CN107633004A - Data monitoring method and device - Google Patents
Data monitoring method and device Download PDFInfo
- Publication number
- CN107633004A CN107633004A CN201710669095.XA CN201710669095A CN107633004A CN 107633004 A CN107633004 A CN 107633004A CN 201710669095 A CN201710669095 A CN 201710669095A CN 107633004 A CN107633004 A CN 107633004A
- Authority
- CN
- China
- Prior art keywords
- data
- interaction
- rule
- parsing
- acquisition system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a kind of data monitoring method and device.Wherein, this method includes:Capture the interaction data that data interaction is carried out between information system to be monitored;Interaction data is parsed, obtains parsing data acquisition system, wherein, parsing data acquisition system includes the data after multiple parsings to interaction data;The rule in preset rules set is used to match the data in parsing data acquisition system;Matching result is shown.The present invention solves complicated chaotic to the integrated relationship between system in correlation technique, causes to be difficult to the data interaction between system the technical problem grasped, improves Consumer's Experience.
Description
Technical field
The present invention relates to information process- field, in particular to a kind of data monitoring method and device.
Background technology
As informationization is in the extensive use of all trades and professions, information system is enterprise is produced, the links of management are all sent out
Wave important function, the data interaction between system is more frequent, and the integrated relationship between system is also more complicated, the letter of Some Enterprises
Integrated relationship is complicated chaotic between breath system, and the integrated present situation between system arranges by hand, lacks management means on line, causes to integrate
Present situation grasps inaccurate situation;Operation maintenance personnel lacks effective ways, is difficult to grasp for the index situation such as integrating process, occurs
The present situation such as interaction " not seeing ", " Guan Buyan " between system.
For, to the complicated confusion of integrated relationship between system, causing to hand over the data between system in above-mentioned correlation technique
The problem of being mutually difficult to grasp, effective solution is not yet proposed at present.
The content of the invention
The embodiments of the invention provide a kind of data monitoring method and device, with least solve in correlation technique to system it
Between integrated relationship it is complicated chaotic, cause to be difficult to the data interaction between system the technical problem grasped.
One side according to embodiments of the present invention, there is provided a kind of data monitoring method, including:Capture letter to be monitored
The interaction data of data interaction is carried out between breath system;Interaction data is parsed, obtains parsing data acquisition system, wherein, solution
Analysis data acquisition system includes the data after multiple parsings to interaction data;Preset rules are used to the data in parsing data acquisition system
Rule in set is matched;Matching result is shown.
Alternatively, capture and the interaction data of data interaction is carried out between information system to be monitored include:To be monitored
The transmission state of interchanger belonging to information system is monitored, and obtains monitoring result;Judge in monitoring result with the presence or absence of friendship
Mutual data;If in the presence of crawl interaction data.
Alternatively, interaction data is parsed, obtaining parsing data acquisition system includes:Determine whether interaction data is structure
Change data;If interaction data is structural data, interaction data is parsed, gets parsing data acquisition system;If interaction number
According to not being structural data, interaction data is converted into structural data, the interaction data after conversion is parsed, got
Parse data acquisition system.
Alternatively, should after being matched to the data in parsing data acquisition system using the rule in preset rules set
Data monitoring method also includes:Obtain the data for not matching rule;Based on the data creation goal rule for not matching rule;
Goal rule is added in preset rules set, to update preset rules set.
Alternatively, should after being matched to the data in parsing data acquisition system using the rule in preset rules set
Data monitoring method also includes:Obtain the data for not matching rule;The data for not matching rule are analyzed;If not
The quantity for mixing the data of rule exceedes predetermined number, triggering alarm instruction.
One side according to embodiments of the present invention, a kind of data monitoring device is additionally provided, including:Placement unit, use
The interaction data of data interaction is carried out between information system to be monitored is captured;First acquisition unit, for interaction data
Parsed, obtain parsing data acquisition system, wherein, parsing data acquisition system includes the data after multiple parsings to interaction data;
Matching unit, for using the rule in preset rules set to match the data in parsing data acquisition system;Display unit,
For matching result to be shown.
Alternatively, placement unit includes:Monitoring modular, for the transmission to the interchanger belonging to information system to be monitored
State is monitored, and obtains monitoring result;Judge module, for judging to whether there is interaction data in monitoring result;Judge mould
Block includes:Submodule is captured, in the case of interaction data being present in monitoring result, for capturing interaction data.
Alternatively, first acquisition unit includes:Determining module, for determining whether interaction data is structural data;The
One acquisition module, if interaction data is structural data, for being parsed to interaction data, get parsing data acquisition system;
Second acquisition module, if interaction data is not structural data, for interaction data to be converted into structural data, after conversion
Interaction data parsed, get parsing data acquisition system.
Alternatively, the data monitoring device also includes:Second acquisition unit, to the data in parsing data acquisition system using pre-
After if the rule in regular collection is matched, the data of rule are not matched for obtaining;Creating unit, for based on not
Match the data creation goal rule of rule;Updating block, for goal rule to be added in preset rules set, with more
New preset rules set.
Alternatively, the data monitoring device also includes:3rd acquiring unit, to the data in parsing data acquisition system using pre-
After if the rule in regular collection is matched, the data of rule are not matched for obtaining;Analytic unit, for not
The data for mixing rule are analyzed;Trigger element, if the quantity for not matching the data of rule exceedes predetermined number, for touching
Hair alarm instruction.
Another aspect according to embodiments of the present invention, additionally provides a kind of storage medium, and storage medium includes storage
Program, wherein, program performs the data monitoring method of above-mentioned middle any one.
Another aspect according to embodiments of the present invention, additionally provides a kind of processor, and processor is used for operation program,
Wherein, the data monitoring method of above-mentioned middle any one is performed when program is run.
In embodiments of the present invention, it is possible to achieve the interaction of data interaction is carried out between the information system by capturing monitoring
Data, interaction data is parsed, obtain parsing data acquisition system, preset rules collection is used to the data in parsing data acquisition system
Rule in conjunction is matched, and the matching result is shown.Realize and the data interaction information system is collected
Into the purpose of monitoring and management, the effect of the managerial skills of effective enterprise mutli-system integration fusion is reached, and then has solved
It is complicated to the integrated relationship between system chaotic in correlation technique, cause the data interaction between information system is difficult to grasp
Technical problem.
Brief description of the drawings
Accompanying drawing described herein is used for providing a further understanding of the present invention, forms the part of the application, this hair
Bright schematic description and description is used to explain the present invention, does not form inappropriate limitation of the present invention.In the accompanying drawings:
Fig. 1 is the flow chart of data monitoring method according to embodiments of the present invention;
Fig. 2 is the Organization Chart of data monitoring method according to embodiments of the present invention;
Fig. 3 is the flow chart of optional data monitoring method according to embodiments of the present invention;And
Fig. 4 is the schematic diagram of data monitoring device according to embodiments of the present invention.
Embodiment
In order that those skilled in the art more fully understand the present invention program, below in conjunction with the embodiment of the present invention
Accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is only
The embodiment of a part of the invention, rather than whole embodiments.Based on the embodiment in the present invention, ordinary skill people
The every other embodiment that member is obtained under the premise of creative work is not made, it should all belong to the model that the present invention protects
Enclose.
It should be noted that term " first " in description and claims of this specification and above-mentioned accompanying drawing, "
Two " etc. be for distinguishing similar object, without for describing specific order or precedence.It should be appreciated that so use
Data can exchange in the appropriate case, so as to embodiments of the invention described herein can with except illustrating herein or
Order beyond those of description is implemented.In addition, term " comprising " and " having " and their any deformation, it is intended that cover
Cover it is non-exclusive include, be not necessarily limited to for example, containing the process of series of steps or unit, method, system, product or equipment
Those steps or unit clearly listed, but may include not list clearly or for these processes, method, product
Or the intrinsic other steps of equipment or unit.
For the ease of description, the part noun or term that occur in the embodiment of the present invention are illustrated below:
Network flow data:Refer to the visit capacity of website, be the number of users for describing one website of access and user
The indexs such as the webpage quantity browsed, common statistical indicator include website
Structural data:It is the data for referring to be represented with data or unified structure, for example, numeral, symbol etc..
Unstructured data:Refer to the data that can not be indicated with digital or unified structure, for example, text, figure
Picture, sound, webpage etc..
Application programming interface (Application Programming Interface, abbreviation API):Refer to
Pre-defined function, it is therefore an objective to application program is provided one group of routine of access is able to based on certain software or hardware with developer
Ability, and source code need not be accessed, or understand the details of internal work mechanism.
According to embodiments of the present invention, there is provided a kind of embodiment of the method for data monitoring method is, it is necessary to illustrate, attached
The step of flow of figure illustrates can perform in the computer system of such as one group computer executable instructions, though also,
So logical order is shown in flow charts, but in some cases, can be with different from shown by order execution herein
Or the step of description.
Fig. 1 is the flow chart of data monitoring method according to embodiments of the present invention, as shown in figure 1, the data monitoring method
Comprise the following steps:
Step S102, capture the interaction data of progress data interaction between information system to be monitored.
Step S104, is parsed to interaction data, obtains parsing data acquisition system, wherein, parsing data acquisition system includes
Data after multiple parsings to interaction data.
Step S106, the rule in preset rules set is used to match the data in parsing data acquisition system.
Step S108, matching result is shown.
Pass through above-mentioned steps, it is possible to achieve the interaction number of data interaction is carried out between the information system by capturing monitoring
According to, interaction data is parsed, obtain parsing data acquisition system, to parsing data acquisition system in data use preset rules set
In rule matched, the matching result is shown.Due to the interaction to carrying out data interaction between information system
Data are parsed to obtain parsing data acquisition system, use the rule in preset rules set to enter the data in parsing data acquisition system
Row matching, wherein, the crawl in the embodiment of the present invention to interaction data is by being disposed on Enterprise information system core switch
Pipeline equipment is realized, so the operation of bypass equipment can't influence the operation of former network, so as to effectively reduce due to
Integrated relationship between information system is complicated, and the integrated relationship between the information system of Some Enterprises is complicated chaotic, integrated between system
Present situation arranges by hand, lack line on management means, it is caused to integrate present situation grasp inaccuracy the drawbacks of, realize to letter
Data interaction between breath system carries out the purpose of integrated monitoring and management, has reached effective enterprise mutli-system integration fusion
The effect of managerial skills, and then solve in correlation technique to the complicated confusion of integrated relationship between system, cause to information system
Data interaction between system is difficult to the technical problem grasped.
In above-mentioned steps S102 into step S108, the network data acquisition equipment pair of information system core switch is utilized
For being acquired to the interaction data that data interaction is carried out between information system, rule and custom rule logarithm are then utilized
According to being changed and being analyzed, so as to reach the purpose of integrated monitoring and management.
In order to ensure the integrality of the interaction data of acquisition, capture and carry out data interaction between information system to be monitored
Interaction data can include:The transmission state of interchanger belonging to information system to be monitored is monitored, obtains monitoring knot
Fruit;Judge to whether there is interaction data in monitoring result;If in the presence of crawl interaction data.For example, to information system to be monitored
When the interaction data of progress data interaction is captured between system, it can use and the transmission state of interchanger is supervised in real time
Survey, the transmission state of above-mentioned interchanger is monitored in preset time period so as to effectively reduce, it is caused to default
The leakage of the interaction data of interchanger transmission outside period is grabbed, and improves the integrality that integrated monitoring is carried out to information system.
Because not all interaction data can be carried out directly parsing, therefore, interaction data is parsed, obtained
Parsing data acquisition system is taken to include:Determine whether interaction data is structural data;It is right if interaction data is structural data
Interaction data is parsed, and gets parsing data acquisition system;If interaction data is not structural data, interaction data is converted into
Structural data, the interaction data after conversion is parsed, get parsing data acquisition system.
Data in the data acquisition system provided in an embodiment of the present invention to parsing use the rule in preset rules set to carry out
Matching, is realized, and can match somebody with somebody for different integrated technology routes by gathering fine-grained network interaction behavior
Rules of interaction is put, not all data can match rule, so, to the data in parsing data acquisition system using default
After rule in regular collection is matched, the data monitoring method can also include:Obtain the data for not matching rule;
Based on the data creation goal rule for not matching rule;Goal rule is added in preset rules set, it is default to update
Regular collection.
May be many in the data for sometimes, not matching rule, now, it is necessary to not matching rule
Data counted and judged, therefore, to parsing data acquisition system in data use preset rules set in rule
After being matched, the data monitoring method can also include:Obtain the data for not matching rule;To not matching rule
Data are analyzed;If the quantity for not matching the data of rule exceedes predetermined number, triggering alarm instruction.
In addition, for the deficiency in above-mentioned correlation technique, present invention also offers an optional embodiment, with reference to
Accompanying drawing illustrates to the above-mentioned optional embodiment of the present invention.
First, the data monitoring method provided in an embodiment of the present invention thes improvement is that:
(1) man-machine interface:The integrated relationship between all application systems is intuitively shown by graphic interface, and use is not homochromy
Coloured silk indicates running status of the information system on integrated visual angle, and that realizes each information system and integrated link penetrates displaying.
(2) the secondary verification of the quality of data:Secondary verification is carried out by integrated data agreement, the quality of data can be lifted.For
Do not made by the interaction data of integrated data agreement progress data integration and retract processing, and do respective record.
(3) self-defined analysis rule:The integrated relationship formation rule put on record fixed test and record, using
Rule is monitored analysis to integrated data (that is to say, above-mentioned interaction data), and the integrated relationship prompting for unmatching rule is transported
Dimension personnel pay close attention to, and to the integrated relationship monitored according to rule, but do not carry out data interaction according to rule, are alerted.
(4) information conversion management and control:Record the various status informations and society of each application, all kinds of api interfaces with integrated link
Change information, and unified management is realized by modes such as form, rankings.
(5) integrated monitoring:Carry out source, middle-end, terminal monitoring, integrated result monitoring, resource occupation monitoring, integrated load
Monitoring.
(6) intellectual analysis:Integrated interface actively discovers, machine learning, Unified Model management, API domains management, high in the clouds retrieval
Deng.
Wherein, Fig. 2 is the Organization Chart of data monitoring method according to embodiments of the present invention, as shown in Fig. 2 multiple business should
It is connected respectively with core switch with server (for example, service server 1, service server 2 and service server 3), it is more
Individual system (that is to say, above- mentioned information system) that user's (system user 1, system user 2 and system user 3) passes through exchange respectively
Machine carries out load balancing, and core switch interconnects with network data acquisition equipment, and network data acquisition equipment is connected to number
According to storehouse, database is connected to application server, monitoring information is shown into O&M user by man-machine interface, operation maintenance personnel is based on people
The information of machine showing interface carries out integrated monitoring.As shown in Fig. 2 integrated data collection refers to that system integrating detection device is exchanging
Machine mirror port captures network traffics bag, and the collecting device is the bypass equipment of interchanger, and the running of equipment does not influence former network.
Wherein, next non-structured data will be gathered and is converted into structural data, and carry out Preliminary Analysis, parsed
Information mainly include:The source IP address of interaction data, source port, target ip address, target port, characteristic value, agreement used,
The information such as the sizes of interactive data, type, and store in the local database, for integrate interbehavior applied analysis and
Intelligent monitoring, alarm etc..The data come according to parsing carry out integrated rules of interaction matching, match rule carry out integrate prison
Control, what is do not matched will send to being analyzed at operation maintenance personnel and custom rule is formulated, by revision repeatedly and perfect,
Rule base constantly adapts to enterprise and currently integrates present situation, also make it that integrated monitoring is more and more comprehensive, so as to realize to default rule
The continuous renewal then gathered.Preset rules set is totally built with perfect by the way of " predefined "+" self-defined ", wherein,
Predefined rule supports three kinds of dividing modes:When divided by basic communication protocol, two be divided by technology path, three be by industry
Business application division;Custom rule supports autonomous definition and the abstract two ways of intelligence, and intelligence is abstract to be referred to by parsing network
Packet, general character in system automatically abstracting unknown data bag and in the form of pending for operation maintenance personnel renewal, safeguard, management,
Finally it is embodied in rule base.
Matching result is showed by way of monitoring finally by man-machine interface, if not according to the monitoring of rule match
Integrated relationship then sets out alarm, reaches the purpose of intelligent integrated monitoring.
Fig. 3 is the flow chart of optional data monitoring method according to embodiments of the present invention, as shown in figure 3, the data are supervised
Prosecutor method comprises the following steps:
Step S301, unknown interaction data is transmitted, wherein, the data on flows in unknown network data on flows is above-mentioned interaction
Data.
Step S302, above-mentioned unknown interaction data flow through bypass equipment.
Step S303, network data acquisition is carried out to above-mentioned interaction data using network data acquisition equipment, that is to say, it is right
Interaction data is captured, and specifically, can be realized by disposing bypass equipment in Enterprise information system core switch to handing over
The crawl of mutual data.
Step S304, the interaction data of above-mentioned crawl is parsed, obtain parsing data acquisition system.
Step S305, judge parse data acquisition system in data whether be structuring data;It is no in judged result
In the case of, step S307 is performed, conversely, performing step S306.
Step S306, the unstructured data parsed in data acquisition system is converted into structural data, then performs step
S307。
Step S307, structural data carry out rule match.
Step S308, judges whether the data in parsing set all match rule.In the case where judged result is no,
Step S309 is performed, conversely, performing step S310.
Step S309, based on the data creation goal rule for not matching rule.
Step S310, matching result is shown.
Specifically, above-mentioned data monitoring method, is captured using interaction data, interaction data analysis, rule match and friendship
Mutual main four flows of data monitoring solve the problem of data interaction monitoring hardly possible between operating information system, analysis difficulty, lifting
The managerial skills of company information mutli-system integration fusion.Utilize data interaction of the network data acquisition equipment to core switch
Situation is detected, and obtains the interaction data by core switch, and the data grabbed are parsed, and utilizes rule
With integrated data intelligent analysis and classification is carried out, monitoring and early warning are finally interacted using man-machine interface.
The embodiment of the present application additionally provides a kind of data monitoring device, it is necessary to explanation, the data of the embodiment of the present application
Supervising device can be used for perform the embodiment of the present application provided be used for data monitoring method.The embodiment of the present application is carried below
The data monitoring device of confession is introduced.
Fig. 4 is the schematic diagram of data monitoring device according to embodiments of the present invention, as shown in figure 4, the data monitoring device
Including:Placement unit 41, first acquisition unit 43, matching unit 45 and display unit 47.Below to the data monitoring device
It is described in detail.
Placement unit 41, the interaction data of data interaction is carried out between information system to be monitored for capturing.
First acquisition unit 43, it is connected with above-mentioned placement unit 41, for being parsed to interaction data, obtains parsing number
According to set, wherein, parsing data acquisition system includes the data after multiple parsings to interaction data.
Matching unit 45, it is connected with above-mentioned first acquisition unit 43, it is pre- for being used to the data in parsing data acquisition system
If the rule in regular collection is matched.
Display unit 47, it is connected with above-mentioned matching unit 45, for matching result to be shown.
The data monitoring device that the embodiment of the present application provides, captured by placement unit 41 between information system to be monitored
Carry out the interaction data of data interaction;First acquisition unit 43, it is connected with above-mentioned placement unit 41, interaction data is solved
Analysis, parsing data acquisition system is obtained, wherein, parsing data acquisition system includes the data after multiple parsings to interaction data;Matching is single
Member 45, is connected with above-mentioned first acquisition unit 43, and the data in parsing data acquisition system are used with the rule in preset rules set
Matched;Display unit 47, it is connected with above-mentioned matching unit 45, matching result is shown.Alternatively, placement unit bag
Include:Monitoring modular, for being monitored to the transmission state of the interchanger belonging to information system to be monitored, obtain monitoring knot
Fruit;Judge module, for judging to whether there is interaction data in monitoring result;Judge module includes:Submodule is captured, is being monitored
As a result in the case of interaction data being present in, for capturing interaction data.Realize and the data interaction information system is carried out
Integrated monitoring and the purpose of management, have reached the effect of the managerial skills of effective enterprise mutli-system integration fusion, and then solve
It is complicated to the integrated relationship between system chaotic in correlation technique of having determined, cause the data interaction between information system is difficult to slap
The technical problem held.
Alternatively, first acquisition unit includes:Determining module, for determining whether interaction data is structural data;The
One acquisition module, if interaction data is structural data, for being parsed to interaction data, get parsing data acquisition system;
Second acquisition module, if interaction data is not structural data, for interaction data to be converted into structural data, after conversion
Interaction data parsed, get parsing data acquisition system.
Alternatively, the data monitoring device also includes:Second acquisition unit, to the data in parsing data acquisition system using pre-
After if the rule in regular collection is matched, the data of rule are not matched for obtaining;Creating unit, for based on not
Match the data creation goal rule of rule;Updating block, for goal rule to be added in preset rules set, with more
New preset rules set.
Alternatively, the data monitoring device also includes:3rd acquiring unit, to the data in parsing data acquisition system using pre-
After if the rule in regular collection is matched, the data of rule are not matched for obtaining;Analytic unit, for not
The data for mixing rule are analyzed;Trigger element, if the quantity for not matching the data of rule exceedes predetermined number, for touching
Hair alarm instruction.
Another aspect according to embodiments of the present invention, additionally provides a kind of storage medium, and storage medium includes storage
Program, wherein, program performs the data monitoring method of above-mentioned middle any one.
Another aspect according to embodiments of the present invention, additionally provides a kind of processor, and processor is used for operation program,
Wherein, the data monitoring method of above-mentioned middle any one is performed when program is run.
The embodiments of the present invention are for illustration only, do not represent the quality of embodiment.
In the above embodiment of the present invention, the description to each embodiment all emphasizes particularly on different fields, and does not have in some embodiment
The part of detailed description, it may refer to the associated description of other embodiment.
In several embodiments provided herein, it should be understood that disclosed technology contents, others can be passed through
Mode is realized.Wherein, device embodiment described above is only schematical, such as the division of the unit, Ke Yiwei
A kind of division of logic function, can there is an other dividing mode when actually realizing, for example, multiple units or component can combine or
Person is desirably integrated into another system, or some features can be ignored, or does not perform.Another, shown or discussed is mutual
Between coupling or direct-coupling or communication connection can be INDIRECT COUPLING or communication link by some interfaces, unit or module
Connect, can be electrical or other forms.
The unit illustrated as separating component can be or may not be physically separate, show as unit
The part shown can be or may not be physical location, you can with positioned at a place, or can also be distributed to multiple
On unit.Some or all of unit therein can be selected to realize the purpose of this embodiment scheme according to the actual needs.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, can also
That unit is individually physically present, can also two or more units it is integrated in a unit.Above-mentioned integrated list
Member can both be realized in the form of hardware, can also be realized in the form of SFU software functional unit.
If the integrated unit is realized in the form of SFU software functional unit and is used as independent production marketing or use
When, it can be stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially
The part to be contributed in other words to prior art or all or part of the technical scheme can be in the form of software products
Embody, the computer software product is stored in a storage medium, including some instructions are causing a computer
Equipment (can be personal computer, server or network equipment etc.) perform each embodiment methods described of the present invention whole or
Part steps.And foregoing storage medium includes:USB flash disk, read-only storage (ROM, Read-Only Memory), arbitrary access are deposited
Reservoir (RAM, Random Access Memory), mobile hard disk, magnetic disc or CD etc. are various can be with store program codes
Medium.
Described above is only the preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
For member, under the premise without departing from the principles of the invention, some improvements and modifications can also be made, these improvements and modifications also should
It is considered as protection scope of the present invention.
Claims (10)
- A kind of 1. data monitoring method, it is characterised in that including:Capture the interaction data that data interaction is carried out between information system to be monitored;The interaction data is parsed, obtains parsing data acquisition system, wherein, it is multiple right that the parsing data acquisition system includes Data after the interaction data parsing;The rule in preset rules set is used to match the data in the parsing data acquisition system;Matching result is shown.
- 2. according to the method for claim 1, it is characterised in that capture and carry out data interaction between information system to be monitored Interaction data include:The transmission state of interchanger belonging to the information system to be monitored is monitored, obtains monitoring result;Judge to whether there is interaction data in the monitoring result;If in the presence of capturing the interaction data.
- 3. according to the method for claim 1, it is characterised in that the interaction data is parsed, obtains the parsing Data acquisition system includes:Determine whether the interaction data is structural data;If the interaction data is structural data, the interaction data is parsed, gets the parsing data acquisition system;If the interaction data is not structural data, the interaction data is converted into structural data, to the friendship after conversion Mutual data are parsed, and get the parsing data acquisition system.
- 4. according to the method for claim 1, it is characterised in that to the data in the parsing data acquisition system using default rule After rule in then gathering is matched, methods described also includes:Obtain the data for not matching rule;Based on the data creation goal rule for not matching rule;The goal rule is added in the preset rules set, to update the preset rules set.
- 5. according to the method for claim 1, it is characterised in that to the data in the parsing data acquisition system using default rule After rule in then gathering is matched, methods described also includes:Obtain the data for not matching rule;The data for not matching rule are analyzed;If the quantity of the data for not matching rule exceedes predetermined number, triggering alarm instruction.
- A kind of 6. data monitoring device, it is characterised in that including:Placement unit, the interaction data of data interaction is carried out between information system to be monitored for capturing;First acquisition unit, for being parsed to the interaction data, parsing data acquisition system is obtained, wherein, the parsing number Include the data after multiple parsings to the interaction data according to set;Matching unit, for using the rule in preset rules set to match the data in the parsing data acquisition system;Display unit, for matching result to be shown.
- 7. device according to claim 6, it is characterised in that the placement unit includes:Monitoring modular, for being monitored to the transmission state of the interchanger belonging to the information system to be monitored, obtain prison Survey result;Judge module, for judging to whether there is interaction data in the monitoring result;The judge module includes:Submodule is captured, in the case of the interaction data in the monitoring result being present, is used for Capture the interaction data.
- 8. device according to claim 6, it is characterised in that the first acquisition unit includes:Determining module, for determining whether the interaction data is structural data;First acquisition module, if the interaction data is structural data, for being parsed to the interaction data, get The parsing data acquisition system;Second acquisition module, if the interaction data is not structural data, for the interaction data to be converted into structuring Data, the interaction data after conversion is parsed, get the parsing data acquisition system.
- A kind of 9. storage medium, it is characterised in that the storage medium includes the program of storage, wherein, described program right of execution Profit requires the data monitoring method described in any one in 1 to 5.
- A kind of 10. processor, it is characterised in that the processor is used for operation program, wherein, right of execution when described program is run Profit requires the data monitoring method described in any one in 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710669095.XA CN107633004A (en) | 2017-08-07 | 2017-08-07 | Data monitoring method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710669095.XA CN107633004A (en) | 2017-08-07 | 2017-08-07 | Data monitoring method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN107633004A true CN107633004A (en) | 2018-01-26 |
Family
ID=61099336
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710669095.XA Pending CN107633004A (en) | 2017-08-07 | 2017-08-07 | Data monitoring method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107633004A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102611565A (en) * | 2011-10-18 | 2012-07-25 | 国网电力科学研究院 | Regular-expression-based alarm correlation analysis method for monitoring system |
| CN105005658A (en) * | 2015-07-15 | 2015-10-28 | 国家电网公司 | Logic simulation method of comprehensive automation system equipment of transformer substation |
| CN106357534A (en) * | 2016-08-25 | 2017-01-25 | 江苏省未来网络创新研究院 | Network flow monitoring system and method based on SDN |
| CN106777141A (en) * | 2016-12-19 | 2017-05-31 | 国网山东省电力公司电力科学研究院 | A kind of acquisition for merging multi-source heterogeneous electric network data and distributed storage method |
-
2017
- 2017-08-07 CN CN201710669095.XA patent/CN107633004A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102611565A (en) * | 2011-10-18 | 2012-07-25 | 国网电力科学研究院 | Regular-expression-based alarm correlation analysis method for monitoring system |
| CN105005658A (en) * | 2015-07-15 | 2015-10-28 | 国家电网公司 | Logic simulation method of comprehensive automation system equipment of transformer substation |
| CN106357534A (en) * | 2016-08-25 | 2017-01-25 | 江苏省未来网络创新研究院 | Network flow monitoring system and method based on SDN |
| CN106777141A (en) * | 2016-12-19 | 2017-05-31 | 国网山东省电力公司电力科学研究院 | A kind of acquisition for merging multi-source heterogeneous electric network data and distributed storage method |
Non-Patent Citations (1)
| Title |
|---|
| 赵瑜杰: "智能变电站定值诊断 方案及软件设计", 《中国优秀硕士学位论文全文数据库工程科技II辑》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20190014048A1 (en) | Method and system for processing data in an internet of things (iot) environment | |
| CN107566498A (en) | A kind of method for monitoring numerical control machine and system based on Internet of Things | |
| CN108270618A (en) | Alert the method, apparatus and warning system of judgement | |
| CN107196930B (en) | The method of computer network abnormality detection | |
| CN109598434A (en) | Abnormity early warning method, apparatus, computer installation and storage medium | |
| CN109816321A (en) | A kind of service management, device, equipment and computer readable storage medium | |
| CN109299044A (en) | A kind of secure visual analysis system based on intra-company's log | |
| CN108023764A (en) | Abnormality eliminating method and device | |
| CN109271793A (en) | Internet of Things cloud platform device class recognition methods and system | |
| CN104216698B (en) | A kind of registration web page method and relevant apparatus | |
| CN109685089A (en) | The system and method for assessment models performance | |
| Shi et al. | Visual analytics of anomalous user behaviors: A survey | |
| CN113157947A (en) | Knowledge graph construction method, tool, device and server | |
| CN107368550A (en) | Information acquisition method, device, medium, electronic equipment, server and system | |
| CN109815154A (en) | A kind of test method, device, system and medium | |
| CN109934194A (en) | Picture classification method, edge device, system and storage medium | |
| CN103532736B (en) | Visual network management method and user terminal | |
| CN108984514A (en) | Acquisition methods and device, storage medium, the processor of word | |
| CN115801594A (en) | Method, apparatus and medium for constructing digital twin model of power data communication network | |
| Creese et al. | Cybervis: visualizing the potential impact of cyber attacks on the wider enterprise | |
| CN109062648A (en) | Information processing method, device, mobile terminal and storage medium | |
| CN107633004A (en) | Data monitoring method and device | |
| CN107368399A (en) | Webpage monitoring method and system on a kind of line | |
| CN107122464A (en) | A kind of aid decision-making system and method | |
| CN111339438A (en) | Friend relation data processing method, server, terminal device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |