CN111078660A - Cloud database performance safety monitoring method - Google Patents
Cloud database performance safety monitoring method Download PDFInfo
- Publication number
- CN111078660A CN111078660A CN201811275223.3A CN201811275223A CN111078660A CN 111078660 A CN111078660 A CN 111078660A CN 201811275223 A CN201811275223 A CN 201811275223A CN 111078660 A CN111078660 A CN 111078660A
- Authority
- CN
- China
- Prior art keywords
- monitoring
- dbaas
- cloud database
- sql
- agent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012544 monitoring process Methods 0.000 title claims abstract description 47
- 238000000034 method Methods 0.000 title claims abstract description 11
- 230000004044 response Effects 0.000 claims abstract description 16
- 239000003795 chemical substances by application Substances 0.000 abstract description 16
- 238000002347 injection Methods 0.000 abstract description 6
- 239000007924 injection Substances 0.000 abstract description 6
- 239000007787 solid Substances 0.000 description 3
- 239000000243 solution Substances 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/3003—Monitoring arrangements specially adapted to the computing system or computing system component being monitored
- G06F11/302—Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is a software system
Landscapes
- Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Mathematical Physics (AREA)
- Quality & Reliability (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a cloud database performance safety monitoring method, which comprises three steps of issuing a safety setting strategy, monitoring data and feeding back monitoring information, wherein a first DBaaS issues a corresponding cloud database through a safety setting strategy issuing module to complete issuing of the safety setting strategy, a second cloud database monitors the database through an Agent monitoring module, when SQL with characteristics is monitored and found by the Agent, the monitoring result is timely reported to a DBaaS platform system, the Agent simultaneously monitors the occupation ratio of the connection number, when the occupation ratio of the connection number exceeds the set occupation ratio, the monitoring result is timely reported to the DBaaS platform system, resources are released actively and the Agent simultaneously monitors the response time, when the SQL response time exceeds the set response time, the monitoring result is timely reported to the DBaaS platform system to timely find SQL injection loopholes, data information leakage is prevented, and the database instance is prevented from being dragged down by overlong SQL.
Description
Technical Field
The invention relates to the technical field of cloud data monitoring, in particular to a cloud database performance safety monitoring method.
Background
Inefficient SQL statements consume a large amount of server resources and cause a server hang-up at high concurrency. To ensure smooth operation of the server, it is necessary to monitor the operation of the instances.
During the running of the monitoring instance, some conventional SQL injection statements, as well as run-time-consuming SELECT statements, may be discovered. The discovered injection statements threatening the data security and the inefficient SELECT statements are provided for a customer using the cloud database, so that the customer can quickly and conveniently discover the bugs and problems existing in the program system.
Disclosure of Invention
In order to solve the technical problem, the invention provides a cloud database performance security monitoring method.
The technical scheme adopted by the invention for solving the technical problems is as follows: a cloud database performance safety monitoring method comprises three steps of issuing a safety setting strategy, monitoring data and feeding back monitoring information, wherein a first DBaaS issues a corresponding cloud database through a safety setting strategy issuing module to complete issuing of the safety setting strategy, a second cloud database monitors the database through an Agent monitoring module, when the Agent monitors and detects SQL with characteristics to be injected, monitoring results are reported to a DBaaS platform system in time, the Agent simultaneously monitors the occupation ratio of the connection numbers, when the occupation ratio of the connection numbers exceeds the set occupation ratio, the monitoring results are reported to the DBaaS platform system in time, resources are released actively and the Agent simultaneously monitors response time, and when the SQL response time exceeds the set response time, the monitoring results are reported to the DBaaS platform system in time.
The invention has the beneficial effects that: compared with the prior art, the monitoring method has the advantages that the corresponding cloud database is issued through a DBaaS issuing security setting strategy, the cloud database is monitored, SQL injection loopholes are timely discovered through monitoring, data information is prevented from being leaked, meanwhile, an overlong SQL example is prevented from being dragged down to the database through monitoring, monitoring results are formed into reports and reported timely, the connection number ratio is monitored, when the connection number ratio is found to exceed the set ratio through monitoring, the monitoring results are timely reported to a DBaaS platform system, and SLEEP connection release resources are deleted through solid active release resources.
Drawings
FIG. 1 is a block diagram of the overall process of the present invention;
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
In the description of the present invention, it should be noted that the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc. indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings or the orientations or positional relationships that the products of the present invention are conventionally placed in use, and are only used for convenience in describing the present invention and simplifying the description, but do not indicate or imply that the devices or elements referred to must have a specific orientation, be constructed and operated in a specific orientation, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first," "second," "third," and the like are used solely to distinguish one from another and are not to be construed as indicating or implying relative importance.
A cloud database performance safety monitoring method comprises three steps of issuing a safety setting strategy, monitoring data and feeding back monitoring information, wherein a first DBaaS issues a corresponding cloud database through a safety setting strategy issuing module to complete issuing of the safety setting strategy, a second cloud database monitors the database through an Agent monitoring module, when the Agent monitors and detects SQL with characteristics to be injected, monitoring results are reported to a DBaaS platform system in time, the Agent simultaneously monitors the occupation ratio of the connection numbers, when the occupation ratio of the connection numbers exceeds the set occupation ratio, the monitoring results are reported to the DBaaS platform system in time, resources are released actively and the Agent simultaneously monitors response time, and when the SQL response time exceeds the set response time, the monitoring results are reported to the DBaaS platform system in time.
The invention discloses a cloud database performance safety monitoring method, which issues a corresponding cloud database through a DBaaS (database-as-a-service) safety setting strategy to monitor the cloud database, finds SQL injection loopholes in time through monitoring and prevents data information from leaking, prevents an overlong SQL from pulling down a database example through monitoring, forms a monitoring result into a report to be reported in time, monitors the occupation ratio of the number of connections, reports the monitoring result to a DBaaS (database-as-a-service) platform system in time after the situation that the occupation ratio of the number of connections exceeds the set occupation ratio is found through monitoring, and deletes SLEEP (solid active release resource) connection release resource to delete SLEEP (solid active release resource)
In the embodiment shown in fig. 1, DBaaS issues the SQL injection protection and the connection number ratio (current connection number/maximum connection number) to the cloud database in response according to the set SQL response duration (select).
The database service initiates agent monitoring.
And the Agent discovers the SQL statement with the injected characteristics, the Kill statement and reports the result to the DBAAS platform.
And when the Agent finds that the connection number percentage exceeds the set percentage, deleting the idle sleep connection and actively releasing the resources.
And when the Agent finds that the response time of the SQL exceeds the set response time, the Kill statement reports the result to the DBAAS platform.
The above embodiments are only specific examples of the present invention, and the protection scope of the present invention includes but is not limited to the forms and styles of the above embodiments, and any suitable changes or modifications made by those skilled in the art according to the present invention should fall within the protection scope of the present invention.
Claims (1)
1. A cloud database performance safety monitoring method comprises three steps of issuing a safety setting strategy, monitoring data and feeding back monitoring information, wherein a first DBaaS issues a corresponding cloud database through a safety setting strategy issuing module to complete issuing of the safety setting strategy, a second cloud database monitors the database through an Agent monitoring module, when the Agent monitors and detects SQL with characteristics to be injected, monitoring results are reported to a DBaaS platform system in time, the Agent simultaneously monitors the occupation ratio of the connection numbers, when the occupation ratio of the connection numbers exceeds the set occupation ratio, the monitoring results are reported to the DBaaS platform system in time, resources are released actively and the Agent simultaneously monitors response time, and when the SQL response time exceeds the set response time, the monitoring results are reported to the DBaaS platform system in time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811275223.3A CN111078660A (en) | 2018-10-19 | 2018-10-19 | Cloud database performance safety monitoring method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811275223.3A CN111078660A (en) | 2018-10-19 | 2018-10-19 | Cloud database performance safety monitoring method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111078660A true CN111078660A (en) | 2020-04-28 |
Family
ID=70310180
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811275223.3A Pending CN111078660A (en) | 2018-10-19 | 2018-10-19 | Cloud database performance safety monitoring method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111078660A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111835757A (en) * | 2020-07-10 | 2020-10-27 | 厦门靠谱云股份有限公司 | Hybrid compatible SQL injection detection method and system based on genetic algorithm |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101605065A (en) * | 2009-04-22 | 2009-12-16 | 网经科技(苏州)有限公司 | The implementation method of security incident monitoring in the system of security centre |
| CN102420869A (en) * | 2011-12-02 | 2012-04-18 | 浪潮集团有限公司 | Security monitoring method for cloud data center |
| US20140013434A1 (en) * | 2012-07-05 | 2014-01-09 | Tenable Network Security, Inc. | System and method for strategic anti-malware monitoring |
| CN104301413A (en) * | 2014-10-17 | 2015-01-21 | 国云科技股份有限公司 | Oracle distributed real-time monitoring method orienting cloud databases |
| CN106407830A (en) * | 2015-07-29 | 2017-02-15 | 阿里巴巴集团控股有限公司 | Detection method and device of cloud-based database |
-
2018
- 2018-10-19 CN CN201811275223.3A patent/CN111078660A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101605065A (en) * | 2009-04-22 | 2009-12-16 | 网经科技(苏州)有限公司 | The implementation method of security incident monitoring in the system of security centre |
| CN102420869A (en) * | 2011-12-02 | 2012-04-18 | 浪潮集团有限公司 | Security monitoring method for cloud data center |
| US20140013434A1 (en) * | 2012-07-05 | 2014-01-09 | Tenable Network Security, Inc. | System and method for strategic anti-malware monitoring |
| CN104301413A (en) * | 2014-10-17 | 2015-01-21 | 国云科技股份有限公司 | Oracle distributed real-time monitoring method orienting cloud databases |
| CN106407830A (en) * | 2015-07-29 | 2017-02-15 | 阿里巴巴集团控股有限公司 | Detection method and device of cloud-based database |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111835757A (en) * | 2020-07-10 | 2020-10-27 | 厦门靠谱云股份有限公司 | Hybrid compatible SQL injection detection method and system based on genetic algorithm |
| CN111835757B (en) * | 2020-07-10 | 2021-04-09 | 北京靠谱云科技有限公司 | Hybrid compatible SQL injection detection method and system based on genetic algorithm |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106201468B (en) | A kind of processing method of screenshotss, device and electronic equipment | |
| CN110543512B (en) | Information synchronization method, device and system | |
| CN102354296B (en) | A kind of monitoring system and method that can expanding monitoring resources | |
| CN105760240A (en) | Distributed task processing method and device | |
| CN106156939A (en) | Dispatching System based on job stream and application process | |
| CN110502318A (en) | Event-handling method, event processing server, storage medium and device | |
| CN109669835A (en) | MySQL database monitoring method, device, equipment and readable storage medium storing program for executing | |
| CN107908518A (en) | Database performance monitoring method, device, storage medium and computer equipment | |
| CN102855319A (en) | ORACLE database operation monitoring system | |
| CN108196940A (en) | Delete the method and relevant device of container | |
| CN104408110A (en) | Method, device and system for requesting data | |
| CN111010318A (en) | Method and system for discovering loss of connection of terminal equipment of Internet of things and equipment shadow server | |
| CN111078660A (en) | Cloud database performance safety monitoring method | |
| CN106357430A (en) | Method and system for service state monitoring of cloud computing cluster | |
| CN115794549A (en) | Method, device and medium for managing and controlling resource occupied by application program | |
| CN105426544B (en) | Method and device for monitoring database state | |
| CN101102217A (en) | Processing method for duplicate alert and discontinuous reporting and monitoring in telecom network management system | |
| CN104038642B (en) | A kind of method and device responding incoming call | |
| CN110532105A (en) | A kind of control method, system and the device of message queue consumer process | |
| CN110209497A (en) | A kind of method and system of the scalable appearance of host resource dynamic | |
| CN115190052B (en) | Management method, system and control unit for long connection | |
| CN108154343B (en) | Emergency processing method and system for enterprise-level information system | |
| CN115509714A (en) | Task processing method and device, electronic equipment and storage medium | |
| CN109040491A (en) | On-hook behavior processing method, device, computer equipment and storage medium | |
| CN109165135A (en) | A kind of data managing method, computer readable storage medium and terminal device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200428 |
|
| RJ01 | Rejection of invention patent application after publication |