CN114760220A - Monitoring method, device and equipment of operating system - Google Patents
Monitoring method, device and equipment of operating system Download PDFInfo
- Publication number
- CN114760220A CN114760220A CN202210295215.5A CN202210295215A CN114760220A CN 114760220 A CN114760220 A CN 114760220A CN 202210295215 A CN202210295215 A CN 202210295215A CN 114760220 A CN114760220 A CN 114760220A
- Authority
- CN
- China
- Prior art keywords
- random
- connection
- operating system
- random port
- monitoring
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 70
- 238000012544 monitoring process Methods 0.000 title claims abstract description 56
- 230000005540 biological transmission Effects 0.000 claims abstract description 48
- 238000004891 communication Methods 0.000 claims abstract description 35
- 238000004590 computer program Methods 0.000 claims description 10
- 238000012806 monitoring device Methods 0.000 claims description 9
- 238000012423 maintenance Methods 0.000 abstract description 30
- 230000002159 abnormal effect Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0811—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/161—Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Environmental & Geological Engineering (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application discloses a monitoring method, a device and equipment of an operating system, which comprise the following steps: and acquiring corresponding communication information when the system performs data transmission, wherein the communication information comprises the first connection quantity and the first random port use quantity. And then judging whether the first connection quantity and the first random port use quantity meet preset conditions or not, and when at least one of the first connection quantity and the first random port use quantity does not meet the preset conditions, giving an alarm by the system so that operation and maintenance personnel can find problems in time and maintain the system. The monitoring method of the operating system provided by the embodiment of the application can monitor the operating system using the TCP/UDP protocol under the IPv4/IPv6, solves the problem that the monitoring of IPv6 and UDP protocol ports cannot be performed at present, can give an alarm when the monitoring index does not meet the requirement, is convenient for operation and maintenance personnel to find the problem in time, and improves the operation and maintenance efficiency of the system.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a method, an apparatus, and a device for monitoring an operating system.
Background
In the Linux operating system, when a request for data transmission is initiated between a client and a server, a random port can be called to realize communication with a port of the server. In the process of realizing communication, when communication cannot be normally established due to some factors, the number of connections in some states is abnormal. If the operation and maintenance personnel can not find the problem in time, the normal operation of the system can be influenced. In addition, when the system establishes communication connection with an external device, a random port is occupied, and when the utilization rate of the random port in the system is too high, the normal operation of the system is also influenced.
However, the current monitoring scheme only monitors the number of ports used by a Transmission Control Protocol (TCP) based system under the internet Protocol version IPv4 and the number of state connections. With the popularization and the use of partial application of an internet Protocol version IPv6 address to a User Datagram Protocol (UDP) lower port, for a system using an IPv6 address and a UDP Protocol, the current monitoring method cannot monitor the system, so that operation and maintenance personnel cannot find problems in time, and normal operation and maintenance of the system are affected.
Disclosure of Invention
In view of this, embodiments of the present application provide a method, an apparatus, and a device for monitoring an operating system, so as to monitor the operating system more comprehensively and improve system operation and maintenance efficiency.
In a first aspect, an embodiment of the present application provides a method for monitoring an operating system, where the method includes:
acquiring communication information corresponding to data transmission of a system, wherein the communication information comprises a first connection quantity and a first random port use quantity, the first connection quantity is the quantity of connections established for data transmission, and the first random port use quantity is the quantity of random ports used for data transmission;
judging whether the first connection quantity and the first random port use quantity meet preset conditions or not;
and when at least one of the first connection quantity and the first random port use quantity does not meet the preset condition, giving an alarm.
In a possible implementation manner, the determining whether the first connection number meets a preset condition includes:
acquiring the maximum handle number of the system;
determining a first ratio between the first number of connections and the maximum number of handles;
and judging whether the first ratio is smaller than a first preset threshold value.
In a possible implementation manner, the determining whether the usage number of the first random ports meets a preset condition includes:
acquiring an internet protocol version of the system, wherein the internet protocol version comprises IPv4 or IPv 6;
based on the Internet protocol version, acquiring the total number of random ports of the system under a target transmission protocol;
acquiring the using quantity of second random ports under the target transmission protocol based on the using quantity of the first random ports;
and judging whether the second random port using quantity meets the preset condition or not based on the total random port quantity and the second random port using quantity.
In one possible implementation, the target transport protocol includes a transmission control protocol TCP or a user datagram protocol UDP.
In a possible implementation manner, the determining, based on the total number of random ports and the second number of random ports, whether the second number of random ports meets the preset condition includes:
determining a second ratio between the total number of random ports and the second number of random port usages;
and judging whether the second ratio is smaller than a second preset threshold value.
In one possible implementation, when the target transport protocol is TCP, the method further includes:
acquiring a second connection quantity in a target state under the TCP;
and when the second connection number is larger than or equal to a third preset threshold value, alarming.
In a second aspect, an embodiment of the present application provides an operating system monitoring apparatus, where the apparatus includes: the device comprises an acquisition module, a judgment module and an alarm module;
the acquisition module is configured to acquire communication information corresponding to data transmission performed by a system, where the communication information includes a first connection number and a first random port usage number, the first connection number is the number of connections established for performing data transmission, and the first random port usage number is the number of random ports used for performing data transmission;
the judging module is used for judging whether the first connection quantity and the first random port use quantity meet preset conditions or not;
and the alarm module is used for giving an alarm when at least one of the first connection quantity and the first random port use quantity does not meet the preset condition.
In a third aspect, an embodiment of the present application provides a monitoring device for an operating system, where the device includes: a memory and a processor;
the memory is for storing associated program code;
the processor is configured to invoke the program code, and execute the monitoring method of the operating system according to any implementation manner of the first aspect.
In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium, where the computer-readable storage medium is used to store a computer program, where the computer program is used to execute the method for monitoring an operating system according to any implementation manner of the first aspect.
In a fifth aspect, an embodiment of the present application provides a computer program product, where the computer program product includes a program, and when the program runs on a processor, the program causes a computer or a network device to execute the method for monitoring an operating system according to any one of the implementations of the first aspect.
Therefore, the embodiment of the application has the following beneficial effects:
compared with the method which can only monitor the operating system using the IPv4 and the TCP protocol at present, the method can comprehensively monitor the operating system based on the TCP/UDP protocol under the IPv4/IPv 6. In specific implementation, communication information corresponding to data transmission performed by the system is obtained, where the communication information includes a first connection number and a first random port usage number, the first connection number is the number of connections established for data transmission, and the first random port usage number is the number of random ports used for data transmission. And then judging whether the first connection quantity and the first random port use quantity meet preset conditions or not, and when at least one of the first connection quantity and the first random port use quantity does not meet the preset conditions, giving an alarm by the system so that operation and maintenance personnel can find problems in time and maintain the system. By the monitoring method of the operating system, the operating system using the TCP/UDP protocol under IPv4/IPv6 can be monitored, the problem that monitoring of IPv6 and UDP protocol ports cannot be performed at present is solved, when monitoring indexes do not meet requirements, an alarm can be given, operation and maintenance personnel can find the problems conveniently in time, and the operation and maintenance efficiency of the system is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings required to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some of the embodiments provided in the present application, and other drawings can be obtained by those skilled in the art according to these drawings.
Fig. 1 is a flowchart of a monitoring method for an operating system according to an embodiment of the present disclosure;
fig. 2 is a flowchart of another monitoring method for an operating system according to an embodiment of the present disclosure;
fig. 3 is a schematic diagram of a monitoring apparatus of an operating system according to an embodiment of the present disclosure;
fig. 4 is a schematic diagram of a monitoring device of an operating system according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and the described embodiments are only exemplary embodiments of the present application, and not all implementations. Those skilled in the art can combine the embodiments of the present application to obtain other embodiments without inventive work, and these embodiments are also within the scope of the present application.
In the Linux operating system, when a request for data transmission is initiated between a client and a server, a random port can be called to realize communication with a port of the server. In the process of establishing communication, when communication cannot be normally established due to some factors, the number of connections in some states is abnormal. If the operation and maintenance personnel can not find the operation and maintenance personnel in time, the normal operation of the system can be influenced. However, the current monitoring scheme only monitors the number of ports and the number of state connections used by the TCP protocol-based system under IPv 4. With the popularization of the IPv6 address and the use of a part of applications to UDP protocol ports, the current monitoring method cannot monitor the system using the IPv6 address and the UDP protocol, so that operation and maintenance personnel cannot find problems in time, and the normal operation and maintenance of the system are affected.
Based on this, the embodiment of the application provides a monitoring method for an operating system, so as to monitor the operating system more comprehensively, and improve the operation and maintenance efficiency of the system. In specific implementation, communication information corresponding to data transmission performed by the system is obtained, where the communication information includes a connection number and a first random port usage number, the first connection number is a number of connections established for data transmission, and the first random port usage number is a number of random ports used for data transmission. And then judging whether the first connection quantity and the first random port use quantity meet preset conditions or not, and when at least one of the first connection quantity and the first random port use quantity does not meet the preset conditions, giving an alarm by the system so that operation and maintenance personnel can find problems in time and maintain the system. By the monitoring method of the operating system, the operating system using the TCP/UDP protocol under IPv4/IPv6 can be monitored, the problem that monitoring of IPv6 and UDP protocol ports cannot be performed at present is solved, when monitoring indexes do not meet requirements, an alarm can be given, operation and maintenance personnel can find the problems conveniently in time, and the operation and maintenance efficiency of the system is improved.
The following describes a monitoring method for an operating system provided in an embodiment of the present application with reference to the accompanying drawings.
Referring to fig. 1, fig. 1 is a flowchart of a monitoring method for an operating system according to an embodiment of the present disclosure.
The method mainly comprises the following steps:
s101: the method comprises the steps of obtaining communication information corresponding to data transmission of a system, wherein the communication information comprises a first connection quantity and a first random port use quantity, the first connection quantity is the quantity of connections established for data transmission, and the first random port use quantity is the quantity of random ports used for data transmission.
In an operating system, when data is transmitted between the system and an external device, the system needs to call a random port to establish a data transmission channel with a port of the external device so as to send and receive data. The random port is a port automatically acquired by protocols such as TCP, UDP and the like from a range of a preset random port through TCP/IP bottom layer software, and is generally provided for a client in client/server communication.
The TCP protocol is a connection-oriented, reliable, byte stream-based transport layer communication protocol, so that not only a random port needs to be called, but also a connection with other devices needs to be established to realize data transmission when data transmission is performed. The UDP is a connectionless transport layer protocol, provides a transaction-oriented simple unreliable information transfer service, and can implement data transmission without establishing a connection.
Because the computing resources of the operating system are limited, the normal operation of the system is affected when the number of the established connections exceeds a certain range or the number of the used random ports is too large, communication information corresponding to the data transmission of the system is required to be acquired, and the system operation is monitored according to the communication information. When the communication with other equipment occupies too much system resources, the alarm can be given to the operation and maintenance personnel to find problems in time, maintain the system and improve the operation and maintenance efficiency of the system. A method of monitoring the system after acquiring the communication information will be described below.
S102: and judging whether the first connection quantity and the first random port use quantity meet preset conditions or not.
S103: and when at least one of the first connection quantity and the first random port use quantity does not meet the preset condition, alarming.
After the communication information of the system is acquired, the total connection number of the system and the using number of the random ports are respectively judged, and when at least one of the connection number and the using number of the random ports does not meet a preset condition, the system gives an alarm.
The following describes a monitoring method of the operating system with respect to the first connection number and the first random port usage number, respectively.
In a possible implementation manner, the monitoring method provided by the embodiment of the present application may be applied to a Linux operating system, and for the Linux operating system, there is a file handle limit, that is, the maximum number of handles. The Handle (Handle) is an identifier for identifying an object or an item, and may be used to describe a form, a file, and the like, and different numbers of handles are required to be occupied when a system establishes a connection. If the number of handles used by the system exceeds the maximum number of handles, an error of the 'to _ any _ open files' may be reported, and the system cannot operate normally. Here, "files" not only means files, but also includes open communication links, ports being monitored, and the like. Therefore, when monitoring the system, the maximum number of handles allowed by the system needs to be acquired, and whether the number of the first connections established by the system affects the normal operation of the system is judged.
In specific implementation, a first ratio between the first connection number and the maximum handle number of the system may be calculated, the handle utilization rate is represented, and then the first ratio is compared with a first preset threshold to determine whether the first ratio is smaller than the first preset threshold. If the first ratio is smaller than the first preset threshold, the current system is in a normal operation state, and operation and maintenance personnel are not required to maintain the system. If the first ratio is larger than or equal to the first preset threshold, the first connection quantity established by the current system influences the normal operation of the system, and the system gives an alarm prompt to indicate that the current system cannot normally operate. In a possible implementation manner, when the system gives an alarm, the first connection number and the first ratio of the system can be output and displayed, so that operation and maintenance personnel can maintain the system more clearly, and the operation and maintenance efficiency of the system is improved.
The system is monitored by calculating the ratio of the first connection quantity to the maximum handle quantity, so that the utilization rate of system resources can be controlled more strictly, and the normal operation of the system can be better ensured. When the monitoring of the handle utilization rate of the system is less strict, the first connection number of the system can be directly compared with the maximum handle number, and if the first connection number is smaller than the maximum handle number, the system can normally operate; if the first number of connections is greater than or equal to the maximum number of handles, the system alerts. Similarly, the first connection number and the maximum handle number can be output when the alarm is given, so that the operation and maintenance personnel can maintain the system.
Because the prior art can only monitor the use condition of the port based on the TCP under the IPv4, the current monitoring method cannot meet the requirement along with the popularization of IPv6 and the use of part of applications to UDP protocol ports. The method provided by the embodiment can realize system monitoring based on a TCP protocol or a UDP protocol under IPV4/IPv 6.
Since IPv4 and IPv6 internet protocol versions may be used simultaneously in an operating system, the system needs to be monitored under IPv4 and IPv6, respectively. Therefore, it is necessary to first obtain the ip version of the system, and then obtain the total number of random ports of the system under the target transport protocol based on the ip version type of the system. The total number of random ports may be determined according to a range of random ports set in the configuration file. In the embodiment of the present application, the target transmission protocol may include: the method and the device have the advantages that the transmission control protocol TCP and the user datagram protocol UDP are adopted, namely, the random port use condition of the monitoring system under the TCP protocol and the UDP protocol can be realized.
When the TCP protocol and the UDP protocol are used simultaneously in the system, the number of the first random ports includes both the number of the random ports used under the TCP protocol and the number of the random ports used under the UDP protocol, so that the number of the second random ports used under the target transport protocol, which may be the TCP protocol or the UDP protocol, needs to be obtained based on the number of the first ports used. And then judging whether the using number of the second random ports meets a preset condition or not based on the total number of the random ports and the obtained using number of the second random ports. When the system monitors the usage of the random ports strictly, a possible implementation manner is to calculate a second ratio between the total number of the random ports and the usage number of the second random ports, that is, to indicate the usage rate of the random ports, and determine whether the second ratio is smaller than a second preset threshold. If the second ratio is smaller than a second preset threshold, the system is in a normal operation state, and if the second ratio is larger than or equal to the second preset threshold, an alarm prompt is performed. Optionally, when the system alarms, the second ratio can be output, so that operation and maintenance personnel can conveniently operate and maintain the system according to the utilization rate of the random port. When the system monitors the using condition of the random ports less strictly, another possible implementation manner is that the size of the using number of the second random ports and the total number of the random ports can be compared, and when the using number of the second random ports is smaller than the total number of the random ports, it is indicated that the system can also operate normally, and no alarm is given. And when the using quantity of the second random ports exceeds the total quantity of the random ports, alarming.
When the target transmission protocol of the system is the TCP protocol, the TCP protocol is a connection-oriented transport layer communication protocol, and a connection needs to be established when data transmission is performed. In the process of normally establishing the connection, the number of connections in each state is a normal value, for example, a LISTEN state, a SYN-send state, a SYN-RCVD (synchronous receive) state, and the like. Based on this, the embodiment of the present application further provides a possible way to obtain a second number of connections in a target state under the TCP protocol, where the target state does not include an ESTABLISHED connection state and a TIME-WAIT state, because both states are states that would be ESTABLISHED when the communication is normal. And then comparing the second connection number in the target state with a third preset threshold, and if the second connection number is smaller than the third preset threshold, indicating that the connection number in the target state is normal. And if the number of the connections in the target state is larger than the third preset threshold, indicating that the number of the connections in the target state is abnormal, and alarming. And during alarming, the second connection quantity can be output, so that operation and maintenance personnel can maintain the system according to the abnormal connection of the target state, and the operation and maintenance efficiency of the system is improved.
In a possible implementation manner, the monitoring method of the operating system provided in the above embodiment may be implemented by a method of writing a script, the script is deployed in the system, and the script is called at regular time to monitor the system. The script can also be deployed in a third-party system, and different operating systems can call the script regularly to realize monitoring of the system per se, so that operation and maintenance personnel can maintain the system according to the monitoring result.
The monitoring method of the operating system provided by the embodiment of the application can be used for monitoring the operating system using the TCP/UDP protocol under IPv4/IPv6, and solves the problem that the monitoring method cannot be used for IPv6 and UDP protocol ports at present. When the monitoring index does not meet the requirement, an alarm can be given, operation and maintenance personnel can find problems conveniently in time, and the operation and maintenance efficiency of the system is improved.
Based on the above method embodiment, the embodiment of the present application further provides a monitoring method for an operating system. Referring to fig. 2, fig. 2 is a flowchart of another monitoring method for an operating system according to an embodiment of the present application.
When a script is run, a preset first threshold, a preset second threshold, a preset third threshold and a preset fourth threshold may be loaded, where the first threshold is used to limit a handle usage rate, the second threshold is used to limit a port usage rate under a TCP protocol, the third threshold is used to limit a port usage rate under a UDP protocol, and the fourth threshold is used to limit a connection number of a target state under the TCP protocol.
In a possible implementation manner, the total connection number and the maximum handle number of the system may be obtained, a ratio of the connection number to the maximum handle number, that is, a utilization rate of the handle, is calculated, whether the ratio is smaller than a first threshold value or not is judged, and if not, an alarm is given.
When the system simultaneously uses IPv4 and IPv6, the system is monitored under IPv4 and IPv6 respectively. Determining the type of a transmission protocol used by the system, and when the transmission protocol comprises a TCP protocol and a UDP protocol, respectively monitoring the use condition of a random port under the TCP protocol and the UDP protocol. Specifically, for the TCP protocol, the total number of random ports and the number of ports used under the TCP protocol are obtained, then a ratio of the total number of random ports to the number of ports used is calculated, whether the ratio is smaller than a second threshold value or not is judged, and if not, an alarm is given. And aiming at the UDP protocol, acquiring the total number of the random ports and the number of the ports used under the UDP protocol, then calculating the ratio of the total number of the random ports and the number of the ports used, judging whether the ratio is smaller than a third threshold value, and if not, giving an alarm.
Since the TCP protocol is a connection-oriented transport protocol, it is also possible to monitor the number of connections in different states. Specifically, the number of connections in a target state under the TCP protocol is obtained, whether the number of connections is smaller than a fourth threshold is judged, and if not, an alarm is given.
It should be noted that, the embodiment of the present application does not limit the sequence of monitoring and determining each index in the system.
Based on the above method embodiment, the present application embodiment further provides a monitoring device for an operating system, and the working principle of the monitoring device will be described below with reference to the accompanying drawings.
Referring to fig. 3, fig. 3 is a schematic diagram of a monitoring device of an operating system according to an embodiment of the present application.
The apparatus 300 comprises: an acquisition module 301, a judgment module 302 and an alarm module 303;
the obtaining module 301 is configured to obtain communication information corresponding to data transmission performed by a system, where the communication information includes a first connection number and a first random port usage number, the first connection number is a number of connections established for performing data transmission, and the first random port usage number is a number of random ports used for performing data transmission;
the determining module 302 is configured to determine whether the first connection number and the first random port usage number satisfy a preset condition;
the alarm module 303 is configured to alarm when at least one of the first connection number and the first random port usage number does not satisfy the preset condition.
In a possible implementation manner, the determining module 302 is specifically configured to obtain the maximum number of handles of the system; determining a first ratio between the first number of connections and the maximum number of handles; and judging whether the first ratio is smaller than a first preset threshold value.
In a possible implementation manner, the determining module 302 is specifically configured to obtain an internet protocol version of the system, where the internet protocol version includes IPv4 or IPv 6; based on the Internet protocol version, acquiring the total number of random ports of the system under a target transmission protocol; acquiring the using quantity of second random ports under the target transmission protocol based on the using quantity of the first random ports; and judging whether the second random port using number meets the preset condition or not based on the total number of the random ports and the second random port using number.
In one possible implementation, the target transport protocol includes a transmission control protocol TCP or a user datagram protocol UDP.
In a possible implementation manner, the determining module 302 is specifically configured to determine a second ratio between the total number of the random ports and the usage number of the second random ports; and judging whether the second ratio is smaller than a second preset threshold value.
In a possible implementation manner, when the target transport protocol is TCP, the obtaining module 301 is further configured to obtain a second connection number in a target state under TCP;
the warning module 303 is further configured to perform a warning when the second connection number is greater than or equal to a third preset threshold.
The monitoring device of the operating system provided in the embodiment of the present application has the beneficial effects that reference is made to the above method embodiment, which is not described herein again.
Based on the method embodiment and the device embodiment, the embodiment of the application also provides a monitoring device of the operating system. Fig. 4 is a schematic diagram of a monitoring device of an operating system according to an embodiment of the present application.
The apparatus 400 comprises: a memory 401 and a processor 402;
the memory 401 is used for storing relevant program codes;
the processor 402 is configured to call the program code to perform the monitoring method of the operating system according to the above method embodiment.
In addition, an embodiment of the present application further provides a computer-readable storage medium, where the computer-readable storage medium is used to store a computer program, and the computer program is used to execute the monitoring method of the operating system in the foregoing method embodiment.
Embodiments of the present application further provide a computer program product, where the computer program product includes a program, and when the program runs on a processor, the program causes a computer or a network device to execute the monitoring method for an operating system in the foregoing method embodiments.
It should be noted that, in the present specification, the embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. In particular, for system or apparatus embodiments, since they are substantially similar to method embodiments, they are described relatively simply, and reference may be made to some descriptions of method embodiments for related portions. The above-described embodiments of the apparatus are merely illustrative, where units or modules described as separate components may or may not be physically separate, and components displayed as the units or modules may or may not be physical modules, that is, may be located in one place, or may also be distributed on multiple network units, and some or all of the units or modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement without inventive effort.
It should be understood that, in this application, "at least one" means one or more, "a plurality" means two or more. "and/or" is used to describe the association relationship of the associated object, indicating that there may be three relationships, for example, "a and/or B" may indicate: only A, only B and both A and B are present, wherein A and B may be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of single item(s) or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A method for monitoring an operating system, the method comprising:
acquiring communication information corresponding to data transmission of a system, wherein the communication information comprises a first connection quantity and a first random port use quantity, the first connection quantity is the quantity of connections established for data transmission, and the first random port use quantity is the quantity of random ports used for data transmission;
judging whether the first connection quantity and the first random port use quantity meet preset conditions or not;
and when at least one of the first connection quantity and the first random port use quantity does not meet the preset condition, giving an alarm.
2. The method according to claim 1, wherein the determining whether the first connection number satisfies a preset condition includes:
acquiring the maximum handle number of the system;
determining a first ratio between the first number of connections and the maximum number of handles;
and judging whether the first ratio is smaller than a first preset threshold value.
3. The method according to claim 1, wherein the determining whether the first random port usage number satisfies a preset condition comprises:
acquiring an internet protocol version of the system, wherein the internet protocol version comprises IPv4 or IPv 6;
based on the Internet protocol version, acquiring the total number of random ports of the system under a target transmission protocol;
acquiring the using quantity of second random ports under the target transmission protocol based on the using quantity of the first random ports;
and judging whether the second random port using number meets the preset condition or not based on the total number of the random ports and the second random port using number.
4. The method of claim 3, wherein the target transport protocol comprises a Transmission Control Protocol (TCP) or a User Datagram Protocol (UDP).
5. The method according to claim 3, wherein said determining whether the second random port usage number satisfies the preset condition based on the total random port number and the second random port usage number comprises:
determining a second ratio between the total number of random ports and the second number of random port usages;
and judging whether the second ratio is smaller than a second preset threshold value.
6. The method of claim 4, wherein when the target transport protocol is TCP, the method further comprises:
acquiring a second connection quantity in a target state under the TCP;
and when the second connection quantity is greater than or equal to a third preset threshold value, alarming.
7. An operating system monitoring apparatus, the apparatus comprising: the device comprises an acquisition module, a judgment module and an alarm module;
the acquisition module is configured to acquire communication information corresponding to data transmission performed by a system, where the communication information includes a first connection number and a first random port usage number, the first connection number is the number of connections established for performing data transmission, and the first random port usage number is the number of random ports used for performing data transmission;
the judging module is used for judging whether the first connection quantity and the first random port use quantity meet preset conditions or not;
and the alarm module is used for giving an alarm when at least one of the first connection quantity and the first random port use quantity does not meet the preset condition.
8. A monitoring device for an operating system, the device comprising: a memory and a processor;
the memory is for storing associated program code;
the processor is configured to call the program code to perform the monitoring method of the operating system according to any one of claims 1 to 6.
9. A computer-readable storage medium for storing a computer program for executing the method for monitoring an operating system according to any one of claims 1 to 6.
10. A computer program product, characterized in that it contains a program which, when run on a processor, causes a computer or a network device to execute the method of monitoring an operating system of any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210295215.5A CN114760220A (en) | 2022-03-24 | 2022-03-24 | Monitoring method, device and equipment of operating system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210295215.5A CN114760220A (en) | 2022-03-24 | 2022-03-24 | Monitoring method, device and equipment of operating system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114760220A true CN114760220A (en) | 2022-07-15 |
Family
ID=82327759
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210295215.5A Pending CN114760220A (en) | 2022-03-24 | 2022-03-24 | Monitoring method, device and equipment of operating system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114760220A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050027858A1 (en) * | 2003-07-16 | 2005-02-03 | Premitech A/S | System and method for measuring and monitoring performance in a computer network |
| US20060233175A1 (en) * | 2005-03-30 | 2006-10-19 | Yi Ge | Traffic balancing apparatus and method, and network forwarding apparatus and method using the same |
| CN103491354A (en) * | 2013-10-10 | 2014-01-01 | 国家电网公司 | System operation monitoring and controlling visual platform |
| CN109889399A (en) * | 2018-12-15 | 2019-06-14 | 中国平安人寿保险股份有限公司 | RocketMQ client connection number monitoring method, device, electronic equipment and storage medium |
| CN112346924A (en) * | 2020-09-21 | 2021-02-09 | 西安交大捷普网络科技有限公司 | Server monitoring method and system |
| CN112506920A (en) * | 2020-11-13 | 2021-03-16 | 中信银行股份有限公司 | Information unified collecting and monitoring method and system for multiple financial systems |
| CN114048099A (en) * | 2021-11-15 | 2022-02-15 | 中国建设银行股份有限公司 | Java application monitoring method and device, storage medium and electronic equipment |
-
2022
- 2022-03-24 CN CN202210295215.5A patent/CN114760220A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050027858A1 (en) * | 2003-07-16 | 2005-02-03 | Premitech A/S | System and method for measuring and monitoring performance in a computer network |
| US20060233175A1 (en) * | 2005-03-30 | 2006-10-19 | Yi Ge | Traffic balancing apparatus and method, and network forwarding apparatus and method using the same |
| CN103491354A (en) * | 2013-10-10 | 2014-01-01 | 国家电网公司 | System operation monitoring and controlling visual platform |
| CN109889399A (en) * | 2018-12-15 | 2019-06-14 | 中国平安人寿保险股份有限公司 | RocketMQ client connection number monitoring method, device, electronic equipment and storage medium |
| CN112346924A (en) * | 2020-09-21 | 2021-02-09 | 西安交大捷普网络科技有限公司 | Server monitoring method and system |
| CN112506920A (en) * | 2020-11-13 | 2021-03-16 | 中信银行股份有限公司 | Information unified collecting and monitoring method and system for multiple financial systems |
| CN114048099A (en) * | 2021-11-15 | 2022-02-15 | 中国建设银行股份有限公司 | Java application monitoring method and device, storage medium and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9124621B2 (en) | Security alert prioritization | |
| US8341262B2 (en) | System and method for managing the offload type for offload protocol processing | |
| US10445167B1 (en) | Automated method and system for diagnosing load performance issues | |
| CN108449239B (en) | Heartbeat packet detection method, device, equipment and storage medium | |
| CN107404541B (en) | Method and system for selecting neighbor node in peer-to-peer network transmission | |
| CN112367345B (en) | Data processing method, server device and computer readable storage medium | |
| CN110336848B (en) | Scheduling method, scheduling system and scheduling equipment for access request | |
| CN110086643B (en) | Risk identification method, terminal and storage medium | |
| CN112463772B (en) | Log processing method and device, log server and storage medium | |
| CN104021141A (en) | Method, device and system for data processing and cloud service | |
| JP2002342182A (en) | Support system for operation management in network system | |
| CN111756713A (en) | Network attack identification method and device, computer equipment and medium | |
| US20160080202A1 (en) | Sparsification of pairwise cost information | |
| CN114760220A (en) | Monitoring method, device and equipment of operating system | |
| CN112468573A (en) | Data pushing method, device, equipment and storage medium | |
| US11212204B2 (en) | Method, device and system for monitoring node survival state | |
| US11595419B2 (en) | Communication monitoring system, communication monitoring apparatus, and communication monitoring method | |
| CN111444074A (en) | Data monitoring method and device, electronic equipment and readable storage medium | |
| US20050198640A1 (en) | Methods, systems and computer program products for selecting among alert conditions for resource management systems | |
| US8020033B2 (en) | Logical entity fault isolation in network systems management | |
| CN111371668B (en) | Method, device, equipment and storage medium for periodically sending based on free ARP | |
| CN114567524A (en) | Communication system and method based on dynamic gateway | |
| CN110958128B (en) | Alarm reporting scheduling method and device | |
| CN108965261B (en) | Information processing method and device, storage medium, and electronic device | |
| CN113472567B (en) | Network SLA calculation method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |