CN117611369A - Event-driven auditing method, device, equipment and medium in distributed environment - Google Patents
Event-driven auditing method, device, equipment and medium in distributed environment Download PDFInfo
- Publication number
- CN117611369A CN117611369A CN202311583530.9A CN202311583530A CN117611369A CN 117611369 A CN117611369 A CN 117611369A CN 202311583530 A CN202311583530 A CN 202311583530A CN 117611369 A CN117611369 A CN 117611369A
- Authority
- CN
- China
- Prior art keywords
- audit
- event
- preset
- data
- driven
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 85
- 238000012550 audit Methods 0.000 claims abstract description 352
- 230000008569 process Effects 0.000 claims abstract description 22
- 238000009933 burial Methods 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 8
- 230000001960 triggered effect Effects 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 claims description 5
- 230000003213 activating effect Effects 0.000 claims description 4
- 238000004891 communication Methods 0.000 abstract description 5
- 238000005516 engineering process Methods 0.000 abstract description 4
- 230000006870 function Effects 0.000 description 8
- 238000007726 management method Methods 0.000 description 8
- 238000010586 diagram Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 238000012986 modification Methods 0.000 description 5
- 238000013473 artificial intelligence Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 4
- 230000000694 effects Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000006399 behavior Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000000802 evaporation-induced self-assembly Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012384 transportation and delivery Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/12—Accounting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2458—Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
- G06F16/2465—Query processing support for facilitating data mining operations in structured databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/25—Integrating or interfacing systems involving database management systems
- G06F16/252—Integrating or interfacing systems involving database management systems between a Database Management System and a front-end application
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
Abstract
The invention relates to a communication technology, and discloses an event-driven auditing method in a distributed environment, which comprises the following steps: grabbing audit data generated by a target service in the process of executing service operation according to a preset audit event model by using a preset audit tool; assembling the business operation and the audit data according to a database transaction method to obtain an audit event; and converging the audit events by using an event bus, and sending the converged audit events to a preset audit platform. The invention also provides an event-driven auditing device, electronic equipment and a computer readable storage medium in the distributed environment. The invention can improve the auditing efficiency and accuracy.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to an event-driven auditing method and apparatus in a distributed environment, an electronic device, and a computer readable storage medium.
Background
At present, audit data of different systems are basically recorded in a log form, the log is collected to a log platform, and audit service extracts log data related to audit on the log platform, so that the following problems need to be solved:
1) The audit data has long identification link, and the safety audit problem can not be identified in time.
2) Different system log formats are not uniform, and audit data identification is difficult.
3) The log record and the business logic cannot ensure that in one transaction, the situation that business operation is completed but the audit log is not recorded can occur, so that audit data is lost.
Disclosure of Invention
The invention provides an event-driven auditing method, device, electronic equipment and computer-readable storage medium in a distributed environment, and aims to improve auditing efficiency and accuracy.
In order to achieve the above object, the present invention provides an event-driven auditing method in a distributed environment, including:
grabbing audit data generated by a target service in the process of executing service operation according to a preset audit event model by using a preset audit tool;
assembling the business operation and the audit data according to a database transaction method to obtain an audit event;
and converging the audit events by using an event bus, and sending the converged audit events to a preset audit platform.
Optionally, the assembling the business operation and the audit data according to the database transaction method to obtain an audit event includes:
identifying a database corresponding to the business operation;
and writing the audit data into the database by using the database transaction method to obtain an audit event.
Optionally, the sending the aggregated audit event to a preset audit platform includes:
according to preset audit event sending rules, an audit event is extracted from the event bus to serve as an audit task;
and forming an audit task into a message queue according to the generation time sequence of the audit event, and sending the message queue to the preset audit platform.
Optionally, the preset audit event sending rule is: and sending an audit task to the preset audit platform according to the fixed time frequency.
Optionally, before capturing the audit data generated by the target service in the service operation executing process according to the preset audit event model by using the preset audit tool, the method further includes:
embedding the preset auditing tool into the target service;
deploying audit burial points in the target business;
and after the audit burial point is triggered, activating the preset audit tool.
In order to solve the above problems, the present invention further provides an event-driven auditing apparatus in a distributed environment, where the apparatus includes:
the audit data grabbing module is used for grabbing audit data generated by the target business in the process of executing business operation according to a preset audit event model by using a preset audit tool;
the audit event assembling module is used for assembling the business operation and the audit data according to a database transaction method to obtain an audit event;
and the audit event sending module is used for converging the audit events by utilizing an event bus and sending the converged audit events to a preset audit platform.
Optionally, the audit event assembling module obtains the audit event by:
identifying a database corresponding to the business operation;
and writing the audit data into the database by using the database transaction method to obtain an audit event.
Optionally, the audit event sending module sends the audit event by:
according to preset audit event sending rules, an audit event is extracted from the event bus to serve as an audit task;
and forming an audit task into a message queue according to the generation time sequence of the audit event, and sending the message queue to the preset audit platform.
In order to solve the above-mentioned problems, the present invention also provides an electronic apparatus including:
a memory storing at least one computer program; and
And the processor executes the program stored in the memory to realize the event-driven auditing method under the distributed environment.
In order to solve the above-mentioned problems, the present invention also provides a computer-readable storage medium having stored therein at least one computer program that is executed by a processor in an electronic device to implement the above-mentioned event-driven auditing method under a distributed environment.
According to the embodiment of the invention, the audit data generated in the process of executing the business operation by the target business is captured by utilizing the preset audit event model, the problem that a plurality of audit source data in the distributed environment are inconsistent can be solved, meanwhile, the business operation and the audit data are assembled by utilizing the database transaction method to obtain the audit event, the business operation and the audit data generation are ensured to be in the same transaction, the audit data are prevented from being lost or garbage data are generated, and finally, the link length of the audit data acquired by the audit platform can be shortened by utilizing the event bus management and the audit event transmission, so that the event-driven audit method in the distributed environment provided by the invention can improve the audit efficiency and the audit accuracy.
Drawings
FIG. 1 is a flow chart of an event-driven audit method in a distributed environment according to an embodiment of the present invention;
FIG. 2 is a schematic diagram illustrating a detailed implementation flow of one of the steps in an event-driven audit method in a distributed environment according to an embodiment of the present invention;
FIG. 3 is a functional block diagram of an audit device driven by events in a distributed environment according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device implementing the event-driven audit method in the distributed environment according to an embodiment of the present invention.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
The embodiment of the application provides an event-driven auditing method in a distributed environment. The execution subject of the event-driven audit method in the distributed environment includes, but is not limited to, at least one of a server, a terminal, and the like, which can be configured to execute the method provided by the embodiment of the application. In other words, the event-driven auditing method in the distributed environment may be performed by software or hardware installed on a terminal device or a server device, where the software may be a blockchain platform. The server may be an independent server, or may be a cloud server that provides cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communications, middleware services, domain name services, security services, content delivery networks (ContentDelivery Network, CDN), and basic cloud computing services such as big data and artificial intelligence platforms.
Referring to fig. 1, a flow chart of an event-driven audit method in a distributed environment according to an embodiment of the present invention is shown. In this embodiment, the event-driven auditing method in a distributed environment includes:
s1, grabbing audit data generated by a target service in the process of executing service operation according to a preset audit event model by using a preset audit tool;
the embodiment of the invention takes financial business systems such as banks, securities trade and the like as an example to describe the event-driven auditing method under the distributed environment. It will be appreciated that, in general, the above-mentioned financial service system is often distributed, and the service system operates on a plurality of servers that may be deployed in different geographic locations, where the plurality of servers communicate via a network to jointly complete tasks and process data.
In the embodiment of the present invention, the preset audit model is a model for describing and recording audit activities, including but not limited to defining event types, event attributes, event behaviors, event results, event associations, etc. related to the audit activities.
Illustratively, the preset audit event model includes the following:
A. audit event types, e.g., login, data access, data modification, system configuration change, etc.;
B. audit event application IDs, e.g., different audit event application IDs are set for banking core business, securities trade business;
C. auditing event business attributes, e.g. payment, deposit, application for insurance, loan application
D. Front page information, e.g., front page ID, front page route ID, front page name, etc.
It will be appreciated that audits for financial transaction systems such as banks, securities transactions, etc., include, but are not limited to, data integrity audits, data access audits, data security audits, data change audits, and data compliance audits. Since the financial service system is deployed in a distributed environment, and the service system supports a wide variety of services, such as an insurance application service, a loan service, a securities trade service, etc. And different services may have non-uniform interfaces and non-uniform data specifications. The audit data generated by different servers and different businesses can be unified and standardized through the preset audit model.
In the embodiment of the invention, the preset audit tool can be an SDK (Software Development Kit ) which provides the functions of tracking business operation, identifying audit burial points, grabbing audit data and generating audit events.
In an optional embodiment of the present invention, before the grasping, by using a preset audit tool according to a preset audit event model, audit data generated in a process of executing a service operation by a target service, the method further includes:
embedding the preset auditing tool into the target service;
deploying audit burial points in the target business;
and after the audit burial point is triggered, activating the preset audit tool.
Preferably, the preset audit tool can be embedded into the target business execution logic, so that audit data and business operations are packaged in the same transaction, and the audit data is prevented from being lost or garbage data is prevented from being generated.
In the embodiment of the invention, the target business refers to a business running on the same or different servers in the financial business system, such as an insurance application business, a loan business, a securities trade business and the like. Accordingly, the business operations performed by the target business include, but are not limited to, user login, data query, access control, data modification, and the like.
In the embodiment of the invention, the audit burial point can be flexibly set according to actual needs in the execution process of the target service, and when the target service is executed to the audit burial point, the audit burial point is triggered, and the preset audit tool is activated.
In the embodiment of the invention, taking data access audit as an example, when a user accesses a target service, the generated audit data comprises, but is not limited to, data such as user identity, login time, login page URL, user authority and the like.
S2, assembling the business operation and the audit data according to a database transaction method to obtain an audit event;
in the embodiment of the present invention, the database transaction method refers to that the database operation corresponding to the service operation and the operation for generating the audit data are regarded as a logic unit, and the service operation and the operation for generating the audit data are either all executed successfully or all rolled back, and are not executed partially or rolled back partially, and if any operation in the database transaction fails, the whole database transaction is rolled back to the state before the database transaction. Therefore, business operation and audit data generation operation can be guaranteed to be in the same transaction, and audit data loss or garbage data generation can be prevented.
In detail, the assembling the business operation and the audit data according to the database transaction method to obtain an audit event includes:
identifying a database corresponding to the business operation;
and writing the audit data into the database by using the database transaction method to obtain an audit event.
In the embodiment of the invention, the audit data is prevented from being lost or garbage data is prevented from being generated by encapsulating the generation of the audit event and the business operation into the same database transaction.
S3, gathering the audit events by using an event bus, and sending the gathered audit events to a preset audit platform.
In the embodiment of the invention, in order to realize orderly sending of the audit events to the preset audit platform, the generated audit events can be converged in an event bus mode and then sent to the preset audit platform uniformly.
In the embodiment of the invention, the preset audit platform refers to a platform of an executable audit script built for common audit tasks of the financial service system.
In detail, referring to fig. 2, the sending the aggregated audit event to the preset audit platform includes:
s31, according to preset audit event sending rules, an audit event is extracted from the event bus to serve as an audit task;
s32, forming an audit task into a message queue according to the generation time sequence of the audit event, and sending the message queue to the preset audit platform.
In the embodiment of the invention, the preset audit event sending rule can be set according to actual service requirements, for example, audit tasks are sent to the preset audit platform according to fixed time frequency; or according to the tide characteristics of the financial business system, adopting variable frequency to send an audit task to the preset audit platform; or when the audit tasks are accumulated to a certain threshold value, sending the audit tasks to the preset audit platform.
According to the embodiment of the invention, the audit data generated in the process of executing the business operation by the target business is captured by utilizing the preset audit event model, the problem that a plurality of audit source data in the distributed environment are inconsistent can be solved, meanwhile, the business operation and the audit data are assembled by utilizing the database transaction method to obtain the audit event, the business operation and the audit data generation are ensured to be in the same transaction, the audit data are prevented from being lost or garbage data are generated, and finally, the link length of the audit data acquired by the audit platform can be shortened by utilizing the event bus management and the audit event transmission, so that the event-driven audit method in the distributed environment provided by the invention can improve the audit efficiency and the audit accuracy.
FIG. 3 is a functional block diagram of an event-driven auditing apparatus in a distributed environment according to an embodiment of the present invention.
The event-driven auditing apparatus 100 in the distributed environment according to the present invention may be installed in an electronic device. Depending on the implementation, the event-driven audit device 100 in the distributed environment may include an audit data grabbing module 101, an audit event assembling module, and an audit event sending module 103. The module of the invention, which may also be referred to as a unit, refers to a series of computer program segments, which are stored in the memory of the electronic device, capable of being executed by the processor of the electronic device and of performing a fixed function.
In the present embodiment, the functions concerning the respective modules/units are as follows:
the audit data grabbing module 101 is configured to grab audit data generated by a target service in a service operation executing process according to a preset audit event model by using a preset audit tool;
the audit event assembling module 102 is configured to assemble the business operation and the audit data according to a database transaction method to obtain an audit event;
the audit event sending module 103 is configured to aggregate the audit events by using an event bus, and send the aggregate audit events to a preset audit platform.
In detail, the specific implementation manner of the event-driven auditing apparatus 100 in the distributed environment is as follows:
firstly, grabbing audit data generated by a target service in the process of executing service operation according to a preset audit event model by using a preset audit tool;
the embodiment of the invention takes financial business systems such as banks, securities trade and the like as an example to describe the event-driven auditing method under the distributed environment. It will be appreciated that, in general, the above-mentioned financial service system is often distributed, and the service system operates on a plurality of servers that may be deployed in different geographic locations, where the plurality of servers communicate via a network to jointly complete tasks and process data.
In the embodiment of the present invention, the preset audit model is a model for describing and recording audit activities, including but not limited to defining event types, event attributes, event behaviors, event results, event associations, etc. related to the audit activities.
Illustratively, the preset audit event model includes the following:
A. audit event types, e.g., login, data access, data modification, system configuration change, etc.;
B. audit event application IDs, e.g., different audit event application IDs are set for banking core business, securities trade business;
C. auditing event business attributes, e.g. payment, deposit, application for insurance, loan application
D. Front page information, e.g., front page ID, front page route ID, front page name, etc.
It will be appreciated that audits for financial transaction systems such as banks, securities transactions, etc., include, but are not limited to, data integrity audits, data access audits, data security audits, data change audits, and data compliance audits. Since the financial service system is deployed in a distributed environment, and the service system supports a wide variety of services, such as an insurance application service, a loan service, a securities trade service, etc. And different services may have non-uniform interfaces and non-uniform data specifications. The audit data generated by different servers and different businesses can be unified and standardized through the preset audit model.
In the embodiment of the invention, the preset audit tool can be an SDK (Software Development Kit ) which provides the functions of tracking business operation, identifying audit burial points, grabbing audit data and generating audit events.
In an optional embodiment of the present invention, before the grasping, by using a preset audit tool according to a preset audit event model, audit data generated in a process of executing a service operation by a target service, the method further includes:
embedding the preset auditing tool into the target service;
deploying audit burial points in the target business;
and after the audit burial point is triggered, activating the preset audit tool.
Preferably, the preset audit tool can be embedded into the target business execution logic, so that audit data and business operations are packaged in the same transaction, and the audit data is prevented from being lost or garbage data is prevented from being generated.
In the embodiment of the invention, the target business refers to a business running on the same or different servers in the financial business system, such as an insurance application business, a loan business, a securities trade business and the like. Accordingly, the business operations performed by the target business include, but are not limited to, user login, data query, access control, data modification, and the like.
In the embodiment of the invention, the audit burial point can be flexibly set according to actual needs in the execution process of the target service, and when the target service is executed to the audit burial point, the audit burial point is triggered, and the preset audit tool is activated.
In the embodiment of the invention, taking data access audit as an example, when a user accesses a target service, the generated audit data comprises, but is not limited to, data such as user identity, login time, login page URL, user authority and the like.
Step two, according to a database transaction method, assembling the business operation and the audit data to obtain an audit event;
in the embodiment of the present invention, the database transaction method refers to that the database operation corresponding to the service operation and the operation for generating the audit data are regarded as a logic unit, and the service operation and the operation for generating the audit data are either all executed successfully or all rolled back, and are not executed partially or rolled back partially, and if any operation in the database transaction fails, the whole database transaction is rolled back to the state before the database transaction. Therefore, business operation and audit data generation operation can be guaranteed to be in the same transaction, and audit data loss or garbage data generation can be prevented.
In detail, the assembling the business operation and the audit data according to the database transaction method to obtain an audit event includes:
identifying a database corresponding to the business operation;
and writing the audit data into the database by using the database transaction method to obtain an audit event.
In the embodiment of the invention, the audit data is prevented from being lost or garbage data is prevented from being generated by encapsulating the generation of the audit event and the business operation into the same database transaction.
And thirdly, converging the audit events by using an event bus, and sending the converged audit events to a preset audit platform.
In the embodiment of the invention, in order to realize orderly sending of the audit events to the preset audit platform, the generated audit events can be converged in an event bus mode and then sent to the preset audit platform uniformly.
In the embodiment of the invention, the preset audit platform refers to a platform of an executable audit script built for common audit tasks of the financial service system.
In detail, the sending the aggregated audit event to a preset audit platform includes:
according to preset audit event sending rules, an audit event is extracted from the event bus to serve as an audit task;
and forming an audit task into a message queue according to the generation time sequence of the audit event, and sending the message queue to the preset audit platform.
In the embodiment of the invention, the preset audit event sending rule can be set according to actual service requirements, for example, audit tasks are sent to the preset audit platform according to fixed time frequency; or according to the tide characteristics of the financial business system, adopting variable frequency to send an audit task to the preset audit platform; or when the audit tasks are accumulated to a certain threshold value, sending the audit tasks to the preset audit platform.
According to the embodiment of the invention, the audit data generated in the process of executing the business operation by the target business is captured by utilizing the preset audit event model, the problem that a plurality of audit source data in the distributed environment are inconsistent can be solved, meanwhile, the business operation and the audit data are assembled by utilizing the database transaction method to obtain the audit event, the business operation and the audit data generation are ensured to be in the same transaction, the audit data are prevented from being lost or garbage data are generated, and finally, the link length of the audit data acquired by the audit platform can be shortened by utilizing the event bus management and the audit event transmission, so that the event-driven audit method in the distributed environment provided by the invention can improve the audit efficiency and the audit accuracy.
Fig. 4 is a schematic structural diagram of an electronic device implementing an event-driven audit method in a distributed environment according to an embodiment of the present invention.
The electronic device 1 may comprise a processor 10, a memory 11 and a bus, and may further comprise a computer program stored in the memory 11 and executable on the processor 10, such as an event driven audit program in a distributed environment.
The memory 11 includes at least one type of readable storage medium, including flash memory, a mobile hard disk, a multimedia card, a card memory (e.g., SD or DX memory, etc.), a magnetic memory, a magnetic disk, an optical disk, etc. The memory 11 may in some embodiments be an internal storage unit of the electronic device 1, such as a removable hard disk of the electronic device 1. The memory 11 may in other embodiments also be an external storage device of the electronic device 1, such as a plug-in mobile hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card) or the like, which are provided on the electronic device 1. Further, the memory 11 may also include both an internal storage unit and an external storage device of the electronic device 1. The memory 11 may be used not only for storing application software installed in the electronic device 1 and various types of data, such as code of an event-driven audit program in a distributed environment, but also for temporarily storing data that has been output or is to be output.
The processor 10 may be comprised of integrated circuits in some embodiments, for example, a single packaged integrated circuit, or may be comprised of multiple integrated circuits packaged with the same or different functions, including one or more central processing units (Central Processing unit, CPU), microprocessors, digital processing chips, graphics processors, combinations of various control chips, and the like. The processor 10 is a Control Unit (Control Unit) of the electronic device, connects various components of the entire electronic device using various interfaces and lines, executes or executes programs or modules (e.g., event-driven audit programs in a distributed environment, etc.) stored in the memory 11, and invokes data stored in the memory 11 to perform various functions of the electronic device 1 and process data.
The bus may be a peripheral component interconnect standard (peripheral component interconnect, PCI) bus or an extended industry standard architecture (extended industry standard architecture, EISA) bus, among others. The bus may be classified as an address bus, a data bus, a control bus, etc. The bus is arranged to enable a connection communication between the memory 11 and at least one processor 10 etc.
Fig. 4 shows only an electronic device with components, it being understood by a person skilled in the art that the structure shown in fig. 4 does not constitute a limitation of the electronic device 1, and may comprise fewer or more components than shown, or may combine certain components, or may be arranged in different components.
For example, although not shown, the electronic device 1 may further include a power source (such as a battery) for supplying power to each component, and preferably, the power source may be logically connected to the at least one processor 10 through a power management device, so that functions of charge management, discharge management, power consumption management, and the like are implemented through the power management device. The power supply may also include one or more of any of a direct current or alternating current power supply, recharging device, power failure detection circuit, power converter or inverter, power status indicator, etc. The electronic device 1 may further include various sensors, bluetooth modules, wi-Fi modules, etc., which will not be described herein.
Further, the electronic device 1 may also comprise a network interface, optionally the network interface may comprise a wired interface and/or a wireless interface (e.g. WI-FI interface, bluetooth interface, etc.), typically used for establishing a communication connection between the electronic device 1 and other electronic devices.
The electronic device 1 may optionally further comprise a user interface, which may be a Display, an input unit, such as a Keyboard (Keyboard), or a standard wired interface, a wireless interface. Alternatively, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode) touch, or the like. The display may also be referred to as a display screen or display unit, as appropriate, for displaying information processed in the electronic device 1 and for displaying a visual user interface.
It should be understood that the embodiments described are for illustrative purposes only and are not limited to this configuration in the scope of the patent application.
The event driven audit program in a distributed environment stored in the memory 11 of the electronic device 1 is a combination of instructions that, when executed in the processor 10, may implement:
grabbing audit data generated by a target service in the process of executing service operation according to a preset audit event model by using a preset audit tool;
assembling the business operation and the audit data according to a database transaction method to obtain an audit event;
and converging the audit events by using an event bus, and sending the converged audit events to a preset audit platform.
Further, the modules/units integrated in the electronic device 1 may be stored in a computer readable storage medium if implemented in the form of software functional units and sold or used as separate products. The computer readable storage medium may be volatile or nonvolatile. For example, the computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM).
The present invention also provides a computer readable storage medium storing a computer program which, when executed by a processor of an electronic device, can implement:
grabbing audit data generated by a target service in the process of executing service operation according to a preset audit event model by using a preset audit tool;
assembling the business operation and the audit data according to a database transaction method to obtain an audit event;
and converging the audit events by using an event bus, and sending the converged audit events to a preset audit platform.
In addition, each functional module in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units can be realized in a form of hardware or a form of hardware and a form of software functional modules.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof.
The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.
The blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and the like. The Blockchain (Blockchain), which is essentially a decentralised database, is a string of data blocks that are generated by cryptographic means in association, each data block containing a batch of information of network transactions for verifying the validity of the information (anti-counterfeiting) and generating the next block. The blockchain may include a blockchain underlying platform, a platform product services layer, an application services layer, and the like.
The embodiment of the application can acquire and process the related data based on the artificial intelligence technology. Among these, artificial intelligence (Artificial Intelligence, AI) is the theory, method, technique and application system that uses a digital computer or a digital computer-controlled machine to simulate, extend and extend human intelligence, sense the environment, acquire knowledge and use knowledge to obtain optimal results.
Furthermore, it is evident that the word "comprising" does not exclude other elements or steps, and that the singular does not exclude a plurality. A plurality of units or means recited in the system claims can also be implemented by means of software or hardware by means of one unit or means. The terms second, etc. are used to denote a name, but not any particular order.
Finally, it should be noted that the above-mentioned embodiments are merely for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications and equivalents may be made to the technical solution of the present invention without departing from the spirit and scope of the technical solution of the present invention.
Claims (10)
1. An event-driven auditing method in a distributed environment, the method comprising:
grabbing audit data generated by a target service in the process of executing service operation according to a preset audit event model by using a preset audit tool;
assembling the business operation and the audit data according to a database transaction method to obtain an audit event;
and converging the audit events by using an event bus, and sending the converged audit events to a preset audit platform.
2. The method for event-driven audit in a distributed environment according to claim 1, wherein said assembling said business operations and audit data according to a database transaction method to obtain an audit event comprises:
identifying a database corresponding to the business operation;
and writing the audit data into the database by using the database transaction method to obtain an audit event.
3. The method for event-driven auditing under a distributed environment according to claim 1, wherein the sending the aggregated audit events to a preset audit platform comprises:
according to preset audit event sending rules, an audit event is extracted from the event bus to serve as an audit task;
and forming an audit task into a message queue according to the generation time sequence of the audit event, and sending the message queue to the preset audit platform.
4. The method for event-driven auditing under a distributed environment according to claim 3, wherein the preset audit event transmission rule is: and sending an audit task to the preset audit platform according to the fixed time frequency.
5. The method for event-driven auditing in a distributed environment according to claim 1, wherein the method further comprises, before grasping audit data generated by a target business in the course of executing the business operation, according to a preset audit event model using a preset audit tool:
embedding the preset auditing tool into the target service;
deploying audit burial points in the target business;
and after the audit burial point is triggered, activating the preset audit tool.
6. An event driven audit device in a distributed environment, the device comprising:
the audit data grabbing module is used for grabbing audit data generated by the target business in the process of executing business operation according to a preset audit event model by using a preset audit tool;
the audit event assembling module is used for assembling the business operation and the audit data according to a database transaction method to obtain an audit event;
and the audit event sending module is used for converging the audit events by utilizing an event bus and sending the converged audit events to a preset audit platform.
7. The event driven audit device in a distributed environment as recited in claim 6, wherein the audit event assembly module obtains the audit event by:
identifying a database corresponding to the business operation;
and writing the audit data into the database by using the database transaction method to obtain an audit event.
8. The event driven audit device in a distributed environment according to claim 6 wherein the audit event transmitting module transmits audit events by:
according to preset audit event sending rules, an audit event is extracted from the event bus to serve as an audit task;
and forming an audit task into a message queue according to the generation time sequence of the audit event, and sending the message queue to the preset audit platform.
9. An electronic device, the electronic device comprising:
at least one processor; the method comprises the steps of,
a memory communicatively coupled to the at least one processor; wherein,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the event driven auditing method in a distributed environment as claimed in any of claims 1 to 5.
10. A computer readable storage medium storing a computer program which when executed by a processor implements an event driven auditing method according to any of claims 1 to 5 in a distributed environment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311583530.9A CN117611369A (en) | 2023-11-24 | 2023-11-24 | Event-driven auditing method, device, equipment and medium in distributed environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311583530.9A CN117611369A (en) | 2023-11-24 | 2023-11-24 | Event-driven auditing method, device, equipment and medium in distributed environment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117611369A true CN117611369A (en) | 2024-02-27 |
Family
ID=89949237
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311583530.9A Pending CN117611369A (en) | 2023-11-24 | 2023-11-24 | Event-driven auditing method, device, equipment and medium in distributed environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117611369A (en) |
-
2023
- 2023-11-24 CN CN202311583530.9A patent/CN117611369A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110838065A (en) | Transaction data processing method and device | |
| CN107798037A (en) | The acquisition methods and server of user characteristic data | |
| CN111429121B (en) | Block chain-based electronic ticket processing method, device, equipment and storage medium | |
| CN113688923A (en) | Intelligent order abnormity detection method and device, electronic equipment and storage medium | |
| CN114881616A (en) | Business process execution method and device, electronic equipment and storage medium | |
| CN113806434A (en) | Big data processing method, device, equipment and medium | |
| CN115168166A (en) | Method, device and equipment for recording business data change and storage medium | |
| CN114519084A (en) | Block chain-based medical data inspection method, device, equipment and medium | |
| CN114185776A (en) | Big data point burying method, device, equipment and medium for application program | |
| CN112217639B (en) | Data encryption sharing method and device, electronic equipment and computer storage medium | |
| CN114399397A (en) | Renewal tracking method, device, equipment and medium | |
| CN115357666A (en) | Abnormal business behavior identification method and device, electronic equipment and storage medium | |
| CN117611369A (en) | Event-driven auditing method, device, equipment and medium in distributed environment | |
| CN115759746A (en) | Configurable user early warning method and device, electronic equipment and storage medium | |
| CN109600250A (en) | Operation system failure notification method, device, electronic device and storage medium | |
| CN114911479A (en) | Interface generation method, device, equipment and storage medium based on configuration | |
| CN115168848A (en) | Interception feedback processing method based on big data analysis interception | |
| CN114066451A (en) | Method and system for managing fund transaction and electronic equipment | |
| CN112905661A (en) | Data processing method, system, device, server and medium | |
| CN112686759A (en) | Account checking monitoring method, device, equipment and medium | |
| CN111652682B (en) | Service data matching method and device, electronic equipment and computer storage medium | |
| CN113360375B (en) | Transaction testing method, device, electronic equipment and storage medium | |
| CN116610465A (en) | Event notification-based message sending method and device, electronic equipment and medium | |
| CN114416661A (en) | Data reporting method, device, equipment and storage medium | |
| CN115174555A (en) | File transmission method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |