Monitoring method and device for target data diffusion process

The invention discloses a monitoring method and device for a target data diffusion process. Specifically, the method includes the following steps: performing acquisition and analysis on logs of big data platform components and logs recorded by network equipment, security equipment, hosts, databases and other equipment involved in a data flow process, identifying and marking access operation classlogs of sensitive data, taking source IPs, destination IPs, operating objects and other attributes as conditions, horizontally associating the access operation class logs of all sensitive data, and generating a target data flow path. Thereby, the analysis of a flow and diffusion process of the sensitive data in a big data environment can be realized, and all access flow paths of the sensitive datacan be discovered comprehensively and accurately. 本发明公开了种目标数据扩散过程的监控方法及装置，具体的，通过对大数据平台组件的日志以及数据流转过程中所涉及的网络设备、安全设备、主机、数据库等设备所记录的日志进行采集以及解析处理，识别并标识敏感数据访问操作类日志，以源IP、目的IP、操作对象等属性为条件，横向关联所有敏感数据的访问操作类日志，生成目标数据流转途径，进而可以实现对大数据环境下的敏感数