A cloud desktop monitoring system and method

By implementing monitoring functions on cloud terminals and employing screen recording and RTMP streaming technologies, the problem of cloud desktop monitoring consuming computing node resources has been solved. Real-time monitoring and historical operation records have been achieved, improving the monitoring efficiency and evidence preservation capabilities of cloud desktops.

CN115664989BActive Publication Date: 2026-06-16MASSCLOUDS

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
MASSCLOUDS
Filing Date
2022-10-27
Publication Date
2026-06-16

AI Technical Summary

Technical Problem

The existing cloud desktop monitoring function is implemented on the computing node, which leads to increased resource consumption, cannot retain evidence of historical operation processes, and has network concurrency issues.

Method used

The monitoring function is implemented on the cloud terminal. It is controlled through the API interface between the cloud management platform and the cloud terminal. Screen recording and RTMP streaming technology are used to record and stream user operation videos. All monitoring functions are completed on the cloud terminal.

🎯Benefits of technology

It saves computing node resources, especially network and CPU resources, enables real-time monitoring of user operations and backup of historical records, and solves network concurrency issues.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN115664989B_ABST
    Figure CN115664989B_ABST
Patent Text Reader

Abstract

The application provides a cloud desktop monitoring system and method, a cloud management platform, which is used for receiving a login authentication request sent by a cloud terminal, establishing communication with the cloud terminal, and sending a monitoring notification to the cloud terminal according to monitoring requirements; the cloud terminal is used for sending a login authentication request to the cloud management platform, receiving the monitoring notification from the cloud management platform, starting a monitoring function and a video recording function on a terminal where a user is located, and returning the video recording to the cloud management platform. The cloud terminal is used to realize the monitoring function, and the computing resources of the computing node are saved.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention belongs to the field of cloud system related technology, and in particular relates to a cloud desktop monitoring system and method. Background Technology

[0002] The statements in this section are merely background information related to the present invention and do not necessarily constitute prior art.

[0003] Cloud desktop technology is now quite mature, and the "monitoring" function is a feature already available on most cloud management platforms (such as Ovirt and OpenStack). However, enabling the "monitoring" function of a particular cloud desktop can also bring about several problems:

[0004] (1) Increased resource overhead on compute nodes. Each time a virtual machine with monitoring privileges is started, an additional virtual machine display connection is added, which greatly increases the network resource consumption of compute nodes, and the CPU resource consumption will also increase accordingly.

[0005] (2) The historical operation process of the cloud desktop cannot be retained. When it comes to confidential work or scenarios such as attack and defense drills and competitions, it is necessary to provide evidence of the user's computer operation process at any time to prevent the operator from denying violations. Traditional monitoring functions can no longer perform such functions. Summary of the Invention

[0006] To overcome the shortcomings of the prior art, the present invention provides a cloud desktop monitoring system and method, which monitors the user's cloud desktop from the perspective of "monitoring" the user terminal. All monitoring functions are implemented on the cloud terminal, saving computing resources of computing nodes.

[0007] To achieve the above objectives, one or more embodiments of the present invention provide the following technical solution: a cloud desktop monitoring system, comprising:

[0008] The cloud management platform is used to receive login authentication requests sent by cloud terminals, establish communication with cloud terminals, and send monitoring notifications to cloud terminals according to monitoring needs.

[0009] The cloud terminal is used to send login authentication requests to the cloud management platform; and to receive monitoring notifications from the cloud management platform while simultaneously activating the monitoring function and video recording function of the user's terminal, and returning the video recordings to the cloud management platform.

[0010] A second aspect of the present invention provides a method for monitoring a cloud desktop, comprising:

[0011] Obtain the login authentication request sent by the cloud terminal to the cloud management platform;

[0012] Based on the login authentication request, the cloud management platform communicates with the cloud terminal;

[0013] Through API microservice calls, the cloud management console notifies the cloud terminal corresponding to the user it is communicating with that it is under monitoring.

[0014] The cloud terminal enables streaming services and video recording for the corresponding user based on its monitoring status;

[0015] The cloud terminal encrypts the push service address and returns it to the cloud management platform.

[0016] The above one or more technical solutions have the following beneficial effects:

[0017] In this invention, all monitoring functions, such as screen recording and streaming, are implemented on the cloud terminal, without occupying any computing resources of the computing node, thus saving computing resources, especially network resources and CPU resources, of the computing node.

[0018] In this invention, backup of cloud desktop operation data is added, and administrators can also access all user operation records on the cloud terminal at any time, providing direct evidence for some scenarios that require operation evidence.

[0019] In this invention, the monitoring function adopts a broadcast method, which can greatly increase the number of connections of the monitoring terminal and eliminate broadband concurrency problems.

[0020] Advantages of additional aspects of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. Attached Figure Description

[0021] The accompanying drawings, which form part of this invention, are used to provide a further understanding of the invention. The illustrative embodiments of the invention and their descriptions are used to explain the invention and do not constitute an improper limitation of the invention.

[0022] Figure 1 This is a flowchart of a cloud desktop monitoring method according to Embodiment 1 of the present invention. Detailed Implementation

[0023] It should be noted that the following detailed descriptions are exemplary and intended to provide further illustration of the invention. Unless otherwise specified, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention pertains.

[0024] It should be noted that the terminology used herein is for the purpose of describing particular implementations only and is not intended to limit the exemplary implementations of the present invention.

[0025] Where there is no conflict, the embodiments and features in the embodiments of the present invention can be combined with each other.

[0026] The original cloud desktop "monitoring" function consumes CPU and other resources on the cloud server. When many cloud desktops are installed on the cloud server, and monitoring is enabled, concurrency and performance issues arise because the monitoring function is implemented by the server-side protocol and uses the TCP network protocol. This is because it consumes a lot of the server's own resources.

[0027] The overall idea proposed in this invention is to implement the monitoring function of the cloud desktop system from the perspective of the cloud terminal. It relies on the API interface between the cloud management platform and the client to control the cloud terminal itself, thereby realizing the monitoring of the user's virtual machine.

[0028] The "monitoring" function implemented in this invention on the cloud terminal is independent of the server. The monitoring function on the server is transferred to the client, allowing the client to implement the same and diverse monitoring functions using completely different technologies. Therefore, the server no longer consumes the computing and network resources for the monitoring function.

[0029] This invention reduces the pressure on the server side. In some scenarios, tens of thousands of cloud desktops are transmitting video, which can overwhelm even a 10-gigabit network. Therefore, the idea behind this invention is to alleviate the need for monitoring functions in such scenarios.

[0030] Example 1

[0031] like Figure 1 As shown, this embodiment discloses a cloud desktop monitoring system, characterized in that it includes:

[0032] The cloud management platform is used to receive login authentication requests sent by cloud terminals, establish communication with cloud terminals, and send monitoring notifications to cloud terminals according to monitoring needs.

[0033] The cloud terminal is used to send login authentication requests to the cloud management platform; and to receive monitoring notifications from the cloud management platform while simultaneously activating the monitoring and video recording functions of the cloud terminal where the user is located, and returning the monitoring records to the cloud management platform.

[0034] In this embodiment, an SSL_FTP encrypted file server is added to the cloud management platform to store historical data of cloud desktop operations.

[0035] The cloud terminal software includes a screen recording client (FFMPEG), a streaming RTMP server, and an API microservice. All communication between the cloud terminal and the cloud management console is encrypted using SSL.

[0036] When a cloud terminal authenticates a user login with the cloud management platform, it will add its MAC address, IP address, and username to the login authentication request and report them to the cloud management platform. The MAC address of the cloud terminal is used as a unique identifier to distinguish the cloud terminal.

[0037] After successful login authentication, the cloud management platform records the login status of the cloud terminal as "online" and the IP address of the cloud terminal. When the user switches to a different cloud terminal and logs in again, the cloud management platform will discard the original login information and update it with the latest cloud terminal's MAC address and IP address.

[0038] When a cloud management platform administrator selects one or more users for monitoring, the cloud management platform will make real-time API calls to the registered terminal microservices of the currently online users, notifying the corresponding user's cloud terminal that it is currently under monitoring. At this time, the cloud terminal will automatically invoke the screen recording function to record the user's operations in real time, and simultaneously enable the cloud terminal's RTMP push streaming service to broadcast the real-time video stream output by the recording client. The monitoring address is encrypted and returned to the cloud management platform, which records the encrypted address and binds it to the corresponding user terminal. After a successful API call, the interface additionally returns an encrypted RTMP live streaming address to the cloud management platform. The cloud management platform then records this address in the background.

[0039] In this embodiment, real-time monitoring is implemented by the administrator at any time during user monitoring. The administrator can access the screen monitoring view of the cloud terminal corresponding to the monitored user at any time on the cloud management platform. The real-time monitoring function is implemented using push streaming technology to solve the network concurrency problem.

[0040] Screen video recording function: While monitoring the screen in real time, the screen recording video is also saved locally. After the real-time monitoring is completed, the screen recording video can be uploaded to the cloud management platform.

[0041] As we can understand it, a cloud management platform is a large web service management console that manages many cloud desktops, cloud terminals, users, and the connections between them. The corresponding registered terminal microservices refer to small web services running on each cloud terminal (microservices can be understood as small web services). When the cloud management platform sends instructions (such as monitoring, screen recording, or streaming instructions) to one or more cloud terminals, it is essentially calling the web service interface (API) on those cloud terminals.

[0042] Understandably, when the "Monitoring" function in the "Cloud Management Platform" is enabled, the platform calls the "Microservice" (web service within the cloud terminal) of the "Cloud Terminal" to activate the screen recording function. Upon receiving the command value, the cloud terminal performs two actions:

[0043] 1. Enabling the screen recording function will record a video of your local screen and save it locally.

[0044] 2. Enable RTMP streaming service. This means that while recording the screen, the recorded video is not only saved locally in real time, but the current screen content is also streamed via RTMP.

[0045] When a cloud terminal enables broadcasting, it returns an encrypted broadcast address to the cloud management platform, which records this address in its database. When an administrator selects a monitored user (i.e., a cloud terminal, since each user is associated with a specific cloud terminal upon successful login) on the cloud management platform, they can access that user's terminal screen and view their terminal operations using the encrypted broadcast address.

[0046] In this implementation, when administrators or users with higher privileges want to monitor a user's cloud desktop, they can log in to the cloud management platform after higher-privilege authentication.

[0047] The cloud management platform updates the list of cloud terminals / users in real time. When a user is selected to be monitored, the cloud management platform queries the saved encrypted RTMP broadcast address, decrypts the address, and displays the terminal operation screen in real time based on the push stream address for monitoring.

[0048] In this embodiment, when a user terminal logs out, the cloud terminal calls the logout interface of the cloud management platform. After receiving the logout operation from the user terminal, the cloud terminal updates the user's terminal status to offline. The cloud terminal will automatically stop the streaming service and screen recording function, and automatically upload the operation video data of the cloud terminal to the FTP server for storage.

[0049] In this embodiment, by adding backup of the cloud desktop's operation data, the administrator can also retrieve all the user's operation records on the cloud terminal at any time, providing direct evidence for some scenarios that require operation evidence.

[0050] Existing cloud management platforms use different display channel connection technologies to achieve the same cloud desktop, which is a virtualization technology at the virtual machine level. This embodiment, however, uses screen recording and streaming technology on a cloud terminal, representing a completely different technical approach from existing technologies.

[0051] Furthermore, the existing monitoring function for cloud desktops is to monitor the cloud desktop itself. The implementation idea of ​​this embodiment is to monitor a specific user on the cloud terminal. Since the cloud desktop must run on the cloud terminal, all virtual machines under that user can be monitored. It can be seen that the monitoring level of this embodiment is different from the existing one.

[0052] Example 2

[0053] The purpose of this embodiment is to provide a method for monitoring cloud desktops, including the following steps:

[0054] Obtain the login authentication request sent by the cloud terminal to the cloud management platform;

[0055] Based on the login authentication request, the cloud management platform communicates with the cloud terminal;

[0056] Through API microservice calls, the cloud management console notifies the cloud terminal corresponding to the user it is communicating with that it is under monitoring.

[0057] The cloud terminal enables streaming services and video recording for the corresponding user based on its monitoring status;

[0058] The cloud terminal encrypts the push service address and returns it to the cloud management platform.

[0059] The cloud terminal calls the screen recording function to monitor and record the corresponding user. At the same time, it enables the RTMP push streaming service to broadcast the video stream output by the screen recording client. The push streaming service address is encrypted and returned to the cloud management platform. The cloud management platform records the encrypted push streaming service address and the corresponding bound screen recording client.

[0060] Those skilled in the art will understand that the modules or steps of the present invention described above can be implemented using general-purpose computer devices. Optionally, they can be implemented using computer-executable program code, thereby allowing them to be stored in a storage device for execution by a computer device, or they can be fabricated as separate integrated circuit modules, or multiple modules or steps can be fabricated as a single integrated circuit module. The present invention is not limited to any particular combination of hardware and software.

[0061] While the specific embodiments of the present invention have been described above in conjunction with the accompanying drawings, this is not intended to limit the scope of protection of the present invention. Those skilled in the art should understand that various modifications or variations that can be made by those skilled in the art without creative effort based on the technical solutions of the present invention are still within the scope of protection of the present invention.

Claims

1. A cloud desktop monitoring system, characterized in that, include: The cloud management platform is used to receive login authentication requests sent by cloud terminals and establish communication with cloud terminals. And send monitoring notifications to the cloud terminal according to monitoring needs; The cloud terminal is used to send login authentication requests to the cloud management platform; It receives monitoring notifications from the cloud management platform and simultaneously activates the monitoring and video recording functions for the user's terminal, then returns the recorded video data to the cloud management platform. The cloud terminal includes a recording client and a streaming server; The video recording client is used to monitor and record user operations. The streaming server is used to broadcast the monitoring video recordings from the recording client and return the encrypted streaming service address to the cloud management platform. The cloud management platform is also used to store and record the push streaming service address; When a cloud management platform administrator selects one or more users for monitoring, the cloud management platform will monitor and make real-time API calls to the registered terminal microservices of the existing online users, notifying the corresponding user's cloud terminal that it is currently under monitoring. At this time, the cloud terminal will automatically call the screen recording function to monitor and record the user's operation in real time. At the same time, the cloud terminal's RTMP push streaming service will be enabled and the real-time video stream output by the recording client will be broadcast. The push streaming service address will be encrypted and returned to the cloud management platform. The cloud management platform will record the encrypted address and bind it to the corresponding user terminal.

2. The cloud desktop monitoring system as described in claim 1, characterized in that, The communication between the cloud terminal and the cloud management platform is encrypted using SSL.

3. The cloud desktop monitoring system as described in claim 1, characterized in that, The login authentication request includes the cloud terminal's MAC address, IP address, and username.

4. The cloud desktop monitoring system as described in claim 1, characterized in that, The cloud terminal also includes an application programming interface (API) microservice, and the cloud management platform calls the API microservice to send operation instructions.

5. A cloud desktop monitoring system as described in claim 1, characterized in that, It also includes an SSL_FTP encrypted file server, which is used to store video recordings of monitoring operations on cloud terminals.

6. A method for monitoring a cloud desktop, utilizing the cloud desktop monitoring system as described in claim 1, characterized in that, Includes the following steps: Obtain the login authentication request sent by the cloud terminal to the cloud management platform; Based on the login authentication request, the cloud management platform communicates with the cloud terminal; Through API microservice calls, the cloud management console notifies the cloud terminal corresponding to the user it is communicating with that it is under monitoring. The cloud terminal enables streaming services and video recording for the corresponding user based on its monitoring status; The cloud terminal encrypts the push service address and returns it to the cloud management platform.