CN116095203A - Analysis method based on TRAP message and related equipment - Google Patents
Analysis method based on TRAP message and related equipment Download PDFInfo
- Publication number
- CN116095203A CN116095203A CN202310106843.9A CN202310106843A CN116095203A CN 116095203 A CN116095203 A CN 116095203A CN 202310106843 A CN202310106843 A CN 202310106843A CN 116095203 A CN116095203 A CN 116095203A
- Authority
- CN
- China
- Prior art keywords
- trap
- information
- trap message
- message
- determining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004458 analytical method Methods 0.000 title abstract description 10
- 238000000034 method Methods 0.000 claims description 62
- 238000009960 carding Methods 0.000 claims description 36
- 238000001914 filtration Methods 0.000 claims description 11
- 239000002071 nanotube Substances 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 10
- 230000000694 effects Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 238000010606 normalization Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/08—Protocols for interworking; Protocol conversion
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The disclosure provides a TRAP message-based analysis method and related equipment, and relates to the technical field of communication. Matching corresponding target rules in a preset TRAP library according to event ID information, equipment manufacturer information, equipment type information and equipment model information of the TRAP message; determining a readability field according to the target rule and the TRAP message; and determining a target TRAP message according to TRAP message description information and a readability field in a preset TRAP library, wherein the target TRAP message represents the analyzed TRAP message. The present disclosure is capable of escaping messages of the same type into a unified readable descriptive language, thereby facilitating interpretation of TRAP messages.
Description
Technical Field
The disclosure relates to the technical field of communication, and in particular relates to a method for analyzing a TRAP message and related equipment.
Background
With the deep construction of the IPX comprehensive network management, the number of butt joint manufacturers is gradually increased, and the equipment types of the nanotubes are gradually increased. In the nanotube process, the TRAP message itself is composed of TRAP OID and VALUE for it, and has no readability.
In the prior art, a user inquires and reads the TRAP message through the MIB library, but as the types and versions of equipment are increased, various manufacturers newly increase a plurality of types of private MIB libraries, and the user is difficult to read.
It should be noted that the information disclosed in the above background section is only for enhancing understanding of the background of the present disclosure and thus may include information that does not constitute prior art known to those of ordinary skill in the art.
Disclosure of Invention
The present disclosure provides a method and related device for analyzing TRAP messages, which at least to some extent overcomes the problem of difficulty in reading TRAP messages in the related art.
Other features and advantages of the present disclosure will be apparent from the following detailed description, or may be learned in part by the practice of the disclosure.
According to one aspect of the present disclosure, there is provided a method for parsing a TRAP message, including: matching corresponding target rules in a preset TRAP library according to event ID information, equipment manufacturer information, equipment type information and equipment model information of the TRAP message; determining a readability field according to the target rule and the TRAP message; and determining a target TRAP message according to TRAP message description information and the readability field in a preset TRAP library, wherein the target TRAP message represents the analyzed TRAP message.
In some embodiments, before the event ID information, the device vendor information, the device type information, and the device model information according to the TRAP message match the corresponding target gauge in the preset TRAP library, the method further includes: acquiring a TRAP message; and determining corresponding equipment manufacturer information, equipment type information and equipment model information according to the IP information of the TRAP message.
In some embodiments, said determining the readability field according to the target rule and the TRAP message comprises: acquiring an Object Identifier (OID) to be analyzed of the TRAP message; and escaping the OID, and determining a readability field.
In some embodiments, said determining the target TRAP message according to the TRAP message description in the preset TRAP library and said readability field comprises: and assembling the readability field according to TRAP message description information in the preset TRAP library to determine a target TRAP message.
In some embodiments, the pre-set TRAP library comprises: determining a TRAP message carding table according to the IPX information; and determining a preset TRAP library according to the TRAP message carding table and the knowledge reserve information.
In some embodiments, the determining the preset TRAP library according to the TRAP message carding table and knowledge storage information includes: according to the TRAP message carding table and the knowledge reserve information, converting MIB files of the existing nanotube equipment, classifying according to the TRAP message carding table, and determining classification information; and according to the classification information, analyzing, filtering and normalizing the TRAP information of the same class of each manufacturer, and determining a preset TRAP library.
In some embodiments, the TRAP message comb table comprises: specialty, manufacturer, device type, device model, alarm object type, alarm title, manufacturer alarm ID, manufacturer alarm level, redefined alarm level, version number, alarm type, alarm standard name.
According to another aspect of the present disclosure, there is also provided a TRAP message-based parsing apparatus, including: the target rule matching module is used for matching corresponding target rules in a preset TRAP library according to event ID information, equipment manufacturer information, equipment type information and equipment model information of the TRAP message; a readability field determining module, configured to determine a readability field according to the target rule and the TRAP message; and the target TRAP message determining module is used for determining target TRAP messages according to TRAP message description information and the readability field in a preset TRAP library, wherein the target TRAP messages represent analyzed TRAP messages.
In some embodiments, the analysis device based on the TRAP message further includes an information acquisition determining module, configured to: acquiring a TRAP message; and determining corresponding equipment manufacturer information, equipment type information and equipment model information according to the IP information of the TRAP message.
In some embodiments, the readability field determining module is specifically configured to: acquiring an object identifier OID to be analyzed of the TRAP message; the OID is escape and the readability field is determined.
In some embodiments, the target TRAP message determining module is specifically configured to: and assembling the readability field according to TRAP message description information in a preset TRAP library to determine a target TRAP message.
In some embodiments, the TRAP library preset in the target rule matching module includes: determining a TRAP message carding table according to the IPX information; and determining a preset TRAP library according to the TRAP message carding table and the knowledge reserve information.
In some embodiments, the TRAP library preset in the target rule matching module includes: according to the TRAP message carding table and the knowledge reserve information, converting MIB files of the existing nanotube equipment, classifying according to the TRAP message carding table, and determining classification information;
and according to the classification information, analyzing, filtering and normalizing the TRAP information of the same class of each manufacturer, and determining a preset TRAP library.
According to another aspect of the present disclosure, there is also provided an electronic device including: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to perform the TRAP message-based parsing method of any one of the above via execution of the executable instructions.
According to another aspect of the present disclosure, there is also provided a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements the TRAP message-based parsing method of any one of the above.
According to another aspect of the present disclosure, there is also provided a computer program product comprising a computer program which, when executed by a processor, implements the TRAP message-based parsing method of any one of the above.
According to the analysis method based on the TRAP message, corresponding target rules are matched in a preset TRAP library according to event ID information, equipment manufacturer information, equipment type information and equipment model information of the TRAP message; determining a readability field according to the target rule and the TRAP message; and determining a target TRAP message according to TRAP message description information and a readability field in a preset TRAP library, wherein the target TRAP message represents the analyzed TRAP message. In the embodiment of the disclosure, the messages of the same type can be converted into the unified readable descriptive language by carrying out matching classification according to the event ID information, the equipment manufacturer information, the equipment type information and the equipment model information of the TRAP message, so that the interpretation of the TRAP message is facilitated.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the principles of the disclosure. It will be apparent to those of ordinary skill in the art that the drawings in the following description are merely examples of the disclosure and that other drawings may be derived from them without undue effort.
Fig. 1 shows a schematic diagram of a TRAP library of a TRAP message-based parsing method in an embodiment of the present disclosure;
fig. 2 is a schematic diagram illustrating a TRAP message standardization process of a TRAP message-based parsing method in an embodiment of the present disclosure;
FIG. 3 shows a flow chart of a method of parsing based on TRAP messages in an embodiment of the present disclosure;
FIG. 4 is a flowchart of an embodiment of a method for analyzing TRAP messages according to an embodiment of the present disclosure;
fig. 5 is a flowchart illustrating another specific example of a TRAP message-based parsing method in an embodiment of the present disclosure;
FIG. 6 is a flowchart of another embodiment of a TRAP message-based parsing method according to an embodiment of the present disclosure;
FIG. 7 is a flowchart of another embodiment of a method for analyzing TRAP messages according to an embodiment of the present disclosure;
fig. 8 is a schematic diagram of an apparatus for analyzing a method based on TRAP messages in an embodiment of the disclosure;
fig. 9 is a block diagram illustrating a computer device according to an embodiment of the present disclosure;
fig. 10 shows a schematic diagram of a computer-readable storage medium in an embodiment of the disclosure.
Detailed Description
Example embodiments will now be described more fully with reference to the accompanying drawings. However, the exemplary embodiments may be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus a repetitive description thereof will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in software or in one or more hardware modules or integrated circuits or in different networks and/or processor devices and/or microcontroller devices.
For ease of understanding, before describing embodiments of the present disclosure, several terms referred to in the embodiments of the present disclosure are first explained as follows:
IPX: internetwork Packet Exchange protocol, internet packet-switched protocol;
MIB: management Information Base, managing an information base;
IP: internet Protocol, internetworking protocol;
ID: identity Document, identification number of ID card;
SNMP: simple Network Management Protocol, simple network management protocol;
OID: object IDentifier, an object identifier.
The following detailed description of embodiments of the present disclosure refers to the accompanying drawings.
Fig. 1 shows a schematic diagram of a TRAP library to which the TRAP message-based parsing method in an embodiment of the present disclosure may be applied. As shown in fig. 1, the TRAP library 101 may include an optical power out-of-limit, a port protocol Down, and a link state Down.
The establishment of the TRAP standardization rule base (corresponding to the TRAP base described above) includes:
aiming at the use requirement of an IPX network management system, a set of TRAP message standardized carding table is established and carded, and takes TRAP alarm messages as an example, the method comprises the following steps: fields such as specialty, manufacturer, equipment type, equipment model, alarm object type, alarm title, manufacturer alarm ID, manufacturer alarm level, redefined alarm level, version number, alarm type, alarm standard name, etc.;
according to the establishment of the standardized carding table, converting MIB files of the existing nanotube equipment through knowledge storage and classifying according to the standardized carding table;
and according to the classification, analyzing, filtering and grading the TRAP messages of the same class of each manufacturer to form a TRAP standardized rule base.
The port protocol Down may include: manufacturer information, device type information, device model information, TRAP event ID information, etc.
For example, in one example, the port protocol Down includes:
manufacturer information: manufacturer a, equipment type information: router, device model information: NE40E-X8, TRAP event ID information 1.3.6.1.4.1.2636.4.4.0.4;
manufacturer information: manufacturer B, device type information: router, device model information: NX480, TRAP event ID information 1.3.6.1.4.1.3902.3.302.8.1;
manufacturer information: manufacturer, equipment type information: switch, device model information: 5960-52TM TRAP event ID information 1.3.6.1.2.1.15.7.1.
Fig. 2 is a schematic diagram illustrating a TRAP message standardization process of a TRAP message-based parsing method in an embodiment of the present disclosure, as shown in fig. 2, in an embodiment of the present disclosure, after receiving a TRAP message sent by a corresponding server, the following operations are performed:
s201, matching corresponding equipment manufacturer, equipment type and equipment model according to IP (matching equipment according to IP);
s202, matching corresponding standardized rules (carrying out message matching according to equipment and TRAP event OID) in a TRAP standardized rule base through equipment manufacturer, equipment type, equipment model and TRAP ID;
s203, automatically acquiring TRAP OID to be analyzed according to a standardized rule, and escaping the OID to be converted into a readability field (TRAP message escaping is performed through a standardized rule base);
s204, according to TRAP message description in the standardized rule base, the escaped fields are assembled into a section of descriptive language.
Wherein, in one embodiment, S204 comprises:
s2041: TRAP message filtering is carried out through a standardized rule base;
s2042: and matching the output templates, and formatting the message.
The TRAP automatic matching and classifying effect is achieved through TRAP message matching; through TRAP message escape, the effect of converting the difficult-to-read message into the message with readability is achieved; through the redefinition of TRAP message fields and the template matching function, the differences of manufacturers, models and types are shielded, and the effect of normalizing TRAP message standards is formed.
Fig. 3 shows a flowchart of a method for analyzing a TRAP message according to an embodiment of the present disclosure, and as shown in fig. 3, the method for analyzing a TRAP message according to an embodiment of the present disclosure includes the following steps:
s302, matching corresponding target rules in a preset TRAP library according to event ID information, equipment manufacturer information, equipment type information and equipment model information of the TRAP message.
The TRAP message may be a warning message sent to the SNMP manager to notify the network status. The equipment manufacturer information may be name information of equipment manufacturers, for example, a manufacturer, B manufacturer, C manufacturer. The device type information may be an internet device, e.g., a router, a switch. The device model information may be factory identity information of the device, such as NE40E-X8, NX480, 5960-52. The predetermined TRAP library may be a database for organizing, storing, and managing data, for example, the predetermined TRAP library is the TRAP standardization rule library. The target rule is a TRAP standardized rule base, for example, analysis, filtration and ranking operations are performed on the same class TRAP messages of each manufacturer according to classification, so as to form the TRAP standardized rule base.
For example, by device vendor, device type, device model, TRAP ID, the corresponding standardized rules are matched in a TRAP standardized rule base.
In one example, after receiving the TRAP message sent by the corresponding server, the program matches the corresponding standardized rule (corresponding to the target rule) in a TRAP standardized rule library (corresponding to the preset TRAP library) through a device vendor (corresponding to the device vendor information), a device type (corresponding to the device type information), a device model (corresponding to the device model information), and a TRAP ID (corresponding to the event ID information of the TRAP message).
S304, determining a readability field according to the target rule and the TRAP message.
It should be noted that the above-mentioned fields may be computer programming terms, each field describing a certain feature of the document, namely the data item, and having a unique field identifier for computer recognition.
For example, the TRAP OID to be resolved is automatically obtained according to the standardized rule, and the OID is converted into a readability field.
S306, determining a target TRAP message according to TRAP message description information and a readability field in a preset TRAP library, wherein the target TRAP message represents the analyzed TRAP message.
It should be noted that the target TRAP message may be a descriptive language.
The fields that have been escape are assembled into a descriptive language, for example, from TRAP message descriptions in a standardized rule base.
In specific implementation, by matching and classifying the TRAP message according to the event ID information, the equipment manufacturer information, the equipment type information and the equipment model information, the same type of message can be converted into a unified readable descriptive language, thereby facilitating the interpretation of the TRAP message.
In an embodiment of the present disclosure, as shown in fig. 4, the analysis method based on the TRAP message provided in the embodiment of the present disclosure may determine equipment manufacturer information, equipment type information and equipment model information corresponding to the TRAP message, and may accurately match the corresponding equipment manufacturer information, equipment type information and equipment model information of the TRAP message by:
s402, acquiring TRAP information;
s404, corresponding equipment manufacturer information, equipment type information and equipment model information are determined according to the IP information of the TRAP message.
In one embodiment of the present disclosure, as shown in fig. 5, the analysis method based on TRAP messages provided in the embodiment of the present disclosure may determine the readability field through the following steps, and may accurately obtain the information to be analyzed:
s502, obtaining an object identifier OID to be analyzed of the TRAP message;
and S504, escaping the OID, and determining a readability field.
In one embodiment of the present disclosure, the target TRAP message includes, according to a TRAP message description and readability field in a preset TRAP library: and assembling the readability field according to TRAP message description information in a preset TRAP library to determine a target TRAP message.
In one embodiment of the present disclosure, as shown in fig. 6, the analysis method based on the TRAP message provided in the embodiment of the present disclosure may establish a preset TRAP library through the following steps, so as to meet the use requirement of the IPX network management system:
s602, determining a TRAP message carding table according to the IPX information;
s604, determining a preset TRAP library according to the TRAP message carding table and the knowledge reserve information.
In one embodiment of the disclosure, according to the TRAP message carding table and the knowledge reserve information, converting MIB files of existing nanotube devices and classifying according to the TRAP message carding table to determine classification information; and according to the classification information, analyzing, filtering and normalizing the TRAP information of the same class of each manufacturer, and determining a preset TRAP library.
For example, according to the establishment of the standardized carding table, the MIB file of the existing nanotube equipment is converted through knowledge reserve and classified according to the standardized carding table; and according to the classification, analyzing, filtering and grading the TRAP messages of the same class of each manufacturer to form a TRAP standardized rule base.
In one embodiment of the present disclosure, the TRAP message comb table includes: specialty, manufacturer, device type, device model, alarm object type, alarm title, manufacturer alarm ID, manufacturer alarm level, redefined alarm level, version number, alarm type, alarm standard name.
The method and the device realize automatic TRAP message classification, and match and classify TRAP messages through manufacturers, equipment types, models.
The present disclosure enables TRAP message automation escape, forming a readable message body.
The method and the device realize redefinition of the message fields, perform unified redefinition according to the group specification aiming at the difference fields defined by each manufacturer, and remove the difference.
The present disclosure enables normalization of TRAP messages, through a unified message template, to escape the same type of message into a unified readable descriptive language.
Fig. 7 is a flowchart illustrating a specific example of a method for analyzing a TRAP message according to an embodiment of the present disclosure, and as shown in fig. 7, the method for analyzing a TRAP message according to an embodiment of the present disclosure includes the following steps:
s702, in the IPX network management system, after receiving the TRAP message sent by the southbound server, the system matches the corresponding manufacturer, device type and device model through its IP, as shown in the following Table 1.
TABLE 1
S704, matching corresponding standardized rules through fields such as TRAP event ID and manufacturer.
S706, the present TRAP message is escape and the output template is matched as shown in table 2 below.
TABLE 2
S708, the following TRAP message is finally output. As shown in table 3 below.
TABLE 3 Table 3
Based on the same inventive concept, the embodiments of the present disclosure further provide a device for parsing a TRAP message, as described in the following embodiments. Since the principle of solving the problem of the embodiment of the device is similar to that of the embodiment of the method, the implementation of the embodiment of the device can be referred to the implementation of the embodiment of the method, and the repetition is omitted.
Fig. 8 shows a schematic diagram of a parsing apparatus based on TRAP messages in an embodiment of the disclosure, as shown in fig. 8, the apparatus includes: a target rule matching module 81, a readability field determining module 82, a target TRAP message determining module 83 and an information acquisition determining module 84.
The target rule matching module 81 is configured to match a corresponding target rule in a preset TRAP library according to event ID information, equipment manufacturer information, equipment type information and equipment model information of the TRAP message;
a readability field determining module 82, configured to determine a readability field according to the target rule and the TRAP message;
the target TRAP message determining module 83 is configured to determine a target TRAP message according to TRAP message description information and a readability field in a preset TRAP library, where the target TRAP message represents the parsed TRAP message.
In one embodiment of the present disclosure, the above analysis device based on TRAP message further includes an information acquisition determining module 84, configured to: acquiring a TRAP message; and determining corresponding equipment manufacturer information, equipment type information and equipment model information according to the IP information of the TRAP message.
In one embodiment of the present disclosure, the readability field determining module 82 is specifically configured to: acquiring an object identifier OID to be analyzed of the TRAP message; the OID is escape and the readability field is determined.
In one embodiment of the present disclosure, the target TRAP message determining module 83 is specifically configured to: and assembling the readability field according to TRAP message description information in a preset TRAP library to determine a target TRAP message.
In one embodiment of the present disclosure, the TRAP library preset in the target rule matching module 81 includes: determining a TRAP message carding table according to the IPX information; and determining a preset TRAP library according to the TRAP message carding table and the knowledge reserve information.
In one embodiment of the present disclosure, the TRAP library preset in the target rule matching module 81 includes: according to the TRAP message carding table and the knowledge reserve information, converting MIB files of the existing nanotube equipment, classifying according to the TRAP message carding table, and determining classification information; and according to the classification information, analyzing, filtering and normalizing the TRAP information of the same class of each manufacturer, and determining a preset TRAP library.
In one embodiment of the present disclosure, the TRAP message carding table in the target rule matching module 81 includes: specialty, manufacturer, device type, device model, alarm object type, alarm title, manufacturer alarm ID, manufacturer alarm level, redefined alarm level, version number, alarm type, alarm standard name.
Here, it should be noted that the above-mentioned target rule matching module 81, the readability field determining module 82 and the target TRAP message determining module 83 correspond to S302 to S306 in the method embodiment, and the above-mentioned modules are the same as the examples and application scenarios implemented by the corresponding steps, but are not limited to the disclosure of the above-mentioned method embodiment. It should be noted that the modules described above may be implemented as part of an apparatus in a computer system, such as a set of computer-executable instructions.
Those skilled in the art will appreciate that the various aspects of the present disclosure may be implemented as a system, method, or program product. Accordingly, various aspects of the disclosure may be embodied in the following forms, namely: an entirely hardware embodiment, an entirely software embodiment (including firmware, micro-code, etc.) or an embodiment combining hardware and software aspects may be referred to herein as a "circuit," module "or" system.
An electronic device 900 according to such an embodiment of the present disclosure is described below with reference to fig. 9. The electronic device 900 shown in fig. 9 is merely an example and should not be construed to limit the functionality and scope of use of embodiments of the present disclosure in any way.
As shown in fig. 9, the electronic device 900 is embodied in the form of a general purpose computing device. Components of electronic device 900 may include, but are not limited to: the at least one processing unit 910, the at least one storage unit 920, and a bus 930 connecting the different system components (including the storage unit 920 and the processing unit 910).
Wherein the storage unit stores program code that is executable by the processing unit 910 such that the processing unit 910 performs steps according to various exemplary embodiments of the present disclosure described in the above-described "exemplary methods" section of the present specification.
For example, the processing unit 910 may perform the following steps of the method embodiment described above: matching corresponding target rules in a preset TRAP library according to event ID information, equipment manufacturer information, equipment type information and equipment model information of the TRAP message; determining a readability field according to the target rule and the TRAP message; and determining a target TRAP message according to TRAP message description information and a readability field in a preset TRAP library, wherein the target TRAP message represents the analyzed TRAP message.
For example, the processing unit 910 may perform the following steps of the method embodiment described above: acquiring a TRAP message; and determining corresponding equipment manufacturer information, equipment type information and equipment model information according to the IP information of the TRAP message.
For example, the processing unit 910 may perform the following steps of the method embodiment described above: acquiring an object identifier OID to be analyzed of the TRAP message; the OID is escape and the readability field is determined.
For example, the processing unit 910 may perform the following steps of the method embodiment described above: and assembling the readability field according to TRAP message description information in a preset TRAP library to determine a target TRAP message.
For example, the processing unit 910 may perform the following steps of the method embodiment described above: determining a TRAP message carding table according to the IPX information; and determining a preset TRAP library according to the TRAP message carding table and the knowledge reserve information.
For example, the processing unit 910 may perform the following steps of the method embodiment described above: according to the TRAP message carding table and the knowledge reserve information, converting MIB files of the existing nanotube equipment, classifying according to the TRAP message carding table, and determining classification information; and according to the classification information, analyzing, filtering and normalizing the TRAP information of the same class of each manufacturer, and determining a preset TRAP library.
The storage unit 920 may include readable media in the form of volatile storage units, such as Random Access Memory (RAM) 9201 and/or cache memory 9202, and may further include Read Only Memory (ROM) 9203.
The storage unit 920 may also include a program/utility 9204 having a set (at least one) of program modules 9205, such program modules 9205 include, but are not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment.
The bus 930 may be one or more of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 900 may also communicate with one or more external devices 940 (e.g., keyboard, pointing device, bluetooth device, etc.), one or more devices that enable a user to interact with the electronic device 900, and/or any devices (e.g., routers, modems, etc.) that enable the electronic device 900 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 950. Also, electronic device 900 may communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet, through network adapter 960. As shown, the network adapter 960 communicates with other modules of the electronic device 900 over the bus 930. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with electronic device 900, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.
From the above description of embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, including several instructions to cause a computing device (may be a personal computer, a server, a terminal device, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.
In particular, according to embodiments of the present disclosure, the process described above with reference to the flowcharts may be implemented as a computer program product comprising: and a computer program which, when executed by the processor, implements the TRAP message-based parsing method described above.
In an exemplary embodiment of the present disclosure, a computer-readable storage medium, which may be a readable signal medium or a readable storage medium, is also provided. Fig. 10 illustrates a schematic diagram of a computer-readable storage medium in an embodiment of the present disclosure, as shown in fig. 10, on which a program product capable of implementing the method of the present disclosure is stored 1000. In some possible implementations, various aspects of the disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to carry out the steps according to the various exemplary embodiments of the disclosure as described in the "exemplary methods" section of this specification, when the program product is run on the terminal device.
In one embodiment, the program product of the disclosed embodiments, when executed by a processor, performs a method comprising: matching corresponding target rules in a preset TRAP library according to event ID information, equipment manufacturer information, equipment type information and equipment model information of the TRAP message; determining a readability field according to the target rule and the TRAP message; and determining a target TRAP message according to TRAP message description information and a readability field in a preset TRAP library, wherein the target TRAP message represents the analyzed TRAP message.
In one embodiment, the program product of the disclosed embodiments, when executed by a processor, performs a method comprising: acquiring a TRAP message; and determining corresponding equipment manufacturer information, equipment type information and equipment model information according to the IP information of the TRAP message.
In one embodiment, the program product of the disclosed embodiments, when executed by a processor, performs a method comprising: acquiring an object identifier OID to be analyzed of the TRAP message; the OID is escape and the readability field is determined.
In one embodiment, the program product of the disclosed embodiments, when executed by a processor, performs a method comprising: and assembling the readability field according to TRAP message description information in a preset TRAP library to determine a target TRAP message.
In one embodiment, the program product of the disclosed embodiments, when executed by a processor, performs a method comprising: determining a TRAP message carding table according to the IPX information; and determining a preset TRAP library according to the TRAP message carding table and the knowledge reserve information.
In one embodiment, the program product of the disclosed embodiments, when executed by a processor, performs a method comprising: according to the TRAP message carding table and the knowledge reserve information, converting MIB files of the existing nanotube equipment, classifying according to the TRAP message carding table, and determining classification information; and according to the classification information, analyzing, filtering and normalizing the TRAP information of the same class of each manufacturer, and determining a preset TRAP library.
More specific examples of the computer readable storage medium in the present disclosure may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
In this disclosure, a computer readable storage medium may include a data signal propagated in baseband or as part of a carrier wave, with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Alternatively, the program code embodied on a computer readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
In particular implementations, the program code for carrying out operations of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).
It should be noted that although in the above detailed description several modules or units of a device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit in accordance with embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into a plurality of modules or units to be embodied.
Furthermore, although the steps of the methods in the present disclosure are depicted in a particular order in the drawings, this does not require or imply that the steps must be performed in that particular order or that all illustrated steps be performed in order to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step to perform, and/or one step decomposed into multiple steps to perform, etc.
From the description of the above embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, including several instructions to cause a computing device (may be a personal computer, a server, a mobile terminal, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any adaptations, uses, or adaptations of the disclosure following the general principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
Claims (10)
1. A method for analyzing a TRAP message, comprising:
matching corresponding target rules in a preset TRAP library according to event ID information, equipment manufacturer information, equipment type information and equipment model information of the TRAP message;
determining a readability field according to the target rule and the TRAP message;
and determining a target TRAP message according to TRAP message description information and the readability field in a preset TRAP library, wherein the target TRAP message represents the analyzed TRAP message.
2. The TRAP message-based parsing method of claim 1, wherein before the event ID information, device vendor information, device type information and device model information according to TRAP message match corresponding target specifications in a preset TRAP library, the method further comprises:
acquiring a TRAP message;
and determining corresponding equipment manufacturer information, equipment type information and equipment model information according to the IP information of the TRAP message.
3. The TRAP message-based parsing method of claim 1, wherein the determining a readability field according to the target rule and the TRAP message comprises:
acquiring an Object Identifier (OID) to be analyzed of the TRAP message;
and escaping the OID, and determining a readability field.
4. The TRAP message-based parsing method of claim 1, wherein the determining the target TRAP message according to the TRAP message description and the readability field in the preset TRAP library comprises:
and assembling the readability field according to TRAP message description information in the preset TRAP library to determine a target TRAP message.
5. The TRAP message-based parsing method according to claim 1, wherein the preset TRAP library comprises:
determining a TRAP message carding table according to the IPX information;
and determining a preset TRAP library according to the TRAP message carding table and the knowledge reserve information.
6. The method for analyzing TRAP messages according to claim 1, wherein determining a preset TRAP library according to the TRAP message carding table and knowledge storage information comprises:
according to the TRAP message carding table and the knowledge reserve information, converting MIB files of the existing nanotube equipment, classifying according to the TRAP message carding table, and determining classification information;
and according to the classification information, analyzing, filtering and normalizing the TRAP information of the same class of each manufacturer, and determining a preset TRAP library.
7. The TRAP message-based parsing method of claim 1, wherein the TRAP message comb table comprises:
specialty, manufacturer, device type, device model, alarm object type, alarm title, manufacturer alarm ID, manufacturer alarm level, redefined alarm level, version number, alarm type, alarm standard name.
8. A TRAP message-based parsing apparatus, comprising:
the target rule matching module is used for matching corresponding target rules in a preset TRAP library according to event ID information, equipment manufacturer information, equipment type information and equipment model information of the TRAP message;
a readability field determining module, configured to determine a readability field according to the target rule and the TRAP message;
and the target TRAP message determining module is used for determining target TRAP messages according to TRAP message description information and the readability field in a preset TRAP library, wherein the target TRAP messages represent analyzed TRAP messages.
9. An electronic device, comprising:
a processor; and
a memory for storing executable instructions of the processor;
wherein the processor is configured to perform the TRAP message-based parsing method of any one of claims 1-7 via execution of the executable instructions.
10. A computer readable storage medium having stored thereon a computer program, which when executed by a processor implements the TRAP message based parsing method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310106843.9A CN116095203A (en) | 2023-01-31 | 2023-01-31 | Analysis method based on TRAP message and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310106843.9A CN116095203A (en) | 2023-01-31 | 2023-01-31 | Analysis method based on TRAP message and related equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116095203A true CN116095203A (en) | 2023-05-09 |
Family
ID=86204310
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310106843.9A Pending CN116095203A (en) | 2023-01-31 | 2023-01-31 | Analysis method based on TRAP message and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116095203A (en) |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1937524A (en) * | 2006-08-25 | 2007-03-28 | 华为技术有限公司 | Method and system for webmaster to processing TRAP message |
| CN1996877A (en) * | 2006-09-30 | 2007-07-11 | 华为技术有限公司 | A device, system and method for realizing MIB adaptation |
| CN101110698A (en) * | 2006-07-21 | 2008-01-23 | 中兴通讯股份有限公司 | Trap analyzing and preprocessing system and method thereof |
| US20090070640A1 (en) * | 2002-09-26 | 2009-03-12 | Stabile Lawrence A | Network fault manager for maintaining alarm conditions |
| TW200915781A (en) * | 2007-09-20 | 2009-04-01 | Chunghwa Telecom Co Ltd | Monitor and control system for unmanned computer network apparatus room |
| CN102143148A (en) * | 2010-11-29 | 2011-08-03 | 华为技术有限公司 | Parameter acquiring and general protocol analyzing method and device |
| CN102387043A (en) * | 2011-12-07 | 2012-03-21 | 深圳市同洲视讯传媒有限公司 | Alarm analysis method, workstation and system based on simple network management protocol |
| CN103414596A (en) * | 2013-08-28 | 2013-11-27 | 上海斐讯数据通信技术有限公司 | Method for recognizing and processing all manufacturer Traps based on simple network management protocol |
| CN105187258A (en) * | 2015-09-30 | 2015-12-23 | 北京英诺威尔科技股份有限公司 | Method for analyzing and processing configurable Trap alarm |
| CN105847047A (en) * | 2016-03-22 | 2016-08-10 | 浪潮通信信息系统有限公司 | Method for realizing acquisition and analysis of special object identifiers (OID) in management information base (MIB) by using plug-ins |
| CN106506194A (en) * | 2016-10-17 | 2017-03-15 | 武汉丰天鼎业信息网络有限公司 | The method of dissimilar or model device alarm by snmp protocol automatic identification |
| CN106959903A (en) * | 2016-01-08 | 2017-07-18 | 中兴通讯股份有限公司 | Trap instruction Trap processing method and processing device |
| CN114244677A (en) * | 2021-11-29 | 2022-03-25 | 广东九博科技股份有限公司 | SNMP message analysis method, readable storage medium and computer equipment |
-
2023
- 2023-01-31 CN CN202310106843.9A patent/CN116095203A/en active Pending
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090070640A1 (en) * | 2002-09-26 | 2009-03-12 | Stabile Lawrence A | Network fault manager for maintaining alarm conditions |
| CN101110698A (en) * | 2006-07-21 | 2008-01-23 | 中兴通讯股份有限公司 | Trap analyzing and preprocessing system and method thereof |
| CN1937524A (en) * | 2006-08-25 | 2007-03-28 | 华为技术有限公司 | Method and system for webmaster to processing TRAP message |
| CN1996877A (en) * | 2006-09-30 | 2007-07-11 | 华为技术有限公司 | A device, system and method for realizing MIB adaptation |
| TW200915781A (en) * | 2007-09-20 | 2009-04-01 | Chunghwa Telecom Co Ltd | Monitor and control system for unmanned computer network apparatus room |
| CN102143148A (en) * | 2010-11-29 | 2011-08-03 | 华为技术有限公司 | Parameter acquiring and general protocol analyzing method and device |
| CN102387043A (en) * | 2011-12-07 | 2012-03-21 | 深圳市同洲视讯传媒有限公司 | Alarm analysis method, workstation and system based on simple network management protocol |
| CN103414596A (en) * | 2013-08-28 | 2013-11-27 | 上海斐讯数据通信技术有限公司 | Method for recognizing and processing all manufacturer Traps based on simple network management protocol |
| CN105187258A (en) * | 2015-09-30 | 2015-12-23 | 北京英诺威尔科技股份有限公司 | Method for analyzing and processing configurable Trap alarm |
| CN106959903A (en) * | 2016-01-08 | 2017-07-18 | 中兴通讯股份有限公司 | Trap instruction Trap processing method and processing device |
| CN105847047A (en) * | 2016-03-22 | 2016-08-10 | 浪潮通信信息系统有限公司 | Method for realizing acquisition and analysis of special object identifiers (OID) in management information base (MIB) by using plug-ins |
| CN106506194A (en) * | 2016-10-17 | 2017-03-15 | 武汉丰天鼎业信息网络有限公司 | The method of dissimilar or model device alarm by snmp protocol automatic identification |
| CN114244677A (en) * | 2021-11-29 | 2022-03-25 | 广东九博科技股份有限公司 | SNMP message analysis method, readable storage medium and computer equipment |
Non-Patent Citations (2)
| Title |
|---|
| 蒋海;刘淑芬;兰庆国;包铁;庞世春;: "电信综合数据网络管理系统", 吉林大学学报(信息科学版), no. 02, 30 April 2006 (2006-04-30) * |
| 赵涛;杨万里;彭喜源;胡宝龙;石仁利;: "LXI标准网络管理功能的研究及改进", 电测与仪表, no. 11, 25 November 2008 (2008-11-25) * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9374278B2 (en) | Graphic user interface based network management system to define and execute troubleshooting procedure | |
| US7631227B2 (en) | Automated testing and control of networked devices | |
| CN109800258B (en) | Data file deployment method, device, computer equipment and storage medium | |
| US8869111B2 (en) | Method and system for generating test cases for a software application | |
| US10229042B2 (en) | Detection of meaningful changes in content | |
| CN112511416A (en) | Rule-based data communication protocol conversion system, decoding method and encoding method | |
| US20230376408A1 (en) | Application programming interface test method and apparatus | |
| US8135764B2 (en) | Configuration management server, name recognition method and name recognition program | |
| CN111683066B (en) | Heterogeneous system integration method, heterogeneous system integration device, computer equipment and storage medium | |
| US8463737B2 (en) | Realtime unification management information data conversion and monitoring apparatus and method for thereof | |
| CN113360519B (en) | Data processing method, device, equipment and storage medium | |
| CN110932918A (en) | Log data acquisition method and device and storage medium | |
| CN114168149A (en) | Data conversion method and device | |
| CN113760730A (en) | Automatic testing method and device | |
| CN111857103A (en) | Vehicle diagnosis method, device, equipment and storage medium | |
| CN116095203A (en) | Analysis method based on TRAP message and related equipment | |
| CN115904978A (en) | Redfish interface testing method, computing device and storage medium | |
| CN114422555B (en) | CIM platform based method for self-defined configuration of IoT data analysis | |
| CN116069540A (en) | Acquisition, analysis and processing method and device for running state of software and hardware parts of system | |
| CN115604343A (en) | Data transmission method, system, electronic equipment and storage medium | |
| CN115048913A (en) | Command processing method and device and electronic equipment | |
| CN114374745A (en) | Protocol format processing method and system | |
| WO2022195848A1 (en) | Analysis condition generator, analysis system, analysis condition generation program, analysis program, analysis condition generation method, and analysis method | |
| CN114328152A (en) | Log recording method, device, equipment and medium | |
| CN108415814B (en) | Method for automatically recording field change, application server and computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |