CN113268370B - Root cause alarm analysis method, system, equipment and storage medium - Google Patents
Root cause alarm analysis method, system, equipment and storage medium Download PDFInfo
- Publication number
- CN113268370B CN113268370B CN202110513431.8A CN202110513431A CN113268370B CN 113268370 B CN113268370 B CN 113268370B CN 202110513431 A CN202110513431 A CN 202110513431A CN 113268370 B CN113268370 B CN 113268370B
- Authority
- CN
- China
- Prior art keywords
- alarm
- root cause
- node
- alarms
- edge
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/0703—Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
- G06F11/079—Root cause analysis, i.e. error or fault diagnosis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/24—Classification techniques
- G06F18/241—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches
- G06F18/2415—Classification techniques relating to the classification model, e.g. parametric or non-parametric approaches based on parametric or probabilistic models, e.g. based on likelihood ratio or false acceptance rate versus a false rejection rate
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/04—Architecture, e.g. interconnection topology
- G06N3/045—Combinations of networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N3/00—Computing arrangements based on biological models
- G06N3/02—Neural networks
- G06N3/08—Learning methods
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Data Mining & Analysis (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Life Sciences & Earth Sciences (AREA)
- Artificial Intelligence (AREA)
- Biomedical Technology (AREA)
- Evolutionary Computation (AREA)
- Computing Systems (AREA)
- Molecular Biology (AREA)
- General Health & Medical Sciences (AREA)
- Computational Linguistics (AREA)
- Mathematical Physics (AREA)
- Software Systems (AREA)
- Biophysics (AREA)
- Probability & Statistics with Applications (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Bioinformatics & Computational Biology (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Evolutionary Biology (AREA)
- Quality & Reliability (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a root cause alarm analysis method, a system, equipment and a storage medium, comprising the following steps: preprocessing alarm data, mining the alarm data based on an SR-ASM algorithm to obtain an alarm sequence, and converting the alarm sequence into an alarm relation diagram; according to the alarm relation diagram and the alarm self characteristics, the root alarm is identified by utilizing the root alarm identification model SGC-RAI, and the identified root alarm is recommended.
Description
Technical Field
The invention belongs to the field of alarm analysis, and relates to a root cause alarm analysis method, a root cause alarm analysis system, root cause alarm analysis equipment and a storage medium.
Background
Tens of thousands of alarm logs constitute an alarm flood. Among the alarms, some alarms occur frequently and are repeatedly reported, and some alarms have complex association relations. If the alarms are not processed, the alarms are compressed and the direct alarm log is pushed to the manager, the processing efficiency of each alarm is quite low, and the processing effect is positively related to the experience of the manager. Therefore, the most important task of the network alarm analysis is to use an algorithm to greatly reduce the alarm quantity presented to the operation and maintenance personnel of the management center, and push only root cause alarms. In the past root cause analysis research, a great deal of work is to research the association and causal relationship of alarms, then compress the alarms based on the association and causal relationship, and predict the alarms by root cause positioning. The method in this aspect is mainly divided into two categories, alarm correlation analysis and root cause analysis. The alarm correlation analysis is mainly realized by a data mining correlation algorithm, and mainly comprises a clustering algorithm, a frequent item mining algorithm, a time sequence relation mining algorithm and the like. There are many different approaches to alert root cause analysis, of which rule-based root cause analysis systems are more common in applications. The rules in such systems are expert-experienced crystallization, with the feature of being less sophisticated. However, in the increasingly complex network system, such methods require significant costs in terms of rule formulation, maintenance and updating. Along with the development of big data technology and data mining technology, some students put forward the concept of intelligent operation and maintenance, and a machine learning algorithm is applied to the tasks of root cause and fault analysis, so that the accuracy of root cause positioning is improved, and the operation and maintenance cost is effectively reduced. Such methods are the main trend in the future, however no specific process is given at the present stage.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a root cause alarm analysis method, a system, equipment and a storage medium.
In order to achieve the above object, the root cause alarm analysis method of the present invention includes:
preprocessing alarm data, mining the alarm data by using an SR-ASM algorithm to obtain an alarm sequence, and converting the alarm sequence into an alarm relation diagram;
and according to the alarm relation diagram, the root cause alarm is identified by utilizing a root cause alarm identification model SGC-RAI, and the identified root cause alarm is recommended.
Further comprises: further judging the two-way edges in the alarm relation graph and giving weight to each pair of relations on the graph according to the confidence and the lifting degree.
The process of preprocessing the alarm data comprises the following steps: and carrying out de-duplication, sequencing and grouping according to network elements and time windows on the alarm data.
According to the alarm relation diagram and the alarm characteristics, the specific operation process of carrying out root cause alarm analysis by utilizing the root cause alarm identification model SGC-RAI is as follows:
for a group of alarm sequences of root cause alarms to be analyzed, vectorizing text features of the alarms to obtain the features of each alarm, extracting the relation features of the alarms according to an alarm relation graph, performing supervised training on a root cause alarm identification model SGC-RAI by using the self features and the relation features of the alarms, and then performing root cause alarm identification by using the trained root cause alarm identification model SGC-RAI.
And de-duplicating the alarm group, training a GloVe model and a TF-IDF model by taking text information of all alarms as a corpus, inputting the word segmentation of the alarm name into the trained GloVe model for one alarm log to obtain word vector characteristics of the word segmentation of the alarm name, and weighting the word vector characteristics by using the trained TF-IDF model to obtain the characteristics of the alarm itself and obtaining the association information of the alarm according to an alarm relation diagram.
The root cause alarm identification model SGC-RAI comprises two layers of airspace map convolution layers, a pooling layer and a full-connection layer, wherein local information is aggregated by the two layers of airspace map convolution layers, all fault information is extracted by the pooling layer through element-wise maximum pooling operation, the fault information is injected into an alarm to obtain new alarm representation, finally, the characteristics of the alarm are converted into a value through the shared full-connection layer, the root cause score of the alarm is obtained through Softmax normalization, and the alarm with the largest root cause score is taken as the root cause alarm.
The operation process (inspired by relation graph convolution) of the two airspace graph convolution layers is as follows:
where v is the alarm in the alarm sequence and k is the kth layer.For the output of the k-th layer->For the acquired neighborhood information->Is a learnable linearityAnd (5) transforming. N (N) 1 (v) And N 2 (v) Respectively representing a set of two classes of neighbors of node v. N (N) 1 ) The node in v) is connected with the node v by an edge, and the direction of the edge is pointed by the node v to the neighbor node, N 2 (v) The node in (a) is connected with the node v by an edge, and the direction of the edge is pointed to the node v by a neighbor node. w (v, u) represents the corresponding prior weight of the edge from node v to neighbor node u in the alarm correlation graph, and w (u, v) represents the corresponding prior weight of the edge from neighbor node u to node v in the alarm correlation graph.
The operation of aggregating global information is:
wherein G is a correlation diagram formed by the whole alarm sequence:
the root cause alarm prediction is calculated as:
a root cause alert analysis system comprising:
the mining module is used for preprocessing the alarm data, mining the alarm data by using an SR-ASM algorithm to obtain an alarm sequence, and converting the alarm sequence into an alarm relation diagram;
and the identification module is used for identifying the root cause alarm by utilizing the root cause alarm identification model SGC-RAI according to the alarm relation diagram and the text characteristics of the alarm, and recommending the identified root cause alarm. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the root cause alert analysis method when the computer program is executed.
A computer readable storage medium storing a computer program which when executed by a processor implements the steps of the root cause alert analysis method.
The invention has the following beneficial effects:
the root cause alarm analysis method, system, equipment and storage medium of the invention excavate alarm data based on the increasing reliability and SR-ASM algorithm to obtain alarm sequence, convert the alarm sequence into alarm relation diagram, avoid missing valuable alarm related information, improve the accuracy of identification, then utilize root cause alarm identification model SGC-RAI to identify root cause alarm, effectively reduce dependence on expert experience, reduce operation and maintenance cost, and improve identification efficiency.
Drawings
FIG. 1 is a graph of judgment logic for pattern growth in an SR-ASM algorithm;
FIG. 2 is a flow chart of alarm correlation mining in accordance with the present invention;
FIG. 3 is a frame diagram of the invention based on alarm recognition;
FIG. 4 is a schematic diagram of a root cause alert recognition model in the present invention;
Detailed Description
In order to make the present invention better understood by those skilled in the art, the following description will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings, and it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments, but not intended to limit the scope of the present disclosure. In addition, in the following description, descriptions of well-known structures and techniques are omitted so as not to unnecessarily obscure the concepts of the present disclosure. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
The root cause alarm analysis method of the invention comprises the following steps:
1) Discovering associations between alarms based on sequence pattern mining;
mining alarm data based on an SR-ASM algorithm to obtain an alarm sequence, converting the alarm sequence into an alarm relation diagram, further judging the direction of a bidirectional edge in the alarm relation diagram, and giving a weight to each pair of relations according to the confidence level and the lifting level;
in particular, in consideration of large occurrence frequency difference of different alarms, the invention only depends on the support index to mine the alarm data and easily omits valuable alarm related information, so the invention modifies the traditional frequent sequence pattern mining algorithm prefix span to provide a concept of increasing reliability and a valuable alarm sequence in the alarm sequence mining algorithm SR-ASM for mining the alarm data, wherein the SR-ASM takes an alarm sequence database as input and valuable alarm sequences as output.
2) And identifying root cause alarms based on the graph network.
And according to the alarm relation diagram, carrying out root cause alarm analysis by utilizing a root cause alarm identification model SGC-RAI.
Specifically, the invention utilizes the method of the graph neural network to extract the characteristics of the alarm and judge the root cause alarm. The invention applies the ideas of space domain diagram convolution and pooling to provide a root cause alarm identification model SGC-RAI, wherein the SGC-RAI model can enable each alarm to aggregate local and global information so as to obtain more distinguishing characteristics, and finally the characteristics are transformed and normalized to obtain root cause scores.
Referring to fig. 1, the core details of the SR-ASM, the SR-ASM is an algorithm proposed based on PrefixSpan, and the prefix pattern growing method is also adopted to mine all valuable alarm sequences, when the prefix grows, the invention proposes the concept of growing the reliability GR, wherein given the prefix α, a new sequence s formed by combining the item b on the basis of the prefix α is combined to form the reliability of the valuable prefix, and the reliability of the valuable prefix is obtained by:
the original PreFixSpan algorithm only carries out mode growth judgment through the support degree, if the minimum support degree requirement is met, the prefix continues to grow, when the prefix grows, the support degree and the growth reliability are considered, the prefix growth judgment logic as shown in figure 1 is provided, the support degree and the growth reliability GR are used for judging the mode continues to grow together, and two indexes can continue to grow when meeting one mode.
SR-ASM algorithm idea
Similar to the PrefixSpan algorithm, the SR-ASM continuously performs prefix growth by a recursive method, specifically, first, starting from 1-prefix (k=1), performing projection on each 1-prefix to obtain a database composed of all suffixes, and counting the support degree of each item b in the database;
when the support degree of b is more than or equal to the minimum support degree, continuously increasing the prefix into (k+1) -prefix, and then performing recursion mining;
and when the support degree of b is less than the minimum support degree, calculating the growth reliability GR, if GR is more than or equal to min_GR, continuously growing the prefix into (k+1) -prefix, and then recursively mining, otherwise, stopping growing.
And so on, recursion is performed until the projected database is empty or the sequence length constraint is reached.
When the program is started, the prefix is empty, special treatment is needed in the SR-ASM algorithm, the invention sets a lower support limit t, and when the support of the items in the database reaches t, the prefix is 1-prefix.
Fig. 2 is an alarm correlation mining flow adopted by the present invention, and the specific process is:
1a) Building an alarm sequence database:
and grouping, sorting, de-duplication and serializing massive and discrete alarm records, wherein the input of the link is the original alarm log record, and the output is the constructed alarm sequence database S.
2a) Mining valuable alarm sequences:
the database S is used as input, and an SR-ASM algorithm is executed to obtain a valuable alarm sequence and the support degree thereof.
3a) Generating an alarm relationship network:
and (3) representing the relation among alarms by adopting the form of a network diagram to the alarm sequence obtained in the step (2 a), wherein the alarms are used as nodes on the network diagram, and the sequence is used as a path on the network diagram. If there are two-way sides on the constructed graph and the support degree in one direction is more than two times of the support degree in the other direction, deleting the side with lower support degree, otherwise deleting both sides.
Calculating the weight of each Edge, wherein the weights Edge (A-B) of the corresponding edges from the alarm A to the alarm B are calculated weight The method comprises the following steps:
referring to fig. 3, when it is required to determine the root cause alarm in a set of alarm sequences, two types of features are used as input of an identification model, wherein the two types of features are text features of the alarms and associated features between the alarms respectively, and output of the identification model is the root cause alarm. Because the alarm log is in the form of text, the invention adopts the idea of text vectorization in the natural language processing task. The method of combining the GloVe model and the TF-IDF model is adopted to represent the alarm, the GloVe model and the TF-IDF model are trained by taking the alarm log as a corpus, the vector length is 50, and the vector of the characteristics of one alarm is expressed as follows:
referring to FIG. 4, the root cause alert identification model SGC-RAI uses a set of alert features X ε R N*D And its relation matrix A epsilon R N*N As input, N represents the number of alarms in the sequence and D represents the dimension of the alarm feature. The root cause alarm recognition model SGC-RAI is divided into 3 parts from left to right, local information is first aggregated by using 2-layer space domain graph convolution, then all fault information is extracted by using element-wise maximum pooling operation, the fault information is injected into an alarm, node information is updated again, and finally alarm characteristics are converted into root cause scores by shared full-connection layers and normalization operation.
The convolution operation (inspired by the relation graph convolution) in the invention is as follows:
where v is the alarm in the alarm sequence and k is the kth layer.For the output of the k-th layer->For the acquired neighborhood information->Is a learnable linear transformation. N (N) 1 (v) And N 2 (v) Respectively representing a set of two classes of neighbors of node v. N (N) 1 (v) The node in the tree is connected with the node v by an edge, the direction of the edge is pointed to the neighbor node by the node v, N 2 (v) The node in (a) is connected with the node v by an edge, and the direction of the edge is pointed to the node v by a neighbor node. w (v, u) represents the corresponding prior weight of the edge from node v to neighbor node u in the alarm correlation graph, w (u, v) representsThe corresponding prior weights of the edges from the neighbor node u to the node v in the alarm association graph.
The operation of aggregating global information is:
wherein G is a correlation diagram formed by the whole alarm sequence:
the root cause alarm prediction is calculated as:
a root cause alert analysis system comprising:
the mining module is used for preprocessing the alarm data, mining the alarm data by using the proposed SR-ASM algorithm to obtain an alarm sequence, and converting the alarm sequence into an alarm relation diagram;
and the identification module is used for identifying the root cause alarm by utilizing the proposed root cause alarm identification model SGC-RAI according to the alarm relation diagram and the text characteristics of the alarm, and recommending the identified root cause alarm. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the root cause alert analysis method when the computer program is executed.
A computer readable storage medium storing a computer program which when executed by a processor implements the steps of the root cause alert analysis method.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart 1 flowchart and/or block diagram 1 or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart 1 flowchart and/or block diagram 1 or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart 1 flowchart and/or block diagram 1 or blocks.
Finally, it should be noted that: the above embodiments are only for illustrating the technical aspects of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the above embodiments, it should be understood by those of ordinary skill in the art that: modifications and equivalents may be made to the specific embodiments of the invention without departing from the spirit and scope of the invention, which is intended to be covered by the claims.
Claims (8)
1. A root cause alert analysis method, comprising:
preprocessing alarm data, mining the alarm data by using an SR-ASM algorithm to obtain an alarm sequence, and converting the alarm sequence into an alarm relation diagram;
according to the alarm relation diagram and the characteristics of the alarms, the root cause alarms are identified by utilizing a root cause alarm identification model SGC-RAI, and the identified root cause alarms are recommended;
the root cause alarm identification model SGC-RAI comprises two layers of airspace map convolution layers, a pooling layer and a full-connection layer, wherein local information is aggregated by the two layers of airspace map convolution layers, global fault information is extracted by the pooling layer by using element-wise maximum pooling operation, the fault information is injected into an alarm to obtain new alarm representation, the characteristics of the alarm are converted into numerical values by the shared full-connection layer, the root cause score of the alarm is obtained by using Softmax normalization, and the alarm with the largest root cause score is taken as the root cause alarm;
the operation process of the two airspace map convolution layers is as follows:
where v is the alarm in the alarm sequence, k is the kth layer,for the output of the k-th layer->In order to obtain the neighborhood information,as a learnable linear transformation, N 1 (v) And N 2 (v) Respectively representing a set of two types of neighbors of node v, N 1 (v) The node in the tree is connected with the node v by an edge, the direction of the edge is pointed to the neighbor node by the node v, N 2 (v) The node in the alarm correlation graph is connected with the node v by an edge, the direction of the edge is pointed to the node v by a neighbor node, w (v, u) represents the corresponding prior weight of the edge from the node v to the neighbor node u in the alarm correlation graph, w (u, v) represents the corresponding prior weight of the edge from the neighbor node u to the node v in the alarm correlation graph, and the operation of aggregating global information is as follows:
wherein G is a correlation diagram formed by the whole alarm sequence:
the root cause alarm prediction is calculated as:
2. the root cause alert analysis method of claim 1, further comprising: and judging the directions of the two-way edges in the alarm relation diagram, and giving weight to each pair of relations on the alarm relation diagram according to the confidence and the lifting degree.
3. The root cause alert analysis method of claim 1, wherein the preprocessing of alert data comprises: and carrying out de-duplication, sequencing and grouping according to network elements and time windows on the alarm data.
4. The root cause alarm analysis method according to claim 1, wherein the specific operation procedure of performing root cause alarm analysis by using a root cause alarm recognition model SGC-RAI according to the alarm relationship diagram and the alarm self characteristics is:
and vectorizing the text features of the alarms to obtain the characteristics of the alarms per se for a group of alarm sequences of the root cause alarms to be analyzed, extracting the relation features of the alarms according to the alarm relation graph, and performing supervised training on the root cause alarm identification model SGC-RAI by utilizing the characteristics of the alarms per se and the relation features, wherein the labels are the root cause alarms, and then performing root cause alarm identification by utilizing the trained root cause alarm identification model SGC-RAI.
5. The root cause alarm analysis method according to claim 1, wherein the alarm group is de-duplicated, text information of all alarms is used as a corpus to train a GloVe model and a TF-IDF model, wherein for an alarm log, the word segmentation of the alarm name is input into the trained GloVe model to obtain word vector features of the alarm name word segmentation, the trained TF-IDF model is used to weight the word vector features to obtain the features of the alarms, and the relevant information of the alarms is obtained according to an alarm relation diagram.
6. A root cause alert analysis system, comprising:
the mining module is used for preprocessing the alarm data, mining the alarm data by using an SR-ASM algorithm to obtain an alarm sequence, and converting the alarm sequence into an alarm relation diagram;
the identification module is used for identifying the root cause alarm by utilizing a root cause alarm identification model SGC-RAI according to the alarm relation diagram and the characteristics of the alarm per se, and recommending the identified root cause alarm;
the root cause alarm identification model SGC-RAI comprises two layers of airspace map convolution layers, a pooling layer and a full-connection layer, wherein local information is aggregated by the two layers of airspace map convolution layers, global fault information is extracted by the pooling layer by using element-wise maximum pooling operation, the fault information is injected into an alarm to obtain new alarm representation, the characteristics of the alarm are converted into numerical values by the shared full-connection layer, the root cause score of the alarm is obtained by using Softmax normalization, and the alarm with the largest root cause score is taken as the root cause alarm;
the operation process of the two airspace map convolution layers is as follows:
where v is the alarm in the alarm sequence, k is the kth layer,for the output of the k-th layer->In order to obtain the neighborhood information,as a learnable linear transformation, N 1 (v) And N 2 (v) Respectively representing a set of two types of neighbors of node v, N 1 (v) The node in the tree is connected with the node v by an edge, the direction of the edge is pointed to the neighbor node by the node v, N 2 (v) The node in the alarm association graph is connected with the node v by an edge, the direction of the edge points to the node v from the neighbor node, and w (v, u) represents the corresponding prior weight of the edge from the node v to the neighbor node u in the alarm association graphHeavy, w (u, v) represents the corresponding prior weight of the edge from the neighbor node u to the node v in the alarm association graph, and the operation of aggregating global information is as follows:
wherein G is a correlation diagram formed by the whole alarm sequence:
the root cause alarm prediction is calculated as:
7. a computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the root cause alert analysis method according to any one of claims 1 to 5 when the computer program is executed.
8. A computer readable storage medium storing a computer program, wherein the computer program when executed by a processor implements the steps of the root cause alert analysis method according to any one of claims 1 to 5.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110513431.8A CN113268370B (en) | 2021-05-11 | 2021-05-11 | Root cause alarm analysis method, system, equipment and storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110513431.8A CN113268370B (en) | 2021-05-11 | 2021-05-11 | Root cause alarm analysis method, system, equipment and storage medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113268370A CN113268370A (en) | 2021-08-17 |
CN113268370B true CN113268370B (en) | 2023-05-23 |
Family
ID=77230486
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110513431.8A Active CN113268370B (en) | 2021-05-11 | 2021-05-11 | Root cause alarm analysis method, system, equipment and storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113268370B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115022153B (en) * | 2022-06-07 | 2024-04-23 | 中国工商银行股份有限公司 | Fault root cause analysis method, device, equipment and storage medium |
CN116233311B (en) * | 2023-05-08 | 2023-07-14 | 天津金城银行股份有限公司 | Automatic outbound testing method, device, computer equipment and storage medium |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111814967A (en) * | 2020-09-11 | 2020-10-23 | 鹏城实验室 | Method, apparatus and storage medium for calculating inferential computation of neural network model |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6393386B1 (en) * | 1998-03-26 | 2002-05-21 | Visual Networks Technologies, Inc. | Dynamic modeling of complex networks and prediction of impacts of faults therein |
CN113946461A (en) * | 2018-06-15 | 2022-01-18 | 华为技术有限公司 | Fault root cause analysis method and device |
CN111897673B (en) * | 2020-07-31 | 2022-10-21 | 平安科技(深圳)有限公司 | Operation and maintenance fault root cause identification method and device, computer equipment and storage medium |
CN112181758B (en) * | 2020-08-19 | 2023-07-28 | 南京邮电大学 | Fault root cause positioning method based on network topology and real-time alarm |
CN112182387B (en) * | 2020-09-29 | 2023-08-25 | 中国人民大学 | Personalized search method with time information enhancement |
CN112312443A (en) * | 2020-10-13 | 2021-02-02 | 西安电子科技大学 | Mass alarm data processing method, system, medium, computer equipment and application |
CN112367678A (en) * | 2020-10-15 | 2021-02-12 | 深圳力维智联技术有限公司 | Micro base station monitoring method and device and storage medium |
-
2021
- 2021-05-11 CN CN202110513431.8A patent/CN113268370B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111814967A (en) * | 2020-09-11 | 2020-10-23 | 鹏城实验室 | Method, apparatus and storage medium for calculating inferential computation of neural network model |
Also Published As
Publication number | Publication date |
---|---|
CN113268370A (en) | 2021-08-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2021103492A1 (en) | Risk prediction method and system for business operations | |
CN111428054A (en) | Construction and storage method of knowledge graph in network space security field | |
CN110597735A (en) | Software defect prediction method for open-source software defect feature deep learning | |
CN113268370B (en) | Root cause alarm analysis method, system, equipment and storage medium | |
CN112217674B (en) | Alarm root cause identification method based on causal network mining and graph attention network | |
CN112100397A (en) | Electric power plan knowledge graph construction method and system based on bidirectional gating circulation unit | |
CN110633366A (en) | Short text classification method, device and storage medium | |
CN113779272A (en) | Data processing method, device and equipment based on knowledge graph and storage medium | |
CN114816497B (en) | Link generation method based on BERT pre-training model | |
CN114463596A (en) | Small sample image identification method, device and equipment of hypergraph neural network | |
CN117010373A (en) | Recommendation method for category and group to which asset management data of power equipment belong | |
CN111159328A (en) | Information knowledge fusion system and method | |
CN116578336A (en) | Software clone detection method based on plagiarism-detector countermeasure | |
CN116561264A (en) | Knowledge graph-based intelligent question-answering system construction method | |
CN115841105A (en) | Event extraction method, system and medium based on event type hierarchical relation | |
CN114036319A (en) | Power knowledge extraction method, system, device and storage medium | |
CN117668259B (en) | Knowledge-graph-based inside and outside data linkage analysis method and device | |
Lv et al. | CEP rule extraction framework based on evolutionary algorithm | |
CN116431757B (en) | Text relation extraction method based on active learning, electronic equipment and storage medium | |
CN117235646A (en) | Abnormal transaction identification method and device | |
CN117669723A (en) | Knowledge-graph-based space human factor information learning and reasoning method and device | |
CN116955560A (en) | Data processing method and system based on thinking chain and knowledge graph | |
CN115757694A (en) | Recruitment industry text recall method, system, device and medium | |
Zhang | Research on Malicious Code Detection Techniques Based on Data Mining and Machine Learning | |
CN115827893A (en) | Skill culture knowledge map generation method, device, equipment and medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |