高效审计!Spring AOP + 多线程 + 批量处理的智能解决方案

开发 前端
本方案基于 Spring AOP 实现自动拦截日志操作,结合 异步任务执行 提升系统吞吐能力,并采用 批量存储 降低数据库压力,从而构建了一套高效、低耦合的审计日志解决方案。

在现代企业应用中,审计日志(Audit Log)是必不可少的功能。它不仅可以用于安全合规审计,还能帮助开发者进行系统调试与问题排查。然而,传统的日志记录方式往往存在性能瓶颈,例如同步记录日志可能会影响系统响应速度,而单条插入数据库的方式则容易造成数据库压力过大。

为了解决这些问题,我们可以结合 Spring AOP异步处理 和 批量存储,实现一个高效、可靠的审计日志方案。本篇文章将详细讲解该方案的设计思路,并提供完整的代码实现。

关键需求

  • 记录核心业务操作的完整轨迹
  • 捕获操作前后的数据状态
  • 包含操作者信息、时间戳及变更详情
  • 采用异步存储,减少对主业务流程的影响

解决方案

自定义注解

package com.icoderoad.audit.annotation;

import java.lang.annotation.*;

@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interfaceOperationAudit{
    /** 操作类型标识 */
    StringoperationCode();
    /** 操作描述(支持 SpEL 表达式) */
    Stringdescription() default"";
    /** 操作者表达式 */
    Stringoperator() default"@auditOperator.getName";
    /** 操作前状态 */
    StringpreState() default"";
    /** 操作后状态 */
    StringpostState() default"";
}

审计实体及存储

审计记录实体

package com.icoderoad.audit.entity;


import jakarta.persistence.*;
import java.time.LocalDateTime;


@Entity
@Table(name = "sys_audit_log")
public class AuditRecord {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;
    private String operationCode;
    @Column(length = 500)
    private String description;
    private String operator;
    private LocalDateTime operationTime;
    @Lob
    private String preState;
    @Lob
    private String postState;
    private boolean success;
    private String errorMessage;
}

数据访问层

package com.icoderoad.audit.repository;


import com.icoderoad.audit.entity.AuditRecord;
import org.springframework.data.jpa.repository.JpaRepository;


public interface AuditRepository extends JpaRepository<AuditRecord, Long> {}

异步审计记录器

package com.icoderoad.audit.service;


import com.icoderoad.audit.entity.AuditRecord;
import com.icoderoad.audit.repository.AuditRepository;
import org.springframework.stereotype.Component;
import java.util.*;
import java.util.concurrent.*;


@Component
public class AuditRecorder {
    private static final long MAX_FLUSH_INTERVAL = 3000;
    private volatile long lastFlushTime = System.currentTimeMillis();
    private final BlockingQueue<AuditRecord> auditQueue = new LinkedBlockingQueue<>(1000);
    private final Executor executor = Executors.newSingleThreadExecutor();
    private final AuditRepository auditRepository;


    public AuditRecorder(AuditRepository auditRepository) {
        this.auditRepository = auditRepository;
        startConsumer();
    }


    public void record(AuditRecord record) {
        if (!auditQueue.offer(record)) {
            System.err.println("审计队列已满,记录被丢弃: " + record);
        }
    }


    private void startConsumer() {
        executor.execute(() -> {
            List<AuditRecord> buffer = new ArrayList<>(100);
            while (!Thread.interrupted()) {
                try {
                    AuditRecord record = auditQueue.poll(MAX_FLUSH_INTERVAL, TimeUnit.MILLISECONDS);
                    if (record != null) {
                        buffer.add(record);
                    }
                    if (buffer.size() >= 100 || System.currentTimeMillis() - lastFlushTime > MAX_FLUSH_INTERVAL) {
                        if (!buffer.isEmpty()) {
                            auditRepository.saveAll(buffer);
                            buffer.clear();
                            lastFlushTime = System.currentTimeMillis();
                        }
                    }
                } catch (InterruptedException e) {
                    Thread.currentThread().interrupt();
                }
            }
        });
    }
}

审计切面

package com.icoderoad.audit.aspect;


import com.icoderoad.audit.annotation.OperationAudit;
import com.icoderoad.audit.entity.AuditRecord;
import com.icoderoad.audit.service.AuditRecorder;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.*;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.BeanFactoryAware;
import org.springframework.expression.*;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.expression.spel.support.StandardEvaluationContext;
import org.springframework.stereotype.Component;
import java.lang.reflect.Method;
import java.time.LocalDateTime;


@Aspect
@Component
public class AuditAspect implements BeanFactoryAware {
    private final AuditRecorder auditRecorder;
    private BeanFactory beanFactory;
    private final ExpressionParser parser = new SpelExpressionParser();
    private final ParameterNameDiscoverer parameterNameDiscoverer = new DefaultParameterNameDiscoverer();


    public AuditAspect(AuditRecorder auditRecorder) {
        this.auditRecorder = auditRecorder;
    }


    @Around("@annotation(auditAnnotation)")
    public Object auditOperation(ProceedingJoinPoint joinPoint, OperationAudit auditAnnotation) throws Throwable {
        Method method = ((MethodSignature) joinPoint.getSignature()).getMethod();
        Object[] args = joinPoint.getArgs();
        EvaluationContext context = createEvaluationContext(method, args);


        AuditRecord record = prepareAuditRecord(auditAnnotation, context);
        record.setPreState(evaluateExpression(auditAnnotation.preState(), context));


        try {
            Object result = joinPoint.proceed();
            context.setVariable("result", result);
            record.setPostState(evaluateExpression(auditAnnotation.postState(), context));
            record.setSuccess(true);
            return result;
        } catch (Exception ex) {
            record.setSuccess(false);
            record.setErrorMessage(ex.getMessage());
            throw ex;
        } finally {
            auditRecorder.record(record);
        }
    }


    private EvaluationContext createEvaluationContext(Method method, Object[] args) {
        MethodBasedEvaluationContext context = new MethodBasedEvaluationContext(null, method, args, parameterNameDiscoverer);
        context.setBeanResolver(new BeanFactoryResolver(this.beanFactory));
        return context;
    }


    private AuditRecord prepareAuditRecord(OperationAudit annotation, EvaluationContext context) {
        AuditRecord record = new AuditRecord();
        record.setOperationCode(annotation.operationCode());
        record.setDescription(evaluateExpression(annotation.description(), context));
        record.setOperator(evaluateExpression(annotation.operator(), context));
        record.setOperationTime(LocalDateTime.now());
        return record;
    }


    private String evaluateExpression(String expr, EvaluationContext context) {
        try {
            return parser.parseExpression(expr).getValue(context, String.class);
        } catch (Exception e) {
            return "";
        }
    }


    @Override
    public void setBeanFactory(BeanFactory beanFactory) {
        this.beanFactory = beanFactory;
    }
}

测试

package com.icoderoad.audit.service;


import com.icoderoad.audit.annotation.OperationAudit;
import org.springframework.stereotype.Service;


@Service
public class OrderService {
    @OperationAudit(
        operationCode = "ORDER_STATUS_UPDATE",
        description = "'订单状态更新: ' + #orderNo",
        preState = "#oldStatus",
        postState = "#newStatus"
    )
    public void updateOrderStatus(String orderNo, Integer oldStatus, Integer newStatus) {
        // 业务逻辑...
    }
}

结论

本方案基于 Spring AOP 实现自动拦截日志操作,结合 异步任务执行 提升系统吞吐能力,并采用 批量存储 降低数据库压力,从而构建了一套高效、低耦合的审计日志解决方案。

在实际应用中,该方案能够有效提升日志存储的效率,同时减少对主业务流程的影响。如果你的系统需要高效的日志管理,推荐采用该方案,并可根据业务需求进一步扩展,例如支持多数据源存储、日志清理策略等。

责任编辑:武晓燕 来源: 路条编程
相关推荐

2009-09-14 19:39:14

批量线程同步

2024-07-12 11:35:20

2010-02-04 11:57:32

ibmdw商务智能

2023-07-21 09:57:06

2022-11-08 14:17:39

2010-02-25 15:19:43

SAPSaaSBI

2023-10-31 16:20:12

2023-10-31 15:04:12

人工智能自然语言处理

2024-01-02 10:46:13

2012-05-18 11:17:58

Java多线程

2010-01-14 14:34:48

千兆智能交换机

2021-01-21 15:48:56

物联网智慧城市5G

2022-05-20 06:14:57

人工智能AI

2025-01-07 08:20:00

2009-07-15 17:09:32

Swing线程

2023-08-02 11:30:13

自动化人工智能

2023-08-02 15:12:20

人工智能交通运输

2012-05-15 09:57:39

运维安全\运维审计

2011-11-10 16:18:25

2011-08-02 11:23:34

甲骨文税收应用商务智能
点赞
收藏

51CTO技术栈公众号