[go: up one dir, main page]

CN111159117A - A low-overhead file operation log collection method - Google Patents

A low-overhead file operation log collection method Download PDF

Info

Publication number
CN111159117A
CN111159117A CN201911303119.5A CN201911303119A CN111159117A CN 111159117 A CN111159117 A CN 111159117A CN 201911303119 A CN201911303119 A CN 201911303119A CN 111159117 A CN111159117 A CN 111159117A
Authority
CN
China
Prior art keywords
file operation
kernel
information
file
overhead
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911303119.5A
Other languages
Chinese (zh)
Other versions
CN111159117B (en
Inventor
张为华
鲁云萍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fudan University
Original Assignee
Fudan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fudan University filed Critical Fudan University
Priority to CN201911303119.5A priority Critical patent/CN111159117B/en
Publication of CN111159117A publication Critical patent/CN111159117A/en
Application granted granted Critical
Publication of CN111159117B publication Critical patent/CN111159117B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/1734Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/1805Append-only file systems, e.g. using logs or journals to store data
    • G06F16/1815Journaling file systems
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Debugging And Monitoring (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

本发明涉及一种低开销的文件操作日志采集方法,包括以下步骤:1)采用内核探针采集内核中的文件操作日志信息;2)在内核空间设置一块用以写入内核探针采集到的信息的共享内存,用户空间从共享内存中读取内核探针采集到的信息;3)通过去重算法减少日志数量,降低日志采集开销。与现有技术相比,本发明选用开销较小的内核探针技术进行文件操作信息采集,并且采用共享内存的方式把内核里的信息传递到用户层,然后通过在线去重算法来减小日志量,降低系统开销。

Figure 201911303119

The invention relates to a low-cost file operation log collection method, comprising the following steps: 1) using a kernel probe to collect file operation log information in the kernel; 2) setting a block in the kernel space to write the data collected by the kernel probe Information shared memory, user space reads the information collected by the kernel probe from the shared memory; 3) The number of logs is reduced by the deduplication algorithm, and the log collection overhead is reduced. Compared with the prior art, the present invention selects the kernel probe technology with less overhead to collect file operation information, and transmits the information in the kernel to the user layer by means of shared memory, and then reduces the log through the online deduplication algorithm. amount to reduce system overhead.

Figure 201911303119

Description

Low-overhead file operation log acquisition method
Technical Field
The invention relates to the field of data protection, in particular to a low-overhead file operation log acquisition method.
Background
With the rapid development of the fields of internet, social media, cloud computing, internet of things, mobile short videos, electronic commerce and the like, the data volume generated every year around the world is explosively increased. The age of big data has come and data has become the most important digital asset in the world. The development of the technology brings great living convenience to the life of people, such as mobile phone payment, face recognition, intelligent voice, unmanned supermarket and the like. But at the same time, it also brings the risk of data leakage to people. A wide variety of data leakage events are layered endlessly. The demand for data protection is also increasing. At the present stage, 80% of data is stored in a file, a log for recording file operation is one of important measures for data protection, and when data leaks, backtracking can be performed through the log for file operation to find the source of the leakage. However, the existing log collection method has a main problem that the system overhead is too large. The existing log collection method has the following main reasons for high overhead:
(1) and recording file operation logs by adopting an interception system calling method with high overhead, and recording all file operation logs by intercepting system calls of all file operations.
(2) The log information is transferred from kernel space to user space through a costly printk function.
(3) Due to the fact that a large number of redundant logs and logs generated by temporary files exist in file operation logs, the system logs are too large, and the disk IO expense is large.
The existing file operation log collection method has large system overhead, is not beneficial to the deployment of the actual production environment, and causes storage overhead due to too large log quantity. Aiming at the problem of high cost of the existing file operation log collection method, the existing solution method is to collect the file operation log through a stackable file system with low cost and then record the operation of part of files instead of recording all the file operations in the system, or only record all the file operations of part of users instead of the file operations of all the users. Although the method can reduce the system overhead, all file operations of all users cannot be recorded, and when the files which are not recorded with logs are leaked, the source tracing cannot be carried out through the file operation logs, so that a leakage person and a leakage mode can be found.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a low-overhead file operation log collection method.
The purpose of the invention can be realized by the following technical scheme:
a low-overhead file operation log collection method comprises the following steps:
1) acquiring file operation log information in a kernel by adopting a kernel probe;
2) setting a shared memory for writing information acquired by the kernel probe in the kernel space, and reading the information acquired by the kernel probe from the shared memory by the user space;
3) the number of logs is reduced through a deduplication algorithm, and the log collection overhead is reduced.
In the step 2), the user space reads the information acquired by the kernel probe from the shared memory in real time through the mmap mechanism.
In the step 3), duplicate removal is performed by constructing a hash table, key values in the hash table are all structural bodies, keys in the hash table are the same parts in the file operation log, and values in the hash table are the log information after duplicate removal.
The duplication elimination method comprises a filtering module and a merging module, wherein the filtering module comprises kernel layer filtering and user layer filtering, the kernel layer filtering is used for filtering the file operation logs, the user layer filtering is used for filtering the temporary files, the merging module is used for merging the file read-write operations, when the same file has multiple read-write operations, the multiple continuous read operations are merged into one read log, and the multiple continuous write operations are merged into one write log.
The specific operation flow of the merging module is as follows:
firstly, searching whether the log information exists in the existing log information or not, if so, merging, and if not, inserting the log information into the hash table.
The same part in the file operation log comprises file information, process information and user information, and specifically comprises a process ID, a parent process ID, a user ID, a file name and the type of file operation.
The complexity of the hash table is O (1), a linked list method is adopted for solving hash conflicts, and a hash function selection division hash method is adopted.
In the step 1), file operation log information is collected by adopting eBPF in a virtual file layer of a kernel.
The filtering of temporary files is done by filtering the file names, including temporary files with suffix name. swp and.tmp.
Compared with the prior art, the invention has the following advantages:
firstly, the invention adopts a low-overhead kernel probe to acquire the file operation information in the kernel. Meanwhile, kernel information is transmitted to a user space through a low-overhead shared memory, and then the log amount is reduced in the user space through a deduplication algorithm, so that the overhead is low.
And secondly, the system overhead is reduced while all file operation logs of all users are recorded.
Drawings
Fig. 1 is a frame diagram of the present invention.
Figure 2 is a system overhead diagram of the present invention.
FIG. 3 is a bar chart comparing the overhead of the present invention with that of the prior log collection method.
FIG. 4 is a flow chart of the deduplication algorithm of the present invention.
Detailed Description
The invention is described in detail below with reference to the figures and specific embodiments.
As shown in fig. 1, the invention provides a low-overhead file operation log collection method, which aims at the problem that the overhead of the current file operation log system is large. Not only can the system overhead be reduced, but also all file operations can be recorded, specifically:
the method comprises the steps of collecting file operation information in a kernel by adopting a kernel probe technology with low cost, transmitting the information in the kernel to a user layer in a memory sharing mode, and reducing the number of logs by a deduplication algorithm so as to reduce the log collection cost.
The specific design scheme comprises the following steps:
according to the method, firstly, kernel information related to all file operations is acquired by adopting a kernel probe, the kernel probe can track almost all kernel functions, and the kernel probe specifically tracks functions related to a virtual file system layer aiming at the acquisition of file operation information in a kernel. When too many system call functions are tracked, corresponding processing needs to be performed on each file operation related system call function, and different system call functions may call the same function of the virtual file system layer. Different file systems need to be processed by tracking a file system layer, the file systems used by different systems are different, the related file operation functions of different file systems are different, the file system layer is tracked, the number of the file systems is too many, and different hook functions need to be used for different file systems. Therefore, for the collection of the related information of the file operation, the related functions of the virtual file system layer need to be tracked.
Then, the invention opens up a memory in the kernel space, and then maps the content of the memory to the user space through the mmap mechanism, thereby realizing the design of the shared memory, the kernel probe writes the collected information into the shared memory, the user space continuously reads the information of the kernel probe from the memory through the mmap mechanism, the mmap mechanism is mainly a technology of mapping a file into the memory, and the shared memory can be designed through the mmap mechanism.
Finally, the log amount is reduced by designing an online deduplication algorithm, and compared with the traditional sequential deduplication method, the deduplication is performed by adopting a hash table construction mode, so that a large amount of time is saved, the data deduplication efficiency is improved, and the requirement on data deduplication zero errors is met. The deduplication algorithm mainly comprises a filtering module and a merging module, wherein the filtering module mainly filters operation logs of some temporary files, such as temporary files generated when vim opens the files. The merging module mainly aims at the file read-write operation, when the same file has multiple read-write operations, the multiple continuous read operations can be merged into a read log, and the multiple continuous write operations are merged into a write log. The time complexity of traditional linked list and array searching is O (n), the time complexity of B tree and B + number is O (logn), the time complexity is too large, in order to reduce the cost, the invention selects the hash table with the time complexity of O (1), different logs are operated by the hash function to obtain unique and different keys, different logs are inserted into the hash table by utilizing the characteristic of the hash table, the same log is not inserted, and the value in the hash table is the log information after the duplication is removed.
Aiming at the file operation log, the key values of the hash table designed by the invention are all structural bodies, and the hash table key is mainly designed to comprise the same parts in the file operation log, such as file information, process information and user information. The specific process ID, parent process ID, user ID, file name and file operation type. The design of the hash table value mainly comprises different parts in a file read-write operation log, including information such as the number of read-write data of the file, the read-write times and the like. Meanwhile, the hash table value is designed to prevent the read-write data information from being lost when the log is read and written by the duplicate removal file. For example, when a file is read ten times, the read data amount is different. The hash table value is designed by continuously updating, so that the number of specific read-write data in the read-write operation log is reserved, in the embodiment, the hash collision is solved by a linked list method, and the hash function adopts a division hash method.
If the kernel probe is directly used for compiling the kernel module, development and debugging are difficult, system stability is affected, and the kernel probe cannot be compatible with operating systems of different versions, eBPF is high in safety, stable and compatible with operating systems of different versions, can be used in an actual production environment, and supports the kernel probe, so that information collection is carried out on a file system by using the eBPF in the embodiment, collection of file operation logs by the eBPF is mainly concentrated on a virtual file layer of a kernel, because the file systems are various and different systems are different in selected file systems, if log collection is carried out on data operation in the file system layer, log information collection needs to be carried out on each file system, and the workload is too large. There are various types of file operations, such as read, write, copy, delete, modify attributes, and the like. Different kernel functions are selected according to corresponding file operations, and then different kernel functions are tracked through the eBPF, so that all information of the file operation kernels can be acquired. Meanwhile, the eBPF supports the transmission of file operation information from the kernel space to the user space in a memory sharing mode.
When the file operation information is transmitted from the kernel space to the user space, the deduplication algorithm realized by the invention can effectively reduce the log amount written in the file, reduce the log amount, reduce the disk IO (input/output) and further reduce the system overhead. The realization of the deduplication algorithm mainly comprises the realization of a filtering module and the realization of a merging module. The implementation of the filtering module is further divided into kernel layer filtering and user layer filtering, where the kernel layer filtering is to filter some file operation logs inside the eBPF code, such as logs of some kernel daemon processes, where the kernel daemon processes continuously read the configuration files, and these processes need to be filtered through the process pid when the kernel layer is used. The user layer filtering is the filtering realized at the user layer when the information is transmitted from the kernel layer to the user layer, and mainly filters the temporary files. At the present stage of filtering the temporary files, the file names are mainly filtered, for example, the temporary files with suffix names of swp and tmp, merging is realized mainly after log information is transmitted from a kernel space to a user space through a shared memory, and read-write logs are merged through the hash table designed by the invention, so that redundant logs in the read-write logs are removed, and the number of the logs is reduced.
As shown in fig. 4, the deduplication algorithm process implemented by the present invention is as follows:
(1) firstly, judging whether the log information has a temporary file operation log or other logs needing filtering, and if so, filtering the log information. If there is no execution of the next operation.
(2) And creating a hash table and storing log information.
(3) And searching the hash table, judging whether redundant logs exist in the logs, updating the hash table and combining log information if the redundant logs exist in the logs. If not, the next operation is performed
(4) And writing the log information in the hash table into a log file.
Examples
The system overhead of the log collection method is tested, and the test environment is as follows: two 1.87GHz machines with 16-core Intel Xeon processors, 8GB of memory, 40GB of hard disk size and Linux 4.15.9 of operating system form a cluster.
As shown in fig. 2 to 3, in order to test the system performance overhead of the acquisition method provided by the present invention, the read-write performance of a machine loading the log acquisition system implemented in the present document is compared with that of a machine not loading the log acquisition system, so as to observe the influence of the log acquisition method provided by the present invention on the system overhead. Meanwhile, the effect of improving the performance of the text log system is observed by comparing the system performance of the text log acquisition system with the system performance of the conventional log acquisition system Progger. For the system overhead performance test, a Bonnie + + tool is selected to respectively create 100 small files of 1KB, IO times of a system using a log collection tool and IO times of a system not using the log collection tool are respectively tested, a performance loss percentage is calculated, and then performance losses of a log collection system DataLogger designed by using the method and a log system Progger of an existing open source are respectively calculated, as shown in table 1.
TABLE 1 DataLogiger overhead Performance test
Figure BDA0002322366940000061

Claims (9)

1.一种低开销的文件操作日志采集方法,其特征在于,包括以下步骤:1. a low-overhead file operation log collection method, is characterized in that, comprises the following steps: 1)采用内核探针采集内核中的文件操作日志信息;1) Use the kernel probe to collect the file operation log information in the kernel; 2)在内核空间设置一块用以写入内核探针采集到的信息的共享内存,用户空间从共享内存中读取内核探针采集到的信息;2) A shared memory is set in the kernel space to write the information collected by the kernel probe, and the user space reads the information collected by the kernel probe from the shared memory; 3)通过去重算法减少日志数量,降低日志采集开销。3) Reduce the number of logs through the deduplication algorithm and reduce the log collection overhead. 2.根据权利要求1所述的一种低开销的文件操作日志采集方法,其特征在于,所述的步骤2)中,用户空间通过mmap机制实时从共享内存中读取内核探针采集到的信息。2. a kind of low-overhead file operation log collection method according to claim 1, is characterized in that, in described step 2), user space reads the data collected by kernel probe from shared memory in real time by mmap mechanism. information. 3.根据权利要求1所述的一种低开销的文件操作日志采集方法,其特征在于,所述的步骤3)中,通过构建哈希表进行去重,哈希表中的键值均为结构体,哈希表中的键为文件操作日志中相同的部分,哈希表中的值即为去重后的日志信息。3. a kind of low-overhead file operation log collection method according to claim 1, is characterized in that, in described step 3), carry out deduplication by constructing hash table, the key value in hash table is Structure, the key in the hash table is the same part of the file operation log, and the value in the hash table is the log information after deduplication. 4.根据权利要求3所述的一种低开销的文件操作日志采集方法,其特征在于,所述的去重算法包括过滤模块和合并模块,所述的过滤模块包括内核层过滤和用户层过滤,内核层过滤用以实现对文件操作日志的过滤,用户层过滤用以实现对临时文件的过滤,所述的合并模块用以对文件读写操作进行合并,当对同一文件有多次读写操作时,则将多次连续读操作合并为一条读日志,将多次连续写操作合并为一条写日志。4. a kind of low-overhead file operation log collection method according to claim 3, is characterized in that, described deduplication algorithm comprises filter module and merge module, and described filter module comprises kernel layer filtering and user layer filtering , kernel layer filtering is used to filter file operation logs, user layer filtering is used to filter temporary files, and the merge module is used to merge file read and write operations. During operation, multiple consecutive read operations are combined into one read log, and multiple consecutive write operations are combined into one write log. 5.根据权利要求4所述的一种低开销的文件操作日志采集方法,其特征在于,所述的合并模块的具体操作流程如下:5. a kind of low-overhead file operation log collection method according to claim 4, is characterized in that, the concrete operation process of described merge module is as follows: 首先进行查找,查找该条日志信息是否存在于已有日志信息中,如果存在则进行合并,如果不存在,则在哈希表中插入该条日志信息。First, a search is performed to find out whether the log information exists in the existing log information. If it exists, it is merged. If it does not exist, the log information is inserted into the hash table. 6.根据权利要求3所述的一种低开销的文件操作日志采集方法,其特征在于,文件操作日志中相同的部分包括文件信息、进程信息和用户信息,具体包括进程ID、父进程ID、用户ID、文件名称和文件操作的类型。6. a kind of low-overhead file operation log collection method according to claim 3, is characterized in that, identical part in file operation log comprises file information, process information and user information, specifically comprises process ID, parent process ID, User ID, file name, and type of file operation. 7.根据权利要求3所述的一种低开销的文件操作日志采集方法,其特征在于,所述的哈希表的复杂度为O(1),解决哈希冲突采用链表法,哈希函数选择除法哈希法。7. a kind of low-overhead file operation log collection method according to claim 3, is characterized in that, the complexity of described hash table is O(1), solves hash conflict and adopts linked list method, hash function Select Divide Hash. 8.根据权利要求1所述的一种低开销的文件操作日志采集方法,其特征在于,所述的步骤1)中,在内核的虚拟文件层采用eBPF采集文件操作日志信息。8. A low-overhead file operation log collection method according to claim 1, characterized in that, in the step 1), eBPF is used to collect file operation log information at the virtual file layer of the kernel. 9.根据权利要求4所述的一种低开销的文件操作日志采集方法,其特征在于,对临时文件的过滤通过对文件名称进行过滤,包括后缀名为.swp和.tmp的临时文件。9 . The low-overhead file operation log collection method according to claim 4 , wherein the filtering of temporary files is performed by filtering file names, including temporary files with suffixes .swp and .tmp. 10 .
CN201911303119.5A 2019-12-17 2019-12-17 A Low Overhead File Operation Log Collection Method Active CN111159117B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911303119.5A CN111159117B (en) 2019-12-17 2019-12-17 A Low Overhead File Operation Log Collection Method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911303119.5A CN111159117B (en) 2019-12-17 2019-12-17 A Low Overhead File Operation Log Collection Method

Publications (2)

Publication Number Publication Date
CN111159117A true CN111159117A (en) 2020-05-15
CN111159117B CN111159117B (en) 2023-07-04

Family

ID=70557639

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911303119.5A Active CN111159117B (en) 2019-12-17 2019-12-17 A Low Overhead File Operation Log Collection Method

Country Status (1)

Country Link
CN (1) CN111159117B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115629944A (en) * 2022-12-21 2023-01-20 杭州谐云科技有限公司 Processing method and log processing system for container log
CN115840938A (en) * 2023-02-21 2023-03-24 山东捷讯通信技术有限公司 File monitoring method and device
CN116319308A (en) * 2023-03-31 2023-06-23 深圳市领创星通科技有限公司 A packet forwarding system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130159977A1 (en) * 2011-12-14 2013-06-20 Microsoft Corporation Open kernel trace aggregation
CN107070897A (en) * 2017-03-16 2017-08-18 杭州安恒信息技术有限公司 Network log storage method based on many attribute Hash duplicate removals in intruding detection system
CN109542341A (en) * 2018-11-06 2019-03-29 网宿科技股份有限公司 A kind of read-write IO monitoring method, device, terminal and computer readable storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130159977A1 (en) * 2011-12-14 2013-06-20 Microsoft Corporation Open kernel trace aggregation
CN107070897A (en) * 2017-03-16 2017-08-18 杭州安恒信息技术有限公司 Network log storage method based on many attribute Hash duplicate removals in intruding detection system
CN109542341A (en) * 2018-11-06 2019-03-29 网宿科技股份有限公司 A kind of read-write IO monitoring method, device, terminal and computer readable storage medium

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115629944A (en) * 2022-12-21 2023-01-20 杭州谐云科技有限公司 Processing method and log processing system for container log
CN115840938A (en) * 2023-02-21 2023-03-24 山东捷讯通信技术有限公司 File monitoring method and device
CN116319308A (en) * 2023-03-31 2023-06-23 深圳市领创星通科技有限公司 A packet forwarding system

Also Published As

Publication number Publication date
CN111159117B (en) 2023-07-04

Similar Documents

Publication Publication Date Title
US9256665B2 (en) Creation of inverted index system, and data processing method and apparatus
US9996557B2 (en) Database storage system based on optical disk and method using the system
CN114896641B (en) Data verification method, device, electronic device and computer readable storage medium
CN102306168B (en) Log operation method and device and file system
CN106155832B (en) A kind of method, apparatus and Android device that data are restored
US9798761B2 (en) Apparatus and method for fsync system call processing using ordered mode journaling with file unit
CN111159117A (en) A low-overhead file operation log collection method
WO2012083754A1 (en) Method and device for processing dirty data
CN118939638A (en) Data processing system, method, device and storage medium
CN113961580A (en) Data query method, service system and electronic equipment
CN107391544A (en) Processing method, device, equipment and the computer storage media of column data storage
CN110019063B (en) Method for computing node data disaster recovery playback, terminal device and storage medium
CN107315661B (en) Deleted file recovery method and device for cluster file system
CN115408200A (en) Data backup method, device, electronic equipment and storage medium for multiple storage engines
CN117851435A (en) Knowledge base knowledge retrieval method and related device based on large language model
CN110490724A (en) The storage method and device of account data
CN115115433A (en) Order data processing method and device, computer equipment and storage medium
CN113918634A (en) Data adaptation method, adapter and storage medium for data interaction
JP2002312210A5 (en)
CN101267338B (en) High-performance log and behavior auditing system
JPH033046A (en) Log recording management method
CN116108035A (en) Data recovery method and device, processor and electronic equipment
Gu et al. Processing massive sized graphs using sector/sphere
CN110019507B (en) Data synchronization method and device
CN120892258B (en) Methods, equipment, media, and products for static backup of web system data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant