Unlock instant, AI-driven research and patent intelligence for your innovation.

Method, device and computer-readable medium for log fragment recovery

A log and fragmentation technology, which is applied in the direction of calculation, response error generation, redundancy in operation, data error detection, etc., can solve problems such as missing value

Active Publication Date: 2022-05-27
XIAMEN MEIYA PICO INFORMATION
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The log tool with the recovery function is basically a file-level recovery of the overall deleted Evtx log; it rarely handles the fragmented records in the unallocated cluster and the "overwritten and deleted" record data of the Evtx log file, which causes these "expired" The event records for are missing the expected value

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and computer-readable medium for log fragment recovery
  • Method, device and computer-readable medium for log fragment recovery
  • Method, device and computer-readable medium for log fragment recovery

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] Before explaining any embodiment of the invention in detail, it is to be understood that the invention is not limited in its application to the details of construction and the arrangement of components set forth in the following description or illustrated in the accompanying drawings. The invention is capable of other embodiments and of being practiced or carried out in various ways.

[0026] Also, it is to be understood that the phraseology and terminology used herein is for the purpose of description and should not be regarded as limiting. The use of "including", "including" or "having" and variations thereof herein is meant to encompass the items listed thereafter and their equivalents as well as additional items. The terms "mounted," "connected," and "coupled" are used broadly and encompass both direct and indirect mounting, connection, and coupling. Furthermore, "connected" and "coupled" are not limited to physical or mechanical connections or couplings, and may i...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A method, device and computer-readable medium for recovery of log fragments are provided. The method includes: loading the data in the log file to obtain the information of the record block; jumping to the start offset of the record block according to the information and reading the header information of the record block to obtain the Record the start offset of the free area of ​​the block; jump to the start offset of the free area of ​​the record block, and search for a matching event record signature for the start offset of the free area; if the signature is matched, Then parse the event record with the signature and check whether the preceding and following data size values ​​of the event record match; and if the preceding and following data size values ​​of the event record match, then save the event record.

Description

technical field [0001] The present disclosure relates to a method, apparatus, and computer-readable medium for log fragmentation recovery. Background technique [0002] Windows is the operating system with the highest market share in the personal desktop operating system market at home and abroad, and it has penetrated into all aspects of users' online life. Therefore, it is extremely important to study the running log of Windows system. [0003] On Windows XP, Windows 2000, and Windows 2003 systems, the system event log is stored in the Evt file format; on newer Windows system versions such as Windows Vista, Windows 7, Windows 8, and Windows 10, Microsoft upgrades to use the Evtx file format. Stores the system event log. [0004] The Windows operating system records a large amount of log information during its running life cycle, which is mainly stored in the Windows\System32\winevt\Logs directory of the system disk. Using the event viewer of the Windows system, the reco...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F11/14G06F11/34
CPCG06F11/1435G06F11/1438G06F11/3476
Inventor 刘志祥吴松洋施志明苏再添吴少华
Owner XIAMEN MEIYA PICO INFORMATION