[go: up one dir, main page]

CN117591490A - Data processing methods, devices, equipment and storage media for audit logs - Google Patents

Data processing methods, devices, equipment and storage media for audit logs Download PDF

Info

Publication number
CN117591490A
CN117591490A CN202311542078.1A CN202311542078A CN117591490A CN 117591490 A CN117591490 A CN 117591490A CN 202311542078 A CN202311542078 A CN 202311542078A CN 117591490 A CN117591490 A CN 117591490A
Authority
CN
China
Prior art keywords
information
version
audit
original version
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311542078.1A
Other languages
Chinese (zh)
Inventor
刘立近
杨勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Inspur Jinan data Technology Co ltd
Original Assignee
Inspur Jinan data Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inspur Jinan data Technology Co ltd filed Critical Inspur Jinan data Technology Co ltd
Priority to CN202311542078.1A priority Critical patent/CN117591490A/en
Publication of CN117591490A publication Critical patent/CN117591490A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/21Design, administration or maintenance of databases
    • G06F16/219Managing data history or versioning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/0706Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment
    • G06F11/0709Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation the processing taking place on a specific hardware platform or in a specific software environment in a distributed system consisting of a plurality of standalone computer nodes, e.g. clusters, client-server systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/0766Error or fault reporting or storing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Quality & Reliability (AREA)
  • Computer Hardware Design (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention relates to the technical field of data processing, and discloses a data processing method, device, equipment and storage medium of an audit log, which comprises the following steps: acquiring an object change request initiated for any one of the audit objects in the target cluster and original version copy information corresponding to the original version information; generating an audit log based on the object change request, and updating original version copy information based on the object change request; analyzing the audit log to obtain the object name of the audit object and the corresponding version identification field; generating a version acquisition request based on the object name and the version identification field to acquire original version information of the audit object; the invention can store the historical version of the audit object in the data storage center, and change the copy information of the historical version information when the audit object changes the object, thereby obtaining the historical version information of each audit object according to the audit log and recovering the cluster to the original state when the cluster fails.

Description

审计日志的数据处理方法、装置、设备及存储介质Data processing methods, devices, equipment and storage media for audit logs

技术领域Technical field

本发明涉及数据处理技术领域,具体涉及一种审计日志的数据处理方法、装置、设备及存储介质。The invention relates to the field of data processing technology, and specifically to a data processing method, device, equipment and storage medium for audit logs.

背景技术Background technique

k8s(Kubernetes)是一种开源的容器编排平台,用于自动化容器的部署、伸缩和管理。审计日志用于k8s集群中的操作事件记录,以及审计、安全和故障排除等目的,以保证k8s集群的安全和可靠性。当集群发生故障时,则需要根据审计日志将集群恢复到原来的状态。然而,由于审计日志会记录请求和相应的消息体,但是并没有记录变动字段变化前的值,此时则需要拦截k8s集群中的所有请求,并且需要在获取待修改对象值后才通过该请求,将一次修改请求变成一次修改加一次获取请求。增长了k8s请求响应时间,加重了k8s集群负担,导致整个集群运行效率降低。k8s (Kubernetes) is an open source container orchestration platform used to automate the deployment, scaling and management of containers. Audit logs are used for recording operational events in k8s clusters, as well as for auditing, security, and troubleshooting purposes to ensure the security and reliability of k8s clusters. When a cluster failure occurs, the cluster needs to be restored to its original state based on the audit log. However, since the audit log records the request and the corresponding message body, but does not record the value before the change field is changed, at this time, all requests in the k8s cluster need to be intercepted, and the request needs to be passed after obtaining the object value to be modified. , turning a modification request into a modification plus an acquisition request. It increases the k8s request response time, increases the burden on the k8s cluster, and reduces the operating efficiency of the entire cluster.

发明内容Contents of the invention

有鉴于此,本发明提供了一种审计日志的数据处理方法、装置、设备及存储介质,以解决现有审计日志在获取Kubernetes集群中相应对象变更前的字段值时,需要拦截Kubernetes集群中的所有请求,并且需要在获取待修改对象值后才通过该请求,将一次修改请求变成一次修改加一次获取请求,增长了Kubernetes请求响应时间,加重了Kubernetes集群负担,导致整个集群运行效率降低的问题。In view of this, the present invention provides a data processing method, device, equipment and storage medium for audit logs to solve the problem that existing audit logs need to intercept the field values in the Kubernetes cluster when obtaining the field values before the corresponding objects in the Kubernetes cluster are changed. All requests need to be passed after obtaining the object value to be modified, turning a modification request into a modification plus an acquisition request, which increases the Kubernetes request response time, increases the burden on the Kubernetes cluster, and reduces the operating efficiency of the entire cluster. question.

第一方面,本发明提供了一种审计日志的数据处理方法,应用于目标集群的数据存储中心,数据存储中心内存储有原始版本集,原始版本集包括多个原始版本信息,该方法包括:获取针对目标集群中任一审计对象所发起的对象变更请求以及对应原始版本信息的原始版本副本信息;基于对象变更请求生成审计日志,并基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息;对审计日志进行解析,以得到审计对象的对象名称及对应的版本标识字段;基于对象名称及版本标识字段生成版本获取请求,以获取审计对象的原始版本信息。通过上述过程,可以将各审计对象的历史版本数据存储在数据存储中心,在集群中各审计对象进行对象变更时对历史版本信息的副本信息进行变更,从而在集群发生故障时,能够根据审计日志获取各审计对象的历史版本信息,并将集群恢复到原来的状态。In a first aspect, the present invention provides a data processing method for audit logs, which is applied to the data storage center of the target cluster. The data storage center stores an original version set, and the original version set includes multiple original version information. The method includes: Obtain the object change request initiated for any audit object in the target cluster and the original version copy information corresponding to the original version information; generate an audit log based on the object change request, and update the original version copy information based on the object change request to convert the original The version copy information is updated to the target version information; the audit log is parsed to obtain the object name of the audit object and the corresponding version identification field; a version acquisition request is generated based on the object name and version identification field to obtain the original version information of the audit object. Through the above process, the historical version data of each audit object can be stored in the data storage center. When each audit object in the cluster changes the object, the copy information of the historical version information can be changed, so that when the cluster fails, the audit log can be updated based on the audit log. Obtain the historical version information of each audit object and restore the cluster to its original state.

使云主机对从其他云主机迁移或者挂载过来的加密盘中的数据进行正常使用,且保证了加密数据盘中存储数据进行加密信息转换的安全性及完整性。This enables the cloud host to normally use the data in the encrypted disk that has been migrated or mounted from other cloud hosts, and ensures the security and integrity of the encrypted information conversion of the data stored in the encrypted data disk.

在一些可选的实施方式中,获取针对目标集群中任一审计对象所发起的对象变更请求以及对应原始版本信息的原始版本副本信息,包括:In some optional implementations, obtain the object change request initiated for any audit object in the target cluster and the original version copy information corresponding to the original version information, including:

获取目标集群中的一个或者多个待审计的审计对象;Obtain one or more audit objects to be audited in the target cluster;

针对任一审计对象,当接收到对象变更请求时,基于对象变更请求获取原始版本集中最新的原始版本信息;For any audit object, when an object change request is received, the latest original version information in the original version set is obtained based on the object change request;

将最新的原始版本信息更新至信息副本中,以得到原始版本副本信息。Update the latest original version information to the information copy to obtain the original version copy information.

在一些可选的实施方式中,基于对象变更请求对原始版本副本信息进行更新,包括:In some optional implementations, the original version copy information is updated based on the object change request, including:

获取对象变更请求的请求信息;Obtain the request information of the object change request;

将请求信息的第一信息长度与原始版本副本信息的第二信息长度进行比对,得到长度比对结果;Compare the first information length of the request information with the second information length of the original version copy information to obtain a length comparison result;

当比对结果表征第一信息长度与第二信息长度不同时,基于请求信息对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息。When the comparison result indicates that the first information length and the second information length are different, the original version copy information is updated based on the request information to update the original version copy information to the target version information.

在一些可选的实施方式中,上述方法还包括:In some optional implementations, the above method further includes:

当比对结果表征第一信息长度与第二信息长度相同时,分别从请求信息的两端截取预设步长的第一请求信息,并组合得到第一组合请求信息;When the comparison result indicates that the length of the first information and the length of the second information are the same, intercept the first request information with a preset step size from both ends of the request information, and combine them to obtain the first combined request information;

分别从原始版本副本信息的两端截取预设步长的第二请求信息,并组合得到第二组合请求信息;Intercept the second request information of the preset step size from both ends of the original version copy information, and combine them to obtain the second combined request information;

当请求信息两端小于预设步长时,对请求信息两端进行补位,以使请求信息两端达到预设步长;When both ends of the request information are smaller than the preset step size, both ends of the request information are padded so that both ends of the request information reach the preset step size;

当原始版本副本信息两端小于预设步长时,对原始版本副本信息两端进行补位,以使原始版本副本信息两端达到预设步长;When both ends of the original version copy information are smaller than the preset step size, the two ends of the original version copy information are padded so that both ends of the original version copy information reach the preset step size;

对比第一组合请求信息的内容与第二组合请求信息的内容,得到内容比对结果;Compare the content of the first combination request information with the content of the second combination request information to obtain a content comparison result;

当内容比对结果表征第一组合请求信息的内容与第二组合请求信息的内容不同时,基于请求信息对原始版本副本信息进行更新;When the content comparison result indicates that the content of the first combination request information is different from the content of the second combination request information, update the original version copy information based on the request information;

当内容比对结果表征第一组合请求信息的内容与第二组合请求信息的内容相同时,获取请求信息中除去第一组合请求信息的第一剩余请求信息,以及原始版本副本信息中除去第二组合请求信息的第二剩余请求信息;When the content comparison result indicates that the content of the first combination request information is the same as the content of the second combination request information, obtain the first remaining request information excluding the first combination request information in the request information, and the original version copy information excluding the second combining the second remaining request information of the request information;

对比第一剩余请求信息的内容与第二剩余请求信息的容,并基于比对结果更新原始版本副本信息。Compare the content of the first remaining request information with the content of the second remaining request information, and update the original version copy information based on the comparison result.

在一些可选的实施方式中,对比第一组合请求信息的内容与第二组合请求信息的内容,得到内容比对结果,包括:In some optional implementations, compare the content of the first combined request information with the content of the second combined request information to obtain a content comparison result, including:

获取第一组合请求信息中各字符的字符值;Obtain the character value of each character in the first combination of request information;

将第一组合请求信息中各字符的字符值与第二组合请求信息中对应字符的字符值进行比对;Compare the character value of each character in the first combination request information with the character value of the corresponding character in the second combination request information;

当第一组合请求信息中各字符的字符值与第二组合请求信息中对应字符的字符值均相同,生成表征第一组合请求信息的内容与第二组合请求信息的内容相同的内容比对结果;When the character value of each character in the first combination request information is the same as the character value of the corresponding character in the second combination request information, a content comparison result indicating that the content of the first combination request information and the content of the second combination request information are the same is generated. ;

当第一组合请求信息中各字符的字符值与第二组合请求信息中对应的任一字符的字符值不同,生成表征第一组合请求信息的内容与第二组合请求信息的内容不同的内容比对结果。When the character value of each character in the first combination request information is different from the character value of any corresponding character in the second combination request information, a content ratio indicating that the content of the first combination request information is different from the content of the second combination request information is generated. to the results.

在一些可选的实施方式中,获取审计对象的原始版本信息,包括:In some optional implementations, obtaining the original version information of the audit object includes:

将对象名称与版本标识字段进行拼接,得到版本获取请求;Splice the object name and version identification field to obtain the version acquisition request;

识别原始版本集中与版本获取请求对应的版本信息,以得到审计对象的原始版本信息。Identify the version information corresponding to the version acquisition request in the original version set to obtain the original version information of the audit object.

在一些可选的实施方式中,获取审计对象的原始版本信息,还包括:In some optional implementations, obtaining the original version information of the audit object also includes:

将版本标识字段转化为版本号;Convert the version identification field into a version number;

基于版本号及对象名称,获取原始版本集中对应原始版本信息的存储路径;Based on the version number and object name, obtain the storage path corresponding to the original version information in the original version set;

基于存储路径获取审计对象的原始版本信息。Obtain the original version information of the audit object based on the storage path.

第二方面,本发明提供了一种审计日志的数据处理装置,应用于目标集群的数据存储中心,数据存储中心内存储有原始版本集,原始版本集包括多个原始版本信息,该装置主要包括:信息获取模块、信息更新模块、日志解析模块,以及请求生成模块;其中,信息获取模块,用于获取针对目标集群中任一审计对象所发起的对象变更请求以及对应原始版本信息的原始版本副本信息;信息更新模块,用于基于对象变更请求生成审计日志,并基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息;日志解析模块,用于对审计日志进行解析,以得到审计对象的对象名称及对应的版本标识字段;请求生成模块,用于基于对象名称及版本标识字段生成版本获取请求,以获取审计对象的原始版本信息。通过上述过程,可以将各审计对象的历史版本数据存储在数据存储中心,在集群中各审计对象进行对象变更时对历史版本信息的副本信息进行变更,从而在集群发生故障时,能够根据审计日志获取各审计对象的历史版本信息,并将集群恢复到原来的状态。In a second aspect, the present invention provides a data processing device for audit logs, which is applied to a data storage center of a target cluster. An original version set is stored in the data storage center. The original version set includes multiple original version information. The device mainly includes : Information acquisition module, information update module, log parsing module, and request generation module; among them, the information acquisition module is used to obtain an object change request initiated for any audit object in the target cluster and a copy of the original version of the corresponding original version information Information; information update module, used to generate audit logs based on object change requests, and update original version copy information based on object change requests, so as to update original version copy information to target version information; log parsing module, used to analyze audit logs Parse to obtain the object name of the audit object and the corresponding version identification field; the request generation module is used to generate a version acquisition request based on the object name and version identification field to obtain the original version information of the audit object. Through the above process, the historical version data of each audit object can be stored in the data storage center. When each audit object in the cluster changes the object, the copy information of the historical version information can be changed, so that when the cluster fails, the audit log can be updated based on the audit log. Obtain the historical version information of each audit object and restore the cluster to its original state.

第三方面,本发明提供了一种计算机设备,包括:存储器和处理器,存储器和处理器之间互相通信连接,存储器中存储有计算机指令,处理器通过执行计算机指令,从而执行上述第一方面或其对应的任一实施方式的审计日志的数据处理方法。In a third aspect, the present invention provides a computer device, including: a memory and a processor. The memory and the processor are communicatively connected to each other. Computer instructions are stored in the memory, and the processor executes the computer instructions to execute the first aspect. Or the data processing method of the audit log in any of its corresponding embodiments.

第四方面,本发明提供了一种计算机可读存储介质,该计算机可读存储介质上存储有计算机指令,计算机指令用于使计算机执行上述第一方面或其对应的任一实施方式的审计日志的数据处理方法。In a fourth aspect, the present invention provides a computer-readable storage medium. Computer instructions are stored on the computer-readable storage medium. The computer instructions are used to cause the computer to execute the audit log of the above-mentioned first aspect or any of its corresponding embodiments. data processing methods.

附图说明Description of drawings

为了更清楚地说明本发明具体实施方式或现有技术中的技术方案,下面将对具体实施方式或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施方式,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly explain the specific embodiments of the present invention or the technical solutions in the prior art, the accompanying drawings that need to be used in the description of the specific embodiments or the prior art will be briefly introduced below. Obviously, the drawings in the following description The drawings illustrate some embodiments of the present invention. For those of ordinary skill in the art, other drawings can be obtained based on these drawings without exerting any creative effort.

图1是本发明实施例的审计日志的数据处理方法的流程示意图;Figure 1 is a schematic flow chart of an audit log data processing method according to an embodiment of the present invention;

图2是本发明实施例的另一审计日志的数据处理方法的流程示意图;Figure 2 is a schematic flow chart of another audit log data processing method according to an embodiment of the present invention;

图3是本发明实施例的又一审计日志的数据处理方法的流程示意图;Figure 3 is a schematic flow chart of another audit log data processing method according to an embodiment of the present invention;

图4是本发明实施例的再一审计日志的数据处理方法的流程示意图;Figure 4 is a schematic flow chart of another audit log data processing method according to an embodiment of the present invention;

图5是本发明实施例的应用场景的示意图;Figure 5 is a schematic diagram of an application scenario according to an embodiment of the present invention;

图6是本发明实施例的另一应用场景的示意图;Figure 6 is a schematic diagram of another application scenario according to the embodiment of the present invention;

图7是本发明实施例的审计日志的数据处理装置的结构框图;Figure 7 is a structural block diagram of an audit log data processing device according to an embodiment of the present invention;

图8是本发明实施例的计算机设备的硬件结构示意图。Figure 8 is a schematic diagram of the hardware structure of a computer device according to an embodiment of the present invention.

具体实施方式Detailed ways

为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments These are some embodiments of the present invention, rather than all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative efforts fall within the scope of protection of the present invention.

本发明的说明书和权利要求书及上述附图中的术语“第一”和“第二”是用于区别不同对象,而非用于描述特定顺序。此外,术语“包括”以及它们任何变形,意图在于覆盖不排他的保护。例如包含了一系列步骤或单元的过程、方法、系统、产品或设备没有限定于已列出的步骤或单元,而是可选地还包括没有列出的步骤或单元,或可选地还包括对于这些过程、方法、产品或设备固有的其它步骤或单元。本发明中的“多个”可以表示至少两个,例如可以是两个、三个或者更多个,本发明实施例不做限制。The terms "first" and "second" in the description and claims of the present invention and the above-mentioned drawings are used to distinguish different objects, rather than describing a specific sequence. Furthermore, the term "includes" and any variations thereof are intended to cover non-exclusive protection. For example, a process, method, system, product or device that includes a series of steps or units is not limited to the listed steps or units, but optionally also includes steps or units that are not listed, or optionally also includes Other steps or units inherent to such processes, methods, products or devices. "Plural" in the present invention can mean at least two, for example, it can be two, three or more, which is not limited by the embodiment of the present invention.

在本实施例中提供了一种审计日志的数据处理方法,应用于目标集群的数据存储中心,该目标集群包括数据存储中心及信息处理中心,数据存储中心内存储有原始版本集,原始版本集包括多个原始版本信息;信息处理中心负责处理用户的请求,如对象变更请求,并在处理完成后,根据配置的审计策略,产生审计日志发送到指定的审计日志后端;数据存储中心,负责存储K8s集群中审计对象的数据存储及更新,具有多版本数据管理功能,支持用户访问指定版本的数据,并可以根据配置自动清理参数清理历史数据。图1是根据本发明实施例的审计日志的数据处理方法的流程图,如图1所示,该流程包括如下步骤:In this embodiment, a data processing method for audit logs is provided, which is applied to the data storage center of a target cluster. The target cluster includes a data storage center and an information processing center. The data storage center stores an original version set. The original version set Including multiple original version information; the information processing center is responsible for processing user requests, such as object change requests, and after the processing is completed, according to the configured audit policy, generate audit logs and send them to the designated audit log backend; the data storage center is responsible for It stores and updates the data of audit objects in the K8s cluster. It has multi-version data management functions, supports users to access specified versions of data, and can automatically clean historical data according to configured cleaning parameters. Figure 1 is a flow chart of an audit log data processing method according to an embodiment of the present invention. As shown in Figure 1, the process includes the following steps:

步骤S101,获取针对目标集群中任一审计对象所发起的对象变更请求以及对应原始版本信息的原始版本副本信息。Step S101: Obtain the object change request initiated for any audit object in the target cluster and the original version copy information corresponding to the original version information.

如上,通过获取针对目标集群中任一审计对象所发起的对象变更请求以便于基于该对象变更请求对审计对象的原始版本信息进行变更,通过基于对象变更请求对应原始版本信息的原始版本副本信息,以便于基于原始版本副本信息进行审计对象的版本数据变更,避免由于直接基于原始版本信息进行版本数据更新后,若集群故障时无法进行审计对象版本回溯的状况。As above, by obtaining the object change request initiated for any audit object in the target cluster so that the original version information of the audit object can be changed based on the object change request, and through the original version copy information corresponding to the original version information based on the object change request, In order to facilitate the version data change of the audit object based on the original version copy information, and avoid the situation where the version data of the audit object cannot be traced back if the cluster fails after the version data is updated directly based on the original version information.

在一些可选的实施方式中,由于目标集群,即k8s集群中通常包括一个或者多个待审计的审计对象,因此在对集中审计对象的版本信息进行变更时,可以获取目标集群中的一个或者多个待审计的审计对象;针对任一审计对象,当接收到对象变更请求时,基于对象变更请求获取原始版本集中最新的原始版本信息;将最新的原始版本信息更新至信息副本中,以得到原始版本副本信息。通过基于对象变更请求获取原始版本集中最新的原始版本信息,以便于将最新的原始版本信息存储在信息副本中,从而得到原始版本信息的原始版本副本信息,为审计对象版本的变更与回溯提供必要条件。其中,对象变更包括该审计对象所需变更的属性及相关信息,从而引起的版本变更。In some optional implementations, since the target cluster, that is, the k8s cluster usually includes one or more audit objects to be audited, when the version information of the centralized audit object is changed, one or more of the target clusters can be obtained. Multiple audit objects to be audited; for any audit object, when an object change request is received, the latest original version information in the original version set is obtained based on the object change request; the latest original version information is updated to the information copy to obtain Original version copy information. Obtain the latest original version information in the original version set based on the object change request, so as to store the latest original version information in the information copy, thereby obtaining the original version copy information of the original version information, providing the necessary information for auditing object version changes and backtracking condition. Among them, object changes include the attributes and related information that need to be changed for the audit object, resulting in version changes.

步骤S102,基于对象变更请求生成审计日志,并基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息。Step S102: Generate an audit log based on the object change request, and update the original version copy information based on the object change request to update the original version copy information to the target version information.

如上,通过基于对象变更请求生成审计日志以便于对审计对象进行版本回溯,通过基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息。As above, the audit log is generated based on the object change request to facilitate version backtracking of the audit object, and the original version copy information is updated based on the object change request to update the original version copy information to the target version information.

在一些可选的实施方式中,可通过信息处理中心将审计日志接收组件配置为审计日志后端,当k8s集群中存在审计对象需要进行对象变更时,即用户向信息处理中心发起对象变更请求时,信息处理中心将基于对象变更请求生成审计日志,并发送至审计日志接收组件。In some optional implementations, the audit log receiving component can be configured as the audit log backend through the information processing center. When there are audit objects in the k8s cluster that need to be changed, that is, when the user initiates an object change request to the information processing center , the information processing center will generate an audit log based on the object change request and send it to the audit log receiving component.

步骤S103,对审计日志进行解析,以得到审计对象的对象名称及对应的版本标识字段。Step S103, parse the audit log to obtain the object name of the audit object and the corresponding version identification field.

如上,通过对审计日志进行解析,得到审计对象的对象名称及对应的版本标识字段,从而实现基于该审计对象的对象名称及对应的版本标识字段,从数据存储中心获取该审计对象的完整的历史版本数据。As above, by parsing the audit log, the object name of the audit object and the corresponding version identification field are obtained, so that the complete history of the audit object can be obtained from the data storage center based on the object name and the corresponding version identification field of the audit object. Version data.

在一些可选的实施方式中,可通过审计日志接收组件对审计日志进行解析,从而得到审计对象的对象名称及对应的版本标识字段,以便于基于该审计对象的对象名称及对应的版本标识字段,从数据存储中心获取该审计对象的完整的历史版本数据。In some optional implementations, the audit log can be parsed through the audit log receiving component to obtain the object name of the audit object and the corresponding version identification field, so that the object name of the audit object and the corresponding version identification field can be obtained. , obtain the complete historical version data of the audit object from the data storage center.

步骤S104,基于对象名称及版本标识字段生成版本获取请求,以获取审计对象的原始版本信息。Step S104: Generate a version acquisition request based on the object name and version identification fields to obtain the original version information of the audit object.

如上,通过基于对象名称及版本标识字段生成版本获取请求,获取该审计对象的原始版本信息,为审计对象历史版本信息的回溯提供必要条件。As above, by generating a version acquisition request based on the object name and version identification fields, the original version information of the audit object is obtained, which provides necessary conditions for backtracking the historical version information of the audit object.

在一些可选的实施方式中,可以将对象名称与版本标识字段进行拼接,得到版本获取请求;然后识别原始版本集中与版本获取请求对应的版本信息,以得到审计对象的原始版本信息。同样的,原始版本集中各原始版本信息中也包括对象名称与版本标识字段所拼接的字符串,以及对应的版本数据。In some optional implementations, the object name and the version identification field can be spliced to obtain a version acquisition request; and then the version information corresponding to the version acquisition request in the original version set is identified to obtain the original version information of the audit object. Similarly, each original version information in the original version set also includes a string concatenated between the object name and the version identification field, as well as the corresponding version data.

本实施例提供的审计日志的数据处理方法,首先通过获取针对目标集群中任一审计对象所发起的对象变更请求以便于基于该对象变更请求对审计对象的原始版本信息进行变更,通过基于对象变更请求对应原始版本信息的原始版本副本信息,以便于基于原始版本副本信息进行审计对象的版本数据变更,避免由于直接基于原始版本信息进行版本数据更新后,若集群故障时无法进行审计对象版本回溯的状况;通过基于对象变更请求生成审计日志以便于对审计对象进行版本回溯,通过基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息;通过对审计日志进行解析,得到审计对象的对象名称及对应的版本标识字段,从而实现基于该审计对象的对象名称及对应的版本标识字段,从数据存储中心获取该审计对象的完整的历史版本数据;通过基于对象名称及版本标识字段生成版本获取请求,获取该审计对象的原始版本信息,为审计对象历史版本信息的回溯提供必要条件。因此,本发明可以将各审计对象的历史版本数据存储在数据存储中心,在集群中各审计对象进行对象变更时对历史版本信息的副本信息进行变更,从而在集群发生故障时,能够根据审计日志获取各审计对象的历史版本信息,并将集群恢复到原来的状态。The audit log data processing method provided in this embodiment first obtains the object change request initiated for any audit object in the target cluster so as to change the original version information of the audit object based on the object change request. Request the original version copy information corresponding to the original version information so that the version data of the audit object can be changed based on the original version copy information to avoid the inability to backtrack the version of the audit object if the cluster fails after the version data is updated directly based on the original version information. Status; by generating audit logs based on object change requests to facilitate version backtracking of audit objects, and by updating the original version copy information based on object change requests to update the original version copy information to the target version information; by parsing the audit logs , obtain the object name of the audit object and the corresponding version identification field, so as to obtain the complete historical version data of the audit object from the data storage center based on the object name and corresponding version identification field of the audit object; by based on the object name and the corresponding version identification field The version identification field generates a version acquisition request to obtain the original version information of the audit object, providing necessary conditions for backtracking the historical version information of the audit object. Therefore, the present invention can store the historical version data of each audit object in the data storage center, and change the copy information of the historical version information when each audit object in the cluster changes the object, so that when the cluster fails, the audit log can be updated according to the audit log. Obtain the historical version information of each audit object and restore the cluster to its original state.

在本实施例中提供了一种审计日志的数据处理方法,应用于目标集群的数据存储中心,该目标集群包括数据存储中心及信息处理中心,数据存储中心内存储有原始版本集,原始版本集包括多个原始版本信息;信息处理中心负责处理用户的请求,如对象变更请求,并在处理完成后,根据配置的审计策略,产生审计日志发送到指定的审计日志后端;数据存储中心,负责存储K8s集群中审计对象的数据存储及更新,具有多版本数据管理功能,支持用户访问指定版本的数据,并可以根据配置自动清理参数清理历史数据。图2是根据本发明实施例的审计日志的数据处理方法的流程图,如图2所示,该流程包括如下步骤:In this embodiment, a data processing method for audit logs is provided, which is applied to the data storage center of a target cluster. The target cluster includes a data storage center and an information processing center. The data storage center stores an original version set. The original version set Including multiple original version information; the information processing center is responsible for processing user requests, such as object change requests, and after the processing is completed, according to the configured audit policy, generate audit logs and send them to the designated audit log backend; the data storage center is responsible for It stores and updates the data of audit objects in the K8s cluster. It has multi-version data management functions, supports users to access specified versions of data, and can automatically clean historical data according to configured cleaning parameters. Figure 2 is a flow chart of an audit log data processing method according to an embodiment of the present invention. As shown in Figure 2, the process includes the following steps:

步骤S201,获取针对目标集群中任一审计对象所发起的对象变更请求以及对应原始版本信息的原始版本副本信息。Step S201: Obtain the object change request initiated for any audit object in the target cluster and the original version copy information corresponding to the original version information.

如上,通过获取针对目标集群中任一审计对象所发起的对象变更请求以便于基于该对象变更请求对审计对象的原始版本信息进行变更,通过基于对象变更请求对应原始版本信息的原始版本副本信息,以便于基于原始版本副本信息进行审计对象的版本数据变更,避免由于直接基于原始版本信息进行版本数据更新后,若集群故障时无法进行审计对象版本回溯的状况。As above, by obtaining the object change request initiated for any audit object in the target cluster so that the original version information of the audit object can be changed based on the object change request, and through the original version copy information corresponding to the original version information based on the object change request, In order to facilitate the version data change of the audit object based on the original version copy information, and avoid the situation where the version data of the audit object cannot be traced back if the cluster fails after the version data is updated directly based on the original version information.

详细请参见图1所示实施例的步骤S101,在此不再赘述。For details, please refer to step S101 in the embodiment shown in Figure 1, which will not be described again here.

步骤S202,基于对象变更请求生成审计日志,并基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息。Step S202: Generate an audit log based on the object change request, and update the original version copy information based on the object change request to update the original version copy information to the target version information.

如上,通过基于对象变更请求生成审计日志以便于对审计对象进行版本回溯,通过基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息。As above, the audit log is generated based on the object change request to facilitate version backtracking of the audit object, and the original version copy information is updated based on the object change request to update the original version copy information to the target version information.

具体的,上述步骤S202包括:Specifically, the above step S202 includes:

步骤S2021,获取对象变更请求的请求信息。Step S2021: Obtain the request information of the object change request.

如上,通过获取对象变更请求的请求信息,以便于基于对象变更请求的请求信息判断该对象变更请求是否有效。As above, by obtaining the request information of the object change request, it is possible to determine whether the object change request is valid based on the request information of the object change request.

步骤S2022,将请求信息的第一信息长度与原始版本副本信息的第二信息长度进行比对,得到长度比对结果。Step S2022: Compare the first information length of the request information with the second information length of the original version copy information to obtain a length comparison result.

如上,通过将请求信息的第一信息长度与原始版本副本信息的第二信息长度进行比对,得到长度比对结果,以便于基于长度比对结果判断是否对原始版本副本信息进行更新。As above, by comparing the first information length of the request information with the second information length of the original version copy information, a length comparison result is obtained, so as to determine whether to update the original version copy information based on the length comparison result.

在一些可选的实施方式中,在将请求信息的第一信息长度与原始版本副本信息的第二信息长度进行比对时,可以将请求信息的字符数与原始版本副本信息的字符数进行比对,当请求信息的字符数与原始版本副本信息的字符数相同时,则表明请求信息的第一信息长度与原始版本副本信息的第二信息长度相同;当请求信息的字符数与原始版本副本信息的字符数不同时,则表明请求信息的第一信息长度与原始版本副本信息的第二信息长度不同。In some optional implementations, when comparing the first information length of the request information with the second information length of the original version copy information, the number of characters of the request information may be compared with the number of characters of the original version copy information. Yes, when the number of characters of the request information is the same as the number of characters of the original version copy information, it means that the first information length of the request information is the same as the second information length of the original version copy information; when the number of characters of the request information is the same as the original version copy information When the number of characters of the information is different, it means that the first information length of the request information is different from the second information length of the original version copy information.

步骤S2023,当比对结果表征第一信息长度与第二信息长度不同时,基于请求信息对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息。Step S2023: When the comparison result indicates that the first information length and the second information length are different, the original version copy information is updated based on the request information to update the original version copy information to the target version information.

如上,通过在比对结果表征第一信息长度与第二信息长度不同时,基于请求信息对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息,从而实现对审计对象版本的有效更新。As above, when the comparison result indicates that the first information length and the second information length are different, the original version copy information is updated based on the request information to update the original version copy information to the target version information, thereby realizing the audit object version. Valid update.

在一些可选的实施方式中,当比对结果表征第一信息长度与第二信息长度相同时,则分别从请求信息的两端截取预设步长的第一请求信息,并组合得到第一组合请求信息,其中预设步长可以为两个字符,还可以为其他数值的字符;分别从原始版本副本信息的两端截取预设步长的第二请求信息,并组合得到第二组合请求信息,其中预设步长可以为两个字符,还可以为其他数值的字符;当请求信息两端小于预设步长时,对请求信息两端进行补位,如预设步长为两个字符,但请求信息的两端只有一个字符,则需要分别在请求信息的两端截取一个字符,并进行补位,以使请求信息两端达到预设步长;当原始版本副本信息两端小于预设步长时,对原始版本副本信息两端进行补位,以使原始版本副本信息两端达到预设步长,如预设步长为两个字符,但原始版本副本信息的两端只有一个字符,则需要分别在原始版本副本信息的两端截取一个字符,并进行补位;对比第一组合请求信息的内容与第二组合请求信息的内容,得到内容比对结果;当内容比对结果表征第一组合请求信息的内容与第二组合请求信息的内容不同时,基于请求信息对原始版本副本信息进行更新;当内容比对结果表征第一组合请求信息的内容与第二组合请求信息的内容相同时,获取请求信息中除去第一组合请求信息的第一剩余请求信息,以及原始版本副本信息中除去第二组合请求信息的第二剩余请求信息;对比第一剩余请求信息的内容与第二剩余请求信息的容,并基于比对结果更新原始版本副本信息。In some optional implementations, when the comparison result indicates that the length of the first information and the length of the second information are the same, the first request information with a preset step size is intercepted from both ends of the request information and combined to obtain the first request information. Combine the request information, where the preset step size can be two characters or other numerical characters; intercept the second request information of the preset step size from both ends of the original version copy information, and combine them to obtain the second combination request Information, where the preset step size can be two characters, or other numerical characters; when both ends of the requested information are less than the preset step size, the two ends of the requested information will be filled in, for example, the preset step size is two characters, but there is only one character at both ends of the request information, you need to intercept one character at both ends of the request information and fill in the characters so that both ends of the request information reach the preset step size; when both ends of the original version of the copy information are smaller than When the step size is preset, the two ends of the original version copy information are padded so that the two ends of the original version copy information reach the preset step size. For example, the preset step size is two characters, but the two ends of the original version copy information are only One character, you need to intercept one character at both ends of the original version of the copy information and fill in the characters; compare the content of the first combination of request information with the content of the second combination of request information to obtain the content comparison result; when the content comparison When the result represents that the content of the first combination request information is different from the content of the second combination request information, the original version copy information is updated based on the request information; when the content comparison result represents the content of the first combination request information and the second combination request information When the contents are the same, obtain the first remaining request information excluding the first combination request information in the request information, and the second remaining request information excluding the second combination request information in the original version copy information; compare the content of the first remaining request information with The second content of the remaining request information is updated, and the original version copy information is updated based on the comparison result.

在一些可选的实施方式中,对比第一组合请求信息的内容与第二组合请求信息的内容,得到内容比对结果时,可以获取第一组合请求信息中各字符的字符值;将第一组合请求信息中各字符的字符值与第二组合请求信息中对应字符的字符值进行比对;当第一组合请求信息中各字符的字符值与第二组合请求信息中对应字符的字符值均相同,生成表征第一组合请求信息的内容与第二组合请求信息的内容相同的内容比对结果;当第一组合请求信息中各字符的字符值与第二组合请求信息中对应的任一字符的字符值不同,生成表征第一组合请求信息的内容与第二组合请求信息的内容不同的内容比对结果。In some optional implementations, when comparing the content of the first combined request information with the content of the second combined request information, and obtaining the content comparison result, the character value of each character in the first combined request information can be obtained; The character value of each character in the combined request information is compared with the character value of the corresponding character in the second combined request information; when the character value of each character in the first combined request information and the character value of the corresponding character in the second combined request information are equal The same, generating a content comparison result indicating that the content of the first combination request information is the same as the content of the second combination request information; when the character value of each character in the first combination request information is consistent with any corresponding character in the second combination request information The character values are different, and a content comparison result indicating that the content of the first combination request information is different from the content of the second combination request information is generated.

步骤S203,对审计日志进行解析,以得到审计对象的对象名称及对应的版本标识字段。Step S203, parse the audit log to obtain the object name of the audit object and the corresponding version identification field.

如上,通过对审计日志进行解析,得到审计对象的对象名称及对应的版本标识字段,从而实现基于该审计对象的对象名称及对应的版本标识字段,从数据存储中心获取该审计对象的完整的历史版本数据。As above, by parsing the audit log, the object name of the audit object and the corresponding version identification field are obtained, so that the complete history of the audit object can be obtained from the data storage center based on the object name and the corresponding version identification field of the audit object. Version data.

详细请参见图1所示实施例的步骤S103,在此不再赘述。Please refer to step S103 in the embodiment shown in Figure 1 for details, which will not be described again here.

步骤S204,基于对象名称及版本标识字段生成版本获取请求,以获取审计对象的原始版本信息。Step S204: Generate a version acquisition request based on the object name and version identification fields to obtain the original version information of the audit object.

如上,通过基于对象名称及版本标识字段生成版本获取请求,获取该审计对象的原始版本信息,为审计对象历史版本信息的回溯提供必要条件。As above, by generating a version acquisition request based on the object name and version identification fields, the original version information of the audit object is obtained, which provides necessary conditions for backtracking the historical version information of the audit object.

详细请参见图1所示实施例的步骤S104,在此不再赘述。Please refer to step S104 in the embodiment shown in Figure 1 for details, which will not be described again here.

本实施例提供的审计日志的数据处理方法,首先通过获取针对目标集群中任一审计对象所发起的对象变更请求以便于基于该对象变更请求对审计对象的原始版本信息进行变更,通过基于对象变更请求对应原始版本信息的原始版本副本信息,以便于基于原始版本副本信息进行审计对象的版本数据变更,避免由于直接基于原始版本信息进行版本数据更新后,若集群故障时无法进行审计对象版本回溯的状况;通过基于对象变更请求生成审计日志以便于对审计对象进行版本回溯,通过基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息;通过对审计日志进行解析,得到审计对象的对象名称及对应的版本标识字段,从而实现基于该审计对象的对象名称及对应的版本标识字段,从数据存储中心获取该审计对象的完整的历史版本数据;通过基于对象名称及版本标识字段生成版本获取请求,获取该审计对象的原始版本信息,为审计对象历史版本信息的回溯提供必要条件。因此,本发明可以将各审计对象的历史版本数据存储在数据存储中心,在集群中各审计对象进行对象变更时对历史版本信息的副本信息进行变更,从而在集群发生故障时,能够根据审计日志获取各审计对象的历史版本信息,并将集群恢复到原来的状态。The audit log data processing method provided in this embodiment first obtains the object change request initiated for any audit object in the target cluster so as to change the original version information of the audit object based on the object change request. Request the original version copy information corresponding to the original version information so that the version data of the audit object can be changed based on the original version copy information to avoid the inability to backtrack the version of the audit object if the cluster fails after the version data is updated directly based on the original version information. Status; by generating audit logs based on object change requests to facilitate version backtracking of audit objects, and by updating the original version copy information based on object change requests to update the original version copy information to the target version information; by parsing the audit logs , obtain the object name of the audit object and the corresponding version identification field, so as to obtain the complete historical version data of the audit object from the data storage center based on the object name and corresponding version identification field of the audit object; by based on the object name and the corresponding version identification field The version identification field generates a version acquisition request to obtain the original version information of the audit object, providing necessary conditions for backtracking the historical version information of the audit object. Therefore, the present invention can store the historical version data of each audit object in the data storage center, and change the copy information of the historical version information when each audit object in the cluster changes the object, so that when the cluster fails, the audit log can be updated according to the audit log. Obtain the historical version information of each audit object and restore the cluster to its original state.

在本实施例中提供了一种审计日志的数据处理方法,应用于目标集群的数据存储中心,该目标集群包括数据存储中心及信息处理中心,数据存储中心内存储有原始版本集,原始版本集包括多个原始版本信息;信息处理中心负责处理用户的请求,如对象变更请求,并在处理完成后,根据配置的审计策略,产生审计日志发送到指定的审计日志后端;数据存储中心,负责存储K8s集群中审计对象的数据存储及更新,具有多版本数据管理功能,支持用户访问指定版本的数据,并可以根据配置自动清理参数清理历史数据。图3是根据本发明实施例的审计日志的数据处理方法的流程图,如图3所示,该流程包括如下步骤:In this embodiment, a data processing method for audit logs is provided, which is applied to the data storage center of a target cluster. The target cluster includes a data storage center and an information processing center. The data storage center stores an original version set. The original version set Including multiple original version information; the information processing center is responsible for processing user requests, such as object change requests, and after the processing is completed, according to the configured audit policy, generate audit logs and send them to the designated audit log backend; the data storage center is responsible for It stores and updates the data of audit objects in the K8s cluster. It has multi-version data management functions, supports users to access specified versions of data, and can automatically clean historical data according to configured cleaning parameters. Figure 3 is a flow chart of an audit log data processing method according to an embodiment of the present invention. As shown in Figure 3, the process includes the following steps:

步骤S301,获取针对目标集群中任一审计对象所发起的对象变更请求以及对应原始版本信息的原始版本副本信息。Step S301: Obtain the object change request initiated for any audit object in the target cluster and the original version copy information corresponding to the original version information.

详细请参见图1所示实施例的步骤S101,在此不再赘述。For details, please refer to step S101 in the embodiment shown in Figure 1, which will not be described again here.

步骤S302,基于对象变更请求生成审计日志,并基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息。Step S302: Generate an audit log based on the object change request, and update the original version copy information based on the object change request to update the original version copy information to the target version information.

详细请参见图2所示实施例的步骤S202,在此不再赘述。Please refer to step S202 in the embodiment shown in Figure 2 for details, which will not be described again here.

步骤S303,对审计日志进行解析,以得到审计对象的对象名称及对应的版本标识字段。Step S303: Analyze the audit log to obtain the object name of the audit object and the corresponding version identification field.

详细请参见图3所示实施例的步骤S303,在此不再赘述。For details, please refer to step S303 in the embodiment shown in Figure 3, which will not be described again here.

步骤S304,将对象名称与版本标识字段进行拼接,得到版本获取请求。Step S304, concatenate the object name and the version identification field to obtain a version acquisition request.

如上,通过将对象名称与版本标识字段进行拼接,得到版本获取请求,以便于基于版本获取请求获取上述审计对象的历史版本信息,为审计对象的历史版本信息的获取以及回溯提供必要条件。As above, by splicing the object name and the version identification field, a version acquisition request is obtained, so as to obtain the historical version information of the audit object based on the version acquisition request, and provide necessary conditions for the acquisition and backtracking of the historical version information of the audit object.

步骤S305,识别原始版本集中与版本获取请求对应的版本信息,以得到审计对象的原始版本信息。Step S305: Identify the version information corresponding to the version acquisition request in the original version set to obtain the original version information of the audit object.

如上,识别原始版本集中与版本获取请求对应的版本信息,以得到审计对象的原始版本信息As above, identify the version information corresponding to the version acquisition request in the original version set to obtain the original version information of the audit object

在一些可选的实施方式中,原始版本集中各原始版本信息中也包括对象名称与版本标识字段所拼接的字符串,以及对应的版本数据,在获取审计对象的历史版本信息时,可以基于对象名称与版本标识字段拼接得到的版本获取请求,识别原始版本集中与版本获取请求对应的版本信息,以得到审计对象的原始版本信息。In some optional implementations, each original version information in the original version set also includes a string concatenated by the object name and the version identification field, as well as the corresponding version data. When obtaining the historical version information of the audit object, it can be based on the object The version acquisition request obtained by splicing the name and version identification fields identifies the version information corresponding to the version acquisition request in the original version set to obtain the original version information of the audit object.

本实施例提供的审计日志的数据处理方法,首先通过获取针对目标集群中任一审计对象所发起的对象变更请求以便于基于该对象变更请求对审计对象的原始版本信息进行变更,通过基于对象变更请求对应原始版本信息的原始版本副本信息,以便于基于原始版本副本信息进行审计对象的版本数据变更,避免由于直接基于原始版本信息进行版本数据更新后,若集群故障时无法进行审计对象版本回溯的状况;通过基于对象变更请求生成审计日志以便于对审计对象进行版本回溯,通过基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息;通过对审计日志进行解析,得到审计对象的对象名称及对应的版本标识字段,从而实现基于该审计对象的对象名称及对应的版本标识字段,从数据存储中心获取该审计对象的完整的历史版本数据;通过基于对象名称及版本标识字段生成版本获取请求,获取该审计对象的原始版本信息,为审计对象历史版本信息的回溯提供必要条件。因此,本发明可以将各审计对象的历史版本数据存储在数据存储中心,在集群中各审计对象进行对象变更时对历史版本信息的副本信息进行变更,从而在集群发生故障时,能够根据审计日志获取各审计对象的历史版本信息,并将集群恢复到原来的状态。The audit log data processing method provided in this embodiment first obtains the object change request initiated for any audit object in the target cluster so as to change the original version information of the audit object based on the object change request. Request the original version copy information corresponding to the original version information so that the version data of the audit object can be changed based on the original version copy information to avoid the inability to backtrack the version of the audit object if the cluster fails after the version data is updated directly based on the original version information. Status; by generating audit logs based on object change requests to facilitate version backtracking of audit objects, and by updating the original version copy information based on object change requests to update the original version copy information to the target version information; by parsing the audit logs , obtain the object name of the audit object and the corresponding version identification field, so as to obtain the complete historical version data of the audit object from the data storage center based on the object name and corresponding version identification field of the audit object; by based on the object name and the corresponding version identification field The version identification field generates a version acquisition request to obtain the original version information of the audit object, providing necessary conditions for backtracking the historical version information of the audit object. Therefore, the present invention can store the historical version data of each audit object in the data storage center, and change the copy information of the historical version information when each audit object in the cluster changes the object, so that when the cluster fails, the audit log can be updated according to the audit log. Obtain the historical version information of each audit object and restore the cluster to its original state.

在本实施例中提供了一种审计日志的数据处理方法,应用于目标集群的数据存储中心,该目标集群包括数据存储中心及信息处理中心,数据存储中心内存储有原始版本集,原始版本集包括多个原始版本信息;信息处理中心负责处理用户的请求,如对象变更请求,并在处理完成后,根据配置的审计策略,产生审计日志发送到指定的审计日志后端;数据存储中心,负责存储K8s集群中审计对象的数据存储及更新,具有多版本数据管理功能,支持用户访问指定版本的数据,并可以根据配置自动清理参数清理历史数据。图4是根据本发明实施例的审计日志的数据处理方法的流程图,如图4所示,该流程包括如下步骤:In this embodiment, a data processing method for audit logs is provided, which is applied to the data storage center of a target cluster. The target cluster includes a data storage center and an information processing center. The data storage center stores an original version set. The original version set Including multiple original version information; the information processing center is responsible for processing user requests, such as object change requests, and after the processing is completed, according to the configured audit policy, generate audit logs and send them to the designated audit log backend; the data storage center is responsible for It stores and updates the data of audit objects in the K8s cluster. It has multi-version data management functions, supports users to access specified versions of data, and can automatically clean historical data according to configured cleaning parameters. Figure 4 is a flow chart of an audit log data processing method according to an embodiment of the present invention. As shown in Figure 4, the process includes the following steps:

步骤S401,获取针对目标集群中任一审计对象所发起的对象变更请求以及对应原始版本信息的原始版本副本信息。Step S401: Obtain the object change request initiated for any audit object in the target cluster and the original version copy information corresponding to the original version information.

详细请参见图1所示实施例的步骤S101,在此不再赘述。For details, please refer to step S101 in the embodiment shown in Figure 1, which will not be described again here.

步骤S402,基于对象变更请求生成审计日志,并基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息。Step S402: Generate an audit log based on the object change request, and update the original version copy information based on the object change request to update the original version copy information to the target version information.

详细请参见图2所示实施例的步骤S202,在此不再赘述。Please refer to step S202 in the embodiment shown in Figure 2 for details, which will not be described again here.

步骤S403,对审计日志进行解析,以得到审计对象的对象名称及对应的版本标识字段。Step S403, parse the audit log to obtain the object name of the audit object and the corresponding version identification field.

详细请参见图1所示实施例的步骤S103,在此不再赘述。Please refer to step S103 in the embodiment shown in Figure 1 for details, which will not be described again here.

步骤S404,将版本标识字段转化为版本号。Step S404: Convert the version identification field into a version number.

如上,通过将版本标识字段转化为版本号,以便于基于版本号及对象名称,获取原始版本集中对应原始版本信息的存储路径。As above, by converting the version identification field into a version number, the storage path corresponding to the original version information in the original version set can be obtained based on the version number and object name.

步骤S405,基于版本号及对象名称,获取原始版本集中对应原始版本信息的存储路径。Step S405: Based on the version number and object name, obtain the storage path corresponding to the original version information in the original version set.

如上,通过基于版本号及对象名称,获取原始版本集中对应原始版本信息的存储路径,以便于基于存储路径获取述审计对象的原始版本信息。As above, the storage path corresponding to the original version information in the original version set is obtained based on the version number and object name, so that the original version information of the audit object can be obtained based on the storage path.

步骤S406,基于存储路径获取审计对象的原始版本信息。Step S406: Obtain the original version information of the audit object based on the storage path.

如上,通过基于存储路径获取述审计对象的原始版本信息,为审计对象历史版本信息的回溯提供必要条件。As above, by obtaining the original version information of the audit object based on the storage path, necessary conditions are provided for the backtracking of historical version information of the audit object.

在一些可选的实施方式中,可以通过数据存储中心交互组件接收审计日志组件解析得到的版本标识字段及对象名称,并将版本标识字段转化为版本号,将对象名称转化为数据存储中心的存储路径。如要获取对象名为etcd-2,位于kube-system命名空间下POD(后端容器)的数据存储中心etcd存储信息,需要将其转为registry/pods/kube-system/etcd-2,以该路径向数据存储中心获取数据。要获取指定版本的数据时,需要在获取数据时,额外添加参数,withModRevision(版本号)=resource version(版本标识字段)。然后使用对象名称转化的数据存储中心的存储路径和版本号等参数向数据存储中心请求数据,以使数据存储中心通过解码组件涵盖请求数据的响应数据进行解码后得到该审计对象的原始版本信息。In some optional implementations, the version identification field and object name parsed by the audit log component can be received through the data storage center interactive component, the version identification field and the object name can be converted into a version number, and the object name can be converted into storage in the data storage center. path. If you want to obtain the etcd storage information of the data storage center of the POD (backend container) under the kube-system namespace with the object name etcd-2, you need to convert it to registry/pods/kube-system/etcd-2, and use this Path to obtain data from the data storage center. To obtain the data of a specified version, you need to add additional parameters when obtaining the data, withModRevision (version number) = resource version (version identification field). Then use the parameters such as the storage path and version number of the data storage center converted from the object name to request data from the data storage center, so that the data storage center can obtain the original version information of the audit object after decoding the response data covering the request data through the decoding component.

在一些可选的实施方式中,请参阅图5,当用户将目标集群中对象名称为test1的对象副本数修改为3时,信息处理中心收到请求后,将其对象副本数修改为3,并将其存储到数据存储中心内;数据存储中心收到数据修改请求,并未直接源数据的基础上修改,而是新建了一个同名数据,并修改ModRevision(版本号)。信息处理中心在数据存储中心存储完成后将获取ModRevision作为审计对象的resource verison(版本标识字段)并返回给用户。此时,用户可以根据审计日志中记录的审计对象中的resource version(版本标识字段)直接从数据存储中心中获取修改前的数据副本,并获取到修改前的副本数为1。即利用审计日志中携带的审计对象的resource version(版本标识字段),去数据存储中心获取该对象的历史版本,并获取改动字段之前的值。因此用户可以方便地追踪和管理Kubernetes对象的历史版本,以便进行故障恢复或调试操作,并且可以快速恢复对象的历史状态。同时,该方法还支持快速的数据回滚操作,以便在出现错误时快速恢复数据,提高了Kubernetes集群的可靠性和可用性。且由于作用于k8s处理完用户的请求之后,不影响k8s对请求的正常处理流程,不会对集群的响应速度有影响。In some optional implementations, please refer to Figure 5. When the user modifies the number of object copies with the object name test1 in the target cluster to 3, the information processing center modifies the number of object copies to 3 after receiving the request. And store it in the data storage center; the data storage center receives the data modification request and does not directly modify it based on the source data. Instead, it creates a new data with the same name and modifies the ModRevision (version number). After the information processing center completes the storage in the data storage center, it will obtain ModRevision as the resource version (version identification field) of the audit object and return it to the user. At this time, the user can directly obtain the pre-modified data copy from the data storage center based on the resource version (version identification field) in the audit object recorded in the audit log, and obtain the pre-modified copy number as 1. That is, using the resource version (version identification field) of the audit object carried in the audit log, go to the data storage center to obtain the historical version of the object, and obtain the value before the modified field. Therefore, users can easily track and manage historical versions of Kubernetes objects for fault recovery or debugging operations, and can quickly restore the historical state of objects. At the same time, this method also supports fast data rollback operations to quickly restore data when an error occurs, improving the reliability and availability of the Kubernetes cluster. And because it acts on k8s after it processes the user's request, it does not affect k8s's normal processing flow of the request and will not affect the response speed of the cluster.

一些可选的实施方式中,请参阅图6,包括api server:k8s集群的信息处理中心,负责处理用户的请求并在处理完成后,根据配置的审计策略,产生审计日志发送到指定的审计日志后端。etcd:k8s集群的数据存储中心,负责存储k8s集群的对象数据,具有多版本数据管理功能,支持用户访问指定版本的数据。并可以根据配置自动清理参数清理历史数据。审计日志接收组件:审计日志接收组件是一个webhook将作为审计日志的接收端,接收来自api服务器的审计日志,并提取其中的对象和资源版本号。数据存储中心交互组件:是一个并发与数据存储中心etcd交互的函数,根据对象和资源版本号并发的从数据存储中心中获取对象的历史版本。解码组件:解码组件Protobuf是一个工具,用于将Protobuf格式的数据解码为原始的yaml格式,即使用Protobuf解码器来解码从数据存储中心中获取的对象历史版本数据,以便获取更改前的字段值。具体实施流程如下:Some optional implementations, please refer to Figure 6, include api server: the information processing center of the k8s cluster, which is responsible for processing user requests and after the processing is completed, according to the configured audit policy, generate audit logs and send them to the designated audit logs rear end. etcd: The data storage center of the k8s cluster. It is responsible for storing the object data of the k8s cluster. It has multi-version data management functions and supports users to access specified versions of data. And can clean historical data according to the configured automatic cleaning parameters. Audit log receiving component: The audit log receiving component is a webhook that will serve as the receiving end of the audit log, receiving the audit log from the API server, and extracting the object and resource version numbers. Data storage center interactive component: It is a function that concurrently interacts with the data storage center etcd, and concurrently obtains the historical version of the object from the data storage center based on the object and resource version number. Decoding component: The decoding component Protobuf is a tool for decoding Protobuf format data into the original yaml format, that is, using the Protobuf decoder to decode the object historical version data obtained from the data storage center in order to obtain the field value before change . The specific implementation process is as follows:

首先配置信息处理中心api server启动参数,将审计日志接收组件配置为apiserver的审计日志后端;当k8s集群有对象变更时,api server信息处理中心产生审计日志并发送到审计日志接收组件;审计日志接收组件接收到审计日志后,解析其中的待修改的对象和resource version(版本标识字段),根据对象名和resource version(版本标识字段)作为参数发送给数据存储中心交互组件;部署数据存储中心交互组件,其与审计日志组件位于同一无状态负载内,对接收到的每一对对象名称和resource version(版本标识字段),新开进程进行并发处理,将对象名称转化为数据存储中心的存储路径,将resourceversion(版本标识字段)转化为ModRevision(版本号);使用将对象名称转化为数据存储中心的存储路径和ModRevision(版本号)参数向数据存储中心请求数据。数据存储中心将返回的数据发送给解码组件。部署数据存储中心交互组件,其与审计日志组件位于同一无状态负载内;通过数据存储中心交互组件将数据存储中心返回的数据解码为yaml的形式,并解析yaml,获取更改前的字段值。First, configure the information processing center api server startup parameters, and configure the audit log receiving component as the audit log backend of apiserver; when the k8s cluster has object changes, the api server information processing center generates audit logs and sends them to the audit log receiving component; audit log After receiving the audit log, the receiving component parses the object to be modified and the resource version (version identification field), and sends it to the data storage center interactive component according to the object name and resource version (version identification field) as parameters; deploys the data storage center interactive component , which is located in the same stateless load as the audit log component. For each pair of object name and resource version (version identification field) received, a new process is opened for concurrent processing, and the object name is converted into the storage path of the data storage center. Convert resourceversion (version identification field) into ModRevision (version number); use the object name to be converted into the storage path of the data storage center and the ModRevision (version number) parameter to request data from the data storage center. The data storage center sends the returned data to the decoding component. Deploy the data storage center interaction component, which is located in the same stateless load as the audit log component; use the data storage center interaction component to decode the data returned by the data storage center into the form of yaml, and parse the yaml to obtain the field values before the change.

通过利用审计日志中携带的审计对象的resource version,去数据存储中心获取该对象的历史版本,并获取改动字段之前的值,用于审计和Kubernetes集群错误恢复,还可以实现对审计对象历史版本的精准追踪和操作,且能够方便用户追踪和管理审计对象的历史版本进行审计;同时方便了运维人员进行故障排查,恢复对象的历史状态,提高了Kubernetes集群的可靠性和可用性。By using the resource version of the audit object carried in the audit log, go to the data storage center to obtain the historical version of the object, and obtain the value before the modified field, which is used for auditing and Kubernetes cluster error recovery. It can also realize the historical version of the audit object. Accurate tracking and operation, and can facilitate users to track and manage historical versions of audit objects for auditing; at the same time, it facilitates operation and maintenance personnel to troubleshoot and restore the historical status of objects, improving the reliability and availability of Kubernetes clusters.

本实施例提供的审计日志的数据处理方法,首先通过获取针对目标集群中任一审计对象所发起的对象变更请求以便于基于该对象变更请求对审计对象的原始版本信息进行变更,通过基于对象变更请求对应原始版本信息的原始版本副本信息,以便于基于原始版本副本信息进行审计对象的版本数据变更,避免由于直接基于原始版本信息进行版本数据更新后,若集群故障时无法进行审计对象版本回溯的状况;通过基于对象变更请求生成审计日志以便于对审计对象进行版本回溯,通过基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息;通过对审计日志进行解析,得到审计对象的对象名称及对应的版本标识字段,从而实现基于该审计对象的对象名称及对应的版本标识字段,从数据存储中心获取该审计对象的完整的历史版本数据;通过基于对象名称及版本标识字段生成版本获取请求,获取该审计对象的原始版本信息,为审计对象历史版本信息的回溯提供必要条件。因此,本发明可以将各审计对象的历史版本数据存储在数据存储中心,在集群中各审计对象进行对象变更时对历史版本信息的副本信息进行变更,从而在集群发生故障时,能够根据审计日志获取各审计对象的历史版本信息,并将集群恢复到原来的状态。The audit log data processing method provided in this embodiment first obtains the object change request initiated for any audit object in the target cluster so as to change the original version information of the audit object based on the object change request. Request the original version copy information corresponding to the original version information so that the version data of the audit object can be changed based on the original version copy information to avoid the inability to backtrack the version of the audit object if the cluster fails after the version data is updated directly based on the original version information. Status; by generating audit logs based on object change requests to facilitate version backtracking of audit objects, and by updating the original version copy information based on object change requests to update the original version copy information to the target version information; by parsing the audit logs , obtain the object name of the audit object and the corresponding version identification field, so as to obtain the complete historical version data of the audit object from the data storage center based on the object name and corresponding version identification field of the audit object; by based on the object name and the corresponding version identification field The version identification field generates a version acquisition request to obtain the original version information of the audit object, providing necessary conditions for backtracking the historical version information of the audit object. Therefore, the present invention can store the historical version data of each audit object in the data storage center, and change the copy information of the historical version information when each audit object in the cluster changes the object, so that when the cluster fails, the audit log can be updated according to the audit log. Obtain the historical version information of each audit object and restore the cluster to its original state.

在本实施例中还提供了一种审计日志的数据处理装置,该装置用于实现上述实施例及优选实施方式,已经进行过说明的不再赘述。如以下所使用的,术语“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的装置较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。This embodiment also provides a data processing device for audit logs. The device is used to implement the above embodiments and preferred implementations. What has already been described will not be described again. As used below, the term "module" may be a combination of software and/or hardware that implements a predetermined function. Although the apparatus described in the following embodiments is preferably implemented in software, implementation in hardware, or a combination of software and hardware, is also possible and contemplated.

本实施例提供一种审计日志的数据处理装置,如图7所示,包括:This embodiment provides a data processing device for audit logs, as shown in Figure 7, including:

信息获取模块701,用于获取针对目标集群中任一审计对象所发起的对象变更请求以及对应原始版本信息的原始版本副本信息;The information acquisition module 701 is used to acquire the object change request initiated for any audit object in the target cluster and the original version copy information corresponding to the original version information;

信息更新模块702,用于基于对象变更请求生成审计日志,并基于对象变更请求对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息;The information update module 702 is configured to generate an audit log based on the object change request, and update the original version copy information based on the object change request, so as to update the original version copy information to the target version information;

日志解析模块703,用于对审计日志进行解析,以得到审计对象的对象名称及对应的版本标识字段;The log parsing module 703 is used to parse the audit log to obtain the object name of the audit object and the corresponding version identification field;

请求生成模块704,用于基于对象名称及版本标识字段生成版本获取请求,以获取审计对象的原始版本信息。The request generation module 704 is used to generate a version acquisition request based on the object name and version identification field to obtain the original version information of the audit object.

在一些可选的实施方式中,信息获取模块701包括:In some optional implementations, the information acquisition module 701 includes:

对象获取单元,用于获取目标集群中的一个或者多个待审计的审计对象;The object acquisition unit is used to acquire one or more audit objects to be audited in the target cluster;

信息获取单元,用于针对任一审计对象,当接收到对象变更请求时,基于对象变更请求获取原始版本集中最新的原始版本信息;The information acquisition unit is used for obtaining the latest original version information in the original version set based on the object change request for any audit object when receiving an object change request;

信息更新单元,用于将最新的原始版本信息更新至信息副本中,以得到原始版本副本信息。The information update unit is used to update the latest original version information to the information copy to obtain the original version copy information.

在一些可选的实施方式中,信息更新模块702包括:In some optional implementations, the information update module 702 includes:

信息获取单元,用于获取对象变更请求的请求信息;The information acquisition unit is used to obtain the request information of the object change request;

长度比对单元,用于将请求信息的第一信息长度与原始版本副本信息的第二信息长度进行比对,得到长度比对结果;A length comparison unit, configured to compare the first information length of the request information with the second information length of the original version copy information to obtain a length comparison result;

版本更新单元,用于当比对结果表征第一信息长度与第二信息长度不同时,基于请求信息对原始版本副本信息进行更新,以将原始版本副本信息更新为目标版本信息。A version update unit, configured to update the original version copy information based on the request information when the comparison result indicates that the first information length and the second information length are different, so as to update the original version copy information to the target version information.

在一些可选的实施方式中,版本更新单元,还用于当比对结果表征第一信息长度与第二信息长度相同时,分别从请求信息的两端截取预设步长的第一请求信息,并组合得到第一组合请求信息;In some optional implementations, the version update unit is also configured to intercept the first request information with a preset step size from both ends of the request information when the comparison result indicates that the length of the first information and the length of the second information are the same. , and combine to obtain the first combination of request information;

分别从原始版本副本信息的两端截取预设步长的第二请求信息,并组合得到第二组合请求信息;Intercept the second request information of the preset step size from both ends of the original version copy information, and combine them to obtain the second combined request information;

当请求信息两端小于预设步长时,对请求信息两端进行补位,以使请求信息两端达到预设步长;When both ends of the request information are smaller than the preset step size, both ends of the request information are padded so that both ends of the request information reach the preset step size;

当原始版本副本信息两端小于预设步长时,对原始版本副本信息两端进行补位,以使原始版本副本信息两端达到预设步长;When both ends of the original version copy information are smaller than the preset step size, the two ends of the original version copy information are padded so that both ends of the original version copy information reach the preset step size;

对比第一组合请求信息的内容与第二组合请求信息的内容,得到内容比对结果;Compare the content of the first combination request information with the content of the second combination request information to obtain a content comparison result;

当内容比对结果表征第一组合请求信息的内容与第二组合请求信息的内容不同时,基于请求信息对原始版本副本信息进行更新;When the content comparison result indicates that the content of the first combination request information is different from the content of the second combination request information, update the original version copy information based on the request information;

当内容比对结果表征第一组合请求信息的内容与第二组合请求信息的内容相同时,获取请求信息中除去第一组合请求信息的第一剩余请求信息,以及原始版本副本信息中除去第二组合请求信息的第二剩余请求信息;When the content comparison result indicates that the content of the first combination request information is the same as the content of the second combination request information, obtain the first remaining request information excluding the first combination request information in the request information, and the original version copy information excluding the second combining the second remaining request information of the request information;

对比第一剩余请求信息的内容与第二剩余请求信息的容,并基于比对结果更新原始版本副本信息。Compare the content of the first remaining request information with the content of the second remaining request information, and update the original version copy information based on the comparison result.

具体的,对比第一组合请求信息的内容与第二组合请求信息的内容,得到内容比对结果,包括:Specifically, compare the content of the first combined request information with the content of the second combined request information to obtain a content comparison result, including:

获取第一组合请求信息中各字符的字符值;Obtain the character value of each character in the first combination of request information;

将第一组合请求信息中各字符的字符值与第二组合请求信息中对应字符的字符值进行比对;Compare the character value of each character in the first combination request information with the character value of the corresponding character in the second combination request information;

当第一组合请求信息中各字符的字符值与第二组合请求信息中对应字符的字符值均相同,生成表征第一组合请求信息的内容与第二组合请求信息的内容相同的内容比对结果;When the character value of each character in the first combination request information is the same as the character value of the corresponding character in the second combination request information, a content comparison result indicating that the content of the first combination request information and the content of the second combination request information are the same is generated. ;

当第一组合请求信息中各字符的字符值与第二组合请求信息中对应的任一字符的字符值不同,生成表征第一组合请求信息的内容与第二组合请求信息的内容不同的内容比对结果。When the character value of each character in the first combination request information is different from the character value of any corresponding character in the second combination request information, a content ratio indicating that the content of the first combination request information is different from the content of the second combination request information is generated. to the results.

在一些可选的实施方式中,请求生成模块704包括:In some optional implementations, the request generation module 704 includes:

第一版本信息获取单元,用于将对象名称与版本标识字段进行拼接,得到版本获取请求;识别原始版本集中与版本获取请求对应的版本信息,以得到审计对象的原始版本信息;The first version information acquisition unit is used to splice the object name and the version identification field to obtain a version acquisition request; identify the version information corresponding to the version acquisition request in the original version set to obtain the original version information of the audit object;

第二版本信息获取单元,用于将版本标识字段转化为版本号;基于版本号及对象名称,获取原始版本集中对应原始版本信息的存储路径;基于存储路径获取述审计对象的原始版本信息。The second version information acquisition unit is used to convert the version identification field into a version number; obtain the storage path corresponding to the original version information in the original version set based on the version number and object name; obtain the original version information of the audit object based on the storage path.

上述各个模块和单元的更进一步的功能描述与上述对应实施例相同,在此不再赘述。Further functional descriptions of the above-mentioned modules and units are the same as those in the above-mentioned corresponding embodiments, and will not be described again here.

本实施例中的审计日志的数据处理装置是以功能单元的形式来呈现,这里的单元是指ASIC(ApplicationSpecificIntegratedCircuit,专用集成电路)电路,执行一个或多个软件或固定程序的处理器和存储器,和/或其他可以提供上述功能的器件。The data processing device of the audit log in this embodiment is presented in the form of a functional unit. The unit here refers to an ASIC (Application Specific Integrated Circuit) circuit, a processor and a memory that executes one or more software or fixed programs. and/or other devices that can provide the above functions.

本发明实施例还提供一种计算机设备,具有上述图7所示的审计日志的数据处理装置。An embodiment of the present invention also provides a computer device having the data processing device for the audit log shown in FIG. 7 .

请参阅图8,图8是本发明可选实施例提供的一种计算机设备的结构示意图,如图8所示,该计算机设备包括:一个或多个处理器10、存储器20,以及用于连接各部件的接口,包括高速接口和低速接口。各个部件利用不同的总线互相通信连接,并且可以被安装在公共主板上或者根据需要以其它方式安装。处理器可以对在计算机设备内执行的指令进行处理,包括存储在存储器中或者存储器上以在外部输入/输出装置(诸如,耦合至接口的显示设备)上显示GUI的图形信息的指令。在一些可选的实施方式中,若需要,可以将多个处理器和/或多条总线与多个存储器和多个存储器一起使用。同样,可以连接多个计算机设备,各个设备提供部分必要的操作(例如,作为存储服务器阵列、一组刀片式存储服务器、或者多处理器系统)。图8中以一个处理器10为例。Please refer to Figure 8. Figure 8 is a schematic structural diagram of a computer device provided by an optional embodiment of the present invention. As shown in Figure 8, the computer device includes: one or more processors 10, a memory 20, and a device for connecting The interfaces of each component include high-speed interfaces and low-speed interfaces. Various components communicate with each other using different buses and can be installed on a common motherboard or in other ways as needed. The processor may process instructions executed within the computer device, including instructions stored in or on memory to display graphical information of the GUI on an external input/output device, such as a display device coupled to the interface. In some alternative implementations, multiple processors and/or multiple buses may be used with multiple memories and multiple memories, if desired. Likewise, multiple computer devices may be connected, each device providing part of the necessary operations (eg, as an array of storage servers, a set of blade storage servers, or a multi-processor system). Figure 8 takes a processor 10 as an example.

处理器10可以是中央处理器,网络处理器或其组合。其中,处理器10还可以进一步包括硬件芯片。上述硬件芯片可以是专用集成电路,可编程逻辑器件或其组合。上述可编程逻辑器件可以是复杂可编程逻辑器件,现场可编程逻辑门阵列,通用阵列逻辑或其任意组合。The processor 10 may be a central processing unit, a network processor, or a combination thereof. The processor 10 may further include a hardware chip. The above-mentioned hardware chip can be an application-specific integrated circuit, a programmable logic device or a combination thereof. The above-mentioned programmable logic device may be a complex programmable logic device, a field programmable logic gate array, a general array logic or any combination thereof.

其中,存储器20存储有可由至少一个处理器10执行的指令,以使至少一个处理器10执行实现上述实施例示出的方法。The memory 20 stores instructions that can be executed by at least one processor 10, so that the at least one processor 10 executes the method shown in the above embodiment.

存储器20可以包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需要的应用程序;存储数据区可存储根据一种小程序落地页的展现的计算机设备的使用所创建的数据等。此外,存储器20可以包括高速随机存取存储器,还可以包括非瞬时存储器,例如至少一个磁盘存储器件、闪存器件、或其他非瞬时固态存储器件。在一些可选的实施方式中,存储器20可选包括相对于处理器10远程设置的存储器,这些远程存储器可以通过网络连接至该计算机设备。上述网络的实例包括但不限于互联网、企业内部网、服务器集群、移动通信网及其组合。The memory 20 may include a stored program area and a stored data area, wherein the stored program area may store an operating system and an application program required for at least one function; the stored data area may store the use of the computer device according to the presentation of a small program landing page. The data created etc. In addition, the memory 20 may include high-speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid-state storage device. In some optional implementations, the memory 20 may optionally include memories remotely located relative to the processor 10 , and these remote memories may be connected to the computer device through a network. Examples of the above-mentioned networks include, but are not limited to, the Internet, corporate intranets, server clusters, mobile communication networks, and combinations thereof.

存储器20可以包括易失性存储器,例如,随机存取存储器;存储器也可以包括非易失性存储器,例如,快闪存储器,硬盘或固态硬盘;存储器20还可以包括上述种类的存储器的组合。The memory 20 may include a volatile memory, such as a random access memory; the memory may also include a non-volatile memory, such as a flash memory, a hard disk or a solid state drive; the memory 20 may also include a combination of the above types of memories.

该计算机设备还包括通信接口30,用于该计算机设备与其他设备或通信网络通信。The computer device also includes a communication interface 30 for the computer device to communicate with other devices or communication networks.

本发明实施例还提供了一种计算机可读存储介质,上述根据本发明实施例的方法可在硬件、固件中实现,或者被实现为可记录在存储介质,或者被实现通过网络下载的原始存储在远程存储介质或非暂时机器可读存储介质中并将被存储在本地存储介质中的计算机代码,从而在此描述的方法可被存储在使用通用计算机、专用处理器或者可编程或专用硬件的存储介质上的这样的软件处理。其中,存储介质可为磁碟、光盘、只读存储记忆体、随机存储记忆体、快闪存储器、硬盘或固态硬盘等;进一步地,存储介质还可以包括上述种类的存储器的组合。可以理解,计算机、处理器、微处理器控制器或可编程硬件包括可存储或接收软件或计算机代码的存储组件,当软件或计算机代码被计算机、处理器或硬件访问且执行时,实现上述实施例示出的方法。Embodiments of the present invention also provide a computer-readable storage medium. The above-mentioned method according to the embodiment of the present invention can be implemented in hardware or firmware, or can be recorded in a storage medium, or can be implemented as original storage downloaded through the network. Computer code in a remote storage medium or a non-transitory machine-readable storage medium and to be stored in a local storage medium such that the methods described herein may be stored on a computer using a general purpose computer, a special purpose processor, or programmable or special purpose hardware Such software processing on storage media. The storage medium may be a magnetic disk, an optical disk, a read-only memory, a random access memory, a flash memory, a hard disk or a solid state drive, etc.; further, the storage medium may also include a combination of the above types of memories. It can be understood that a computer, processor, microprocessor controller or programmable hardware includes a storage component that can store or receive software or computer code. When the software or computer code is accessed and executed by the computer, processor or hardware, the above implementations are implemented. The method illustrated.

虽然结合附图描述了本发明的实施例,但是本领域技术人员可以在不脱离本发明的精神和范围的情况下做出各种修改和变型,这样的修改和变型均落入由所附权利要求所限定的范围之内。Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, those skilled in the art can make various modifications and variations without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope of the appended rights. within the scope of the requirements.

Claims (10)

1. A data processing method of an audit log, applied to a data storage center of a target cluster, wherein an original version set is stored in the data storage center, and the original version set includes a plurality of original version information, the method comprising:
acquiring an object change request initiated for any one of the audit objects in the target cluster and original version copy information corresponding to the original version information;
generating an audit log based on the object change request, and updating the original version copy information based on the object change request so as to update the original version copy information into target version information;
analyzing the audit log to obtain the object name of the audit object and a corresponding version identification field;
and generating a version acquisition request based on the object name and the version identification field to acquire the original version information of the audit object.
2. The method of claim 1, wherein the obtaining the object change request initiated for any one of the audit objects in the target cluster and the original version copy information corresponding to the original version information comprises:
acquiring one or more audit objects to be audited in the target cluster;
for any audit object, when an object change request is received, acquiring the latest original version information in the original version set based on the object change request;
and updating the latest original version information into an information copy to obtain the original version copy information.
3. The method of claim 2, wherein updating the original version copy information based on the object change request comprises:
acquiring request information of the object change request;
comparing the first information length of the request information with the second information length of the original version copy information to obtain a length comparison result;
and updating the original version copy information based on the request information when the comparison result characterizes that the first information length is different from the second information length, so as to update the original version copy information into the target version information.
4. A method according to claim 3, characterized in that the method further comprises:
when the comparison result represents that the first information length is the same as the second information length, intercepting first request information with preset step length from two ends of the request information respectively, and combining to obtain first combined request information;
intercepting second request information with preset step length from two ends of the original version copy information respectively, and combining to obtain second combined request information;
when the two ends of the request information are smaller than the preset step length, the two ends of the request information are subjected to bit filling so that the two ends of the request information reach the preset step length;
when the two ends of the original version copy information are smaller than the preset step length, the two ends of the original version copy information are subjected to bit filling so that the two ends of the original version copy information reach the preset step length;
comparing the content of the first combination request information with the content of the second combination request information to obtain a content comparison result;
updating the original version copy information based on the request information when the content comparison result represents that the content of the first combination request information is different from the content of the second combination request information;
When the content comparison result shows that the content of the first combined request information is the same as the content of the second combined request information, acquiring first residual request information excluding the first combined request information in the request information and second residual request information excluding the second combined request information in the original version copy information;
and comparing the content of the first residual request information with the content of the second residual request information, and updating the original version copy information based on the comparison result.
5. The method of claim 4, wherein comparing the content of the first combined request message with the content of the second combined request message to obtain a content comparison result comprises:
acquiring character values of all characters in the first combination request information;
comparing the character value of each character in the first combination request information with the character value of the corresponding character in the second combination request information;
when the character values of the characters in the first combination request information are the same as the character values of the corresponding characters in the second combination request information, generating a content comparison result representing that the content of the first combination request information is the same as the content of the second combination request information;
And when the character value of each character in the first combination request information is different from the character value of any corresponding character in the second combination request information, generating a content comparison result representing that the content of the first combination request information is different from the content of the second combination request information.
6. The method of any one of claims 1 to 5, wherein the obtaining the original version information of the audit object comprises:
splicing the object name and the version identification field to obtain the version acquisition request;
and identifying version information corresponding to the version acquisition request in the original version set to obtain the original version information of the audit object.
7. The method of claim 6, wherein the obtaining the original version information of the audit object further comprises:
converting the version identification field into a version number;
acquiring a storage path of corresponding original version information in the original version set based on the version number and the object name;
and acquiring the original version information of the audit object based on the storage path.
8. A data processing apparatus for audit logs, applied to a data storage center of a target cluster, wherein an original version set is stored in the data storage center, and the original version set includes a plurality of original version information, the apparatus comprising:
The information acquisition module is used for acquiring an object change request initiated for any one of the audit objects in the target cluster and original version copy information corresponding to the original version information;
the information updating module is used for generating an audit log based on the object change request and updating the original version copy information based on the object change request so as to update the original version copy information into target version information;
the log analysis module is used for analyzing the audit log to obtain the object name of the audit object and the corresponding version identification field;
and the request generation module is used for generating a version acquisition request based on the object name and the version identification field so as to acquire the original version information of the audit object.
9. A computer device, comprising:
a memory and a processor in communication with each other, the memory having stored therein computer instructions which, upon execution, cause the processor to perform the method of any of claims 1 to 7.
10. A computer readable storage medium having stored thereon computer instructions for causing a computer to perform the method of any one of claims 1 to 7.
CN202311542078.1A 2023-11-17 2023-11-17 Data processing methods, devices, equipment and storage media for audit logs Pending CN117591490A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311542078.1A CN117591490A (en) 2023-11-17 2023-11-17 Data processing methods, devices, equipment and storage media for audit logs

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311542078.1A CN117591490A (en) 2023-11-17 2023-11-17 Data processing methods, devices, equipment and storage media for audit logs

Publications (1)

Publication Number Publication Date
CN117591490A true CN117591490A (en) 2024-02-23

Family

ID=89915989

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311542078.1A Pending CN117591490A (en) 2023-11-17 2023-11-17 Data processing methods, devices, equipment and storage media for audit logs

Country Status (1)

Country Link
CN (1) CN117591490A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118796575A (en) * 2024-09-12 2024-10-18 成都赛力斯科技有限公司 Interface audit method, device, electronic device and storage medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118796575A (en) * 2024-09-12 2024-10-18 成都赛力斯科技有限公司 Interface audit method, device, electronic device and storage medium

Similar Documents

Publication Publication Date Title
US10873510B2 (en) Packaging tool for first and third party component deployment
US11762763B2 (en) Orchestration for automated performance testing
US20160239396A1 (en) Preserving management services with distributed metadata through the disaster recovery life cycle
US10887190B2 (en) System for simultaneous viewing and editing of multiple network device configurations
CN107241315B (en) Access method, device and computer-readable storage medium for bank gateway interface
US20170171034A1 (en) Dynamic/on-demand packaging as part of deployment
US11797431B2 (en) REST API parser for test automation
US20210271493A1 (en) Remote Component Loader
CN111966465B (en) A method, system, device and medium for modifying configuration parameters of a host machine in real time
CN112148315A (en) Software deployment method, device, server and storage medium
CN112162927A (en) Test method, medium and device of cloud computing platform and computing equipment
US10552306B2 (en) Automated test generation for multi-interface and multi-platform enterprise virtualization management environment
CN111104139A (en) A firmware upgrade method, device, device and storage medium
CN114816894B (en) Chip testing system, method, equipment and medium
CN106294151A (en) Daily record method of testing and device
CN116263694A (en) Deployment method, device and computing equipment of warehouse cluster
CN117591490A (en) Data processing methods, devices, equipment and storage media for audit logs
CN108205482A (en) File mount restoration methods
CN117687842A (en) Data backup method, system, device and medium based on fusion storage architecture
US11163636B2 (en) Chronologically ordered log-structured key-value store from failures during garbage collection
US9239870B1 (en) Multiple instance database auto-configuration for high availability
CN119342035B (en) Domain name resolution management method, program product, device and medium
CN114579344B (en) A salt-stack-based configuration and verification system and method
CN117591245B (en) Automatic deployment method and device for Galaxy kylin server migration operation and maintenance management platform
CN113722236B (en) Game debugging method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination