CN115619218A - Multidimensional risk checking method, multidimensional risk checking system, storage medium and processor - Google Patents
Multidimensional risk checking method, multidimensional risk checking system, storage medium and processor Download PDFInfo
- Publication number
- CN115619218A CN115619218A CN202211318851.1A CN202211318851A CN115619218A CN 115619218 A CN115619218 A CN 115619218A CN 202211318851 A CN202211318851 A CN 202211318851A CN 115619218 A CN115619218 A CN 115619218A
- Authority
- CN
- China
- Prior art keywords
- risk
- file
- checking
- matching
- analyzing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
- G06F16/2282—Tablespace storage structures; Management thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/242—Query formulation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
- G06F16/24552—Database cache management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Databases & Information Systems (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Computational Linguistics (AREA)
- Strategic Management (AREA)
- Economics (AREA)
- Entrepreneurship & Innovation (AREA)
- Game Theory and Decision Science (AREA)
- General Business, Economics & Management (AREA)
- Marketing (AREA)
- Operations Research (AREA)
- Mathematical Physics (AREA)
- Tourism & Hospitality (AREA)
- Educational Administration (AREA)
- Quality & Reliability (AREA)
- Development Economics (AREA)
- Software Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The embodiment of the application provides a multi-dimensional risk checking method, a multi-dimensional risk checking system, a storage medium and a processor, and belongs to the technical field of computers. The method comprises the following steps: after receiving a commissioning management system calling request, acquiring risk checking support information according to an operation and maintenance handover worksheet number provided by a commissioning management system; analyzing the risk checking support information to obtain a risk analysis verification item; matching and verifying a risk analysis verification item according to the risk checking rule base to obtain a risk checking result; the risk checking support information at least comprises a self-service control list work order file, a version package file and configuration management information. The risk checking file is obtained and used for verifying the risk in the production process, so that abnormal risks can be automatically found, abnormal conditions can be found in time for intervention, and normal operation of application production is guaranteed.
Description
Technical Field
The application relates to the technical field of computers, in particular to a multidimensional risk checking method based on a production management and risk analysis mechanism, a multidimensional risk checking system based on the production management and risk analysis mechanism, a machine readable storage medium and a processor.
Background
In the application production process, an application commissioning management platform or an enterprise-level application automation release platform is often used to assist operation and maintenance personnel to efficiently and quickly complete commissioning change implementation of an application system.
The enterprise-level application automatic release platform supports visual business arrangement capacity, calls an automation technology, and realizes standardization, full automation, full process and full online of application system production and release through process integration, so that the release efficiency is improved, the personnel investment is reduced, and the rapid development of business is met.
The enterprise-level application automatic publishing platform unifies the publishing steps of the enterprise-level application system into twelve standard steps, and a twelve standard editing template is preset in the system and can be directly used by a user. Aiming at special release requirements, the system also provides a universal change template, and is suitable for different release scenes. Meanwhile, in order to match with the twelve-step release process, the system also unifies the version packaging specification of the application, the script and the configuration file compiling process, and ensures the standardization of all application system releases.
The enterprise-level application automatic publishing platform supports one-key automatic execution of enterprise-level application publishing. The visual business arrangement of the platform system can meet complex release scenes, including different release templates, gray release realized by grouping arrangement, cooperative change realized by a plurality of release units with different applications in one release sheet, and the like.
In order to ensure the accuracy of the release, the application automation release platform carries out compliance check and pre-check before the release execution, detects possible problems in advance, and gives a prompt for high-risk risks appearing in history, thereby avoiding the release risks and improving the release success rate. In the release execution process, the system can quickly position the release problem, provide failure reasons and solutions according to information such as logs and the like, facilitate users to solve the problem and ensure normal operation of the service. After the release is finished, the system checks the execution result of the release through technical and service green light tests, summarizes the release report through multi-dimensional analysis of relevant indexes, provides an optimization suggestion, and guides the subsequent release.
However, the application version is automatically released by adopting the application automatic release platform, and risk analysis and check cannot be performed on the application version before the release change, for example, the problems of obvious configuration error, incorrect key file format, unreasonable self-service script format and writing specification and the like in the development and test stage.
The commissioning management system can get through the commissioning whole link of development testing, process approval, automatic implementation and result review, provide a global commissioning tracking view, improve commissioning risk prevention and control capability and provide one-stop and online efficient commissioning service for development teams, operation and maintenance teams and management departments.
The production management system can pull through the whole production process and perform global tracking monitoring on application release, and mainly comprises the following characteristics:
one-stop process management: the production management system can be connected with a development test environment and a formal release environment. The system provides one-stop, online and automatic high-efficiency production service, and controls the whole production process in the whole process.
Displaying multi-dimensional data: the production management system can realize the visualization of the production progress and refine the online life cycle of each system on the production day. The large-screen statistics real-time dynamic checking is provided, the progress of the whole production progress is monitored, and the fault problem is timely alarmed.
Risk assessment of the whole process: the production management system establishes a comprehensive risk index system and model, monitors the whole stages from design development to production operation in the production process, and grades the production behavior of the system
Production monitoring: and inquiring the production schedule and the edition issuing progress through a production calendar, a single system and integral monitoring.
The bank business system is various and complex, the online process is more, and the production can be divided into five stages of integration, examination and approval, influence examination, change implementation and online verification. The five stages are relatively independent and are provided with systems in respective fields, the production management system is connected with upstream and downstream applications in the whole production process, but in the whole production period process, a checking and analyzing model for the application version risk is lacked, and the effect of safe production cannot be realized.
Disclosure of Invention
The embodiment of the application aims to provide a multi-dimensional risk checking method, a system, a storage medium and a processor, which provide a risk checking mechanism for enterprise production application change, verify the acquired risk analysis verification items according to a risk checking rule base, find abnormal conditions in time to intervene, and ensure normal operation of application production.
In order to achieve the above object, a first aspect of the present application provides a multidimensional risk checking method based on a production management and risk analysis mechanism, the method including:
after receiving a commissioning management system calling request, acquiring risk checking support information according to an operation and maintenance transfer work order number provided by the commissioning management system;
analyzing the risk checking support information to obtain a risk analysis verification item;
matching and verifying risk analysis verification items according to a risk checking rule base to obtain a risk checking result;
the risk checking support information at least comprises a self-service control list work order file, a version package file and configuration management information. The risk checking support information is acquired to automatically verify the risk in the production process, so that abnormal risk can be automatically found, abnormal conditions can be timely found to intervene, and normal operation of application production is guaranteed.
In the embodiment of the application, the self-service control list work order file is acquired from the cloud management platform by calling a rest api interface of the cloud management platform;
analyzing the risk checking support information to obtain a risk analysis verification item, comprising:
and converting the work order file of the self-service control table into a json format file, traversing the json format file, and acquiring attribute values of change start time and end time, operation execution parameters of the self-service control table and selected attribute values of operation steps. The message file of the self-service control table is obtained to check the risk, so that the risk checking dimensionality is widened.
In this embodiment, the verifying the risk analysis verification item according to the risk checking rule base to obtain a risk checking result includes:
calculating first change time according to the change start time and the end time attribute values;
acquiring correct change starting time and correct change ending time from an application workbench system, and calculating to obtain correct change time;
judging whether the first change time is in a correct change time range; if yes, no risk exists, otherwise, risk is triggered;
analyzing the operation execution parameters of the self-service control table, acquiring the path name of the version packet, matching the parameter database of the version packet according to the path name of the version packet and the operation and maintenance transfer work order number, if the matching is successful, no risk exists, otherwise, triggering the risk;
selecting an attribute value in the traversing operation step, and judging whether a green light test attribute value exists or not; if the risk exists, no risk exists, otherwise, the risk is triggered;
selecting an attribute value in the traversing operation step, and judging whether a health check attribute value exists or not; if so, no risk exists, otherwise, the risk is triggered. By carrying out check analysis on the message file of the self-service control table, the possible production risk in the self-service process is eliminated, and the smooth operation of production is ensured.
In the embodiment of the application, the version package file is captured from a product library according to the version package path information in the operation and maintenance handover work order;
analyzing the risk checking support information to obtain a risk analysis verification item, comprising:
decompressing the version packet file to obtain corresponding file information;
traversing the file information to obtain different risk check files;
and analyzing the risk check file to obtain a risk analysis verification item. The version package file contains all information of the product, the risk check file related to the product is contained in the version package file, the version package file is finally obtained before production for analyzing to obtain the risk check file for checking, the last risk check before production is achieved, and the production risk is reduced.
In an embodiment of the present application, the risk check file includes: an SQL script file; the configuration management information includes at least: large table name data;
analyzing the risk check file to obtain a risk analysis verification item, including:
splitting the SQL script file by taking a sentence as a unit to obtain different SQL sentences;
identifying different SQL sentences, obtaining SQL sentences set by database cache and SQL sentences partitioned at intervals in the database, and obtaining corresponding table updating and deleting SQL sentences, table structure changing SQL sentences and query table structure SQL sentences according to the large table name data. The configuration management information provides configuration management information related to the current product, and the risk analysis items are obtained from the corresponding risk check files according to the configuration management information, so that irrelevant risk analysis verification items can be effectively avoided.
In this embodiment, the matching and verifying the risk analysis verification item according to the risk check rule base to obtain a risk check result includes:
updating and deleting SQL sentences through the risk checking rule base matching analysis table, and judging whether the large table has updating and deleting operations; if not, no risk exists, otherwise, risk is triggered;
matching the SQL sentence changed by the analysis table structure through a risk checking rule base, and judging whether the large table structure is changed; if not, no risk exists, otherwise, risk is triggered;
analyzing SQL statements of a query table structure in a matching way through a risk checking rule base to judge whether large table query is unconditional or not; if not, no risk exists, otherwise, risk is triggered;
setting SQL sentences through matching and analyzing the database cache by the risk checking rule base, and judging whether the threshold value of the database cache is in a specified range; if so, no risk exists, otherwise, the risk is triggered;
matching and analyzing SQL sentences of the database interval partition through a risk checking rule base, and judging whether interval sentences exist or not; if not, no risk exists, otherwise, the risk is triggered. By checking and analyzing the SQL file, the production risk possibly existing on the SQL file is eliminated, and the smooth operation of production is guaranteed.
In an embodiment of the present application, the risk check file includes: a self-service script file;
analyzing the risk check file to obtain a risk analysis verification item, including:
traversing the json format file to obtain a risk analysis verification script white list;
traversing the obtained self-service script files to obtain the names of all the script files;
and splitting the self-service script file by taking the instruction as a unit to obtain the content of each line of instructions.
In this embodiment of the present application, the matching and verifying the risk analysis verification item according to the risk checking rule base to obtain a risk checking result includes:
judging whether the names of the obtained script files contain all names in a risk analysis and verification script white list or not, if so, no risk exists, otherwise, triggering the risk;
and matching the content of each row of instructions with the risk checking rule base, if the matching is successful, triggering the risk, and if not, having no risk. By checking and analyzing the self-service script file, the possible production risk on the self-service script file is eliminated, and the smooth operation of production is ensured.
In an embodiment of the present application, the risk check file includes: version package key configuration files;
the analyzing the risk check file to obtain a risk analysis verification item includes:
traversing the version packet key configuration file, and acquiring a server configuration component registration node configuration file, an application monitoring component transaction monitoring configuration file, a log configuration file, a flow control configuration file and a user management and authorization system configuration file;
analyzing a server configuration component registration node configuration file to obtain a server configuration component registration node configuration value;
analyzing the application monitoring component transaction monitoring configuration file to obtain a transaction monitoring record node configuration item;
analyzing the log configuration file to obtain a Debug level configuration item of a system operation log;
analyzing the flow control configuration file to obtain a flow control configuration attribute item;
and analyzing the configuration file of the user management and authorization system to obtain the address attribute value of the server.
In this embodiment, the matching and verifying the risk analysis verification item according to the risk check rule base to obtain a risk check result includes:
judging whether the configuration value of the registration node of the server configuration component is a legal value or not through risk checking rule base matching; if yes, no risk exists, otherwise, risk is triggered;
judging whether the transaction monitoring record node configuration item is utf-8 or not through risk checking rule base matching; if so, no risk exists, otherwise, the risk is triggered;
judging whether a system operation log Debug level configuration item is acquired or not through risk checking rule base matching; if so, no risk exists, otherwise, the risk is triggered;
judging whether the flow control configuration attribute item value is '1' through risk checking rule base matching; if so, no risk exists, otherwise, the risk is triggered;
judging whether the server address attribute value is an https protocol or not through risk checking rule base matching; if so, no risk exists, otherwise, the risk is triggered. By checking and analyzing the version packet key configuration file, the possible production risk on the version packet key configuration file is eliminated, and the smooth production is ensured.
In an embodiment of the present application, the risk check file includes: a test environment configuration file;
the analyzing the risk check file to obtain a risk analysis verification item includes:
traversing the test environment configuration file to obtain a field attribute value containing an IP section;
and analyzing the test environment configuration file, and acquiring a character set format of the configuration file by using a readUTF method.
In this embodiment of the present application, the matching and verifying the risk analysis verification item according to the risk checking rule base to obtain a risk checking result includes:
judging whether the field attribute value containing the IP section is the IP section of the production environment or not through risk checking rule base matching; if so, no risk exists, otherwise, the risk is triggered;
judging whether the character set format of the configuration file conforms to the specified character set format or not through risk checking rule base matching; if so, no risk exists, otherwise, the risk is triggered. By checking and analyzing the test environment configuration file, the possible production risk on the test environment configuration file is eliminated, and the smooth production is ensured.
A second aspect of the present application provides a multidimensional risk checking system based on production management and risk analysis mechanism, the system comprising:
the risk checking support information acquisition unit is used for acquiring the risk checking support information according to the operation and maintenance handover work order number provided by the production management system after receiving the call request of the production management system;
the analysis unit is used for analyzing the risk checking support information and acquiring a risk analysis verification item;
and the risk verification unit is used for matching and verifying the risk analysis verification item according to the risk checking rule base to obtain a risk checking result. The system can automatically find abnormal risks by acquiring the risk check file to verify the risks in the production process, can find abnormal conditions in time to intervene, and guarantees the normal operation of application production.
A third aspect of the present application provides a processor configured to execute the multidimensional risk checking method based on the production management and risk analysis mechanism.
A fourth aspect of the present application provides a machine-readable storage medium having stored thereon instructions, which when executed by a processor, cause the processor to be configured to perform the method for multidimensional risk checking based on a commissioning management and risk analysis mechanism.
A fifth aspect of the present application provides a computer program product comprising a computer program, which when executed by a processor, implements the multidimensional risk check method based on a commissioning management and risk analysis mechanism.
By the technical scheme, automatic risk checking can be realized, the checking process can be followed, the version risk can be early warned before production, further planning and improving the version quality of a project group are facilitated, and the risk checking process is standardized.
Additional features and advantages of embodiments of the present application will be described in detail in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the application and are incorporated in and constitute a part of this specification, illustrate embodiments of the application and together with the detailed description serve to explain the embodiments of the application and not to limit the embodiments of the application. In the drawings:
fig. 1 is a schematic view of an application scenario of a multidimensional risk checking method based on a production management and risk analysis mechanism according to an embodiment of the present invention;
FIG. 2 is a flowchart of a multidimensional risk checking method based on a production management and risk analysis mechanism according to an embodiment of the present invention;
fig. 3 is a schematic flow chart of a method for acquiring a risk check file in a multidimensional risk check method based on production management and risk analysis mechanism according to an embodiment of the present invention;
FIG. 4 is a structural block diagram of a multidimensional risk checking system based on a production management and risk analysis mechanism according to an embodiment of the present invention;
fig. 5 schematically shows an internal structure diagram of a computer device according to an embodiment of the present application.
Description of the reference numerals
101-terminal, 102-production management server, 103-configuration management database, 104-product library, 105-cloud management platform, A01-processor, A02-network interface, A03-internal memory, A04-display screen, A05-input device and A06-nonvolatile storage medium.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it should be understood that the specific embodiments described herein are only used for illustrating and explaining the embodiments of the present application and are not used for limiting the embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that if directional indications (such as up, down, left, right, front, back, 8230; \8230;) are referred to in the embodiments of the present application, the directional indications are only used to explain the relative positional relationship between the components, the motion situation, etc. in a specific posture (as shown in the attached drawings), and if the specific posture is changed, the directional indications are correspondingly changed.
In addition, if there is a description of "first", "second", etc. in the embodiments of the present application, the description of "first", "second", etc. is for descriptive purposes only and is not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In addition, technical solutions between the embodiments may be combined with each other, but must be based on the realization of the technical solutions by a person skilled in the art, and when the technical solutions are contradictory to each other or cannot be realized, such a combination should not be considered to exist, and is not within the protection scope claimed in the present application.
The multidimensional risk checking method based on the production management and risk analysis mechanism can be applied to the application environment shown in fig. 1. In which a terminal 101 communicates with a server 102 via a network. The terminal 101 is provided with the multidimensional risk checking method based on the production management and risk analysis mechanism, the terminal 101 is in communication connection with the production management server 102, the configuration management database 103, the product library 104 and the cloud management platform 105 through a network, and the terminal 101 acquires risk checking support information from the production management server 102, the configuration management database 103, the product library 104 and the cloud management platform 105 through the network to perform risk checking analysis. The terminal 101 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices, and the server 102 may be implemented by an independent server or a server cluster formed by a plurality of servers.
Fig. 2 is a flowchart of a multidimensional risk checking method based on a production management and risk analysis mechanism according to an embodiment of the present invention, and as shown in fig. 2, the method includes:
s1: and after receiving the call request of the production management system, acquiring risk checking support information according to the operation and maintenance transfer work order number provided by the production management system. And after the production process is carried out to the production management system to create the operation and maintenance transfer work order, the production management system uploads a self-service control list work order file, the operation and maintenance transfer work order flow is transferred to a material submitting link, and in the link, the production management system triggers a risk checking process by calling a rest api interface.
S2: and analyzing the risk checking support information to obtain a risk analysis verification item.
S3: matching and verifying the risk analysis verification item according to a risk checking rule base to obtain a risk checking result;
the risk checking support information at least comprises a self-service control list work order file, a version package file and configuration management information. The risk checking file is obtained and used for verifying the risk in the production process, so that abnormal risks can be automatically found, abnormal conditions can be found in time for intervention, and normal operation of application production is guaranteed.
The operation and maintenance transfer work order created by the commissioning management system comprises version package path information, development project group information and the like, and the operation and maintenance transfer work order is used as a trigger condition for starting risk check in the application and also provides some basic information for the risk check.
In some embodiments, the obtained risk checking result and the intermediate process file can be stored and displayed, so that subsequent tracing and interface display are facilitated, and a data basis is provided for risk correction of operation and maintenance personnel.
In some embodiments of the present application, the self-service control list work order file is obtained from the cloud management platform by calling a rest api interface of the cloud management platform, and each self-service control list work order file includes a sheet page and twelve operation steps in the sheet.
Analyzing the risk checking support information to obtain a risk analysis verification item, comprising:
converting the self-service control list work order file into a json format file;
traversing the json format file, and acquiring the attribute values of the change start time and the change end time, the operation execution parameters of the self-service control table and the attribute values selected by the operation steps.
In this embodiment of the present application, the verifying the risk analysis verification item according to the risk checking rule base to obtain a risk checking result includes:
calculating first change time according to the change start time and the end time attribute values;
acquiring correct change starting time and correct change ending time from an application workbench system, and calculating to obtain correct change time;
judging whether the first change time is in a correct change time range; if so, no risk exists, otherwise, the risk is triggered. In the embodiment of the application, the correct change start time and change end time are obtained by accessing an application workbench (AOMP) system through an interface.
Analyzing the operation execution parameters of the self-service control table, acquiring the path name of the version packet, matching the parameter database of the version packet according to the path name of the version packet and the operation and maintenance transfer work order number, if the matching is successful, no risk exists, otherwise, triggering the risk. In the embodiment of the application, the analysis self-service control table operation execution parameter is recorded in a self-service control table worksheet file sheet page.
Selecting an attribute value in the traversing operation step, and judging whether a green light test attribute value exists or not; if the risk exists, no risk exists, otherwise, the risk is triggered; in this embodiment, if the green light test attribute value is "11, green light test", it is considered that there is no risk, otherwise, a risk is triggered.
Selecting an attribute value in the traversing operation step, and judging whether a health check attribute value exists or not; if yes, no risk exists, otherwise, risk is triggered; in the embodiment, whether a dtl.op.opname attribute value is '12, health check' is specifically judged, if yes, no risk is considered, and otherwise, a risk is triggered. By checking and analyzing the message files of the self-service control table, the possible production risks in the self-service process are eliminated, and the smooth operation of production is guaranteed.
In some embodiments of the present application, the version pack file is fetched from an article library according to version pack path information in the operation and maintenance handover work order;
analyzing the risk checking support information to obtain a risk analysis verification item, as shown in fig. 3, including:
and decompressing the version packet file to obtain corresponding file information.
The version package file is generally stored in a form of a compressed file, the version package compressed file is a program file of an application to be put into production or released, and a large part of risks in the production or release process come from the program file of the application. The compression modes and decompression modes of the version package files are different, and the suffix names of the displayed files are different, so that in the embodiment of the application, the decompression modes are automatically matched according to the version package files, the version package files are recursively decompressed, and corresponding file information is stored according to the levels. In the present application, the available compressed packet formats include tgz, tar.
The storage positions of different files in the compressed file of the application version packet are stored according to rules, the files in different directories are different, and the recursive decompression of the version packet and the storage of the files according to the hierarchy are more favorable for accurately acquiring the risk check file.
Traversing the file information to obtain different risk check files; in the embodiment of the present application, different files are generally distinguished according to the suffix names of the files.
And analyzing the risk check file to obtain a risk analysis verification item. The version package file contains all information of the product, the risk check file related to the product is contained in the version package file, the version package file is finally obtained before production for analyzing to obtain the risk check file for checking, the last risk check before production is achieved, and the production risk is reduced.
In an embodiment of the present application, the risk check file includes: an SQL script file; the configuration management information includes at least: large table name data. The configuration management information obtains database table structure information, such as large table name data, by calling a configuration management rest api interface.
Analyzing the risk check file to obtain a risk analysis verification item, including:
splitting the SQL script file by taking a sentence as a unit to obtain different SQL sentences;
identifying different SQL sentences, obtaining SQL sentences set by database cache and SQL sentences partitioned at intervals in the database, and obtaining corresponding table updating and deleting SQL sentences, table structure changing SQL sentences and query table structure SQL sentences according to the large table name data.
In some embodiments, the file with the appointed file suffix name of SQL is an SQL script file, and also can support extension configuration of the suffix name, and the file with other appointed suffix name is an SQL script file.
In this embodiment of the present application, the matching and verifying the risk analysis verification item according to the risk checking rule base to obtain a risk checking result includes:
updating and deleting SQL sentences through the risk checking rule base matching analysis table, and judging whether the large table has updating and deleting operations; if not, no risk exists, otherwise, risk is triggered;
matching the analysis table structure change SQL statements through a risk checking rule base, and judging whether the large table structure is changed; if not, no risk exists, otherwise, risk is triggered;
matching and analyzing SQL sentences of the query table structure through a risk checking rule base, judging whether large table query is unconditional, if not, no risk exists, otherwise, triggering the risk;
setting SQL sentences through a risk checking rule base matching analysis database Cache, and judging whether a threshold value of the database Cache is in a specified range; if yes, no risk exists, otherwise, risk is triggered;
analyzing the SQL sentences of the Interval partitions of the database by risk check rule base matching, and judging whether the Interval partitions of the database exist or not; if not, no risk exists, otherwise, the risk is triggered. By checking and analyzing the SQL file, the production risk possibly existing on the SQL file is eliminated, and the smooth operation of production is guaranteed.
The application version package compressed file PURPT _ AP _ an _ v1.0.tgz is taken as an example to explain the risk check of the SQL file.
The postfix name of the version packet is tgz, decompression is carried out by adopting a decompression mode corresponding to the tgz, and the version packet structure after decompression of the version packet compressed file comprises the following steps:
PURPT_AP_an_V1.0.tgz
..................AAA
.................ABBAB.tar
.................AA_BB.sql
and identifying all script files with Sql suffix names from a version package, wherein AA _ BB. And then analyzing the AA _ BB.sql, and sequentially analyzing each statement in the file by taking a complete SQL statement as a unit. Specifically, the method comprises the following steps:
obtaining a table updating and deleting SQL statement through risk checking rule base matching analysis, judging whether updating and deleting operations exist in the large table, if not, no risk exists, otherwise, triggering the risk;
obtaining a table structure change SQL statement through risk checking rule base matching analysis, judging whether a large table structure is changed, if not, no risk exists, otherwise, triggering the risk;
obtaining a query table structure SQL sentence through risk checking rule base matching analysis, judging whether the query in the large table is unconditional, if not, no risk exists, otherwise, triggering the risk;
obtaining a database Cache setting SQL statement through risk checking rule base matching analysis, and judging whether the threshold of the Cache is in a specified range; if so, no risk exists, otherwise, the risk is triggered;
and obtaining an Interval partition SQL statement of the database through risk checking rule base matching analysis, judging whether the Interval statement exists, if not, no risk exists, otherwise, triggering the risk. And the risk verification item triggering the risk is stored and displayed, so that operation and maintenance personnel can correct the risk conveniently. The risk checking process is not sequential, and can be performed simultaneously in different processes.
In some other embodiments of the present application, the risk check file comprises: a self-service script file;
analyzing the risk check file to obtain a risk analysis verification item, including:
traversing the json format file, and acquiring a risk analysis verification script white list;
traversing the obtained self-service script files to obtain the names of all the script files;
and splitting the self-service script file by taking the instruction as a unit to obtain the content of each line of instructions.
In this embodiment, the matching and verifying the risk analysis verification item according to the risk checking rule base to obtain a risk checking result includes:
judging whether the names of the obtained script files contain the names in all risk analysis verification script white lists or not; if yes, no risk exists, otherwise, risk is triggered;
and matching the content of each row of instructions with the risk checking rule base, triggering risks if the matching is successful, and otherwise, having no risk. The self-service control list work order file defines the necessary self-service script file in the version package, and the risk checking process needs to judge whether the necessary self-service script file is missing or not, and if the necessary self-service script file is missing, the risk exists. The risks of self-service script loss and irregular instructions are eliminated through the risk checking step, and smooth operation of production is guaranteed.
The self-service script risk check is explained by taking an application version packet compression file PURPT _ AP _ an _ v1.0.Tgz as an example.
The suffix name of the version packet is tgz, decompression is carried out by adopting a decompression mode corresponding to the tgz, and the structure of the version packet after decompression of the compressed file of the version packet comprises the following steps:
PURPT_AP_an_V1.0.tgz
..................AAA
.......................ABB_BBB
.............................app_start.sh
.............................ACC_A2A.sh
.............................ABCD_CCD_ACC.sh
.............................ABCD_DCC_ACC.sh
.............................ABCD_DCC_A1A.sh
.............................DACC_CDAC.sh
.................ABBAB.tar
.................AA_BB.sql
identifying all sh files under AAA/ABB _ BBB directories in the version package from the version package, wherein the version package comprises: app _ start.sh, ACC _ a2a.sh, ABCD _ CCD _ acc.sh, ABCD _ DCC _ a1a.sh, DACC _ cdac.sh. The command analysis is carried out on app _ start.sh, each command is judged one by one, whether the 'exist 0' command exists or not is judged, if yes, no risk exists, otherwise, the risk is triggered, normally, a script file normally exits and needs to contain the command, and if not, the script file is determined to be an irregular script writing method; in addition, all the script files in the risk analysis verification script white list are analyzed according to the risk analysis verification script white list defined in the self-service control list work order file, wherein the sh file contains all the script files in the risk analysis verification script white list, for example, the risk analysis verification script white list comprises: app _ start.sh, ACC _ A2A.sh and ABCD _ CCD _ ACC.sh, so that the version packet has no risk on checking a self-service script file list; as another example, the risk analysis verification script whitelist includes: app _ start.sh, ACC _ a2a.sh, greenlight.sh, and if the version packet does not contain greenlight.sh, the version packet has a risk on self-service script file list checking. By the detection, the risk check of the self-service script can be realized, the risk in the production process is reduced, and the risk is quickly corrected by operation and maintenance personnel.
In some other embodiments of the present application, the risk check file includes: version package key configuration files;
analyzing the risk check file to obtain a risk analysis verification item, including:
traversing the version packet key configuration file, and acquiring a server configuration component registration node configuration file, an application monitoring component transaction monitoring configuration file, a log configuration file, a flow control configuration file and a user management and authorization system configuration file;
analyzing a server configuration component registration node configuration file to obtain a server configuration component registration node configuration value;
analyzing the application monitoring component transaction monitoring configuration file to obtain a transaction monitoring record node configuration item;
analyzing the log configuration file to obtain a Debug level configuration item of a system operation log;
analyzing the flow control configuration file to obtain a flow control configuration attribute item;
and analyzing the configuration file of the user management and authorization system to obtain the address attribute value of the server.
In this embodiment of the present application, the matching and verifying the risk analysis verification item according to the risk checking rule base to obtain a risk checking result includes:
judging whether the configuration value of the registered node of the server configuration component is a legal value or not; if so, no risk exists, otherwise, the risk is triggered, and in the embodiment, the legal value of the configuration value of the console registration node is set according to the applied parameters;
judging whether the transaction monitoring recording node configuration item is utf-8; if yes, no risk exists, otherwise, risk is triggered;
judging whether a system operation log Debug level configuration item is acquired; if yes, no risk exists, otherwise, risk is triggered;
judging whether the value of the flow control configuration attribute item is 1; if yes, no risk exists, otherwise, risk is triggered;
judging whether the server address attribute value is an https protocol or not; if so, no risk exists, otherwise, the risk is triggered. By checking and analyzing the version packet key configuration file, the possible production risk on the version packet key configuration file is eliminated, and the smooth production is ensured.
The version package key configuration file is described by taking the application version package compressed file CRPLP _ AP _ pps _ 20225_V1.0.tgz as an example.
The suffix name of the version packet is tgz, decompression is carried out by adopting a decompression mode corresponding to the tgz, and the structure of the version packet after decompression of the compressed file of the version packet comprises the following steps:
CRPLP_AP_ppss_20220225_V1.0.tgz
..................AAA
.................ECAE.war
........................AEDC
...............................DCAB
.......................................EABECD
.......................................ACEED.properties
...................................................DEBE
.................................................................DEBE.xml
in this embodiment, the suffix names of the key configuration files of the version package are xml and properties, and all the configuration files of the suffix names of xml and properties are identified from the version package, so that the file of debe.
Processing the configuration file, analyzing and acquiring a configuration file of a registration node of a server configuration component Openconsole, and judging whether the registration node is a legal value or not; if yes, no risk exists, otherwise, risk is triggered; the system analyzes and obtains an application monitoring component Appmon transaction monitoring configuration file, and judges whether a monitoring record MonitorLog node configuration item is utf-8; if yes, no risk exists, otherwise, risk is triggered; analyzing and acquiring a log configuration file, judging whether the log has system operation log Debug level configuration, if not, no risk exists, otherwise, triggering the risk; analyzing and acquiring a flow control configuration file, judging whether an attribute item flowctrl. Isctrl value in the flow control configuration file is '1', if so, no risk exists, otherwise, triggering the risk; analyzing and acquiring a UAAS configuration file of a user management and authorization system, and judging whether the address attribute value of the server is an https protocol or not; if so, no risk exists, otherwise, the risk is triggered. Wherein utf-8 is a variable length character code for Unicode. By the detection, the risk check of the key configuration file of the version package can be realized, the risk in the production process is reduced, and the risk can be quickly corrected by operation and maintenance personnel.
In some other embodiments of the present application, the risk check file includes: a test environment configuration file, in the present embodiment, configuration files with suffix names of. Yaml,. Xml,. Properties are used for performing test environment configuration risk verification;
analyzing the risk check file to obtain a risk analysis verification item, including:
traversing the test environment configuration file to obtain a field attribute value containing an IP section;
and analyzing the test environment configuration file, and acquiring the character set format of the configuration file by using a read UTF method.
In this embodiment of the present application, the matching and verifying the risk analysis verification item according to the risk checking rule base to obtain a risk checking result includes:
judging whether the field attribute value containing the IP section is the IP section of the production environment or not through the matching of the risk checking rule base; if yes, no risk exists, otherwise, risk is triggered;
judging whether the character set format of the configuration file conforms to the specified character set format or not through risk checking rule base matching; if so, no risk exists, otherwise, the risk is triggered. By checking and analyzing the test environment configuration file, the possible production risk on the test environment configuration file is eliminated, and the smooth production is ensured.
According to the multidimensional risk checking method based on the production management and risk analysis mechanism, when the trigger risk item exists in the obtained risk identification result, alarming and displaying are carried out, and a risk event log is generated to store the risk item.
The method provided by the embodiment can at least realize five-dimensional risk checking of SQL file risk checking, self-service script risk checking, self-service control table risk checking, version package key configuration file risk checking and test environment configuration information risk checking, realize multi-dimensional rule risk analysis of the application version package, timely warn and remind problems based on analysis results, and further plan and improve the version quality of the project group. When risk checking is performed on different version packages, any one or more dimensions of risk checking can be performed.
The risk checking result is systematically recorded and displayed, so that the production problem can be found out according to the situation, and the risk early warning of the version before production in advance, the retrospective tracing and the process management can be realized.
By the method, the risk checking process of the test environment can be standardized, the problem that the conventional process has no record and no tracking problem is eliminated, the test efficiency is optimized, and the risk process is standardized.
For managers, the method can realize the visualization of the production risk, realize the automatic risk monitoring mechanism and the visualization capability of the risk before, in and after the production, and can realize the abnormity, early discovery and early intervention of key indexes of a key system.
An embodiment of the present application further provides a multidimensional risk checking system based on production management and risk analysis mechanism, as shown in fig. 4, the system includes:
the risk checking support information acquisition unit is used for acquiring the risk checking support information according to the operation and maintenance handover work order number provided by the commissioning management system after receiving the commissioning management system calling request;
the analysis unit is used for analyzing the risk checking support information and acquiring a risk analysis verification item;
and the risk verification unit is used for verifying the risk analysis verification item in a matching way according to the risk checking rule base to obtain a risk checking result. The system can automatically find abnormal risks by acquiring the risk check file to verify the risks in the production process, can find abnormal conditions in time to intervene, and guarantees the normal operation of application production.
The risk checking support information acquisition unit, the analysis unit, the risk verification unit and the like are all stored in the memory as program units, and the processor executes the program modules stored in the memory to realize corresponding functions.
It should be noted that the risk checking rule base is a risk checking rule base obtained by sorting according to application test experience, risk alarm historical data, and the like, and is stored in a memory of the system in advance and called when necessary.
The embodiment of the application provides a processor which is configured to execute the multidimensional risk checking method based on the production management and risk analysis mechanism.
The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. The kernel can be provided with one or more than one, and the multidimensional risk checking method based on the production management and risk analysis mechanism is implemented by adjusting the kernel parameters.
The embodiment of the application provides a machine-readable storage medium, which stores instructions, and when the instructions are executed by a processor, the processor is configured to execute the multidimensional risk checking method based on the production management and risk analysis mechanism.
The embodiment of the application provides a computer program product, which comprises a computer program, and the computer program realizes the multidimensional risk checking method based on the production management and risk analysis mechanism when being executed by a processor.
In one embodiment, a computer device is provided, which may be a terminal, and its internal structure diagram may be as shown in fig. 5. The computer apparatus includes a processor a01, a network interface a02, a display screen a04, an input device a05, and a memory (not shown in the figure) connected through a system bus. Wherein the processor a01 of the computer device is arranged to provide computing and control capabilities. The memory of the computer apparatus includes an internal memory a03 and a nonvolatile storage medium a06. The nonvolatile storage medium a06 stores an operating system B01 and a computer program B02. The internal memory a03 provides an environment for running the operating system B01 and the computer program B02 in the nonvolatile storage medium a06. The network interface a02 of the computer apparatus is used for communicating with an external terminal through a network connection. The computer program is executed by the processor a01 to implement a multidimensional risk check method based on a production management and risk analysis mechanism. The display screen a04 of the computer device may be a liquid crystal display screen or an electronic ink display screen, and the input device a05 of the computer device may be a touch layer covered on the display screen, a key, a trackball or a touch pad arranged on a casing of the computer device, or an external keyboard, a touch pad or a mouse.
Those skilled in the art will appreciate that the architecture shown in fig. 5 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). The memory is an example of a computer-readable medium.
Computer-readable media, which include both non-transitory and non-transitory, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional identical elements in the process, method, article, or apparatus comprising the element.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art to which the present application pertains. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (16)
1. A multidimensional risk checking method based on production management and risk analysis mechanisms is characterized by comprising the following steps:
after receiving a commissioning management system calling request, acquiring risk checking support information according to an operation and maintenance transfer work order number provided by the commissioning management system;
analyzing the risk checking support information to obtain a risk analysis verification item;
matching and verifying risk analysis verification items according to a risk checking rule base to obtain a risk checking result;
the risk checking support information at least comprises a self-service control list work order file, a version package file and configuration management information.
2. The multi-dimensional risk checking method based on the commissioning management and risk analysis mechanism according to claim 1, wherein the self-service control list work order file is obtained from the cloud management platform by calling a rest api interface of the cloud management platform;
analyzing the risk checking support information to obtain a risk analysis verification item, comprising:
converting the self-service control list work order file into a json format file;
traversing the json format file, and acquiring the attribute values of the change start time and the change end time, the operation execution parameters of the self-service control table and the attribute values selected by the operation steps.
3. The multidimensional risk checking method based on production management and risk analysis mechanism according to claim 2, wherein the verifying the risk analysis verification item according to the risk checking rule base to obtain a risk checking result comprises:
calculating first change time according to the change start time and the end time attribute values;
acquiring correct change starting time and correct change ending time from an application workbench system, and calculating to obtain correct change time;
judging whether the first change time is in a correct change time range; if so, no risk exists, otherwise, the risk is triggered;
analyzing the operation execution parameters of the self-service control table, acquiring a version packet path name, matching a version packet parameter database according to the version packet path name and an operation and maintenance transfer work order number, if the matching is successful, no risk exists, otherwise, triggering the risk;
selecting an attribute value in the traversing operation step, and judging whether a green light test attribute value exists or not; if the risk exists, no risk exists, otherwise, the risk is triggered;
selecting an attribute value in the traversing operation step, and judging whether a health check attribute value exists or not; if so, no risk exists, otherwise, the risk is triggered.
4. The multidimensional risk checking method based on the commissioning management and risk analysis mechanism as recited in claim 2, wherein the version packet file is captured from an article library according to version packet path information in the operation and maintenance handover work order;
analyzing the risk checking support information to obtain a risk analysis verification item, comprising:
decompressing the version packet file to obtain corresponding file information;
traversing the file information, and acquiring different risk check files from the file information;
and analyzing the risk check file to obtain a risk analysis verification item.
5. The multi-dimensional risk check method based on production management and risk analysis mechanism according to claim 4, wherein the risk check file comprises: an SQL script file; the configuration management information at least comprises: large table name data;
the analyzing the risk check file to obtain a risk analysis verification item includes:
splitting the SQL script file by taking a sentence as a unit to obtain different SQL sentences;
identifying different SQL sentences, obtaining SQL sentences set by database cache and SQL sentences partitioned at intervals in the database, and obtaining corresponding table updating and deleting SQL sentences, table structure changing SQL sentences and query table structure SQL sentences according to the large table name data.
6. The multidimensional risk checking method based on the commissioning management and risk analysis mechanism according to claim 5, wherein the matching and verification of the risk analysis verification item according to the risk checking rule base to obtain the risk checking result comprises:
updating and deleting SQL sentences through the risk checking rule base matching analysis table, and judging whether the large table has updating and deleting operations; if not, no risk exists, otherwise, risk is triggered;
matching the analysis table structure change SQL statements through a risk checking rule base, and judging whether the large table structure is changed; if not, no risk exists, otherwise, risk is triggered;
analyzing SQL statements of a query table structure in a matching way through a risk checking rule base to judge whether large table query is unconditional or not; if not, no risk exists, otherwise, risk is triggered;
setting SQL sentences through matching and analyzing the database cache by the risk checking rule base, and judging whether the threshold value of the database cache is in a specified range; if so, no risk exists, otherwise, the risk is triggered;
matching and analyzing SQL sentences of the database interval partition through a risk checking rule base, and judging whether interval sentences exist or not; if not, no risk exists, otherwise, the risk is triggered.
7. The multi-dimensional risk check method based on production management and risk analysis mechanism according to claim 4, wherein the risk check file comprises: a self-service script file;
the analyzing the risk check file to obtain a risk analysis verification item includes:
traversing the json format file to obtain a risk analysis verification script white list;
traversing the obtained self-service script files to obtain the names of all the script files;
and splitting the self-service script file by taking the instruction as a unit to obtain the content of each line of instructions.
8. The multidimensional risk checking method based on the commissioning management and risk analysis mechanism according to claim 7, wherein the matching and verification of the risk analysis verification item according to the risk checking rule base to obtain the risk checking result comprises:
judging whether the names of the obtained script files contain all names in a risk analysis and verification script white list or not, if so, no risk exists, otherwise, triggering the risk;
and matching the content of each row of instructions with the risk checking rule base, triggering risks if the matching is successful, and otherwise, having no risk.
9. The multi-dimensional risk check method based on production management and risk analysis mechanism according to claim 4, wherein the risk check file comprises: a version package key configuration file;
analyzing the risk check file to obtain a risk analysis verification item, including:
traversing the version packet key configuration file, and acquiring a server configuration component registration node configuration file, an application monitoring component transaction monitoring configuration file, a log configuration file, a flow control configuration file and a user management and authorization system configuration file;
analyzing a server configuration component registration node configuration file to obtain a server configuration component registration node configuration value;
analyzing the application monitoring component transaction monitoring configuration file to obtain a transaction monitoring record node configuration item;
analyzing the log configuration file to obtain a Debug level configuration item of a system operation log;
analyzing the flow control configuration file to obtain a flow control configuration attribute item;
and analyzing the configuration file of the user management and authorization system to obtain the address attribute value of the server.
10. The multidimensional risk checking method based on the commissioning management and risk analysis mechanism according to claim 9, wherein the matching and verification of the risk analysis verification item according to the risk checking rule base to obtain the risk checking result comprises:
judging whether the configuration value of the registration node of the server configuration component is a legal value or not through risk checking rule base matching; if yes, no risk exists, otherwise, risk is triggered;
judging whether the transaction monitoring record node configuration item is utf-8 or not through risk checking rule base matching; if yes, no risk exists, otherwise, risk is triggered;
whether a system operation log Debug level configuration item is acquired or not is judged through risk checking rule base matching; if yes, no risk exists, otherwise, risk is triggered;
judging whether the flow control configuration attribute item value is '1' through risk checking rule base matching; if yes, no risk exists, otherwise, risk is triggered;
judging whether the server address attribute value is an https protocol or not through risk checking rule base matching; if so, no risk exists, otherwise, the risk is triggered.
11. The multi-dimensional risk check method based on production management and risk analysis mechanism according to claim 4, wherein the risk check file comprises: a test environment configuration file;
analyzing the risk check file to obtain a risk analysis verification item, including:
traversing the test environment configuration file to obtain a field attribute value containing an IP section;
and analyzing the test environment configuration file, and acquiring the character set format of the configuration file by using a read UTF method.
12. The multidimensional risk checking method based on the commissioning management and risk analysis mechanism according to claim 11, wherein the matching and verification of the risk analysis verification item according to the risk checking rule base to obtain the risk checking result comprises:
judging whether the field attribute value containing the IP section is the IP section of the production environment or not through the matching of the risk checking rule base; if yes, no risk exists, otherwise, risk is triggered;
judging whether the character set format of the configuration file conforms to the specified character set format or not through risk checking rule base matching; if so, no risk exists, otherwise, the risk is triggered.
13. A multidimensional risk check system based on production management and risk analysis mechanisms, the system comprising:
the risk checking support information acquisition unit is used for acquiring the risk checking support information according to the operation and maintenance handover work order number provided by the commissioning management system after receiving the commissioning management system calling request;
the analysis unit is used for analyzing the risk checking support information and acquiring a risk analysis verification item;
and the risk verification unit is used for matching and verifying the risk analysis verification item according to the risk checking rule base to obtain a risk checking result.
14. A processor configured to perform the method for multidimensional risk check based on commissioning management and risk analysis mechanism of any one of claims 1 to 12.
15. A machine-readable storage medium having instructions stored thereon, which when executed by a processor cause the processor to be configured to perform the method for multidimensional risk checking based on a commissioning management and risk analysis mechanism of any one of claims 1 to 12.
16. A computer program product comprising a computer program, wherein the computer program, when executed by a processor, implements the multidimensional risk check method based on a commissioning management and risk analysis mechanism of any one of claims 1 to 12.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211318851.1A CN115619218A (en) | 2022-10-26 | 2022-10-26 | Multidimensional risk checking method, multidimensional risk checking system, storage medium and processor |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211318851.1A CN115619218A (en) | 2022-10-26 | 2022-10-26 | Multidimensional risk checking method, multidimensional risk checking system, storage medium and processor |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115619218A true CN115619218A (en) | 2023-01-17 |
Family
ID=84864244
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211318851.1A Pending CN115619218A (en) | 2022-10-26 | 2022-10-26 | Multidimensional risk checking method, multidimensional risk checking system, storage medium and processor |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115619218A (en) |
-
2022
- 2022-10-26 CN CN202211318851.1A patent/CN115619218A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109284269B (en) | Abnormal log analysis method and device, storage medium and server | |
| US10911447B2 (en) | Application error fingerprinting | |
| CN110377569B (en) | Log monitoring method, device, computer equipment and storage medium | |
| JP2018045403A (en) | Abnormality detection system and abnormality detection method | |
| WO2020237877A1 (en) | Log monitoring method and apparatus, terminal, and storage medium | |
| US20140218191A1 (en) | System and method for event logging in a technical installation or a technical process | |
| CN113590432A (en) | Database inspection method and device | |
| CN114880405A (en) | Data lake-based data processing method and system | |
| CN112328631A (en) | Production fault analysis method and device, electronic equipment and storage medium | |
| CN113762914A (en) | Early warning auditing method and related equipment | |
| CN113010208A (en) | Version information generation method, version information generation device, version information generation equipment and storage medium | |
| JP2019049802A (en) | Failure analysis supporting device, incident managing system, failure analysis supporting method, and program | |
| CN115619218A (en) | Multidimensional risk checking method, multidimensional risk checking system, storage medium and processor | |
| JP4928480B2 (en) | Job processing system and job management method | |
| CN110309206A (en) | Order information acquisition method and system | |
| CN115878400A (en) | Test method, test apparatus, computer device, storage medium, and program product | |
| US20220292053A1 (en) | Method for generating a coherent representation for at least two log files | |
| CN114500249A (en) | Root cause positioning method and device | |
| CN114780378A (en) | Service interface-based system stability detection traceability method and related equipment | |
| CN112448840B (en) | Communication data quality monitoring method, device, server and storage medium | |
| CN110717131B (en) | Page revising monitoring method and related system | |
| CN112416896A (en) | Data abnormity warning method and device, storage medium and electronic device | |
| JP2009181494A (en) | Job processing system and job information acquisition method | |
| CN111352818A (en) | Application program performance analysis method and device, storage medium and electronic equipment | |
| CN113760856A (en) | Database management method and device, computer readable storage medium and electronic device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |