653

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210193021.4A Pending CN114564358A (en) 2022-02-28 2022-02-28 Method, apparatus, device, medium and product for checking compliance of change operations

Country Status (1)

Country Link
CN (1) CN114564358A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117369338A (en) * 2023-11-15 2024-01-09 广州飞数工业软件有限公司 Operation and maintenance management system and method for industrial manufacturing equipment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117369338A (en) * 2023-11-15 2024-01-09 广州飞数工业软件有限公司 Operation and maintenance management system and method for industrial manufacturing equipment

Similar Documents

Publication Publication Date Title
CN108573371B (en) Data approval method, device, computer equipment and storage medium
CN110232565B (en) Resource clearing method, device, computer equipment and storage medium
CN110765091A (en) Account checking method and system
CN107038182B (en) Method and device for checking completeness of sub-table data
CN110413507B (en) System test method, device, computer equipment and storage medium
CN110503544A (en) Collage-credit data reports and submits method, apparatus, system, computer equipment and storage medium
CN113220540B (en) Service management method, device, computer equipment and storage medium
CN110378793A (en) Data managing method, device, computer equipment and storage medium
CN114564358A (en) Method, apparatus, device, medium and product for checking compliance of change operations
CN117195129A (en) Exception handling method based on sandbox system and related equipment
CN112256532A (en) Test interface generation method and device, computer equipment and readable storage medium
CN111737351A (en) Transaction management method and device for distributed management system
CN112199441A (en) Data synchronization processing method, device, equipment and medium based on big data platform
CN111552989A (en) Service data processing method, device, equipment and storage medium based on block chain
CN110765131A (en) Data compression method and device for goods source data, computer equipment and storage medium
CN110489208B (en) Virtual machine configuration parameter checking method, system, computer equipment and storage medium
CN109829681B (en) Software development monitoring method, device, computer equipment and storage medium
CN110197061B (en) Service data monitoring method, device, computer equipment and storage medium
CN109471790A (en) Send nuclear parameter comparison method and device, computer installation and readable storage medium storing program for executing
CN114553726B (en) Network security operation and maintenance method and system based on functions and resource levels
CN118193508A (en) Data checking method, device, computer equipment and storage medium
CN116800750A (en) Resource borrowing consensus determination method, device, computer equipment and storage medium
CN117573768A (en) Block chain-based service handling data processing method, device, system and equipment
CN118152459A (en) Data online reporting method, device, computer equipment, medium and program product
CN117076291A (en) Service testing method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination