[go: up one dir, main page]

CN114095346B - Log collection method and system - Google Patents

Log collection method and system Download PDF

Info

Publication number
CN114095346B
CN114095346B CN202010773371.9A CN202010773371A CN114095346B CN 114095346 B CN114095346 B CN 114095346B CN 202010773371 A CN202010773371 A CN 202010773371A CN 114095346 B CN114095346 B CN 114095346B
Authority
CN
China
Prior art keywords
log
network
tenant
index
software
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010773371.9A
Other languages
Chinese (zh)
Other versions
CN114095346A (en
Inventor
盛宏伟
庄严
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Minew Technologies Co ltd
Original Assignee
Shenzhen Minew Technologies Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Minew Technologies Co ltd filed Critical Shenzhen Minew Technologies Co ltd
Priority to CN202010773371.9A priority Critical patent/CN114095346B/en
Publication of CN114095346A publication Critical patent/CN114095346A/en
Application granted granted Critical
Publication of CN114095346B publication Critical patent/CN114095346B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/069Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/21Design, administration or maintenance of databases
    • G06F16/219Managing data history or versioning
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/951Indexing; Web crawling techniques
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/953Querying, e.g. by the use of web search engines

Landscapes

  • Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The application provides a log collection method and a system, wherein the method comprises the following steps: inquiring log collection states of different network tenants; and if the log collection state of the network tenant is an open state, carrying out log collection on the network tenant according to the log index. According to the method and the system for collecting logs, log collection is carried out on network tenants which are not required to be carried out log collection by inquiring log collection states of different network tenants, log collection is avoided on the network tenants which are not required to be carried out log collection, log indexes are storage structures which are set for log collection in the network tenants, log collection is carried out on the network tenants according to the log indexes, so that log collection can be carried out on different network tenants correspondingly according to different log indexes, the collected logs can be distinguished on different network tenants according to different log indexes, and the log collection accuracy is improved.

Description

Log collection method and system
Technical Field
The application belongs to the technical field of log collection, and particularly relates to a log collection method and system.
Background
The multi-tenant technology can realize sharing of the same main system among a plurality of tenants, and meanwhile personalized customization of subsystems (running systems) of the tenants can be realized, sharing of common parts of the main system and independent isolation of individual parts can be ensured by using the multi-tenant technology, so that the multi-tenant technology is widely applied to an Internet of things platform.
In the using process of the existing multi-tenant internet of things platform, the collected log information is summary information of log information in all network tenants, and the collected log cannot distinguish different network tenants, so that the log collection accuracy is reduced.
Disclosure of Invention
The embodiment of the application provides a log collection method and a log collection system, which aim to solve the problem of low log collection accuracy caused by the fact that collected logs cannot distinguish different network tenants in the use process of the existing multi-tenant internet of things platform.
In a first aspect, an embodiment of the present application provides a log collection method, which is applied to an internet of things platform of any multi-network tenant, where the method includes:
Inquiring log collection states of different network tenants;
And if the log collection state of the network tenant is an on state, carrying out log collection on the network tenant according to a log index, wherein the log index corresponds to an operating system in the network tenant or gateway equipment owned by the network tenant.
Compared with the prior art, the embodiment of the application has the beneficial effects that: by inquiring the log collecting states of different network tenants to judge whether to collect logs of the network tenants, only the network tenants with the log collecting states in the open state are subjected to log collection, log collection of the network tenants which do not need to be subjected to log collection is avoided, accuracy of log collection of the network tenants is improved, log indexes are storage structures set for log collection in the network tenants, log collection is carried out on the network tenants according to the log indexes, log collection can be correspondingly carried out on different network tenants based on different log indexes, collected logs can be distinguished according to different log indexes, and accuracy of log collection is improved.
Further, the log index is a software log index, and the log collection for the network tenant according to the log index includes:
Acquiring log information generated by different software applications in the network tenant to obtain a software log, wherein the software log stores tenant identifications corresponding to the network tenant;
Acquiring a system name of an operating system in the network tenant, and carrying out index query by taking the system name as an index item to obtain a software log index;
Inquiring a log storage path corresponding to the software log index, and storing the software log according to the log storage path corresponding to the software log index.
Further, the log index is a software log index, and the log collection for the network tenant according to the log index includes:
Acquiring gateway equipment information of the network tenants, wherein the gateway equipment information comprises gateway identifications corresponding to gateway equipment owned by the network tenants, each network tenant is provided with at least one gateway equipment, and the gateway equipment owned by different network tenants is different;
acquiring log information generated by the gateway equipment owned by the network tenant according to the gateway equipment information to obtain a hardware log;
index inquiry is carried out by taking the gateway identification of the gateway equipment as an index item, so as to obtain a hardware log index;
Inquiring a log storage path corresponding to the hardware log index, and storing the hardware log according to the log storage path corresponding to the hardware log index.
Further, the method further comprises:
if a log query instruction carrying the system name of any running system is received, querying the corresponding software log index according to the system name of the running system;
and carrying out log query on the stored software log according to the queried software log index, and displaying the queried software log.
Further, the method further comprises:
and if a log query instruction carrying the tenant identification of any network tenant is received, performing log query on the stored software log according to the tenant identification of the network tenant, and displaying the queried software log.
Further, the method further comprises:
If a log query instruction carrying the tenant identification of any network tenant is received, querying the gateway equipment owned by the network tenant according to the tenant identification of the network tenant to obtain target gateway equipment;
inquiring the corresponding hardware log index according to the gateway identification of the target gateway equipment,
And carrying out log inquiry on the stored hardware log according to the inquired hardware log index, and displaying the inquired hardware log.
Further, the method further comprises:
If the current network transmission amount of the internet of things platform is larger than a transmission amount threshold, inquiring a limit level corresponding to the current network transmission amount, and respectively acquiring tenant levels of different network tenants, wherein the limit level is used for judging whether to close log collection of the network tenants;
and if the tenant grade is smaller than the limit grade, regulating the log collection state of the network tenant corresponding to the tenant grade to a closing state so as to close the log collection of the network tenant corresponding to the tenant grade.
In a second aspect, an embodiment of the present application provides a log collection system, applied to an internet of things platform of any multi-network tenant, including:
The log collection state query module is used for querying log collection states of different network tenants;
And the log collection module is used for collecting the logs of the network tenants according to log indexes if the log collection state of the network tenants is an open state, wherein the log indexes correspond to the running systems in the network tenants or gateway equipment owned by the network tenants.
Further, the log index is a software log index, the log is collected for the network tenant according to the log index, and the log collection module is further configured to:
Acquiring log information generated by different software applications in the network tenant to obtain a software log, wherein the software log stores tenant identifications corresponding to the network tenant;
Acquiring a system name of an operating system in the network tenant, and carrying out index query by taking the system name as an index item to obtain a software log index;
Inquiring a log storage path corresponding to the software log index, and storing the software log according to the log storage path corresponding to the software log index.
Further, the log index is a hardware log index, the log is collected for the network tenant according to the log index, and the log collection module is further configured to:
Acquiring gateway equipment information of the network tenants, wherein the gateway equipment information comprises gateway identifications corresponding to gateway equipment owned by the network tenants, each network tenant is provided with at least one gateway equipment, and the gateway equipment owned by different network tenants is different;
acquiring log information generated by the gateway equipment owned by the network tenant according to the gateway equipment information to obtain a hardware log;
index inquiry is carried out by taking the gateway identification of the gateway equipment as an index item, so as to obtain a hardware log index;
Inquiring a log storage path corresponding to the hardware log index, and storing the hardware log according to the log storage path corresponding to the hardware log index.
It will be appreciated that the advantages of the second aspect may be found in the relevant description of the first aspect, and will not be described in detail herein.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings used in the description of the embodiments or the prior art will be briefly described below.
FIG. 1 is a flow chart of a log collection method provided by a first embodiment of the present application;
FIG. 2 is a flow chart of a log collection method provided by a second embodiment of the present application;
FIG. 3 is a flow chart of a log collection method according to a third embodiment of the present application;
FIG. 4 is a schematic diagram of a log collection system according to a fourth embodiment of the present application;
fig. 5 is a schematic structural diagram of a log collection system according to a fifth embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth such as the particular system architecture, techniques, etc., in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It should be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
As used in the present description and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".
Furthermore, the terms "first," "second," "third," and the like in the description of the present specification and in the appended claims, are used for distinguishing between descriptions and not necessarily for indicating or implying a relative importance.
Reference in the specification to "one embodiment" or "some embodiments" or the like means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," and the like in the specification are not necessarily all referring to the same embodiment, but mean "one or more but not all embodiments" unless expressly specified otherwise. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.
Example 1
Referring to fig. 1, a flowchart of a log collection method according to a first embodiment of the present application is applied to an internet of things platform of any multi-network tenant, and includes the steps of:
Step S10, inquiring log collection states of different network tenants.
The internet of things platform of the multiple network tenants can query log collection states of different network tenants according to preset time or preset time intervals, the preset time and the preset time intervals can be set according to requirements, the preset time can be set to 8 am, 12 am or 8 pm, and the preset time intervals can be set to 1 hour, 1 day, 1 month, and the like.
For example, in this step, when the log-collecting status of different network tenants is queried according to the preset time, the internet of things platform of multiple network tenants can uniformly query the log-collecting status of different network tenants at 8 points in the morning every day.
Optionally, in the step, the query of the log collection state of the network tenant may be performed by sending a query instruction, and by receiving instruction response information of different network tenants for the query instruction, whether the log collection state of the corresponding network tenant is an on state is determined.
Optionally, in this step, the log collection state of different network tenants may be queried by querying a log collection table pre-stored in the internet of things platform of multiple network tenants, where the log collection table pre-stores a correspondence between different network tenants and corresponding log collection states, for example, the internet of things platform includes network tenant A1, network tenant A2, and network tenant A3, and the data stored in the log collection table includes: network tenant A1-log collection on state, network tenant A2-log collection on state, and network tenant A3-log collection off state.
Step S20, if the log collection state of the network tenant is an on state, log collection is performed on the network tenant according to the log index.
If the log collection state of the network tenant is detected to be in an on state, it is determined that log collection is required for the network tenant, and it is understood that if the log collection state of the network tenant is detected to be in an off state, it is determined that log collection is not required for the network tenant.
For example, when it is detected that the log collection states of the network tenant A1 and the network tenant A2 are on states and the log collection state of the network tenant A3 is off states, log collection is performed only for the network tenant A1 and the network tenant A2 according to the log index.
Specifically, in this embodiment, the log index corresponds to an operating system in a network tenant or gateway devices owned by the network tenant, system names of operating systems in different network tenants are different, each network tenant has at least one gateway device, and the gateway devices owned by different network tenants are different, and the gateway devices are used for guaranteeing data communication of the corresponding network tenants, so the log indexes corresponding to different network tenants are different.
Optionally, in this step, when log collection is performed on the network tenant according to the log index, the tenant identifier of the network tenant is stored in the log collected correspondingly, so that the distinction between the logs collected by different network tenants is further facilitated.
For example, when the log collection states of the network tenant A1 and the network tenant A2 are detected to be in the on state, the log collection is performed on the network tenant A1 according to the log index B1 to obtain a log C1, the log collection is performed on the network tenant A2 according to the log index B2 to obtain a log C2, the tenant identification of the network tenant A1 is stored in the log C1, and the tenant identification of the network tenant A2 is stored in the log C2.
In addition, in this embodiment, the log collection method further includes:
step S30, receiving a log query instruction, querying the collected log according to the log query instruction, and displaying the queried log.
The log query instruction stores tenant identification or log index of the network tenant to be queried, queries the collected log by storing tenant identification or log index in the log query instruction to obtain a log corresponding to the network tenant to be queried, and displays the log corresponding to the network tenant to be queried.
Optionally, in this embodiment, the log collecting method further includes:
If the current network transmission quantity of the internet of things platform is larger than a transmission quantity threshold, inquiring a limit grade corresponding to the current network transmission quantity, and respectively acquiring tenant grades of different network tenants.
And if the tenant grade is smaller than the limit grade, regulating the log collection state of the network tenant corresponding to the tenant grade to a closing state so as to close the log collection of the network tenant corresponding to the tenant grade.
The transmission quantity threshold is used for judging whether the current data transmission quantity of the internet of things platform is in an oversaturation state or not, the transmission quantity threshold can be set according to requirements, if the current network transmission quantity of the internet of things platform is larger than the transmission quantity threshold, the current data transmission quantity of the internet of things platform is judged to be oversaturated, log collection of network tenants is required to be limited, so that data transmission pressure of the internet of things platform is reduced, data transmission efficiency of the internet of things platform is guaranteed, in the step, the limitation level is used for judging whether log collection of the network tenants is closed or not, and the limitation level can be set according to requirements.
Specifically, the corresponding relation between different network tenants and corresponding tenant grades is prestored in the internet of things platform, if the tenant grade of the network tenant is smaller than the limit grade, log collection limitation can be judged for the network tenant, and the log collection state of the network tenant is adjusted to be in a closing state so as to close log collection of the network tenant with the tenant grade smaller than the limit grade, so that the data transmission pressure of the internet of things platform is reduced, and the data transmission efficiency of the internet of things platform is ensured.
In this embodiment, by querying log collection states of different network tenants to determine whether to perform log collection of the network tenants, log collection is performed only on network tenants in an open state of the log collection states, log collection is avoided on network tenants that do not need to perform log collection, and thus accuracy of log collection on network tenants is improved, log indexes are storage structures set for log collection in the network tenants, log collection is performed on the network tenants according to the log indexes, so that log collection can be performed on different network tenants respectively correspondingly based on different log indexes, collected logs can be distinguished on different network tenants according to different log indexes, and accuracy of log collection is improved.
Example two
Referring to fig. 2, a flowchart of a log collection method according to a second embodiment of the present application is provided, where the second embodiment is used for refining step S30 in the first embodiment to refine the steps describing how to log-collect the network tenant according to the log index, and the steps include:
step S31, obtaining log information generated by different software applications in the network tenant, and obtaining a software log.
The software log stores tenant identification of a corresponding network tenant, running information of a corresponding software application, data access information and the like, the running information stores running start time, running end time and running state of the corresponding software application each time, and the data access information stores information such as files accessed or created on the corresponding software application.
Optionally, a plurality of different software applications may exist in the same network tenant, log information generated by the plurality of different software applications is respectively obtained in the same network tenant, the software log is obtained, and the log information generated by the corresponding software applications is distinguished based on application identifiers of the software applications in the software log.
Step S32, a system name of an operating system in the network tenant is obtained, and index inquiry is carried out by taking the system name as an index item, so as to obtain a software log index.
The system names corresponding to different network tenants in the same running system are different, and the corresponding relation between different index items and corresponding software log indexes is prestored in the internet of things platform, so that the software log indexes queried by the index items of the different system names are different, namely, the software log indexes corresponding to the different network tenants are different.
And step S33, inquiring a log storage path corresponding to the software log index, and storing the software log according to the log storage path corresponding to the software log index.
The corresponding relation between different software log indexes and corresponding log storage paths is prestored in the Internet of things platform, and the log storage paths corresponding to the different software log indexes are different, so that the log storage paths corresponding to the different software logs are different, and further, the subsequent software log inquiry for different network tenants is effectively facilitated.
Optionally, in this embodiment, the querying the collected log according to the log query instruction and displaying the queried log includes:
And if the log query instruction carries the system name of any running system, querying the corresponding software log index according to the system name of the running system.
And carrying out log query on the stored software log according to the queried software log index, and displaying the queried software log.
The system names of the running systems in different network tenants are different, so that the system names of the running systems point to the corresponding unique target network tenants, namely, the log query instruction is used for querying the software log corresponding to the target network tenants.
For example, the system name of the running system carried in the log query instruction is "management maintenance system" (Administrator System), the log index using the "management maintenance system" as an index item is queried to obtain a software log index corresponding to the system name in the log query instruction, a target log index is obtained, a target storage path is obtained by obtaining a log storage path of the target log index, a software log under the target storage path is queried, and the queried software log is displayed, so that the display of the software log is performed for the target network tenant.
Optionally, the querying the collected log according to the log querying instruction, and displaying the queried log includes:
and if the log query instruction carries the tenant identification of any network tenant, performing log query on the stored software log according to the tenant identification of the network tenant, and displaying the queried software log.
Because the tenant identifier of the corresponding network tenant is stored in the software log, when the log query instruction carries the tenant identifier of the network tenant, the software log is directly queried according to the tenant identifier, and the queried software log is displayed.
In this embodiment, by acquiring the system name of the running system in the network tenant and performing index query by taking the system name as an index item, the software log index corresponding to the network tenant can be effectively queried, and the software log is stored according to the log storage path corresponding to the query software log index, so that the log storage paths corresponding to the software logs among different network tenants are different, different network tenants can be effectively distinguished based on the differences of the software logs, and the corresponding software log can be accurately displayed for different network tenants, thereby improving the accuracy of log collection and log query.
Example III
Referring to fig. 3, a flowchart of a log collection method according to a third embodiment of the present application is provided, where the third embodiment is used to refine step S30 in the first embodiment to refine the steps describing how to log-collect the network tenant according to the log index, and the steps include:
step S34, obtaining gateway equipment information of the network tenant, and obtaining log information generated by the gateway equipment owned by the network tenant according to the gateway equipment information to obtain a hardware log.
The gateway device information includes gateway identifiers of gateway devices owned by corresponding network tenants, each network tenant has at least one gateway device, and gateway devices owned by different network tenants are different, for example, network tenant A1 has two gateway devices, namely gateway device A1 and gateway device A1, and network tenant A2 has two gateway devices, namely gateway device a3 and gateway device a4, and gateway identifiers among gateway device A1, gateway device a3 and gateway device a4 are all different.
Specifically, the log information generated by the gateway device is log information generated by a hardware device for performing data communication based on the gateway device, where the hardware device includes a motherboard, a hard disk, a storage device, or a built-in memory, and other devices.
And step S35, index inquiry is carried out by taking the gateway identification of the gateway equipment as an index item, and a hardware log index is obtained.
The corresponding relation between different index items and corresponding hardware log indexes is prestored in the internet of things platform, and because the gateway identifications of different gateway devices are different, the hardware log indexes queried by taking the gateway identifications of different gateway devices as the index items are different, namely, the hardware log indexes corresponding to different network tenants are different.
Step S36, inquiring a log storage path corresponding to the hardware log index, and storing the hardware log according to the log storage path corresponding to the hardware log index.
The corresponding relation between different hardware log indexes and corresponding log storage paths is prestored in the Internet of things platform, and the log storage paths corresponding to the different hardware log indexes are different, so that the log storage paths corresponding to the different hardware logs are different, and further the subsequent hardware log inquiry for different network tenants is effectively facilitated.
Optionally, in this embodiment, the querying the collected log according to the log query instruction and displaying the queried log includes:
and if the log query instruction carries the tenant identification of any network tenant, querying the gateway equipment owned by the network tenant according to the tenant identification of the network tenant to obtain target gateway equipment.
Inquiring the corresponding hardware log index according to the gateway identification of the target gateway equipment,
And carrying out log inquiry on the stored hardware log according to the inquired hardware log index, and displaying the inquired hardware log.
In this embodiment, since the gateway devices owned by different network tenants are different, the gateway identifiers corresponding to the different network tenants are different, the software log indexes corresponding to the different network tenants are different, the log storage paths corresponding to the hardware logs generated by the gateway devices owned by the different network tenants are different, and further, the different network tenants can be effectively distinguished based on the differences of the hardware logs, and the corresponding hardware logs can be accurately displayed for the different network tenants, so that the accuracy of log collection and log query is improved.
Example IV
Fig. 4 shows a schematic structural diagram of a log collecting system according to a fourth embodiment of the present application, corresponding to the log collecting method described in the above embodiments, and for convenience of explanation, only the portions related to the embodiments of the present application are shown.
Referring to fig. 4, the log collection system includes a software log collection module, a hardware log collection module, and an ELK log component, wherein: the software log collection module is used for collecting software logs of application servers corresponding to different network tenants based on the kafka message, and the hardware log collection module is used for collecting hardware logs of hardware devices corresponding to different network tenants based on the gateway.
Specifically, in this embodiment, the specific implementation process of the software log collection analysis and display of the log collection system is as follows:
1. executing application operation requiring log generation by a user of the multi-tenant system;
2. acquiring a log switch state of the affiliated tenant;
3. If the log switch state is on, generating a log object with a tenant flag;
4. the name of the current subsystem is taken as a message theme, and the log object is sent to a message server through a kafka message;
5. The Logstar log component collects log objects of different tenants through monitoring kafka message ports;
6. The elastic search log component creates indexes according to different message topics and stores log objects;
7. The Kibana platform displays the operation logs of different subsystems of the platform according to different index objects;
8. Different tenants query the user operation log under the tenant through the Restful API interface provided by the elastic search log component.
Optionally, in this embodiment, the specific implementation process of the hardware log collection analysis and display of the log collection system is:
1. the hardware equipment under the gateway operates to generate an operation log (with gateway marks);
2. According to supported communication protocols (Bluetooth, TCP/UDP and the like), the log object is sent to gateway equipment (belonging to different tenants of the platform);
3. The gateway device sends the log to Rsyslog log collection server;
4. the Logstash log component monitors Rsyslog port acquisition logs;
5. The elastic search log component creates an index according to different gateway IDs and stores a hardware running log;
6. the Kibana platform configures running logs of equipment corresponding to different gateways of the display platform according to different index objects;
8. different tenants query the hardware device running log under the tenant own gateway through the Restful API interface provided by the elastic search log component.
In this embodiment, the ELK log component is used to collect the software log of each subsystem in the platform application system and the hardware log in the platform uniformly, implement tenant-level log switch control for different tenants of the platform log system, and generate different log indexes for different subsystems so as to realize log data shielding according to different subsystems and different tenants.
Example five
Fig. 5 shows a schematic structural diagram of a log collection system 100 according to a fifth embodiment of the present application, corresponding to the log collection method described in the above embodiments, and only the portions related to the embodiments of the present application are shown for convenience of explanation.
Referring to fig. 5, the system is applied to an internet of things platform of any multi-network tenant, and comprises a log collection status query module 10, a log collection module 11 and a log query module 12, wherein:
And the log collection state query module 10 is used for querying log collection states of different network tenants.
The log collection module 11 is configured to collect, if the log collection state of the network tenant is an on state, the log of the network tenant according to a log index, where the log index corresponds to an operating system in the network tenant or a gateway device owned by the network tenant.
Wherein, the log collection module 11 is further configured to: acquiring log information generated by different software applications in the network tenant to obtain a software log, wherein the software log stores tenant identifications corresponding to the network tenant;
Acquiring a system name of an operating system in the network tenant, and carrying out index query by taking the system name as an index item to obtain a software log index;
Inquiring a log storage path corresponding to the software log index, and storing the software log according to the log storage path corresponding to the software log index.
Optionally, the log collection module 11 is further configured to: acquiring gateway equipment information of the network tenants, wherein the gateway equipment information comprises gateway identifications corresponding to gateway equipment owned by the network tenants, each network tenant is provided with at least one gateway equipment, and the gateway equipment owned by different network tenants is different;
acquiring log information generated by the gateway equipment owned by the network tenant according to the gateway equipment information to obtain a hardware log;
index inquiry is carried out by taking the gateway identification of the gateway equipment as an index item, so as to obtain a hardware log index;
Inquiring a log storage path corresponding to the hardware log index, and storing the hardware log according to the log storage path corresponding to the hardware log index.
And the log query module 12 is used for receiving a log query instruction, querying the collected log according to the log query instruction, and displaying the queried log.
Wherein, the log query module 12 is further configured to: if the log inquiry command carries the system name of any running system, inquiring the corresponding software log index according to the system name of the running system;
and carrying out log query on the stored software log according to the queried software log index, and displaying the queried software log.
Optionally, the log query module 12 is further configured to: and if the log query instruction carries the tenant identification of any network tenant, performing log query on the stored software log according to the tenant identification of the network tenant, and displaying the queried software log.
Optionally, the log query module 12 is further configured to: if the log query instruction carries the tenant identification of any network tenant, querying the gateway equipment owned by the network tenant according to the tenant identification of the network tenant to obtain target gateway equipment;
inquiring the corresponding hardware log index according to the gateway identification of the target gateway equipment,
And carrying out log inquiry on the stored hardware log according to the inquired hardware log index, and displaying the inquired hardware log.
Optionally, the log collection system 100 includes:
the log collection limiting module 13 is configured to query a limiting level corresponding to a current network transmission amount if the current network transmission amount of the internet of things platform is greater than a transmission amount threshold, and respectively obtain tenant levels of different network tenants, where the limiting level is used to determine whether to close log collection of the network tenants;
and if the tenant grade is smaller than the limit grade, regulating the log collection state of the network tenant corresponding to the tenant grade to a closing state so as to close the log collection of the network tenant corresponding to the tenant grade.
In this embodiment, by querying log collection states of different network tenants to determine whether to perform log collection of the network tenants, log collection is performed only on network tenants in an open state of the log collection states, log collection is avoided on network tenants that do not need to perform log collection, and thus accuracy of log collection on network tenants is improved, log indexes are storage structures set for log collection in the network tenants, log collection is performed on the network tenants according to the log indexes, so that log collection can be performed on different network tenants respectively correspondingly based on different log indexes, collected logs can be distinguished on different network tenants according to different log indexes, and accuracy of log collection is improved.
It should be noted that, because the content of information interaction and execution process between the above devices/modules is based on the same concept as the method embodiment of the present application, specific functions and technical effects thereof may be referred to in the method embodiment section, and will not be described herein.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, the specific names of the functional units and modules are only for distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working process of the units and modules in the above system may refer to the corresponding process in the foregoing method embodiment, which is not described herein again.
Embodiments of the present application also provide a computer readable storage medium storing a computer program which, when executed by a processor, implements steps for implementing the various method embodiments described above.
Embodiments of the present application provide a computer program product which, when run on a mobile terminal, causes the mobile terminal to perform steps that enable the implementation of the method embodiments described above.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/network device and method may be implemented in other manners. For example, the apparatus/network device embodiments described above are merely illustrative, e.g., the division of the modules or units is merely a logical functional division, and there may be additional divisions in actual implementation, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via interfaces, devices or units, which may be in electrical, mechanical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
The above embodiments are only for illustrating the technical solution of the present application, and not for limiting the same; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.

Claims (10)

1. The log collection method is applied to any internet of things platform with multiple network tenants, and is characterized by comprising the following steps:
Inquiring log collection states of different network tenants;
if the log collection state of the network tenant is an on state, the log collection is carried out on the network tenant according to a log index, wherein the log index corresponds to an operating system in the network tenant or gateway equipment owned by the network tenant;
the querying the log collection state of the different network tenants includes: sending a query instruction, and judging whether the log collection state of the corresponding network tenant is an on state or not by receiving instruction response information of different network tenants aiming at the query instruction;
or,
The querying the log collection state of the different network tenants includes: inquiring a pre-stored log collection table in the internet of things platform of the multi-network tenant to inquire log collection states of different network tenants.
2. The method of collecting logs according to claim 1, wherein the log index is a software log index, and the collecting logs for the network tenant according to the log index comprises:
Acquiring log information generated by different software applications in the network tenant to obtain a software log, wherein the software log stores tenant identifications corresponding to the network tenant;
Acquiring a system name of an operating system in the network tenant, and carrying out index query by taking the system name as an index item to obtain a software log index;
Inquiring a log storage path corresponding to the software log index, and storing the software log according to the log storage path corresponding to the software log index.
3. The method of collecting logs according to claim 1, wherein the log index is a software log index, and the collecting logs for the network tenant according to the log index comprises:
Acquiring gateway equipment information of the network tenants, wherein the gateway equipment information comprises gateway identifications corresponding to gateway equipment owned by the network tenants, each network tenant is provided with at least one gateway equipment, and the gateway equipment owned by different network tenants is different;
acquiring log information generated by the gateway equipment owned by the network tenant according to the gateway equipment information to obtain a hardware log;
index inquiry is carried out by taking the gateway identification of the gateway equipment as an index item, so as to obtain a hardware log index;
Inquiring a log storage path corresponding to the hardware log index, and storing the hardware log according to the log storage path corresponding to the hardware log index.
4. The log collection method of claim 2, wherein the method further comprises:
if a log query instruction carrying the system name of any running system is received, querying the corresponding software log index according to the system name of the running system;
and carrying out log query on the stored software log according to the queried software log index, and displaying the queried software log.
5. The log collection method of claim 2, wherein the method further comprises:
and if a log query instruction carrying the tenant identification of any network tenant is received, performing log query on the stored software log according to the tenant identification of the network tenant, and displaying the queried software log.
6. A log collection method according to claim 3 wherein the method further comprises:
If a log query instruction carrying the tenant identification of any network tenant is received, querying the gateway equipment owned by the network tenant according to the tenant identification of the network tenant to obtain target gateway equipment;
inquiring the corresponding hardware log index according to the gateway identification of the target gateway equipment,
And carrying out log inquiry on the stored hardware log according to the inquired hardware log index, and displaying the inquired hardware log.
7. The log collection method of claim 1, wherein the method further comprises:
If the current network transmission amount of the internet of things platform is larger than a transmission amount threshold, inquiring a limit level corresponding to the current network transmission amount, and respectively acquiring tenant levels of different network tenants, wherein the limit level is used for judging whether to close log collection of the network tenants;
and if the tenant grade is smaller than the limit grade, regulating the log collection state of the network tenant corresponding to the tenant grade to a closing state so as to close the log collection of the network tenant corresponding to the tenant grade.
8. A log collection system applied to any multi-network tenant internet of things platform, comprising:
The log collection state query module is used for querying log collection states of different network tenants;
the log collection module is used for collecting the logs of the network tenant according to log indexes if the log collection state of the network tenant is an open state, wherein the log indexes correspond to an operating system in the network tenant or gateway equipment owned by the network tenant;
The log collection state query module is specifically configured to: sending a query instruction, and judging whether the log collection state of the corresponding network tenant is an on state or not by receiving instruction response information of different network tenants aiming at the query instruction;
or,
The log collection state query module is specifically configured to: inquiring a pre-stored log collection table in the internet of things platform of the multi-network tenant to inquire log collection states of different network tenants.
9. The log collection system of claim 8, wherein the log index is a software log index, the log collection is performed on the network tenant according to the log index, the log collection module is further to:
Acquiring log information generated by different software applications in the network tenant to obtain a software log, wherein the software log stores tenant identifications corresponding to the network tenant;
Acquiring a system name of an operating system in the network tenant, and carrying out index query by taking the system name as an index item to obtain a software log index;
Inquiring a log storage path corresponding to the software log index, and storing the software log according to the log storage path corresponding to the software log index.
10. The log collection system of claim 8, wherein the log index is a hardware log index, the log collection is performed on the network tenant according to the log index, the log collection module is further to:
Acquiring gateway equipment information of the network tenants, wherein the gateway equipment information comprises gateway identifications corresponding to gateway equipment owned by the network tenants, each network tenant is provided with at least one gateway equipment, and the gateway equipment owned by different network tenants is different;
acquiring log information generated by the gateway equipment owned by the network tenant according to the gateway equipment information to obtain a hardware log;
index inquiry is carried out by taking the gateway identification of the gateway equipment as an index item, so as to obtain a hardware log index;
Inquiring a log storage path corresponding to the hardware log index, and storing the hardware log according to the log storage path corresponding to the hardware log index.
CN202010773371.9A 2020-08-04 2020-08-04 Log collection method and system Active CN114095346B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010773371.9A CN114095346B (en) 2020-08-04 2020-08-04 Log collection method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010773371.9A CN114095346B (en) 2020-08-04 2020-08-04 Log collection method and system

Publications (2)

Publication Number Publication Date
CN114095346A CN114095346A (en) 2022-02-25
CN114095346B true CN114095346B (en) 2024-08-02

Family

ID=80295175

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010773371.9A Active CN114095346B (en) 2020-08-04 2020-08-04 Log collection method and system

Country Status (1)

Country Link
CN (1) CN114095346B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115484156B (en) * 2022-08-26 2024-11-01 新华三信息安全技术有限公司 Log data acquisition system, acquisition method and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015107574A1 (en) * 2014-01-15 2015-07-23 日本電気株式会社 Log data collection system, terminal device, and log data collection method
CN109800223A (en) * 2018-12-12 2019-05-24 平安科技(深圳)有限公司 Log processing method, device, electronic equipment and storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016024706A (en) * 2014-07-23 2016-02-08 株式会社日立製作所 Log management system, log management method and program
US10489179B1 (en) * 2016-06-28 2019-11-26 Amazon Technologies, Inc. Virtual machine instance data aggregation based on work definition metadata
CN110661631A (en) * 2018-06-28 2020-01-07 中兴通讯股份有限公司 Method, device and computer readable storage medium for collecting network element logs
CN109729147A (en) * 2018-11-28 2019-05-07 国云科技股份有限公司 Multi-tenant supporting auditing system in cloud environment and implementation method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015107574A1 (en) * 2014-01-15 2015-07-23 日本電気株式会社 Log data collection system, terminal device, and log data collection method
CN109800223A (en) * 2018-12-12 2019-05-24 平安科技(深圳)有限公司 Log processing method, device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN114095346A (en) 2022-02-25

Similar Documents

Publication Publication Date Title
CN101237326B (en) Method, device and system for real time parsing of device log
US7076688B2 (en) Failure information management method and management server in a network equipped with a storage device
US20110153748A1 (en) Remote forensics system based on network
WO2019099558A1 (en) Cardinality of time series
EP3541098B1 (en) Processing method for communication identifier binding and terminal
CN103023984B (en) Terminal application server and application log filtering method thereof
JP2009104267A (en) Web application process recording method and process recording apparatus
CN109063077B (en) Data access method and device based on elastic search
US20070078841A1 (en) System and method for network resource management
CN112688806A (en) Method and system for presenting network assets
CN111010405B (en) A SaaS-based website security monitoring system
CN114095346B (en) Log collection method and system
CN104137086A (en) Information system management device, information system management method, and program
CN111047434A (en) Operation record generation method and device, computer equipment and storage medium
CN114430367B (en) Data acquisition method and device of Internet of things, computer equipment and storage medium
CN114185804A (en) Interface testing method and device and terminal equipment
CN101873232A (en) Judgment method of equipment uniqueness and IP network discovery server
KR20180007792A (en) Apparatus and method for providing data based on cloud service
EP2135161A2 (en) Management of data for installation on a remote device
CN104967667A (en) Software stability test remote monitoring system based on cloud service
US20090327399A1 (en) Device and method for managing the availability of access to digital data
CN113127906A (en) Unified authority management platform, method and storage medium based on C/S architecture
CN113114557A (en) Message sending method and device, electronic equipment and storage medium
CN116303627B (en) Query method and device for semiconductor test data, electronic equipment and storage medium
CN102457394B (en) Management method of server device and management device thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant