CN110224865A - A kind of log warning system based on Stream Processing - Google Patents
A kind of log warning system based on Stream Processing Download PDFInfo
- Publication number
- CN110224865A CN110224865A CN201910460756.7A CN201910460756A CN110224865A CN 110224865 A CN110224865 A CN 110224865A CN 201910460756 A CN201910460756 A CN 201910460756A CN 110224865 A CN110224865 A CN 110224865A
- Authority
- CN
- China
- Prior art keywords
- log
- configuration
- alarm
- module
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012545 processing Methods 0.000 title claims abstract description 34
- 230000009471 action Effects 0.000 claims abstract description 22
- 238000000034 method Methods 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 9
- 238000011069 regeneration method Methods 0.000 abstract 1
- 238000007726 management method Methods 0.000 description 7
- 230000006870 function Effects 0.000 description 6
- 230000000694 effects Effects 0.000 description 4
- 230000002159 abnormal effect Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 2
- 238000010168 coupling process Methods 0.000 description 2
- 238000005859 coupling reaction Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000001575 pathological effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000010223 real-time analysis Methods 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0654—Management of faults, events, alarms or notifications using network fault recovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0681—Configuration of triggering conditions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0686—Additional information in the notification, e.g. enhancement of specific meta-data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/069—Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
Abstract
Log warning system based on Stream Processing, comprising: project matching module: configuration needs received data source, configuration system to receive a crime report people, the matched rule of configuration log;Log matches module: for loading received data source, journal formatting, carrying out log matches according to log matches rule, and matched log is passed into diary action module;Log alarm conditions configuration module: the alarm conditions of configuration log;Diary action module: the alarm movement that then triggering corresponds to the log information sends alarm and receives a crime report people to system, and empties the Message Record of the log recorded before triggering.This system, which realizes, to be alerted the real-time matching of massive logs, synchronizes to multi-source data and monitor, more have people's management of efficiently receiving a crime report, alarm abundant realization, powerful self-regeneration function.
Description
Technical field
The present invention relates to field of computer technology more particularly to a kind of log warning systems based on Stream Processing.
Background technique
It is more and more using disposing with the development of business event, massive logs are generated therewith.Log is as a kind of effective
Record applies the tool of operating status, can be different to external calling encapsulation, state change, the entrance of system and outlet, business
Often, it is recorded the case where unexpected execution.Log is analyzed in real time, is able to ascend to run system and control, enhancing pair
In pathological system state, the treatment effeciency of abnormal traffic.The quickening danger processing speed of high degree, promotes the sound of enterprises service
Speed is answered, ensures the stability of application.
The running massive logs using output, having passed through manually to be monitored in real time.The routine of log makes
With all only after occurring extremely, technical staff and operation maintenance personnel just can search abnormal point by log, can not be fast at the first time
Orientation problem, the processing problem of speed.If attempting to do timely processing for abnormal conditions, need to bury a little in the application, although energy
Enough quick responses, but this processing greatly increases the degree of coupling of application, increases the complexity of code.Many enterprises at present
Already through using ELK to do log management, although kibana can analyze log, the alarm of response is triggered, is alerted
Mode is relatively single, and alarm packets function is simple, can not efficiently manage the people that receives a crime report.
Summary of the invention
In view of the above-mentioned deficiencies in the prior art, the technical problem to be solved by the present invention is that providing a kind of based on streaming
The log warning system of processing.
In order to solve the above technical problems, the technical solution adopted by the present invention is that:
First aspect of the present invention is to provide a kind of log alarm method based on Stream Processing, comprising the following steps:
Step 1: receiving data source;
Step 2: processing being formatted to the log in data source, forms the standard data format for corresponding to each application
Standard logs;
Step 3: every standard logs of each application are matched according to the log matches rule of configuration, if matching at
Function then generates a successful match and records information;
Step 4: being counted for the successful match record information that each application generates, if the record of successful match is believed
Breath meets the log alarm conditions of configuration, then generates warning information.
Further, further include step 5: the warning information generated in step 4 being sent to system and is received a crime report people.
The invention also discloses a kind of device/terminal device, including memory, processor and it is stored in the memory
In and the computer program that can run on the processor described in processor realize as above-mentioned when executing the computer program
A kind of the step of log alarm method based on Stream Processing.
The invention also discloses a kind of computer readable storage medium, the computer-readable recording medium storage has calculating
Machine program is realized when the computer program is executed by processor such as a kind of above-mentioned log alarm method based on Stream Processing
Step.
The second aspect of the present invention is to provide a kind of log warning system based on Stream Processing, comprising:
Project matching module: configuration needs received data source, configuration system to receive a crime report people, the matched rule of configuration log;
Log matches module: for loading received data source, journal formatting, carrying out log according to log matches rule
Matching, and matched log is passed into diary action module;
Log alarm conditions configuration module: the alarm conditions of configuration log;
Diary action module: judge whether the log information of the successful match counted in the unit time meets the alarm of log
Condition, if the judgment is Yes, then the alarm movement that triggering corresponds to the log information send alarm and receive a crime report people to system, and empty
The message of the log recorded before triggering.
In an advantageous embodiment, if the judgment is No, then diary action module does not trigger alarm movement.
In an advantageous embodiment, the message source that the data source passes through load needed for disposition data source add-on system
It constitutes.
Wherein it is preferred to which the log matches rule includes matching rule, data source, movement configuration.
Further, described " configuration project needs received data source ", including following one or more of: to log
Condition is configured, is configured to the generation path of log.
Further, it includes following one or more of for carrying out configuration to the condition of log: log alarm name, log are subordinate to
Belong to which kafka cluster, log topic, log platform, log collection mode and regular expression.
It is highly preferred that the rule of log matches further includes log path.
Further, the alarm conditions of configuration log include configurations match log information item number interval and matching log information
Item number threshold value.
Further, whether the log information for judging the successful match counted in the unit time is more than the matching log
Information bar number threshold value, if the judgment is Yes, then the alarm movement that triggering corresponds to the log information send alarm and receive a crime report to system
People, and empty the message of the log recorded before triggering.
Further, judge whether the log information interval of the successful match counted in the unit time meets the matching
Log information item number interval, if the judgment is Yes, then the alarm movement that triggering corresponds to the log information send alarm to system
Receive a crime report people, and empties the message of the log recorded before triggering.
It is highly preferred that the alarm conditions of configuration log further include configuration type of alarm and configuration time of fire alarming.
It is highly preferred that the alarm conditions of configuration log further include configuring newly-increased type of alarm.
Further, diary action module, is also used to configure self-healing condition, and the self-healing condition is pre-configured pair
The script that mistake is repaired in log.
It is highly preferred that system is received a crime report, people's information includes that serial number, the address ID, name, cell-phone number, mailbox, QQ and wechat etc. are appointed
It anticipates one kind.
Further, which further includes people's packet configuration module of receiving a crime report, people's packet configuration mould of receiving a crime report
Block is assigned under service groups for the people that will receive a crime report.
Further, which further includes log matches logging modle, and the log matches logging modle is used
In record log match information.
It is highly preferred that every log matches information include matching major key, error description, frequency of occurrence in the period, total degree,
HostName, rule name and recent renewal time.
It is highly preferred that log matches logging modle be also used to configurations match major key, rule name and or HostName, with
Inquire corresponding log matches information.
Further, log alarm action record module record log alarm action message include log alarm name,
Error description, alarm mode and alarm time.
Further, log information is converted to unified Message Record format by the log matches module, in the format
Include log details, log cluster, log topic, log path information.
Further, the log matches module can match unified log recording, finally by successful match
Data are sent to diary action module.
Further, after the matching of diary action module, the log recording for meeting rule match can be passed by Redis
It is delivered to diary action module.
The present invention greatly extends the effect of log, by the real-time analysis to log, realizes to using minute rank
Judgement, and can generate according to demand customization alarm, trigger corresponding script and automatically process exception, have good technology effect
Fruit is described as follows:
1. realizing the Stream Processing to more cluster logs
Before the log of the current magnanimity rank of enterprise, it can not go to check already simply by manpower and filter, common device is such as
The network equipment can provide usage log tool because of the difference of manufacturer, but be not available unified tool and managed concentratedly.It is logical
Deployment early period of O&M exploitation is crossed, we can be sent to Kafka collection by system log (such as syslog), using log concentration
The alarm to the minute rank of log has may be implemented in group, the log warning system based on streaming computing through the invention.It is right
The log of identical warning content, it is for statistical analysis, it concentrates and reports to the people that receives a crime report, corresponding alarming processing foot can also be configured
This, after reaching corresponding alarm threshold, carries out script self-healing management.
Application is usually deployed more ground multimachine room in enterprise, does corresponding superfluous calamity scheme, log is under the jurisdiction of different clusters, this hair
The bright log warning system based on streaming computing, can be managed collectively cluster, while the more clusters of loading processing, difference
The log information of topic really realizes the unified management of group internal log.
The management 2. realization alarm abundant is received a crime report
Difference based on business scenario, the people that receives a crime report need different settings, and because of the particularity of business, many alarms are needed in spy
The different period carries out Centralized Monitoring.By the way that alarm time is classified as working day, day off, daily, self defined time, managed in the time
Angle is managed, is classified to business demand, the efficiency of management is promoted.The present invention realizes wechat, short message, phone, four kinds of mail announcements
Police's formula, every kind of alarm can customize different warning contents, do specially treated for special screne, to protrude business spy
Point realizes efficiently alarm.For particular service, The invention also achieves the Trigger Functions of self-healing script, when log alarm detection
After reaching threshold value, the directive script of triggering can configure, to trigger corresponding self-healing movement, realize that failure is quickly repaired.
The Centralized Monitoring of application log in enterprise may be implemented, by efficiently quick to log progress in realization of the invention
Streaming computing, realization log is efficiently monitored, using alarm means abundant, reach the announcement to the minute rank of system log
It is alert, there is good use value.
Below by drawings and examples, technical scheme of the present invention will be described in further detail.
Detailed description of the invention
Fig. 1 is the application log warning system flow chart;
Fig. 2 be this application involves project configuration option.
Specific embodiment
Embodiment 1
From the angle of Message Processing, a kind of log warning system based on Stream Processing provided by the present application is handled
Signal source is unified from kafka platform, but because the journal format of different type application is different, for the effect for improving subsequent processing
Rate, system are formatted processing to log according to different types of service first, form the data format of standard, extract it
The message indicator of middle key, such as log path, log topic, log source cluster, the message that will acquire carry out unified envelope
After dress, it is transferred to the key component of system processing, keyword match is carried out to the message in log information.If successful match,
The record of successful match, matched data are then transferred to alarm movement processing module together, alarming processing action module can basis
The alarm period configured before is counted, if reaching alarm threshold in the period, that is, reaches log alert frequency, alarm movement
Module can trigger corresponding alarm movement.
For this purpose, log warning system of the application based on Stream Processing, comprising:
Project matching module: the main function of the module is exactly to configure that received data source, configuration system is needed to receive a crime report people
(such as serial number, the address ID, name, cell-phone number, mailbox, QQ and wechat etc. any one), the matched rule of configuration log, is played
The effect of configuration management.Data source is made up of the message source loaded needed for main disposition data source add-on system.Log alarm
System needs to configure matching rule, is matching rule, data source, movement configuration respectively.For example, referring to Fig. 2, system
Can support the matching rule of the following two kinds mode: i.e. and meanwhile meet (!!Meet when AND), condition is not met (!!NOT).Data
Configuration main configuration in source configures, to the generation path of log the condition (data source configuration or data source control) of log
It is configured, the condition of log mainly includes being under the jurisdiction of which kafka cluster, kafka Topic etc..Movement configuration can be to dynamic
The frequency of work is configured, and can also be configured to the people that receives a crime report.
Log matches module: to play the role of loading data source, journal formatting, log matches.Because business needs,
Kafka log information may be from different service clusters, be standardized administration, operation maintenance personnel or developer also can to log
Topic division is carried out, this module is exactly to load to the data source (kafka cluster+kafka topic) being configured.For
Promotion matching efficiency, the module can pre-process message, are converted to unified Message Record format, include in the format
Log details, log cluster, log topic, log path information.The module can match unified log recording.Most
The data of successful match are sent to diary action module afterwards.
Log alarm conditions configuration module: the alarm conditions of configuration log, such as the alarm conditions of configuration log include matching
Set matching log information item number interval (such as one minute frequency) and matching log information item number threshold value.The alarm bar of configuration log
Part can also include configuration type of alarm and configuration time of fire alarming.
Diary action module: log is sentenced after the matching of match messages module, there are the log recordings of rule match to lead to
Redis is crossed, diary action module is transmitted to.Diary action module can carry out matching statistics with one minute frequency, if should
The alarm log record of type does not reach alarm threshold, then it is just without any processing, if reaching the coupling number of the rule
Amount, the Message Record then corresponding alarm movement will be triggered, and before emptying.Diary action module can be also used for configuring
Self-healing condition, the self-healing condition are pre-configured to the script that mistake is repaired in log.
In one embodiment, which further includes log matches logging modle, the log matches record
Module is used for record log match information.Wherein, every log matches information includes matching major key, error description, going out in the period
Occurrence number, total degree, HostName, rule name and recent renewal time.
Wherein, log matches logging modle can be also used for configurations match major key, rule name and or HostName, with
Inquire corresponding log matches information.
Referring to Fig.1, log warning system of the present embodiment based on Stream Processing and the log alarm based on Stream Processing
Method is as follows:
Step 1: receiving data source, the log of multiple applications is adjusted to kafka;
Step 2: being formatted processing to the log in kafka is adjusted to for each application, formed to correspond to and each be answered
The standard logs of standard data format;Standard logs include log details, log cluster, log topic and log path;
Step 3: every standard logs of each application are matched according to the log matches rule of configuration, if matching at
Function then generates a successful match and records information;
Step 4: being counted for the successful match record information that each application generates, if the record of successful match is believed
Breath meets the log alarm conditions of configuration, then generates warning information;
Step 5: the system that the warning information generated in step 4 is sent to configuration is received a crime report people.
The invention also discloses a kind of device/terminal device, including memory, processor and it is stored in the memory
In and the computer program that can run on the processor described in processor realize as above one when executing the computer program
The step of planting the log alarm method based on kafka.
The invention also discloses a kind of computer readable storage medium, the computer-readable recording medium storage has calculating
Machine program, when the computer program is executed by processor realize as above a kind of log alarm method based on kafka the step of.
The record information of such as the following table 1 is generated after the completion of configuration.
Table 1
After the completion of the configuration of Log Source configuration module, Kafka Stream proposes the information configured according to Log Source configuration module
It takes corresponding log information to be formatted processing according to parsing template, forms the log information of standard data format;Such as table 1,
Kafka Stream extracts this log of baoxin@syslog and handles according to universal formatting, forms standard data format
Baoxin@syslog log information;
The log information of above-mentioned standard data format includes log collection cluster, log topic, log platform, log road
Diameter and log collection mode;
The log information of standard data format is as shown in table 2.
Table 2
Log path and log content actual information are too long in table 2, therefore are replaced with *, should not be construed as at formatting herein
Log path and log content after reason are *.
Log alarming assignment configuration module, for the matching rule of configuration log and the alarm conditions of configuration log;
In the present embodiment, the matching rule of configuration log includes configuration log alarm name, log kafka cluster, log
Topic, log platform, log collection mode and regular expression;
It is as shown in table 3 to configure the matching rule completed.
Table 3
Log path actual information is too long in table 3, therefore is replaced with *, should not be construed as the day in configurations match rule herein
Will path is *.
In conclusion this system makes full use of the ability of such as streaming computing of Kafka Stream, enriches alarm and realize
Means realize a kind of log warning system based on streaming computing in conjunction with routine use scene.It realizes to massive logs
Real-time matching alarm, it is synchronous to multi-source data monitor, more there is people's management of efficiently receiving a crime report, alarm abundant to realize, it is powerful from
My repair function.
Specific embodiments of the present invention are described in detail above, but it is merely an example, the present invention is simultaneously unlimited
It is formed on particular embodiments described above.To those skilled in the art, any couple of present invention carries out equivalent modifications and
Substitution is also all among scope of the invention.Therefore, without departing from the spirit and scope of the invention made by equal transformation and
Modification, all should be contained within the scope of the invention.
Claims (10)
1. a kind of log warning system based on Stream Processing, which is characterized in that including
Project matching module: configuration needs received data source, configuration system to receive a crime report people, the matched rule of configuration log;Log
Matching module: for loading received data source, journal formatting, carrying out log matches, and general according to log matches rule
The log matched passes to diary action module;
Log alarm conditions configuration module: the alarm conditions of configuration log;
Diary action module: judge whether the log information of the successful match counted in the unit time meets the alarm bar of log
Part, if the judgment is Yes, then the alarm movement that triggering corresponds to the log information send alarm and receive a crime report people to system, and empty touching
The message of the log recorded before hair.
2. log warning system according to claim 1, which is characterized in that the data source is added by disposition data source
The message source loaded needed for adding system is constituted.
3. matching rule according to claim 1, which is characterized in that the log matches rule includes matching rule, number
According to source, movement configuration.
4. log warning system according to claim 1, which is characterized in that described " configuration project needs received data
Source ", including following one or more of: being configured to the condition of log, configured to the generation path of log.
5. movement configuration module according to claim 1, which is characterized in that the log matches module turns log information
It is melted into unified Message Record format, includes log details, log cluster, log topic, log path information in the format.
6. movement configuration module according to claim 5, which is characterized in that the log matches module can be to unified day
Will record is matched, and the data of successful match are finally sent to diary action module.
7. log warning system according to claim 6, which is characterized in that after the matching of diary action module, meet
The log recording of rule match can be transmitted to diary action module by Redis.
8. a kind of log alarm method based on Stream Processing, which comprises the following steps:
Step 1: receiving data source;
Step 2: processing being formatted to the log in data source, forms the mark for corresponding to the standard data format of each application
Quasi- log;
Step 3: every standard logs of each application are matched according to the log matches rule of configuration, if successful match,
It then generates a successful match and records information;
Step 4: being counted for the successful match record information that each application generates, if the record information of successful match accords with
The log alarm conditions for closing configuration, then generate warning information.
9. a kind of computer readable storage medium, which is characterized in that the computer-readable recording medium storage has computer journey
Sequence realizes a kind of log alarm based on Stream Processing as claimed in claim 8 when the computer program is executed by processor
The step of method.
10. a kind of device/terminal device, which is characterized in that including memory, processor and store in the memory simultaneously
Processor described in the computer program that can be run on the processor realizes such as claim 8 when executing the computer program
A kind of the step of log alarm method based on Stream Processing.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910460756.7A CN110224865A (en) | 2019-05-30 | 2019-05-30 | A kind of log warning system based on Stream Processing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910460756.7A CN110224865A (en) | 2019-05-30 | 2019-05-30 | A kind of log warning system based on Stream Processing |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110224865A true CN110224865A (en) | 2019-09-10 |
Family
ID=67818593
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910460756.7A Pending CN110224865A (en) | 2019-05-30 | 2019-05-30 | A kind of log warning system based on Stream Processing |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110224865A (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111581054A (en) * | 2020-04-30 | 2020-08-25 | 重庆富民银行股份有限公司 | ELK-based log point-burying service analysis and alarm system and method |
CN112115019A (en) * | 2020-08-26 | 2020-12-22 | 上海汇付数据服务有限公司 | Application log monitoring method and system for application program |
CN112395160A (en) * | 2020-11-18 | 2021-02-23 | 上海许继电气有限公司 | Method, device and system for generating relay protection fault report |
CN113055490A (en) * | 2021-03-24 | 2021-06-29 | 杭州群核信息技术有限公司 | Data storage method and device |
CN113176978A (en) * | 2021-04-30 | 2021-07-27 | 平安壹钱包电子商务有限公司 | Monitoring method, system and device based on log file and readable storage medium |
CN113391973A (en) * | 2021-05-24 | 2021-09-14 | 青岛海信智慧生活科技股份有限公司 | Internet of things cloud container log collection method and device |
CN113420422A (en) * | 2021-05-31 | 2021-09-21 | 济南浪潮数据技术有限公司 | Alarm log proportion prediction method, system, device and medium |
CN114584457A (en) * | 2022-03-22 | 2022-06-03 | 北京结慧科技有限公司 | Log analysis alarm method and platform for system |
CN116560937A (en) * | 2023-03-27 | 2023-08-08 | 中国华能集团有限公司北京招标分公司 | Alarm engine using method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106371986A (en) * | 2016-09-08 | 2017-02-01 | 上海新炬网络技术有限公司 | Log treatment operation and maintenance monitoring system |
CN106385331A (en) * | 2016-09-08 | 2017-02-08 | 努比亚技术有限公司 | Method and system for monitoring alarm based on log |
CN107104840A (en) * | 2017-05-21 | 2017-08-29 | 郑州云海信息技术有限公司 | A kind of daily record monitoring method, apparatus and system |
CN107832196A (en) * | 2017-11-28 | 2018-03-23 | 广东金赋科技股份有限公司 | A kind of monitoring device and monitoring method for real-time logs anomalous content |
-
2019
- 2019-05-30 CN CN201910460756.7A patent/CN110224865A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106371986A (en) * | 2016-09-08 | 2017-02-01 | 上海新炬网络技术有限公司 | Log treatment operation and maintenance monitoring system |
CN106385331A (en) * | 2016-09-08 | 2017-02-08 | 努比亚技术有限公司 | Method and system for monitoring alarm based on log |
CN107104840A (en) * | 2017-05-21 | 2017-08-29 | 郑州云海信息技术有限公司 | A kind of daily record monitoring method, apparatus and system |
CN107832196A (en) * | 2017-11-28 | 2018-03-23 | 广东金赋科技股份有限公司 | A kind of monitoring device and monitoring method for real-time logs anomalous content |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111581054A (en) * | 2020-04-30 | 2020-08-25 | 重庆富民银行股份有限公司 | ELK-based log point-burying service analysis and alarm system and method |
CN111581054B (en) * | 2020-04-30 | 2024-04-09 | 重庆富民银行股份有限公司 | Log embedded point service analysis alarm system and method based on ELK |
CN112115019A (en) * | 2020-08-26 | 2020-12-22 | 上海汇付数据服务有限公司 | Application log monitoring method and system for application program |
CN112395160A (en) * | 2020-11-18 | 2021-02-23 | 上海许继电气有限公司 | Method, device and system for generating relay protection fault report |
CN113055490A (en) * | 2021-03-24 | 2021-06-29 | 杭州群核信息技术有限公司 | Data storage method and device |
CN113176978B (en) * | 2021-04-30 | 2023-07-21 | 平安壹钱包电子商务有限公司 | Monitoring method, system, equipment and readable storage medium based on log file |
CN113176978A (en) * | 2021-04-30 | 2021-07-27 | 平安壹钱包电子商务有限公司 | Monitoring method, system and device based on log file and readable storage medium |
CN113391973B (en) * | 2021-05-24 | 2022-11-25 | 青岛海信智慧生活科技股份有限公司 | Internet of things cloud container log collection method and device |
CN113391973A (en) * | 2021-05-24 | 2021-09-14 | 青岛海信智慧生活科技股份有限公司 | Internet of things cloud container log collection method and device |
CN113420422A (en) * | 2021-05-31 | 2021-09-21 | 济南浪潮数据技术有限公司 | Alarm log proportion prediction method, system, device and medium |
CN114584457A (en) * | 2022-03-22 | 2022-06-03 | 北京结慧科技有限公司 | Log analysis alarm method and platform for system |
CN116560937A (en) * | 2023-03-27 | 2023-08-08 | 中国华能集团有限公司北京招标分公司 | Alarm engine using method |
CN116560937B (en) * | 2023-03-27 | 2024-02-27 | 中国华能集团有限公司北京招标分公司 | Alarm engine using method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110224865A (en) | A kind of log warning system based on Stream Processing | |
CN102981943B (en) | The method and system of monitoring application daily record | |
CN109634818A (en) | Log analysis method, system, terminal and computer readable storage medium | |
CN107508722B (en) | Service monitoring method and device | |
CN111176879A (en) | Fault repairing method and device for equipment | |
CN108197261A (en) | A kind of wisdom traffic operating system | |
CN101976885B (en) | Remote intelligent network management power management system | |
CN108763957A (en) | A kind of safety auditing system of database, method and server | |
WO2019223062A1 (en) | Method and system for processing system exceptions | |
CN112468472A (en) | Security policy self-feedback method based on security log association analysis | |
CN106649055A (en) | Domestic CPU (central processing unit) and operating system based software and hardware fault alarming system and method | |
CN110209518A (en) | A kind of multi-data source daily record data, which is concentrated, collects storage method and device | |
CN109669835A (en) | MySQL database monitoring method, device, equipment and readable storage medium storing program for executing | |
CN111143167B (en) | Alarm merging method, device, equipment and storage medium for multiple platforms | |
CN104504014A (en) | Data processing method and device based on large data platform | |
CN201204643Y (en) | Synthesis safety remote monitoring centralized management system | |
CN110929896A (en) | Security analysis method and device for system equipment | |
CN101610169A (en) | Internet multimedia content monitoring method and device thereof | |
CN103986607A (en) | Voice-sound-light alarm monitoring system for intelligent data center | |
CN116257021A (en) | Intelligent network security situation monitoring and early warning platform for industrial control system | |
CN105553691A (en) | Monitoring alarm realization method based on electric power supervision information | |
CN114070871A (en) | Safety protection networking alarm device | |
CN104539449B (en) | A kind of failure information processing method and relevant apparatus | |
CN107820270B (en) | GPRS interface monitoring system based on GSM-R network | |
CN116166499A (en) | Data monitoring method and device, electronic equipment and nonvolatile storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190910 |