CN115544566A

CN115544566A - Log desensitization method, device, equipment and storage medium

Info

Publication number: CN115544566A
Application number: CN202211242441.3A
Authority: CN
Inventors: 王锡平
Original assignee: Weikun Shanghai Technology Service Co Ltd
Current assignee: Weikun Shanghai Technology Service Co Ltd
Priority date: 2022-10-11
Filing date: 2022-10-11
Publication date: 2022-12-30

Abstract

The invention relates to a data security technology, and discloses a log desensitization method, which comprises the following steps: acquiring a log to be printed, and performing standard processing on the log to be printed to obtain a standard log to be printed; gathering standard logs to be printed to obtain a standard log set to be printed, splitting the standard log set to be printed according to a log format to obtain a log template index set and a log message set to be printed; analyzing a log message set to be printed by using a preset log analysis algorithm to obtain a log template set and a sensitivity label set of the log template; and selecting a sensitive information shielding rule according to the log template index set and the sensitivity label set, desensitizing the log to be printed to obtain log information to be written, and writing the log information into a preset format file to obtain a desensitized log file. In addition, the invention also relates to a block chain technology, and the test report can be stored in the node of the block chain. The invention also provides a log desensitization device, an electronic device and a storage medium. The invention can improve the desensitization efficiency of the log.

Description

Log desensitization method, device, equipment and storage medium

Technical Field

The invention relates to the technical field of data security, in particular to a log desensitization method, a log desensitization device, electronic equipment and a computer-readable storage medium.

Background

As data security becomes a national legal requirement, protection of client personal sensitive information, including name, mobile phone number, mailbox, home address, identification number, etc., becomes a requirement that must be considered for application development. If the security awareness of developers is insufficient, the sensitive information of customers is often directly printed in an application log for facilitating the requirement of fault debugging. Therefore, the client sensitive information on the application log is easy to be inquired and utilized by malicious personnel, and becomes a way for information leakage of each user, thereby bringing serious security risk to enterprises. In order to protect client sensitive information, desensitization of the clear text sensitive information in the application log is necessary.

The prior log desensitization technical scheme generally provides a log desensitization framework, corresponding desensitization rules are designated according to different sensitive information types, developers process logs to be printed according to the desensitization rules, and finally output desensitized logs, and the scheme has two problems: 1. the system modification period is long, and the modification depends on the consciousness of developers; 2. log desensitization omission easily occurs, and test manpower is required to be invested for log full-scale inspection, so that log desensitization efficiency is low.

Disclosure of Invention

The invention provides a log desensitization method, a log desensitization device and a computer-readable storage medium, and mainly aims to solve the problem of low efficiency in UI test.

In order to achieve the above object, the present invention provides a log desensitization method, including:

acquiring a log to be printed of an application program, standardizing the log to be printed according to a preset log configuration standard, and obtaining a standard log to be printed;

converging the standard logs to be printed to obtain a standard log set to be printed, and splitting the standard log set to be printed according to a log format to obtain a log template index set and a log message set to be printed;

analyzing the log message set to be printed by using a preset log analysis algorithm to obtain a log template set and a sensitivity label set of the log template;

and selecting a sensitive information shielding rule according to the log template index set and the sensitive information shielding rule, desensitizing the log to be printed according to the log template set and the sensitive information shielding rule to obtain log information to be written, and writing the log information to be written into a preset format file to obtain a desensitized target log file.

Optionally, the analyzing, by using a preset log analysis algorithm, the log message set to be printed to obtain a log template set and a sensitivity label set of the log template, including:

analyzing the log message set to be printed into a log template set and a target parameter set by using a preset log analysis algorithm;

identifying sensitive data in the target parameter set, and classifying the sensitive data to obtain a sensitive data category;

and carrying out sensitivity marking on the log template set corresponding to the log template index based on the sensitive data category to obtain a sensitivity label set of the log template set.

Optionally, the classifying the sensitive data to obtain a sensitive data category includes:

performing word segmentation quantization processing on the sensitive data to obtain a sensitive data text vector set;

performing convolution operation and maximum pooling operation on the sensitive data text vector set, and extracting a feature vector set of the sensitive data text vector set;

and classifying the feature vector set by using a preset classifier according to a preset labeling category to obtain a sensitive data category.

Optionally, the identifying sensitive data in the target parameter includes:

extracting a log keyword of the target parameter;

confirming whether corresponding matching data exist in the log keywords or not based on a regular expression in a preset detection and sensitivity component;

and when corresponding matching data exists, using the matching data as sensitive data.

Optionally, before the regular expression in the preset-based sensitivity detection component, the method further includes:

receiving request information corresponding to the log to be printed, and analyzing the request information to obtain an identity of an accessor;

determining the authority type corresponding to the visitor according to the visitor identity;

and selecting a preset detection and sensitivity component according to the permission type.

Optionally, the desensitizing the log to be printed according to the log template set and the sensitive information shielding rule to obtain log information to be written includes:

determining a field to be desensitized in the log to be printed based on the sensitive information shielding rule and the log template set;

desensitizing the field to be desensitized based on the sensitive information shielding rule to generate log information to be written, wherein the desensitizing is encryption processing, fuzzy processing and replacement processing.

Optionally, standardizing the log to be printed according to a preset log configuration specification to obtain a log to be printed according to the preset log configuration specification, where the standardizing includes:

adding the type and the number of lines of the log to be printed into the log to be printed, and taking the type and the number of lines of the log to be printed as a log template index to obtain the log to be printed with the index;

configuring an output format of the log to be printed according to a preset log configuration specification;

and generating a standard log to be printed according to the output format and the log to be printed with the index.

In order to solve the above problem, the present invention also provides a logging desensitization apparatus, including:

the log specification module is used for acquiring logs to be printed of the application program, standardizing the logs to be printed according to preset log configuration specifications and obtaining standard logs to be printed;

the log splitting module is used for converging the standard logs to be printed to obtain a standard log set to be printed, splitting the standard log set to be printed according to a log format to obtain a log template index set and a log message set to be printed;

the log analysis module is used for analyzing the log message set to be printed by utilizing a preset log analysis algorithm to obtain a log template set and a sensitivity label set of the log template;

and the log desensitization module is used for selecting a sensitive information shielding rule according to the log template index set and the sensitive label set, desensitizing the log to be printed according to the log template set and the sensitive information shielding rule to obtain log information to be written, and writing the log information to be written into a preset format file to obtain a desensitized target log file.

In order to solve the above problem, the present invention also provides an electronic device, including:

at least one processor; and the number of the first and second groups,

a memory communicatively coupled to the at least one processor; wherein,

the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the method of desensitizing logging described above.

To solve the above problem, the present invention also provides a computer-readable storage medium having at least one computer program stored therein, the at least one computer program being executed by a processor in an electronic device to implement the log desensitization method described above.

According to the embodiment of the invention, the log to be printed of the application program is obtained, and the log to be printed is standardized according to the preset log configuration standard, so that the log standardization is beneficial to improving the subsequent analysis processing efficiency of the log to be printed; converging the standard logs to be printed to obtain a standard log set to be printed, and splitting the standard log set to be printed according to a log format to obtain a log template index set and a log message set to be printed; analyzing the log message set to be printed by using a preset log analysis algorithm to obtain a log template set and a sensitivity label set of the log template, automatically identifying sensitive data by using the algorithm, and improving log desensitization efficiency without manually checking sensitive data in the log by developers; according to the log template index set and the sensitivity label set, a sensitivity information shielding rule is selected, the log to be printed is desensitized according to the log template set and the sensitivity information shielding rule, log information to be written is obtained, the log information to be written is written into a preset format file, a desensitized target log file is obtained, different sensitivity information shielding rules can be selected according to different log template index sets and sensitivity label sets, and the appropriate sensitivity information shielding rule can be selected to desensitize sensitive data of the log in no test scene or an online scene, so that log desensitization efficiency is improved. Therefore, the log desensitization method, the log desensitization device, the electronic equipment and the computer readable storage medium provided by the invention can solve the problem of low log desensitization efficiency.

Drawings

Fig. 1 is a schematic flowchart of a log desensitization method according to an embodiment of the present invention;

FIG. 2 is a flowchart illustrating a detailed implementation of one of the steps in the desensitization method of the log shown in FIG. 1;

FIG. 3 is a schematic diagram illustrating another detailed implementation of another step in the desensitization method of logging shown in FIG. 1;

FIG. 4 is a functional block diagram of a logging desensitization apparatus according to an embodiment of the present invention;

fig. 5 is a schematic structural diagram of an electronic device for implementing the method for desensitizing logs according to an embodiment of the present invention.

The implementation, functional features and advantages of the objects of the present invention will be further explained with reference to the accompanying drawings.

Detailed Description

It should be understood that the specific embodiments described herein are merely illustrative of the invention and do not limit the invention.

The embodiment of the application provides a log desensitization method. The execution subject of the logging desensitization method includes, but is not limited to, at least one of electronic devices such as a server and a terminal that can be configured to execute the method provided in the embodiments of the present application. In other words, the logging desensitization method may be executed by software or hardware installed in the terminal device or the server device, and the software may be a block chain platform. The server includes but is not limited to: a single server, a server cluster, a cloud server or a cloud server cluster, and the like. The server may be an independent server, or may be a cloud server that provides basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a Content Delivery Network (CDN), a big data and artificial intelligence platform, and the like.

Referring to fig. 1, a schematic flow chart of a log desensitization method according to an embodiment of the present invention is shown.

In this embodiment, the log desensitization method includes:

s1, obtaining a log to be printed of an application program, standardizing the log to be printed according to a preset log configuration standard, and obtaining a log to be printed.

In the embodiment of the present invention, when a print log request is received, a log to be printed of an application program is obtained, where the print log request carries an identifier of an accessor, the identifier of the accessor may be identifier information of a client, and the identifier information of the client may be a client ID or an ID for a user to log in, which is not limited herein.

In detail, the standardizing the log to be printed according to the preset log configuration specification in S1 to obtain a log of the specification to be printed includes:

adding the type and the line number of the log to be printed into the log to be printed, and taking the type and the line number of the log to be printed as a log template index to obtain the log to be printed with the index;

configuring the output format of the log to be printed according to a preset log configuration specification;

In the embodiment of the invention, the log to be printed is normalized by using the preset log configuration specification, which is beneficial to improving the subsequent analysis processing efficiency of the log to be printed.

S2, converging the standard logs to be printed to obtain a standard log set to be printed, splitting the standard log set to be printed according to a log format to obtain a log template index set and a log message set to be printed.

In the embodiment of the invention, the to-be-printed canonical log can be converged by using the Elasticissearch server to obtain a to-be-printed canonical log set.

And further splitting the standard log set to be printed according to the log format to obtain a log set consisting of a log template index, the log message to be printed and log recording time.

And S3, analyzing the log message set to be printed by utilizing a preset log analysis algorithm to obtain a log template set and a sensitivity label set of the log template.

The preset log analysis algorithm comprises a log analysis algorithm and a sensitivity detection algorithm, and the sensitivity detection algorithm can be realized by a regular expression in a preset sensitivity detection component.

In the embodiment of the invention, a preset log analysis algorithm is utilized to analyze the log message to be printed to obtain a structured log, wherein the structured log comprises a constant and a variable, and the constant is a text written by a developer, such as the log template; the variable is a value of a dynamic runtime program variable, such as the target parameter.

In detail, referring to fig. 2, the S3 includes:

s31, analyzing the log message set to be printed into a log template set and a target parameter set by using a preset log analysis algorithm;

s32, identifying the sensitive data in the target parameter set, and classifying the sensitive data to obtain a sensitive data category;

and S33, carrying out sensitivity marking on the log template set corresponding to the log template index based on the sensitive data category to obtain a sensitivity label set of the log template set.

The preset log analysis algorithm can be any one of a Drain algorithm and a Spell algorithm.

Further, the identifying sensitive data in the target parameter in S32 includes:

extracting a log keyword of the target parameter;

confirming whether corresponding matching data exist in the log keywords or not based on a regular expression in a preset detection-sensitive component;

and when corresponding matching data exists, taking the matching data as sensitive data.

In the embodiment of the invention, the log keywords can be identification numbers, mobile phone numbers, bank card numbers, house addresses and the like.

In the embodiment of the present invention, the regular expression in the preset sensing component may detect a regular sensitive word, for example: name, cell phone number, house address, office address, identification number, etc.

In the embodiment of the present invention, the regular expression is also called a regular expression, english is RegularExpression, and is often abbreviated as regex, regexp, or RE in computer program codes. The regular expression is a logic formula for operating on character strings, and is a 'regular character string' formed by using predefined characters and combinations of the characters, and used for expressing a filtering logic for the character strings, wherein the character strings comprise common characters and special characters. Wherein, common characters, such as letters between a and z, and special characters, also called "meta characters", are a group of characters that have special purpose in regular expressions but do not represent the meaning of their own characters, such as: and the characters are ^ a, { character over character } +, and the like.

In the embodiment of the invention, the regular expressions comprise a name regular expression, a mobile phone number regular expression, a mailbox regular expression, a house address regular expression, an office regular expression, an identity card number regular expression and the like, and the types of the regular expressions can be customized according to actual requirements.

Further, before the regular expression in the preset-based sensitive component, the method further includes:

determining the authority type corresponding to the visitor according to the identity of the visitor;

and selecting a preset sensitive detection component according to the permission type.

In the embodiment of the invention, the authority types comprise a completely authorized user, a partially authorized user or a completely limited user; the completely authorized user does not desensitize the log to be printed, and the method can be convenient for an authoritative surveying organ to acquire complete log information; if the part authorizes the user, desensitizing the part of sensitive content of the log to be printed; and the completely-restricted user performs desensitization processing on all sensitive contents of the log to be printed, for example, the completely-restricted user needs to completely restrict all contents of a name, a mobile phone number, a mailbox, a house address, an office address and an identity card number, namely, all contents of the name, the mobile phone number, the mailbox, the house address, the office address and the identity card number in the log to be printed are shielded, and a part of authorized users only need to shield part of preset contents, such as the identity card number, the mobile phone number and the like, and only part of information in the sensitive contents can be shielded during shielding.

Further, the classifying the sensitive data in S32 to obtain a sensitive data category includes:

performing word segmentation and quantization processing on the sensitive data to obtain a sensitive data text vector set;

In the embodiment of the present invention, CNN (Convolutional Neural Networks) may be used to classify the sensitive data. Wherein the CNN comprises a convolutional layer, a pooling layer, and a full-link layer. In detail, in the embodiment of the present invention, the convolution layer is used to perform convolution operation on the sensitive data text vector set, a feature matrix of the sensitive data is extracted, the pooling layer is used to perform downsampling on the feature matrix to obtain features of the sensitive data, and a classifier in the full connection layer is used to classify the feature vector set of the sensitive data.

In an embodiment of the present invention, the sensitive data categories include: machine number, identification card number, bank card number, etc.

In the embodiment of the invention, sensitive data is automatically identified by using an algorithm, developers do not need to manually check the sensitive data in the log, and the log desensitization efficiency is improved.

S4, selecting a sensitive information shielding rule according to the log template index set and the sensitive information shielding rule, desensitizing the log to be printed according to the log template set and the sensitive information shielding rule to obtain log information to be written, and writing the log information to be written into a preset format file to obtain a desensitized target log file.

According to the embodiment of the invention, the sensitive information shielding rule is selected according to the log template index set and the sensitivity label set, so that the different sensitive information shielding rules can be accurately selected according to different log contents, and the improvement of the log desensitization accuracy is facilitated.

In detail, referring to fig. 3, in S4, desensitizing the log to be printed according to the log template set and the sensitive information shielding rule to obtain log information to be written includes:

s41, determining a field to be desensitized in the log to be printed based on the sensitive information shielding rule and the log template set;

and S42, desensitizing the field to be desensitized based on the sensitive information shielding rule to generate log information to be written, wherein the desensitizing process comprises encryption, fuzzy and replacement.

In the embodiment of the invention, different desensitization rules can be customized according to different visitor identity identifications, the authority type corresponding to the visitor is determined according to the visitor identity identification, the sensitive information shielding rule is obtained according to different authority types, the log template index set and the sensitivity label set, and the desensitization rule is selected to desensitize the log to be printed.

In the embodiment of the present invention, for example, the sensitive information masking rule is "first 3 bits and last 4 bits of telephone numbers are reserved," the remaining telephone numbers are encrypted "and" first 6 bits of identification numbers are reserved, the remaining identification numbers are replaced with random characters, "the log to be printed includes the telephone number 1376666666666 and the identification number 110000202010101010, the telephone numbers are encrypted and desensitized according to the sensitive information masking rule of the telephone numbers, log information to be written is generated as 177 # #6666, the identification numbers are replaced and desensitized according to the sensitive information masking rule of the identification numbers, log information to be written is generated as 110000# # #, the random replacement characters are used for desensitizing when the identification numbers are replaced, and in other embodiments, other random replacement characters may be used for performing replacement, for example," # ", when the identification numbers are replaced with random replacement characters, the # # is used for desensitizing, and the # # information to be written is generated after 110000# # # # # # #.

In the embodiment of the present invention, the desensitization processing of the sensitive information shielding rule is a combined processing mode of any one or more of the following: carrying out replacement processing on the field to be desensitized, carrying out encryption processing on the field to be desensitized, carrying out fuzzy processing on the field to be desensitized, replacing the field to be desensitized by adopting random characters, and the like. Identifying a field to be desensitized in the acquired log to be printed, and desensitizing the field to be desensitized according to a sensitive information shielding rule to which the field to be desensitized belongs, for example, if a desensitization mode in the sensitive information shielding rule is encryption processing, performing encryption desensitization processing on the field to be desensitized to generate log information to be written, and if the desensitization mode in the sensitive information shielding rule is replacement processing, replacing the field to be desensitized with random characters to generate the log information to be written.

In the embodiment of the invention, the log desensitization method can be integrated with a safety software development process (SSDLC), log template identification and sensitivity marking are carried out in a test environment, and corresponding sensitive information shielding rules are applied to the log template in a production environment after software is on line.

In the embodiment of the invention, different sensitive information shielding rules can be obtained according to the log template set and the sensitivity labels, and the desensitization operation of the sensitive data is carried out on the log to be printed, which is favorable for improving the desensitization efficiency of the sensitive data.

According to the embodiment of the invention, the log to be printed of the application program is obtained, and the log to be printed is standardized according to the preset log configuration standard, so that the log standardization is beneficial to improving the subsequent analysis processing efficiency of the log to be printed; converging the standard logs to be printed to obtain a standard log set to be printed, and splitting the standard log set to be printed according to a log format to obtain a log template index set and a log message set to be printed; analyzing the log message set to be printed by using a preset log analysis algorithm to obtain a log template set and a sensitivity label set of the log template, automatically identifying sensitive data by using the algorithm, and improving log desensitization efficiency without manually checking sensitive data in the log by developers; according to the log template index set and the sensitivity label set, a sensitivity information shielding rule is selected, the log to be printed is desensitized according to the log template set and the sensitivity information shielding rule, the log information to be written is obtained, the log information to be written is written into a preset format file, a desensitized target log file is obtained, different sensitivity information shielding rules can be selected according to different log template index sets and sensitivity label sets, desensitization operation can be carried out on the log to be printed, and the appropriate sensitivity information shielding rule can be selected to desensitize sensitive data of the log in no test scene or on-line scene, so that log desensitization efficiency is improved. Therefore, the log desensitization method provided by the invention can solve the problem of low log desensitization efficiency.

Fig. 4 is a functional block diagram of a desensitization apparatus according to an embodiment of the present invention.

The logging desensitization apparatus 100 of the present invention may be installed in an electronic device. According to the implemented functions, the log desensitization apparatus 100 may include a log specification module 101, a log splitting module 102, a log analysis module 103, and a log desensitization module 104. The module of the present invention, which may also be referred to as a unit, refers to a series of computer program segments that can be executed by a processor of an electronic device and that can perform a fixed function, and that are stored in a memory of the electronic device.

In the present embodiment, the functions regarding the respective modules/units are as follows:

the log specification module 101 is configured to obtain a log to be printed of an application program, standardize the log to be printed according to a preset log configuration specification, and obtain a log to be printed;

the log splitting module 102 is configured to aggregate the standard logs to be printed to obtain a standard log set to be printed, and split the standard log set to be printed according to a log format to obtain a log template index set and a log message set to be printed;

the log analysis module 103 is configured to analyze the log message set to be printed by using a preset log analysis algorithm to obtain a log template set and a sensitivity label set of the log template;

the log desensitization module 104 is configured to select a sensitive information shielding rule according to the log template index set and the sensitive label set, desensitize the log to be printed according to the log template set and the sensitive information shielding rule, obtain log information to be written, write the log information to be written into a file with a preset format, and obtain a desensitized target log file.

In detail, when the modules in the logging desensitization device 100 according to the embodiment of the present invention are used, the same technical means as the logging desensitization method described in fig. 1 to fig. 3 are used, and the same technical effects can be produced, and are not described herein again.

Fig. 5 is a schematic structural diagram of an electronic device implementing a log desensitization method according to an embodiment of the present invention.

The electronic device 1 may comprise a processor 10, a memory 11, a communication bus 12 and a communication interface 13, and may further comprise a computer program, such as a logging desensitization program, stored in the memory 11 and executable on the processor 10.

In some embodiments, the processor 10 may be composed of an integrated circuit, for example, a single packaged integrated circuit, or may be composed of a plurality of integrated circuits packaged with the same function or different functions, and includes one or more Central Processing Units (CPUs), a microprocessor, a digital Processing chip, a graphics processor, a combination of various control chips, and the like. The processor 10 is a Control Unit (Control Unit) of the electronic device, connects various components of the whole electronic device by using various interfaces and lines, and executes various functions of the electronic device and processes data by running or executing programs or modules (e.g., executing a logging desensitization program, etc.) stored in the memory 11 and calling data stored in the memory 11.

The memory 11 includes at least one type of readable storage medium including flash memory, removable hard disks, multimedia cards, card-type memory (e.g., SD or DX memory, etc.), magnetic memory, magnetic disks, optical disks, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device, for example a removable hard disk of the electronic device. The memory 11 may also be an external storage device of the electronic device in other embodiments, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, provided on the electronic device. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device. The memory 11 may be used not only to store application software installed in the electronic device and various types of data, such as codes of a logging desensitization program, etc., but also to temporarily store data that has been output or is to be output.

The communication bus 12 may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus. The bus may be divided into an address bus, a data bus, a control bus, etc. The bus is arranged to enable connection communication between the memory 11 and at least one processor 10 or the like.

The communication interface 13 is used for communication between the electronic device and other devices, and includes a network interface and a user interface. Optionally, the network interface may include a wired interface and/or a wireless interface (e.g., WI-FI interface, bluetooth interface, etc.), which are typically used to establish a communication connection between the electronic device and other electronic devices. The user interface may be a Display (Display), an input unit, such as a Keyboard (Keyboard), and optionally a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch device, or the like. The display, which may also be referred to as a display screen or display unit, is suitable, among other things, for displaying information processed in the electronic device and for displaying a visualized user interface.

Fig. 5 only shows an electronic device with components, and it will be understood by a person skilled in the art that the structure shown in fig. 5 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than shown, or a combination of certain components, or a different arrangement of components.

For example, although not shown, the electronic device may further include a power supply (such as a battery) for supplying power to each component, and preferably, the power supply may be logically connected to the at least one processor 10 through a power management device, so that functions such as charge management, discharge management, and power consumption management are implemented through the power management device. The power supply may also include any component of one or more dc or ac power sources, recharging devices, power failure detection circuitry, power converters or inverters, power status indicators, and the like. The electronic device may further include various sensors, a bluetooth module, a Wi-Fi module, and the like, which are not described herein again.

It is to be understood that the embodiments described are illustrative only and are not to be construed as limiting the scope of the claims.

The logging desensitization program stored in the memory 11 in the electronic device 1 is a combination of instructions that, when executed in the processor 10, enable:

Specifically, the specific implementation method of the processor 10 for the instruction may refer to the description of the relevant steps in the embodiment corresponding to the drawing, and is not repeated here.

Further, the integrated modules/units of the electronic device 1 may be stored in a computer-readable storage medium if they are implemented in the form of software functional units and sold or used as separate products. The computer readable storage medium may be volatile or non-volatile. For example, the computer-readable medium may include: any entity or device capable of carrying said computer program code, a recording medium, a usb-disk, a removable hard disk, a magnetic diskette, an optical disk, a computer Memory, a Read-Only Memory (ROM).

The present invention also provides a computer-readable storage medium storing a computer program which, when executed by a processor of an electronic device, implements:

In the embodiments provided in the present invention, it should be understood that the disclosed apparatus, device and method can be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.

The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.

In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.

It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof.

The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.

The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.

The embodiment of the application can acquire and process related data based on an artificial intelligence technology. Among them, artificial Intelligence (AI) is a theory, method, technique and application system that simulates, extends and expands human Intelligence using a digital computer or a machine controlled by a digital computer, senses the environment, acquires knowledge and uses the knowledge to obtain the best result.

Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms first, second, etc. are used to denote names, but not any particular order.

Finally, it should be noted that the above embodiments are only intended to illustrate the technical solutions of the present invention and not to limit the same, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions can be made to the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.

Claims

1. A method of log desensitization, the method comprising:

2. The log desensitization method according to claim 1, wherein said analyzing the set of log messages to be printed using a preset log analysis algorithm to obtain a set of log templates and a set of sensitivity labels for the log templates comprises:

3. The logging desensitization method of claim 2, wherein said classifying the sensitive data into sensitive data categories comprises:

4. The log desensitization method of claim 2, wherein said identifying sensitive data in the target parameters comprises:

extracting a log keyword of the target parameter;

5. The log desensitization method according to claim 4, wherein prior to the regular expression in the pre-set probe-sensitive components being based, the method further comprises:

6. The log desensitization method according to claim 1, wherein the desensitizing the log to be printed according to the log template set and the sensitive information masking rule to obtain log information to be written comprises:

7. The log desensitization method according to claim 1, wherein the standardizing the log to be printed according to a preset log configuration specification to obtain a log with a specification to be printed comprises:

8. A logging desensitization apparatus, the apparatus comprising:

the log specification module is used for acquiring logs to be printed of the application program, standardizing the logs to be printed according to a preset log configuration specification, and obtaining standard logs to be printed;

9. An electronic device, characterized in that the electronic device comprises:

at least one processor; and the number of the first and second groups,

a memory communicatively coupled to the at least one processor; wherein,

the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the method of desensitizing a log according to any of claims 1 to 7.

10. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements a log desensitization method according to any of claims 1 to 7.