CN118132303A - Cloud service equipment detection method, device, equipment and readable storage medium - Google Patents

Abstract

The embodiment of the present application provides a detection method, apparatus, device and readable storage medium for cloud service equipment, by obtaining a checklist corresponding to the cloud service equipment, configuring a device detection instance corresponding to the cloud service equipment according to multiple resource items to be detected contained in the checklist; executing the device detection instance, collecting resource parameters corresponding to each resource item from the cloud service equipment, and obtaining device detection data; performing structured processing on the device detection data according to multiple detection item categories, and obtaining a structured data set, the structured data set includes multiple detection item categories and feature values of the detection item categories; performing abnormal determination on the resource items in the cloud service equipment according to the feature values of the detection item categories, and obtaining detection results of the resource items; generating a detection report for the cloud service equipment based on the feature values of the detection item categories and the detection results of the resource items. The present application can improve the efficiency and stability of cloud service equipment detection, and improve the accuracy of detection.

Description

Cloud service device detection method, device, equipment and readable storage medium

Technical Field

The present application relates to the field of computer technology, and in particular to a detection method, apparatus, device and readable storage medium for a cloud service device.

Background technique

Equipment detection can be the regular detection and evaluation of cloud service equipment, including cloud infrastructure, servers, storage devices, network equipment and other related technical components. Equipment detection aims to ensure the normal operation, security and stability of cloud service equipment, as well as to monitor the operating status in real time and promptly discover and resolve problems.

In the related art, cloud service equipment is generally tested directly by manual means, which is inefficient. In addition, when making abnormal judgments, relevant technical personnel are required to analyze and judge based on the detection data, resulting in poor stability and low accuracy of the detection results.

Summary of the invention

The main purpose of the embodiments of the present application is to propose a cloud service device detection method, apparatus, device and readable storage medium, which can improve the efficiency and stability of cloud service device detection and improve the accuracy of detection.

To achieve the above-mentioned purpose, a first aspect of an embodiment of the present application proposes a cloud service device detection method, the method comprising:

Obtaining a checklist corresponding to a cloud service device, and configuring a device detection instance corresponding to the cloud service device according to a plurality of resource items to be detected contained in the checklist;

By executing the device detection instance, resource parameters corresponding to each resource item are collected from the cloud service device to obtain device detection data;

Structuring the device detection data according to multiple detection item categories to obtain a structured data set, wherein the structured data set includes multiple detection item categories and feature values of each detection item category;

According to the characteristic value of each detection item category, an abnormality determination is performed on the resource item in the cloud service device to obtain a detection result of each resource item;

Based on the feature value of each detection item category and the detection result of each resource item, a detection report of the cloud service device is generated.

Accordingly, a second aspect of an embodiment of the present application provides a detection device for a cloud service device, the device comprising:

A configuration module, used to obtain a checklist corresponding to a cloud service device, and configure a device detection instance corresponding to the cloud service device according to a plurality of resource items to be detected contained in the checklist;

An execution module, configured to collect resource parameters corresponding to each resource item from the cloud service device by executing the device detection instance, and obtain device detection data;

A processing module, configured to perform structured processing on the device detection data according to a plurality of detection item categories to obtain a structured data set, wherein the structured data set includes a plurality of detection item categories and a feature value of each detection item category;

A determination module, configured to determine abnormal operation of resource items in the cloud service device according to the characteristic value of each detection item category, and obtain a detection result of each resource item;

A generation module is used to generate a detection report for the cloud service device based on the feature value of each detection item category and the detection result of each resource item.

In some embodiments, the detection device of the cloud service device further includes a report generation module, which is used to:

If the detection result is abnormal, the feature value of the abnormal detection result is used as the feature to be analyzed;

Inputting the feature to be analyzed into a target model, and classifying the feature based on each sub-feature in the feature to be analyzed and the feature relationship between the sub-features through the target model to obtain an abnormal category label;

Determine the characteristic value with a normal detection result as a target characteristic value;

A detection report for the cloud service device is generated according to the target feature value, the detection result corresponding to the target feature value, the feature to be analyzed, and the abnormal category label corresponding to the feature to be analyzed.

In some embodiments, the detection device of the cloud service device further includes a training module for:

Obtaining features of the sample to be analyzed and sample abnormality category labels corresponding to the features of the sample to be analyzed;

Input the features of the sample to be analyzed into a preset model to obtain a predicted category label;

Constructing a target loss function based on the difference between the sample abnormal category label and the predicted category label;

The preset model is iteratively trained according to the target loss function until a preset condition is met to obtain a trained target model.

In some implementations, the configuration module is further configured to:

Grouping a plurality of resource items to be inspected contained in the inspection list to obtain a plurality of data collection groups;

Determine the device detection instance corresponding to each data collection group from the preset instruction list.

In some implementations, the execution module is further configured to:

For each resource item to be detected in the data collection group, executing the corresponding detection instruction in the device detection instance to obtain resource parameters corresponding to each resource item;

The resource parameters corresponding to each of the resource items are filled into the device detection instance, and device detection data of the cloud service device is generated according to each filled device detection instance.

In some embodiments, the processing module is further used to:

Obtaining a data analysis template, wherein the data analysis template includes a correspondence between preset keywords and preset detection item categories;

According to the preset keywords in the data parsing template, the target words in the device detection data are matched to determine the detection item category corresponding to each target word;

Obtaining a feature value corresponding to each detection item category from the device detection data;

Based on multiple detection item categories and feature values of each detection item category, a structured data set is obtained.

In some implementations, the determination module is further configured to:

For each of the detection item categories in the structured data set, obtaining at least one historical feature value corresponding to the detection item category;

Determine a feature mean and a standard deviation of each detection item category according to the feature value of each detection item category and the corresponding at least one historical feature value;

A threshold range of the detection item category is obtained, and abnormal operation determination is performed on the resource items in the cloud service device based on the feature mean, the standard deviation, and the threshold range to obtain a detection result for each resource item.

In some implementations, the determination module is further configured to:

Based on the current feature value corresponding to each of the detection item categories, obtaining multiple historical feature values corresponding to the detection item category;

Generate a detection box plot corresponding to each detection item category according to the current feature value and the historical feature value;

Selecting a preset range in the detection box plot, and determining the feature values exceeding the preset range as abnormal data;

Based on the abnormal data, a detection result of the corresponding resource item is generated.

In some embodiments, the generating module is further used to

Converting the characteristic value of each detection item category and the detection result of each resource item into target format data;

Acquire a preset visualization template, and fill the target format data corresponding to all the resource items into the visualization template to obtain a filled target visualization template;

Based on the content in the filled target visualization template, the detection report of the cloud service device is displayed.

In some implementations, the detection device of the cloud service device further includes a storage module, which is used to:

Obtaining a detection log corresponding to each resource item when executing the device detection instance;

According to the detection result, the detection log of each resource item is classified and saved.

To achieve the above-mentioned purpose, the third aspect of the embodiments of the present application proposes a computer device, which includes a memory and a processor, the memory stores a computer program, and the processor implements the detection method of the cloud service device described in any one of the embodiments of the first aspect of the present application when executing the computer program.

To achieve the above-mentioned purpose, the fourth aspect of the embodiments of the present application proposes a computer-readable storage medium, which stores a computer program. When the computer program is executed by a processor, it implements the detection method of the cloud service device described in any one of the embodiments of the first aspect of the present application.

The embodiment of the present application obtains a checklist corresponding to a cloud service device, and configures a device detection instance corresponding to the cloud service device according to multiple resource items to be detected contained in the checklist; collects resource parameters corresponding to each resource item from the cloud service device by executing the device detection instance to obtain device detection data; performs structured processing on the device detection data according to multiple detection item categories to obtain a structured data set, which includes multiple detection item categories and feature values of each detection item category; performs abnormality judgment on the resource items in the cloud service device according to the feature values of each detection item category to obtain a detection result for each resource item; and generates a detection report for the cloud service device based on the feature values of each detection item category and the detection result of each resource item. Therefore, the corresponding device detection instances can be accurately configured for the resource items contained in the cloud service device. By executing the device detection instances, the resource parameters corresponding to each resource item can be automatically collected from the cloud server device, which effectively improves the efficiency of cloud service device detection. Furthermore, by structuring the device detection data, anomaly judgment is made based on the characteristic values of each detection item category in the structured data. Without human intervention, the detection results of each resource item can be quickly analyzed and generated based on the detection results. The detection report can be generated based on the detection efficiency, while improving the stability and accuracy of cloud service device detection.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG1 is a schematic diagram of the structure of a detection system for a cloud service device provided in an embodiment of the present application;

FIG2 is a flow chart of a method for detecting a cloud service device provided in an embodiment of the present application;

FIG3 is a schematic diagram of the structure of a detection device for a cloud service device provided in an embodiment of the present application;

FIG4 is a schematic diagram of the hardware structure of a computer device provided in an embodiment of the present application.

Detailed ways

In order to make the purpose, technical solution and advantages of the present application more clearly understood, the present application is further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present application and are not used to limit the present application.

It should be noted that, although the functional modules are divided in the device schematic diagram and the logical order is shown in the flowchart, in some cases, the steps shown or described may be performed in a different order than the module division in the device or the order in the flowchart. The terms "first", "second", etc. in the specification, claims and the above drawings are used to distinguish similar objects, and are not necessarily used to describe a specific order or sequence.

Unless otherwise defined, all technical and scientific terms used herein have the same meaning as those commonly understood by those skilled in the art to which this application belongs. The terms used herein are only for the purpose of describing the embodiments of this application and are not intended to limit this application.

With the continuous development and popularization of cloud computing technology, the scale of cloud service equipment continues to expand and the complexity continues to increase. It is necessary to conduct regular inspections of cloud service equipment to ensure the security and stability of the cloud platform.

In the related art, cloud service equipment is generally tested manually. Specifically, human operators can use monitoring platforms and log analysis tools to check the operation status and log information of cloud service equipment to understand the performance, response time, abnormal conditions, etc. of the equipment. When problems or failures occur in cloud service equipment, human operators can conduct investigations and processing, and resolve abnormal conditions of the equipment through manual operations, command line tools, etc.

However, manual testing has certain limitations. For example, manual testing cannot handle large-scale cloud service equipment, the labor cost is high, and because manual acquisition and analysis of test data are required, the efficiency of testing is low, the stability of test results is low, and it is difficult to ensure the accuracy of test results.

Based on this, the embodiments of the present application provide a cloud service device detection method, system, device and readable storage medium, which can improve the efficiency and stability of cloud service device detection and improve the accuracy of detection.

The cloud service device detection method, system, device and readable storage medium provided in the embodiments of the present application are specifically described through the following embodiments. First, the cloud service device detection system in the embodiments of the present application is described.

1, in some embodiments, the cloud service device detection system includes a cloud service device 11, a client 12, and a server 13. In some embodiments, the cloud service device 11 is an object to be detected, and it needs to provide an interface for the client 12 or the server to obtain the detection data of the device.

It is understandable that the cloud service device 11 covers various infrastructures, services and applications in the cloud computing environment, and can refer to any device or service based on the cloud computing architecture. Exemplarily, the cloud service device 11 can be a cloud server, a cloud storage service, a cloud database service, a cloud application service, a cloud network device, etc. The cloud service device 11 can collect resource parameters corresponding to each resource item by executing the corresponding device detection instance, and transmit the device detection data to the server 13 for further processing and analysis.

In some embodiments, the client 12 may be a device or application that initiates a cloud service device detection request and receives the detection result. The client 12 may be a web browser, a mobile application, a desktop application, an embedded system, or a sensor device, etc. For example, when the client 12 is a mobile application, a user may initiate a detection request to a cloud service device through an application installed on a mobile device, and view the detection result report on the mobile device.

Exemplarily, in the process of detecting cloud service equipment, the server side 13 can be a cloud service equipment that receives and processes the detection request initiated by the client and returns the detection result. The server side 13 can be various cloud services, platforms or subsystems that undertake cloud service equipment detection tasks and return detection results, covering monitoring services, security services, management platforms, storage services, computing services, etc.

In some embodiments, the client 12 interacts with the user through a user interface, the user sets configuration parameters and triggers the execution of the device detection instance, and the cloud service device 11 collects data and transmits it to the server 13 by executing the detection instance. The server 13 receives and processes the data from the cloud service device 11, performs structured processing, abnormality determination, etc. according to the preset process, and executes the target model to analyze the data to generate a final detection report. Finally, the server 13 transmits the generated detection report to the client 12, and the client 12 can view the detection report.

The detection method of the cloud service device in the embodiment of the present application can be illustrated by the following embodiment.

It should be noted that in each specific implementation of the present application, when it comes to the need to perform relevant processing based on data related to user identity or characteristics such as user information, user behavior data, user historical data, and user location information, the user's permission or consent will be obtained first. For example, when logging into a cloud service device, the user's permission or consent will be obtained first. Moreover, the collection, use, and processing of these data will comply with relevant laws, regulations, and standards. In addition, when the embodiment of the present application needs to obtain the user's sensitive personal information, the user's separate permission or separate consent will be obtained through a pop-up window or by jumping to a confirmation page. After clearly obtaining the user's separate permission or separate consent, the necessary user-related data for enabling the normal operation of the embodiment of the present application will be obtained.

In the embodiment of the present application, the cloud service device will be described from the dimension of the detection device, which can be integrated in a computer device. Referring to FIG. 2, FIG. 2 is an optional flow chart of the cloud service device detection method provided in the embodiment of the present application. The embodiment of the present application takes the key management device as an example, which is specifically integrated on a terminal or a server. When the processor on the terminal or the server executes the program instructions corresponding to the cloud service device detection method, the specific process is as follows:

Step 101 : obtaining a checklist corresponding to a cloud service device, and configuring a device detection instance corresponding to the cloud service device according to multiple resource items to be detected included in the checklist.

In the embodiment of the present application, in order to realize the automatic detection of cloud service equipment, it is necessary to generate an instance for realizing automation according to the actual resource items in the cloud service equipment, so as to perform automatic detection on the cloud service equipment based on the generated instance. Specifically, in order to obtain the device detection instance, you can first understand the checklist of the equipment to be detected, so as to accurately configure the corresponding device detection instance according to the resource items included in the checklist, improve the fit between the device detection instance and the cloud service equipment, so as to perform automatic detection on the target resource items of the cloud service equipment in a targeted manner, so as to realize accurate and efficient detection of the cloud service equipment.

It should be noted that the embodiments of the present application mainly detect resource items in a cloud service device, which may be a server providing cloud computing, cloud storage and other business services, and the server may include a host device (i.e., a physical machine) and a network resource device for providing a network connection between the host devices. If the server is a distributed service system composed of multiple physical machines, the host device of the cloud service device may be any physical machine or multiple physical machines in the distributed service system.

Among them, the checklist can be an information list containing one or more resource items to be detected in the cloud service device. Specifically, different cloud service devices can correspond to different checklists, and the checklists can be obtained from the official documents provided by the cloud service provider. Users can search or download the corresponding checklists on the official website or document center; or, users can customize the checklists by finding the corresponding resource configuration and performance indicators in the cloud service console as a reference; or, users can save the checklists to the database inside the cloud service device, and can directly obtain the corresponding checklists from the database when the cloud service device is needed later, or, the server side can store a database, and the database is configured with corresponding checklists for each cloud service device, and so on.

Among them, the resource item can be at least one detection item for the cloud service device recorded in the checklist, and the resource item can be a virtual machine resource, a physical computing resource, a physical storage resource, a server out-of-band resource, an underlying network resource (underlay network resource), etc.

Among them, the device detection instance can be a detection template configured according to multiple resource items to be detected contained in the checklist corresponding to the cloud service device, at least one resource item corresponds to a detection instance, and the device detection instance at least includes a detection instruction for detecting the resource item. By executing the detection instructions one by one or in parallel, the resource parameters required for the detection of the corresponding resource item can be collected. Optionally, the device detection instance can be changed according to the detection requirements or the detection environment. Exemplarily, the device detection instance may include a detection item for a certain resource item and a detection instruction corresponding to each detection item. For example, when the resource item is a virtual machine resource, the virtual machine resource may correspond to a device detection instance, and each device detection instance may include the configuration and status data of the virtual machine, CPU usage, memory utilization, disk space, operating system version and other detection items. Each detection item corresponds to a detection instruction. According to the detection instruction, the resource parameters corresponding to the detection item can be obtained from the cloud service device. For example, through the detection item corresponding to the detection instruction of the CPU usage, the resource parameter can be obtained as 66%, that is, the CPU usage is 66%. Furthermore, the device detection instance can be reused. For example, if there is a device detection implementation example A corresponding to resource item A, then each time the resource item A is detected, the device detection instance A can be configured without rewriting the instructions.

It should be noted that before obtaining the corresponding checklist for the cloud service device, the user can remotely log in to the cloud service device in order to complete the subsequent detection of the cloud service device. Specifically, the user can select the corresponding detection task executor according to different login scenarios, that is, select different remote connection plug-ins, so as to successfully log in to the cloud service device to perform related operations. Specifically, when the login scenario is for secure remote management of Linux hosts and other network devices, an executor based on the Secure Shell Protocol (Secure Shell, SSH) can be selected; when the login scenario is to log in to a Windows host, the detection task executor that can be selected is an executor based on Windows Remote Management (Windows RemoteManagement, WinRM). In the above manner, by selecting the corresponding detection task executor for different login scenarios, it can be ensured that in different operating system environments, remote login can be successfully performed and corresponding operations can be performed, thereby completing the detection task for the cloud service device.

Furthermore, the corresponding encryption algorithm can be selected according to different detection task executors to encrypt the data and ensure data security during the communication process. For example, when selecting an SSH-based executor, a symmetric encryption algorithm such as the AES algorithm, 3DES algorithm, etc. can be used to encrypt communication data, and the same key can be used for decryption; alternatively, the client and server can also negotiate asymmetric encryption, usually using public and private keys for encryption and decryption operations. For Windows remote management-based executors, HTTP or HTTPS protocols can be used for communication to ensure security during the communication process.

In some implementations, after logging into the cloud service device, each user needs to detect the cloud service device according to the permissions allowed for detection. Specifically, each cloud service device maintains a detection permission table, and the contents recorded in the detection permission table include each user's access rights and operation permissions for each resource item. For example, resource item A can only be detected or edited by user A, while user B cannot detect or edit it, so as to ensure the security of data in the cloud service device.

For example, after logging into the cloud service device, the user can obtain the corresponding stored checklist through the management console, or directly use a custom checklist and parse the format of the checklist to determine the resource items that need to be detected, and obtain the corresponding device detection instance from the storage area of the device detection instance based on the resource items. Furthermore, the device detection instance can be stored in a preset database or a preset instruction list, and the user can regularly maintain or update it.

In some embodiments, before/after configuring a device detection instance of a cloud service device for a resource item to be detected, a corresponding operation and maintenance tool can be selected based on the grouping of resource items. Specifically, the resource items to be detected can be grouped to obtain grouping results, and then the operation and maintenance tool for detecting the cloud service device can be determined based on the grouping results. Exemplarily, the resource items can be divided into host resources and network device resources. For host resources, the operation and maintenance tool that can be selected is Ansible; for network device resources, the operation and maintenance tool that can be selected is Nornir, etc. It can be understood that selecting the corresponding operation and maintenance tool based on the grouping of resource items can simplify the operation process, reduce the complexity and error rate of the operation, and improve the overall detection and management efficiency.

Through the above method, you can obtain the inspection list corresponding to the cloud service device, perform a comprehensive inspection of the cloud service device based on the inspection, and quickly configure the corresponding device detection instance through the resource items in the inspection list, so as to obtain resource parameters when executing the corresponding device detection instance later, thereby improving the efficiency of cloud service device inspection.

In some implementations, in order to improve the accuracy and efficiency of subsequent automated detection of cloud service devices, corresponding automated detection instances can be generated for physical machines that can run independently. Specifically, the resource items in the checklist can be grouped and managed according to the physical machines, so as to generate a device detection instance for the resource items in each group. For example, in step 101, "configuring the device detection instance corresponding to the cloud service device according to the multiple resource items to be detected included in the checklist" can include:

(101.1) Grouping a plurality of resource items to be inspected contained in the inspection list to obtain a plurality of data collection groups;

(101.2) Determine a device detection instance corresponding to each of the data collection groups from a preset instruction list.

Among them, the grouping process is to group according to the category of resource items. For example, resource items belonging to host class resources are divided into one group, resource items belonging to network device class resources are divided into one group, resource items belonging to server out-of-band resources are divided into one group, and so on. Exemplarily, resource items of virtual machine resources, physical computing resources, physical storage resources, and server out-of-band resources can be divided into host class resources, and resource items of underlay network resources can be divided into network device class resources. It can be understood that since the detection items corresponding to the resource items in the same group are often the same, that is, the device detection instances are also the same, therefore, by dividing the resource items into groups, the same device detection instance can be configured for multiple resource items in each data collection group, and there is no need to repeatedly configure each resource item. Every time any resource item in the data collection group needs to be detected, it is only necessary to directly call the device detection instance associated with the data collection group where the resource item is located, thereby saving space for storing many device detection instances.

The data collection group may be used to organize and manage resource items to be detected, ensuring that each resource item corresponds to a device detection instance, and each data collection group may include at least one resource item.

Optionally, the resource items may not be grouped, and each resource item may be associated with a device detection instance to achieve refined detection of the resource items, and there is no specific restriction on this.

Among them, the preset instruction list can be a template or instruction set containing various equipment detection instances. The preset instruction list can be located in a database and maintained regularly by operators. The preset instruction list can also store various detection items and corresponding detection instructions. After the resource items are divided into corresponding data collection groups, the detection items can be determined based on the resource items in the data collection group, and the corresponding detection instructions can be obtained from the preset instruction list according to the detection items, and the equipment detection instance is generated according to the detection instruction, so that the equipment detection instance is applied to the detection of each resource item in the corresponding data collection group. There is no need to obtain the equipment detection instance for each resource item one by one, which shortens the detection cycle and improves the detection efficiency.

By determining the corresponding device detection instance for each data collection group, the efficiency of obtaining resource parameters can be effectively improved. In addition, the device detection instance can be obtained repeatedly and unlimited times. When the operation and maintenance personnel need to inspect the cloud service equipment, they can directly obtain it based on the group where the resource items to be detected are located, without having to repeatedly formulate new device detection instances, which improves the efficiency of cloud service equipment detection.

Step 102 : executing a device detection instance to collect resource parameters corresponding to each resource item from the cloud service device to obtain device detection data.

It can be understood that in order to obtain resource parameters corresponding to resource items from cloud service devices, so as to facilitate subsequent processing and analysis of the resource parameters, a device detection instance corresponding to the resource item to be detected can be executed to collect the resource parameters corresponding to each resource item from the cloud service device, thereby improving the efficiency of cloud service device detection.

The resource parameters may be detection data parameters corresponding to the detection items in each resource item, and the resource parameters may include the status of the device, performance indicators, configuration information, workload, etc. For example, if the resource item to be detected is a virtual machine resource, the detection items may include CPU utilization, memory utilization, disk space, etc., and the resource parameters are the specific parameters of the CPU utilization, memory utilization, and disk space obtained by detection, such as CPU utilization of 65%, etc.

The device detection data may be data obtained by summarizing resource parameters obtained after all resource items are detected. By executing the device detection instance, the device detection data from the cloud service device may be obtained one by one or simultaneously.

In some implementations, a device detection instance can be executed through an operation and maintenance tool. Since the device detection instance records the detection items and corresponding detection instructions that need to be detected for each resource item, the operation and maintenance tool can execute the detection instructions one by one, collect the resource parameters corresponding to each detection item from the cloud service device, and fill the resource parameters into the device detection instance. After the resource parameters of all resource items are collected, the device detection data is generated.

Exemplarily, when the resource item to be detected is a virtual machine resource, the process of detecting the virtual machine resource by executing the device detection instance may be as follows:

First, through the {% for virtual_machine in virtual_machines %} instruction, each virtual machine object in the list named "virtual_machines" is traversed, and in each loop, a row of an HTML table (i.e., a label) is generated, and the label can display the identifier (id), virtual machine name (name) and state data (state) of each virtual machine respectively. In addition, {{virtual_machine.id}}, {{virtual_machine.name}} and {{virtual_machine.state}} can be used to display the placeholders of the resource parameters of the specific virtual machine object. In each loop iteration, these placeholders will be replaced with the resource parameters of the new virtual machine object. After that, the end of the loop is indicated by {% endfor %} in the device detection instance, indicating that the traversal of the entire virtual machine list of the cloud service device is completed, and the generated HTML table can display the resource parameters of all virtual machines in the process of collecting resource items.

In some implementations, in order to perform refined detection on each detection item of a resource item and store the resource parameters obtained by the detection, the detection instruction corresponding to each detection item in the device detection instance may be executed to obtain the resource parameters corresponding to each detection item, and the resource parameters corresponding to each resource item are filled into the device detection instance to implement classified storage of resource parameters. For example, step 102 may include:

(102.1) For each resource item to be detected in the data collection group, execute the corresponding detection instruction in the device detection instance to obtain the resource parameters corresponding to each resource item;

(102.2) Fill the resource parameters corresponding to each resource item into the device detection instance, and generate device detection data of the cloud service device according to each filled device detection instance.

Among them, the detection instruction can be a specific command or operation sequence executed by each resource item to be detected, which is used to obtain the resource parameters corresponding to the resource item from the cloud service device. Specifically, each resource item can correspond to at least one detection item, and the resource parameters corresponding to each detection item can be obtained by executing the detection instruction configured for each detection item of the device detection instance. Exemplarily, the detection instruction can be a device-specific command, script or API call, which can trigger the cloud service device to detect and obtain relevant resource parameters according to the detection items in the resource items.

Exemplarily, for each resource item to be detected in the data collection group, all detection items and corresponding detection instructions corresponding to the resource item can be used as static templates, and resource parameters obtained after executing the detection instructions can be used as dynamic data, and the resource parameters are filled into the device detection instance, so as to combine the static template and dynamic data in the device detection instance after filling to generate device detection data. In some embodiments, the device detection instance can be obtained by Jinja2 template customization.

Exemplarily, the populated device detection instance may be as follows:

The above-mentioned filled device detection examples are merely examples of embodiments, and specific detection items, detection instructions, and resource parameters may be different and may be adjusted based on actual conditions.

By executing the corresponding device detection instructions, the resource parameters of resource items can be automatically collected without manually detecting the resource items one by one, saving a lot of detection time and labor costs. On the other hand, since unified detection instructions are set, it can ensure that data collection is carried out in accordance with consistent standards, avoiding data differences caused by execution by different operation and maintenance personnel, and ensuring the data quality and accuracy of the detected resource parameters, so that standardized resource parameters can be obtained and filled into the device detection instance in the future. The device detection data obtained in the above way can enable the operation and maintenance personnel to clearly understand the status of the cloud service equipment, including the status and parameters of various aspects, so as to analyze and compare the device detection data.

Step 103 , structure the device detection data according to multiple detection item categories to obtain a structured data set.

In the embodiment of the present application, in order to improve the analyzability of the detected device detection data, the device detection data may be structured so as to conform to a specific format and standard.

The detection item category may be detection items of different categories or types in the device monitoring data and corresponding resource parameters, such as network card category, network traffic category, storage category, and the like.

Among them, the device detection data is structured according to multiple detection item categories. The device detection data can be structured by using a text file stream processing tool (such as TextFSM tool), and different structured templates are created to identify and extract keyword data that conforms to the template from the device detection data, such as network card name, network interface, CPU utilization, memory usage, network traffic and other corresponding resource parameters as feature values, and then these feature values are classified into corresponding detection item categories. In some embodiments, natural language processing technology, data modeling and feature extraction, database technology and other methods can also be used to structure the device detection data and classify the feature values into different detection item categories.

It should be noted that the device detection data can also be structured through natural language processing technology, data modeling and feature extraction, database technology, data labeling and classification, etc. to obtain the characteristic value of each detection item category. Exemplarily, the natural language data (i.e., the device detection data) can be converted into structured characteristic values through a bag-of-words model, word embedding, or a recursive neural network, and the characteristic values can be classified into different detection item categories. The specific structuring method can be selected according to the needs, or it can be combined by one or more of the above methods, and no excessive restrictions are made here.

The structured data set may be a data set obtained after structured processing of the device detection data, and the structured data set may include multiple detection item categories and feature values of each detection item category.

Through the above method, the device detection data can be converted into structured data, the data format can be unified, and a structured data set can be obtained to facilitate subsequent rapid analysis and identification of abnormal data in the device detection data.

In some implementations, in order to obtain a structured data set, a data parsing template may be obtained, and preset keywords in the data parsing template may be paired with target words in the device detection data to determine the detection item category of each target word, and corresponding feature values may be obtained through the detection item category to obtain a structured data set, so as to achieve structured processing of the device detection data, so as to facilitate subsequent analysis of the operating status of the cloud service device based on the structured data. For example, "structuring the device detection data according to multiple detection item categories to obtain a structured data set" in step 103 may include:

(103.1) Obtaining a data analysis template, the data analysis template including a correspondence between preset keywords and preset detection item categories;

(103.2) Pairing target words in the device detection data according to preset keywords in the data parsing template to determine the detection item category corresponding to each target word;

(103.3) Obtaining feature values corresponding to each detection item category from the device detection data;

(103.4) Based on multiple detection item categories and feature values of each detection item category, a structured data set is obtained.

The data parsing template may be a rule file or configuration file including the correspondence between preset keywords and preset detection item categories, which may be used to guide the system to extract and mark specific types of device detection data from the device detection data, and perform structured processing on the device detection data. In some embodiments, the data parsing template may also be a configuration file based on regular expressions, or a search rule table in a database. Exemplarily, the data parsing template may be in the following form:

"Detection Item Category 1": ["Preset Keyword 1", "Preset Keyword 2", "Preset Keyword 3"],

"Detection Item Category 2": ["Preset Keyword 4", "Preset Keyword 5"],

"Detection Item Category 3": ["Preset Keyword 6", "Preset Keyword 7", "Preset Keyword 8"];

The preset keywords may be keywords clearly defined in the data parsing template, which are used to identify and mark specific information in the device detection data, such as performance indicators, error logs, configuration information, etc. Each detection item category may include at least one preset keyword, so as to directly match and determine the detection item category of the corresponding device detection data according to the preset keywords.

The target word may be a specific word or phrase that needs to be matched in the device detection data. By matching the target word with a preset keyword, the detection item category corresponding to the target word may be determined.

The characteristic value may be a specific numerical value or feature corresponding to each detection item category obtained from the device detection data, such as resource parameters corresponding to CPU utilization, memory usage, and network traffic. For example, if the CPU utilization is 50%, then the characteristic value may be 50%.

In some implementations, the method for extracting target words from device detection data may be determined based on preset rules. For example, it may be configured not to extract numbers, not to extract symbols, or not to extract predicates, and so on.

Furthermore, after extracting the target words in the device detection data, matching can be performed based on the target words and preset keywords. Once the corresponding preset keywords are matched, the corresponding device detection data can be marked as the detection item category corresponding to the preset keywords.

In some embodiments, matching can also be performed in the device detection data through preset keywords. If a target word corresponding to the preset keyword is matched in the device detection data, the device detection data corresponding to the target word can be quickly classified into the detection item category where the preset keyword is located, thereby improving the efficiency of structuring the device detection data.

For example, if the extracted target words are CPU, memory, and bandwidth, then the corresponding preset keywords can be matched according to the target words. If the preset keywords matched are also CPU, memory, and bandwidth, and the detection item category corresponding to the preset keywords is a performance indicator, then the device detection data corresponding to the target words can be classified as a performance indicator. Similarly, other ways of dividing the detection item categories are the same as the above embodiment and will not be repeated here.

It can be understood that in order to analyze each resource item, the characteristic value corresponding to each detection item category, that is, the specific resource parameter, can be obtained from the device detection data. In this way, the device detection data can be structured into detection item categories and characteristic values, which is convenient for subsequent analysis based on the characteristic values to determine whether there are any abnormalities in the resource parameters of the resource items corresponding to each detection item category.

Exemplary, in a structured data set, each detection item category and the eigenvalue of each detection item category are correspondingly preserved. Specifically, in a structured data set, each detection item category can be used as the column (field) of a table, and the eigenvalue of each specific detection item category can be stored in a corresponding row. Or, a structured data set can be stored in a database, and each detection item category can be used as the name of a database table, and the eigenvalue of each detection item category can be stored as a record in a table, and by the query and indexing function of a database, data can be easily retrieved and analyzed. The storage mode of a specific structured data set can be arranged according to actual conditions, and the present application embodiment does not make too many restrictions.

By presetting the correspondence between keywords and detection item categories, the equipment detection data can be quickly divided into corresponding detection item categories, avoiding a lot of repetitive work in manual or semi-automatic methods and significantly improving the efficiency of data processing. In addition, by converting scattered equipment detection data into structured data sets that are easy to read and process by computer programs, it not only facilitates data storage, management and query, but also provides convenience for subsequent data analysis and application.

Step 104 , based on the feature value of each detection item category, perform an abnormality determination on the resource items in the cloud service device to obtain a detection result for each resource item.

It is understandable that in order to discover security risks and potential problems during the operation of cloud service equipment, the characteristic values can be analyzed to determine whether there is abnormal data in the device detection data, so as to timely discover and process the abnormal data and ensure the normal operation of the cloud service equipment.

In some embodiments, the eigenvalues of each detection item category are specific numerical values. Therefore, by calculating the eigenvalue mean and standard deviation of the eigenvalue, the eigenvalues exceeding a certain range can be used as abnormal values, thereby identifying the abnormal eigenvalues in each detection item category and obtaining the detection result of each resource item. Alternatively, a box plot can be drawn by the eigenvalues for abnormal determination, and the eigenvalues exceeding the preset range are determined as abnormal values. In some embodiments, abnormal detection can also be performed by machine learning, specifically, the eigenvalues can be input into a pre-trained target model, and the target model determines and classifies the abnormal data. Alternatively, the resource items can also be determined to be abnormal by an unsupervised learning algorithm, specifically, the density of the eigenvalues can be detected by a density-based method, and the resource items corresponding to the eigenvalues with a density lower than the preset density are determined to be abnormal, and the detection result of each resource item is obtained.

Among them, when making an abnormal judgment for each resource item, calculation and analysis can be performed based on the current eigenvalue and at least one historical eigenvalue; calculation and analysis can also be performed on the current eigenvalues of the same dimension, such as calculation and analysis on the operating temperatures of multiple devices, so as to identify abnormal resource items; current eigenvalues and historical eigenvalues can also be analyzed, that is, current temperatures can be analyzed with historical temperatures, so as to identify abnormal resource items; or, calculation and analysis can be performed based on historical eigenvalues and eigenvalues of the same dimension, and then the abnormal data can be manually classified, or the abnormal data can be quickly classified through the target model, and the specific selection can be made according to the situation.

In some implementations, in order to conduct a more comprehensive analysis of the cloud service device, the detection item category may be analyzed based on the feature value and the historical feature value to ensure the accuracy of the analysis result. For example, step 104 may include:

(104.1) For each detection item category in the structured data set, obtaining at least one historical feature value corresponding to the detection item category;

(104.2) determining a feature mean and a standard deviation of each detection item category based on the feature value of each detection item category and at least one corresponding historical feature value;

(104.3) Obtain the threshold range of the detection item category, determine the abnormal operation of the resource items in the cloud service device based on the feature mean, standard deviation and threshold range, and obtain the detection result of each resource item.

Among them, the historical characteristic value is the characteristic value of the same detection item category in the historical time. By analyzing the detection item category by combining the characteristic value with the historical characteristic value, a more comprehensive and accurate analysis result can be obtained. Exemplarily, the historical characteristic value can be obtained by querying the database. Specifically, when the detection item category is CPU utilization, the collected CPU utilization data can be stored in the database. When it is necessary to analyze the characteristic value of CPU utilization, the historical characteristic value of CPU utilization can be obtained by querying the database, such as the CPU utilization data of the past hour, day or week. Alternatively, it can be set to obtain 10 historical CPU utilization data, which can be selected in sequence or randomly, and the specific method is not limited.

In some embodiments, if the characteristic value of a certain detection item exceeds the normal range, it may mean that the corresponding detection item category is abnormal. Therefore, it is necessary to determine whether the characteristic value exceeds the normal range.

The feature mean is the sum of all feature values in a set of feature values corresponding to a detection item category divided by the number of feature values. Therefore, the feature mean is also called the feature average value. The feature mean can represent the average level of feature values and historical feature values.

Among them, the standard deviation of the eigenvalue can reflect the degree of discreteness of the eigenvalue and the historical eigenvalue, that is, the magnitude of the fluctuation. If the standard deviation of the eigenvalue is small, it means that the data fluctuation is small and the eigenvalue of the detection item category is relatively stable. If the standard deviation is large, it means that the eigenvalue is abnormal data.

For example, if the detection item category is CPU usage, the characteristic mean and standard deviation of CPU usage are calculated as follows:

If the selected characteristic values and historical characteristic values are 60%, 65%, 70%, 63%, 75%, 68%, 62%, 70%, 73%, 65%, 64%, 66%, then the characteristic mean is:

(60%+65%+70%+63%+75%+68%+62%+70%+73%+65%+64%+66%)/12=67.33%;

In some implementations, the square value of the difference between each eigenvalue or historical eigenvalue and the eigenmean value may be calculated, and then the sum of the square values of these differences may be divided by the number of eigenvalues and the square root may be taken to obtain the standard deviation.

The calculation process of standard deviation is:

Calculate the square of the difference between each characteristic value or historical characteristic value and the characteristic mean value in each CPU usage:

(60% - 67.33%)^2 = 54;

(65%-67.33%)^2=5.4;

(70% - 67.33%)^2 = 7.56;

...

The calculation process of the square values of other differences will not be repeated here.

Divide the sum of the squares of these differences by the number of eigenvalues and take the square root:

Standard deviation = sqrt((54+5.4+7.56+...);

The specific calculation method will not be elaborated in detail.

Through the above method, the historical characteristic values of the detection item category are obtained, so that abnormal changes in the detection item category can be discovered in time and abnormal operation judgment can be made.

The threshold range can be a value adjusted in real time according to the change of the characteristic value corresponding to each detection item category, or a value set by the operation and maintenance personnel based on experience. The threshold range can be used to determine whether the characteristic value is abnormal. For example, a characteristic value that exceeds the threshold range can be identified as an abnormal characteristic value.

Exemplarily, the threshold range can be the range in which the numerical deviation of a certain detection item from the feature mean exceeds a preset standard deviation multiple, and the feature value exceeding the threshold range can be judged as an abnormal feature value. Exemplarily, if the detection item category is memory utilization, the feature value that deviates from the feature mean by more than 2 standard deviations (specifically adjustable) can be determined as an abnormal value. When the calculated feature mean is 70% and the standard deviation is 10%, the feature mean is plus or minus 2 standard deviations, and the threshold range is determined to be 50% to 90%. According to the calculated threshold range, the feature value of real-time memory utilization can be determined. If the feature value is 95%, then according to the threshold range (50% to 90%), the feature value exceeds the threshold range, so it can be determined that the resource item corresponding to the feature value is in an abnormal operating state.

It is understandable that by setting a threshold range to establish a benchmark, each resource item can be monitored and abnormalities can be determined, so as to detect resource items with abnormal operation, so that corresponding measures can be taken to solve the problem and ensure the normal operation and stability of cloud service equipment.

In some implementations, in order to conduct a more comprehensive analysis of the cloud service device, the detection item category may be analyzed based on the feature value and the historical feature value to ensure the accuracy of the analysis result. For example, step 104 may also include:

(104.4) based on the current feature value corresponding to each detection item category, obtaining multiple historical feature values corresponding to the detection item category;

(104.5) Generate a detection box plot corresponding to each detection item category based on the current feature value and the historical feature value;

(104.6) Selecting a preset range in the detection box plot, and determining feature values exceeding the preset range as abnormal data;

(104.7) Based on the abnormal data, generate detection results of corresponding resource items.

It is understandable that in order to conduct a more comprehensive analysis of the device status, at least one historical feature value corresponding to the detection item category can be obtained as a reference for the current feature value to determine whether the current feature value is abnormal. The specific method of obtaining multiple historical feature values corresponding to the detection item category has been developed above and will not be repeated here.

Among them, the detection box plot can be used to characterize the discrete degree of a set of eigenvalues corresponding to each detection item category, and the detection box plot shows the distribution of eigenvalues and historical eigenvalues. For example, the detection box plot can include the minimum value, maximum value, upper quartile (Q3), lower quartile (Q1), and median (Q2) of the eigenvalues and historical eigenvalues. Through these statistics, the distribution range, central tendency, and whether there are outliers of the eigenvalues can be understood.

For example, the detection item category is the CPU utilization of the cloud service device. If the characteristic value and historical characteristic value corresponding to the CPU utilization are: [10, 20, 30, 40, 50, 60, 70, 80, 90, 100], then calculate the key values of the detection box plot. Among them, the minimum value is 10, the lower quartile (Q1) is 25, the median (Q2) is 55, the upper quartile (Q3) is 75, and the maximum value is 100. Then, the detection box plot corresponding to the detection item category can be generated based on the above data.

The preset range may be a range for determining whether a characteristic value is an abnormal value, and a characteristic value exceeding the preset range may be determined as abnormal data to achieve rapid detection of the characteristic value.

In some embodiments, a judgment criterion based on outliers can be used to calculate the interquartile range (IQR) based on the difference between the lower quartile (Q3) and the upper quartile (Q1) in the box plot, and then the upper and lower limits of the detection box plot are calculated based on the upper quartile, the lower quartile and the interquartile range. Specifically, the lower limit is Q1-1.5*IQR, the upper limit is Q3+1.5*IQR, and then the upper and lower limits are used as preset ranges.

In some implementations, the characteristic value can be compared with a preset range calculated by the above-mentioned calculation method. If the characteristic value exceeds the preset range, the characteristic value can be determined as abnormal data, and based on the abnormal data, a detection result of the corresponding resource item is generated. For example, the detection result may be CPU utilization: 95%, abnormal, etc. The specific form can be set by oneself.

It should be noted that in order to subsequently classify abnormal resource items, the detection results of the corresponding resource items can be generated based on the abnormal data to help predict possible failures of cloud service equipment, so as to take measures in advance to prevent, plan or adjust. Specifically, when the characteristic value of the resource item is normal, the corresponding detection result is also normal, and when the characteristic value of the resource item is abnormal, the corresponding detection result is also abnormal. Based on the detection results, the abnormal data can be deeply analyzed and predicted to improve the stability and reliability of cloud service equipment.

Step 105: Generate a detection report for the cloud service device based on the feature value of each detection item category and the detection result of each resource item.

It should be noted that in order to facilitate operation and maintenance personnel to view and analyze the detection results one by one, and to promptly discover possible problems and abnormalities in cloud service equipment, a detection report for cloud service equipment can be generated based on the characteristic values of each detection item category and the detection results of each resource item.

Among them, the detection report is the characteristic value of each detection item category and the detection result of the corresponding resource item; or, the detection report can also be the detection result of a group of resource items, for example, the detection of the network resource group is normal, and the abnormal values are displayed separately. In some embodiments, the format of the characteristic value of each detection item category and the detection result of the corresponding resource item can be converted. Specifically, the characteristic value of each detection item category and the detection result of the corresponding resource item can be compared with the JSON library of Python one by one, and the characteristic value of each detection item category and the detection result of the corresponding resource item can be converted into JSON format, and then according to the needs of the detection report of the specific cloud service device, the corresponding visualization template is selected, and the characteristic value of each detection item category after conversion into JSON format and the detection result of the corresponding resource item are filled into the corresponding visualization template to generate an independent HTML file, which contains the complete inspection report content. Further, the HTML file can be converted into a format such as PDF that is convenient for operation and maintenance personnel to view.

In some implementations, in order to facilitate the operation and maintenance personnel to view and analyze, the detection results and related data can be filled into a preset visualization template, so that the detection results can be displayed to the operation and maintenance personnel for viewing and timely processing of abnormal data. For example, step 105 can include:

(105.1) Converting the characteristic value of each detection item category and the detection result of each resource item into target format data;

(105.2) Obtain a preset visualization template, and fill the target format data corresponding to all resource items into the visualization template to obtain a filled target visualization template;

(105.3) Based on the content in the filled target visualization template, display the detection report of the cloud service device.

Among them, the target format data can be used to unify the feature values of the detection item category and the planned format data of the detection results of each resource item. By converting the feature values of the detection item category and the detection results of each resource item into the target format data, the data can be presented in a unified format in the visualization template, thereby realizing the dynamic display of the data. Exemplarily, the target format data can be JSON data, and the JSON data is stored in a JSON library. By querying the feature values and the detection results in the JSON library, the JSON format data corresponding to the feature values and the detection results can be obtained, and the feature values and the detection results can be converted into the corresponding format to realize the normalization and standardization of the data, so as to facilitate the subsequent generation of visualization pages.

Among them, the visualization template can be a pre-set structured template for displaying data. The visualization template can be a running script, which can run the corresponding script according to the filled target format data and generate a visualization page. Exemplarily, the visualization template can be composed of a structured language, such as Python. Exemplarily, after the feature values and detection results are converted into JSON format, the data in JSON format can be converted into a structured language. Specifically, the format conversion can also be performed through a structured language library. After that, the converted structured data is filled into the visualization template, for example. Exemplarily, the target visualization template can be an HTML template, or it can be a chart library template or a template provided by other visualization tools. The target visualization template needs to set placeholders or template variables for filling in structured data.

Among them, the test report can display the filled target visualization template in a visual form to help users intuitively understand the status of the cloud service device and various test results. Exemplarily, the filled target visualization template can be run through the server-side template engine or front-end JavaScript to generate a test report, i.e., a visualization page, and the generated visualization page is displayed to the user. The test report can include basic information of the cloud service device, such as device model, status, performance data, etc., as well as other test results, such as network connection status, security assessment, etc. Furthermore, the test report can be accessed through a browser and embedded in other applications for display.

Exemplarily, the detection report of the cloud service device may be:

Device Information

Device name: CloudServer1

Equipment model: ABC-2000

Test Report

Network connection status: Normal

Storage space: 60% used

CPU Utilization: 40%

The above test reports are only examples, and users can personalize the test reports according to their own needs.

In the embodiment of the present application, on the one hand, when the detection result of each resource item is normal, a detection report of the cloud service device can be generated based on the characteristic value of each detection item category and the detection result of each resource item. The detection report can include specific resource items, corresponding characteristic values and the conclusion that the detection is normal, or it can be the conclusion that the entire cloud service device is running normally. The specific display content and display form can be personalized and are not limited to this. On the other hand, when there is an abnormal detection result of a resource item, it is necessary to further analyze the characteristics of the abnormal detection to improve the accuracy of the detection resource item. It should be noted that the determination of whether the detection result is normal or not can be compared with the characteristic value and the preset threshold value or the preset range value to determine whether there is a detection abnormality. Among them, the preset threshold value and the preset range value can be determined according to one or more historical characteristic values corresponding to the corresponding resource item to be detected or the category to be detected, such as setting the preset range value by the maximum and minimum historical characteristic values in the normal operation state, or determining the preset threshold value according to the maximum historical characteristic value in the normal operation state.

In some embodiments, when there is an abnormal detection result of a resource item and the feature value exceeds a preset range/threshold range, the feature value corresponding to the resource item with the abnormal detection result can be input into a pre-trained target model, so that the target model is classified according to the feature value, and an abnormal label of the abnormal feature value is obtained, thereby generating a detection report. Therefore, the generation process of the detection report may also include:

(A.1) If the test result is abnormal, the feature value of the abnormal test result is used as the feature to be analyzed;

(A.2) Input the feature to be analyzed into the target model, and classify it based on each sub-feature in the feature to be analyzed and the feature relationship between the sub-features through the target model to obtain an abnormal category label;

(A.3) determining the characteristic value with a normal detection result as the target characteristic value;

(A.4) Generate a detection report for the cloud service device based on the target feature value, the detection result corresponding to the target feature value, the feature to be analyzed, and the abnormal category label corresponding to the feature to be analyzed.

Among them, abnormal detection results indicate that the cloud service device may have a fault, misconfiguration, or be affected by unexpected network activities. Abnormal situations may cause service interruption, performance degradation, security vulnerabilities, etc. of the cloud service device. Therefore, when abnormal detection results are found, the abnormal feature values need to be analyzed and processed in a timely manner to avoid risks such as system failure or data leakage.

Among them, the feature to be analyzed is the feature value corresponding to the resource item whose detection result is abnormal, and the feature value may include various indicators and attributes. Exemplarily, abnormal network traffic is monitored in the cloud service device, and there are two situations of abnormal network traffic: one is a large amount of malicious traffic entering the system due to DDoS attacks, and the other is a sudden increase in abnormal traffic due to sudden user behavior or system failure. Therefore, it is necessary to classify the features to be analyzed through the target model to understand the specific causes of abnormal network traffic, so as to take corresponding measures in a targeted manner. For example, the former may need to take measures to block the attack as soon as possible, and the latter may need to further investigate the cause of the failure and deal with it in time. Therefore, by inputting the feature value as the feature to be analyzed into the target model, the feature value can be classified, so as to solve related problems in a targeted manner according to the classification results, and improve the accuracy of the detection results.

Among them, the target model can be a trained Transformer model. Through the self-attention mechanism of the Transformer model, attention can be dynamically allocated according to the dependency between sub-features at different positions in the input sequence, so as to obtain the abnormal category label.

Exemplarily, before inputting the feature to be analyzed into the target model, the input feature to be analyzed can be preprocessed, such as normalization, to organize the feature to be analyzed into a format suitable for Transformer model input. When the feature to be analyzed has multiple sub-features, the multiple sub-features can be organized into one input tensor.

Furthermore, when the feature to be analyzed is input into the target model, the target model can classify based on each sub-feature in the feature to be analyzed and the relationship between the sub-features to obtain an abnormal category label. For example, when the feature to be analyzed is a network traffic feature value, the sub-features of the network traffic feature value can be the source IP address, the destination IP address, the port number, the protocol type, the packet size, etc. After that, these sub-features can be represented as a matrix, each row represents the network traffic data in a time window, and each column represents a sub-feature, and this matrix is input into the target model. Inside the target model, after being processed by multiple layers of self-attention mechanism and feedforward neural network layer, the target model will learn the complex relationship between each sub-feature in the network traffic feature value. Specifically, through the self-attention mechanism, the target model can distinguish the dependency between each sub-feature in different time windows, such as discovering the association between a specific source IP address and abnormal traffic or the correlation between a specific protocol type and network attack, etc., so as to achieve accurate identification and classification of the feature to be analyzed.

The detection results may include normal feature values and abnormal feature values. Normal feature values are feature values indicating that the user or system's login behavior to the cloud service device conforms to normal usage patterns, feature values indicating normal data access patterns and resource utilization patterns, feature values indicating normal system behavior, feature values indicating normal traffic patterns, feature values indicating legal IP addresses and ports, etc. Since normal feature values do not need to be classified or further processed, there is no need to input normal feature values into the target model.

It is understandable that in order to summarize the overall operating status of the cloud service equipment, an overall detection result of the cloud service equipment can be generated, including normal detection results and abnormal detection results, to help operation and maintenance personnel understand the current operating status of the system.

Exemplarily, the detection report of the generated cloud service device can take multiple forms, including text reports, chart reports, and visual reports, etc. Specifically, the target feature value, the detection result corresponding to the target feature value, the feature to be analyzed, and the abnormal category label corresponding to the feature to be analyzed can be converted into JSON format data (or other specific formats), and then filled into the HTML template with the JSON format data, and the corresponding form of the detection report is generated according to the HTML template.

Specifically, the text report may be a report containing a text description, which is used to explain in detail the target feature value, the detection result corresponding to the target feature value, the feature to be analyzed, and the abnormal category label corresponding to the feature to be analyzed. For example: "According to the analysis of CPU utilization, it is found that the system CPU utilization continues to exceed 80%. After detection, it is found that the detection result corresponding to the feature value is abnormal. The feature to be analyzed shows that the memory occupancy rate and network traffic have abnormal fluctuations, and the corresponding abnormal category label is network failure." In some embodiments, the processing measures corresponding to the network failure can be found according to a pre-set database, and the corresponding processing measures can be attached to the abnormal category label. For example, following the above example, "It is recommended to check the network equipment and perform network traffic analysis to solve the problem" can be added after "The corresponding abnormal category label is network failure." For the target feature value and the detection result corresponding to the target feature value, it can be generated as "According to the analysis of CPU utilization, it is found that the system CPU utilization is 30%. After detection, it is found that the detection result corresponding to the feature value is normal." The specific text report format can be adjusted as needed.

In some embodiments, a detection report can be generated in the form of a chart, such as a table, a bar chart, a line chart, a pie chart, etc., based on the target feature value, the detection result corresponding to the target feature value, the feature to be analyzed, and the abnormal category label corresponding to the feature to be analyzed, so as to intuitively display the data changes and abnormal conditions of the system operation status. For example, a line chart of the CPU utilization rate changing over time can be made, with normal points displayed in the same color and abnormal points highlighted in different colors or marks.

In some embodiments, a report can be generated based on the target feature value, the detection result corresponding to the target feature value, the feature to be analyzed, and the abnormal category label corresponding to the feature to be analyzed, so as to intuitively display the relationship between the feature values and the distribution of abnormal situations, such as a heat map, a scatter plot, a radar map, etc. For example, a heat map can be used to display the correlation between different feature values, or a scatter plot can be used to display the distribution of abnormal feature values.

Through the above methods, a detection report of the cloud service equipment can be generated, which is convenient for operation and maintenance personnel to evaluate the overall operating status of the cloud service equipment, and to timely analyze and process the features to be analyzed and the corresponding abnormal category labels, so as to provide users with more reliable, secure and efficient cloud services.

Furthermore, the target model can accurately classify the features to be analyzed to automate the detection process. The target model can be trained through the following process:

(a) Obtain the features of the sample to be analyzed and the sample abnormality category labels corresponding to the features of the sample to be analyzed;

(b) Input the features of the sample to be analyzed into the preset model to obtain the predicted category label;

(c) constructing a target loss function based on the difference between the sample abnormal category label and the predicted category label;

(d) Iteratively train the preset model according to the target loss function until the preset conditions are met to obtain the trained target model.

The sample features to be analyzed may be feature data used in training a preset model, and may be used in the training of the preset model to help the preset model better understand and classify different types of abnormal situations. For example, the sample features to be analyzed may include data related to cloud service devices, such as system performance indicators, network traffic, and user behavior.

Among them, sub-features can refer to one or more specific features in the sample features to be analyzed, which are used as input data when training the preset model. These sub-features can be a feature or feature combination selected from data related to cloud service devices such as system performance indicators, network traffic, user behavior, etc.

Among them, the abnormal category label can be a problem classification label associated with the sample feature to be analyzed, which is used to indicate the type or degree of abnormal situation corresponding to the sample feature to be analyzed. In supervised learning, these abnormal category labels will be used together with the sample features to be analyzed to train the preset model, so that the preset model can learn the association between the sample features to be analyzed and the abnormal category label, thereby improving the preset model's ability to classify abnormal data. Exemplarily, the abnormal category label can represent the problem classification of the sample feature to be analyzed. For example, for network traffic, the sample abnormal category label can be the type of attack, data leakage, etc. In some embodiments, in addition to the specific abnormal category, the sample abnormal category label can also be accompanied by the degree of abnormality, such as mild, severe, etc.

The preset model may be a classification model, and the preset model may be capable of classifying abnormal data by learning the association between the features to be analyzed of the sample and the abnormal category label. For example, the preset model may be a Transformer model.

Among them, the predicted category label can be a classification label obtained after processing the features to be analyzed of the sample based on the preset model, which is used to represent the model's predicted classification result for the sample. Exemplarily, in the process of predicting the feature values of the sample to be analyzed, the preset model will learn the relationship between each sub-feature in each sample feature to be analyzed, and make predictions based on this, and output the corresponding predicted category label. Furthermore, the preset model can learn attention weights during the training process to determine the degree of association between each sub-feature and other sub-features, and effectively capture the complex relationships between different sub-features, including the dependencies and influences between the sub-features, thereby generating a predicted category label.

Among them, the target loss function can be a function that measures the difference, error or loss between the predicted category label of the preset model and the sample abnormal category label. In the process of training the preset model, the parameters of the preset model can be optimized by minimizing the target loss function so that the predicted category label of the preset model is closer to the actual sample abnormal category label. Exemplarily, when the preset model is a Transformer model, the cross entropy loss function can be used as the target loss function during training. The cross entropy loss function can measure the difference between the predicted category label of the preset model and the sample abnormal category label by multiplying and summing the probability of the preset model for each sample abnormal category label with the predicted probability of the predicted category label, and then taking the negative logarithm. Exemplarily, if the predicted probability of the predicted category label of the sample to be analyzed by the preset model is 0.8 (that is, the probability of abnormal login is 0.8), and the sample abnormal category label of the sample to be analyzed is 1, then the cross entropy loss will be -log(0.8). Afterwards, the cross entropy losses of all sample features to be analyzed are added and averaged, which can be used as the target loss function of the preset model. By minimizing the target loss function, the preset model can more accurately predict the output predicted category label.

It should be noted that in order to continuously optimize the performance of the preset model, the preset model can be iteratively trained, and the parameters of the preset model can be continuously updated according to the target loss function, so that the preset model is optimized in the direction of reducing the target loss function, thereby continuously improving the classification accuracy.

Exemplarily, the preset condition may be a training condition or training index preset before or during training of the preset model, which is used to determine whether the training of the preset model is successful and whether it meets specific training requirements. The preset condition may be a preset training round, a loss convergence threshold, a performance evaluation index, etc. For example, the training round of the preset model may be set to 500 times to meet the preset condition and obtain the trained target model. The loss convergence threshold may also be set. When the loss value is less than the loss convergence threshold, the training of the preset model is stopped to obtain the trained target model, and so on.

By training the preset model in the above manner, the classification accuracy of the obtained target model can be effectively improved, so as to speed up the efficiency of identifying abnormal detection results and generate more accurate and detailed detection reports.

In some implementations, the detection log corresponding to each resource item when executing the device detection instance can be obtained and saved, thereby recording the detection process of the cloud service device for subsequent analysis or viewing. For example, after step 105, it can also include:

(105.a.1) Obtain the detection log corresponding to each resource item when executing the device detection instance;

(106.a.2) According to the detection results, the detection log of each resource item is classified and saved.

The detection log can be the detection log corresponding to each resource item when executing the device detection instance, which is used to record the operating status, performance and possible problems of each resource item. By obtaining the detection log of each resource item, you can fully understand the status of each resource of the cloud service device during operation, which is conducive to discovering and solving potential faults or performance bottlenecks to ensure the stability, security and reliability of the device.

In some implementations, in order to facilitate operation and maintenance personnel to view detection logs at any time and better organize and manage detection logs, the detection logs of each resource item can be classified and saved. For example, when a cloud service device is subjected to performance testing, the detection logs of resource items can be saved in corresponding categories according to the test results, such as creating folders or database tables named "CPU usage", "memory usage" and "network traffic" to store relevant detection log data, so as to specifically discover problems that may exist in the operation of the cloud service device.

It is understandable that the detection system of the cloud service device may also include a database (DB) module and a network module. Specifically, the DB module may be used to provide access and management functions to a database storing detection logs, including a user information table, a task information table, a task execution record table, a resource information table, a detection log table, a detection report, and a detection authority table, etc. The WEB module provides user interface operations for detection report management, detection task management, detection authority management, detection template management, detection analysis management, detection log management, etc.

By obtaining the detection log corresponding to each resource item when executing the device detection instance, different resource items can be analyzed and queried independently, so as to better understand the operating status of the cloud service equipment, promptly detect and handle abnormal situations, and provide support for subsequent management and optimization work. It is understandable that the present application can also set a detection timer to perform regular detection of cloud service equipment to ensure the normal operation of the cloud service equipment. Specifically, a shorter detection interval can be set for resource items with a high incidence of failures, such as once an hour; a longer detection interval can be set for resource items with a low incidence of failures, such as once every two days, and so on, so as to effectively detect cloud service equipment while saving equipment resources.

The embodiment of the present application obtains a checklist corresponding to a cloud service device, and configures a device detection instance corresponding to the cloud service device according to multiple resource items to be detected contained in the checklist; collects resource parameters corresponding to each resource item from the cloud service device by executing the device detection instance to obtain device detection data; performs structured processing on the device detection data according to multiple detection item categories to obtain a structured data set, which includes multiple detection item categories and feature values of each detection item category; performs abnormality judgment on the resource items in the cloud service device according to the feature values of each detection item category to obtain a detection result for each resource item; and generates a detection report for the cloud service device based on the feature values of each detection item category and the detection result of each resource item. Therefore, the corresponding device detection instances can be accurately configured for the resource items contained in the cloud service device. By executing the device detection instances, the resource parameters corresponding to each resource item can be automatically collected from the cloud server device, which effectively improves the efficiency of cloud service device detection. Furthermore, by structuring the device detection data, anomaly judgment is made based on the characteristic values of each detection item category in the structured data. Without human intervention, the detection results of each resource item can be quickly analyzed and obtained, and a detection report can be generated based on the detection results. This can improve the detection efficiency while improving the stability and accuracy of cloud service device detection.

Referring to FIG. 3 , an embodiment of the present application further provides a detection device for a cloud service device, which can implement the above-mentioned detection method for a cloud service device. The detection device for a cloud service device includes:

Configuration module 31, used to obtain a checklist corresponding to the cloud service device, and configure a device detection instance corresponding to the cloud service device according to multiple resource items to be detected included in the checklist;

An execution module 32, configured to collect resource parameters corresponding to each resource item from the cloud service device by executing the device detection instance to obtain device detection data;

A processing module 33, configured to perform structured processing on the device detection data according to multiple detection item categories to obtain a structured data set, wherein the structured data set includes multiple detection item categories and feature values of each detection item category;

The determination module 34 is used to determine abnormal operation of resource items in the cloud service device according to the characteristic value of each detection item category, and obtain the detection result of each resource item;

The generating module 35 is used to generate a detection report of the cloud service device based on the feature value of each detection item category and the detection result of each resource item.

The specific implementation of the detection device of the cloud service device is basically the same as the specific implementation of the detection method of the cloud service device described above, and will not be repeated here. On the premise of meeting the requirements of the embodiments of this application, the detection device of the cloud service device can also be provided with other functional modules to implement the detection method of the cloud service device in the above embodiments.

The embodiment of the present application also provides a computer device, the computer device includes a memory and a processor, the memory stores a computer program, and the processor implements the above-mentioned cloud service device detection method when executing the computer program. The computer device can be any intelligent terminal including a tablet computer, a car computer, etc.

Please refer to FIG. 4 , which schematically shows the hardware structure of a computer device according to another embodiment. The computer device includes:

The processor 41 may be implemented by a general-purpose CPU (Central Processing Unit), a microprocessor, an application-specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits, and is used to execute relevant programs to implement the technical solutions provided in the embodiments of the present application;

The memory 42 can be implemented in the form of a read-only memory (ROM), a static storage device, a dynamic storage device, or a random access memory (RAM). The memory 42 can store an operating system and other applications. When the technical solution provided in the embodiment of this specification is implemented by software or firmware, the relevant program code is stored in the memory 42, and the processor 41 calls and executes the detection method of the cloud service device in the embodiment of this application;

Input/output interface 43, used to implement information input and output;

The communication interface 44 is used to realize the communication interaction between the device and other devices. The communication can be realized through a wired manner (such as USB, network cable, etc.) or a wireless manner (such as mobile network, WIFI, Bluetooth, etc.);

A bus 45 that transmits information between the various components of the device (e.g., the processor 41, the memory 42, the input/output interface 43, and the communication interface 44);

The processor 41 , the memory 42 , the input/output interface 43 and the communication interface 44 are connected to each other in communication within the device via a bus 45 .

An embodiment of the present application also provides a computer-readable storage medium, which stores a computer program. When the computer program is executed by a processor, the detection method of the cloud service device is implemented.

The memory, as a non-transient computer-readable storage medium, can be used to store non-transient software programs and non-transient computer executable programs. In addition, the memory may include a high-speed random access memory, and may also include a non-transient memory, such as at least one disk storage device, a flash memory device, or other non-transient solid-state storage device. In some embodiments, the memory may optionally include a memory remotely disposed relative to the processor, and these remote memories may be connected to the processor via a network. Examples of the above-mentioned network include, but are not limited to, the Internet, an intranet, a local area network, a mobile communication network, and combinations thereof.

The embodiments described in the embodiments of the present application are intended to more clearly illustrate the technical solutions of the embodiments of the present application and do not constitute a limitation on the technical solutions provided in the embodiments of the present application. Those skilled in the art will appreciate that with the evolution of technology and the emergence of new application scenarios, the technical solutions provided in the embodiments of the present application are also applicable to similar technical problems.

Those skilled in the art will appreciate that the technical solutions shown in the figures do not constitute a limitation on the embodiments of the present application, and may include more or fewer steps than shown in the figures, or a combination of certain steps, or different steps.

The device embodiments described above are merely illustrative, and the units described as separate components may or may not be physically separated, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

Those skilled in the art will appreciate that all or some of the steps in the methods disclosed above, and the functional modules/units in the systems and devices may be implemented as software, firmware, hardware, or a suitable combination thereof.

The terms "first", "second", "third", "fourth", etc. (if any) in the specification of the present application and the above-mentioned drawings are used to distinguish similar objects, and are not necessarily used to describe a specific order or sequence. It should be understood that the data used in this way can be interchangeable where appropriate, so that the embodiments of the present application described herein can be implemented in an order other than those illustrated or described herein. In addition, the terms "including" and "having" and any of their variations are intended to cover non-exclusive inclusions, for example, a process, method, system, product or device comprising a series of steps or units is not necessarily limited to those steps or units clearly listed, but may include other steps or units that are not clearly listed or inherent to these processes, methods, products or devices.

It should be understood that in the present application, "at least one (item)" and "several" refer to one or more, and "plurality" refers to two or more. "And/or" is used to describe the association relationship of associated objects, indicating that three relationships may exist. For example, "A and/or B" can mean: only A exists, only B exists, and A and B exist at the same time, where A and B can be singular or plural. The character "/" generally indicates that the previous and following associated objects are in an "or" relationship. "At least one of the following" or similar expressions refers to any combination of these items, including any combination of single or plural items. For example, at least one of a, b or c can mean: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", where a, b, c can be single or multiple.

In the several embodiments provided in the present application, it should be understood that the disclosed systems and methods can be implemented in other ways. For example, the system embodiments described above are merely schematic. For example, the division of the above units is only a logical function division. There may be other division methods in actual implementation, such as multiple units or components can be combined or integrated into another system, or some features can be ignored or not executed. Another point is that the mutual coupling or direct coupling or communication connection shown or discussed can be an indirect coupling or communication connection through some interfaces, devices or units, which can be electrical, mechanical or other forms.

The units described above as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place or distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.

In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above-mentioned integrated unit may be implemented in the form of hardware or in the form of software functional units.

If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application is essentially or the part that contributes to the prior art or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including multiple instructions to enable a computer device (which can be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods of various embodiments of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (Read-Only Memory, referred to as ROM), random access memory (Random Access Memory, referred to as RAM), disk or optical disk and other media that can store programs.

The preferred embodiments of the present application are described above with reference to the accompanying drawings, but the scope of the rights of the present application is not limited thereto. Any modification, equivalent substitution and improvement made by a person skilled in the art without departing from the scope and essence of the present application should be within the scope of the rights of the present application.

Claims (13)

1. A method for detecting a cloud service device, characterized in that the method comprises: Obtaining a checklist corresponding to a cloud service device, and configuring a device detection instance corresponding to the cloud service device according to a plurality of resource items to be detected contained in the checklist; By executing the device detection instance, resource parameters corresponding to each resource item are collected from the cloud service device to obtain device detection data; Performing structured processing on the device detection data according to multiple detection item categories to obtain a structured data set, wherein the structured data set includes multiple detection item categories and feature values of each detection item category; According to the characteristic value of each detection item category, an abnormality determination is performed on the resource item in the cloud service device to obtain a detection result of each resource item; Based on the feature value of each detection item category and the detection result of each resource item, a detection report of the cloud service device is generated. 2. The cloud service device detection method according to claim 1, characterized in that the method further comprises: If the detection result is abnormal, the feature value of the abnormal detection result is used as the feature to be analyzed; Inputting the feature to be analyzed into a target model, and classifying the feature based on each sub-feature in the feature to be analyzed and the feature relationship between the sub-features through the target model to obtain an abnormal category label; Determine the characteristic value with a normal detection result as a target characteristic value; A detection report for the cloud service device is generated according to the target feature value, the detection result corresponding to the target feature value, the feature to be analyzed, and the abnormal category label corresponding to the feature to be analyzed. 3. The cloud service device detection method according to claim 2, wherein the training process of the target model is: Obtaining features of the sample to be analyzed and sample abnormality category labels corresponding to the features of the sample to be analyzed; Input the features of the sample to be analyzed into a preset model to obtain a predicted category label; Constructing a target loss function based on the difference between the sample abnormal category label and the predicted category label; The preset model is iteratively trained according to the target loss function until a preset condition is met to obtain a trained target model. 4. The cloud service device detection method according to claim 1, wherein configuring the device detection instance corresponding to the cloud service device according to the multiple resource items to be detected contained in the checklist comprises: Grouping a plurality of resource items to be inspected contained in the inspection list to obtain a plurality of data collection groups; Determine the device detection instance corresponding to each data collection group from the preset instruction list. 5. The cloud service device detection method according to claim 4, wherein each of the device detection instances comprises a plurality of detection items and a detection instruction corresponding to each detection item; and the device detection data is obtained by collecting resource parameters corresponding to each resource item from the cloud service device by executing the device detection instance, comprising: For each resource item to be detected in the data collection group, executing the corresponding detection instruction in the device detection instance to obtain resource parameters corresponding to each resource item; The resource parameters corresponding to each of the resource items are filled into the device detection instance, and device detection data of the cloud service device is generated according to each filled device detection instance. 6. The cloud service device detection method according to claim 1, wherein the device detection data is structured according to a plurality of detection item categories to obtain a structured data set, comprising: Obtaining a data analysis template, wherein the data analysis template includes a correspondence between preset keywords and preset detection item categories; According to the preset keywords in the data parsing template, the target words in the device detection data are matched to determine the detection item category corresponding to each target word; Obtaining a feature value corresponding to each detection item category from the device detection data; Based on multiple detection item categories and feature values of each detection item category, a structured data set is obtained. 7. The cloud service device detection method according to claim 1, characterized in that the abnormal operation determination of the resource items in the cloud service device is performed for the characteristic value of each detection item category to obtain the detection result of each resource item, including: For each of the detection item categories in the structured data set, obtaining at least one historical feature value corresponding to the detection item category; Determine a feature mean and a standard deviation of each detection item category according to the feature value of each detection item category and the corresponding at least one historical feature value; A threshold range of the detection item category is obtained, and abnormal operation determination is performed on the resource items in the cloud service device based on the feature mean, the standard deviation, and the threshold range to obtain a detection result for each resource item. 8. The cloud service device detection method according to claim 1, characterized in that the feature value of each detection item category is used to determine abnormal operation of resource items in the cloud service device to obtain the detection result of each resource item, and further comprises: Based on the current feature value corresponding to each of the detection item categories, obtaining multiple historical feature values corresponding to the detection item category; Generate a detection box plot corresponding to each detection item category according to the current feature value and the historical feature value; Selecting a preset range in the detection box plot, and determining the feature values exceeding the preset range as abnormal data; Based on the abnormal data, a detection result of the corresponding resource item is generated. 9. The cloud service device detection method according to claim 1, characterized in that the generating of the cloud service device detection report based on the feature value of each detection item category and the detection result of each resource item comprises: Converting the characteristic value of each detection item category and the detection result of each resource item into target format data; Acquire a preset visualization template, and fill the target format data corresponding to all the resource items into the visualization template to obtain a filled target visualization template; Based on the content in the filled target visualization template, the detection report of the cloud service device is displayed. 10. The cloud service device detection method according to claim 1, characterized in that the method further comprises: Obtaining a detection log corresponding to each resource item when executing the device detection instance; According to the detection result, the detection log of each resource item is classified and saved. 11. A detection device for a cloud service device, characterized in that the device comprises: A configuration module, used to obtain a checklist corresponding to a cloud service device, and configure a device detection instance corresponding to the cloud service device according to a plurality of resource items to be detected contained in the checklist; An execution module, configured to collect resource parameters corresponding to each resource item from the cloud service device by executing the device detection instance, and obtain device detection data; A processing module, configured to perform structured processing on the device detection data according to a plurality of detection item categories to obtain a structured data set, wherein the structured data set includes a plurality of detection item categories and a feature value of each detection item category; A determination module, configured to determine abnormal operation of resource items in the cloud service device according to the characteristic value of each detection item category, and obtain a detection result of each resource item; A generation module is used to generate a detection report for the cloud service device based on the feature value of each detection item category and the detection result of each resource item. 12. A computer device, characterized in that the computer device comprises a memory and a processor, the memory stores a computer program, and the processor implements the cloud service device detection method according to any one of claims 1 to 10 when executing the computer program. 13. A computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, implements the cloud service device detection method according to any one of claims 1 to 10.