CN108173690A - A kind of active forewarning and the control method for being automatically positioned traffic failure - Google Patents

A kind of active forewarning and the control method for being automatically positioned traffic failure Download PDF

Info

Publication number
CN108173690A
CN108173690A CN201711449010.3A CN201711449010A CN108173690A CN 108173690 A CN108173690 A CN 108173690A CN 201711449010 A CN201711449010 A CN 201711449010A CN 108173690 A CN108173690 A CN 108173690A
Authority
CN
China
Prior art keywords
control method
automatically positioned
monitoring
traffic failure
active forewarning
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711449010.3A
Other languages
Chinese (zh)
Inventor
程永新
孙玉颖
程继贵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANGHAI NEW CENTURY NETWORK Co Ltd
Original Assignee
SHANGHAI NEW CENTURY NETWORK Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANGHAI NEW CENTURY NETWORK Co Ltd filed Critical SHANGHAI NEW CENTURY NETWORK Co Ltd
Priority to CN201711449010.3A priority Critical patent/CN108173690A/en
Publication of CN108173690A publication Critical patent/CN108173690A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0677Localisation of faults
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0811Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/51Discovery or management thereof, e.g. service location protocol [SLP] or web services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a kind of active forewarning and the control method of traffic failure is automatically positioned, is included the following steps:S1:Previously according to different types of operation system, different classes of knowledge base is created and is configured;S2:According to the distribution of business and deployment scenario, monitor mode is selected;S3:Monitor supervision platform is established according to practical environment, all kinds of monitoring is set to be configured;S4:Regular operation system security sweep is established, and Auto-matching early warning is carried out to scanning result;S5:When an error occurs, it is compared, screened in knowledge base by the pre-alert notification of triggering, merger, forming effective fault automatic location.Active forewarning provided by the invention and the control method for being automatically positioned traffic failure can establish the O&M early warning of complete set and the model of fast automatic positioning failure, so as to improve the integration capability of operation system operation, effectively reduce business risk.

Description

A kind of active forewarning and the control method for being automatically positioned traffic failure
Technical field
The present invention relates to a kind of business fault treatment method more particularly to a kind of active forewarning and it is automatically positioned traffic failure Control method.
Background technology
During operation system (such as the applied system of the polymorphic types such as online shopping mall, outer calling platform) operation and maintenance, It is frequently encountered following various problems or failure:
1st, business module dysfunction is fallen back to applicating maintenance personnel there by way of customer complaint, just knows and be System has been led to the problem of or failure;
2nd, it when user's sensitive data is stolen that initiation is large-scale to complain, just responds to come to trace the safe thing having occurred and that Part problem.It is weak using personnel, operation maintenance personnel and developer's general safety consciousness, such as privacy of user of maliciously divulging a secret, Weak passwurd setting, code XSS cause all kinds of security incidents across station loophole etc.;
3rd, the work that daily O&M repeats does not deeply consider optimization and promotes maintenance work efficiency;
4th, lack the examination of production environment operation, maloperation causes production major accident and generates;
5th, operation maintenance personnel lacks " revering " heart to production environment, and operation is random, leads to production development accident frequently;
6th, lack the problem of necessary and failure is summarized, do not form effective automatic early-warning mechanism;
Usually majority company and enterprise can be coped with or be evaded with the following method:
1st, this failure used for influence user sits on, it is desirable that operation maintenance personnel strengthens business monitoring.
2nd, coordinate test, exploitation, O&M etc. and analyze this failure in many ways, while simulation test is carried out in test environment.
Processing mode general at present exists following insufficient:
1st, lack failure in-depth analysis and summary and the inspection of " understanding the rest by analogy " formula, such as its other party of investigation production environment The hidden danger point in face;
2nd, simple managerial requirement lacks the guiding opinion of specific landing operation, such as which business function needs Key monitoring, using active monitoring or passive monitoring, be using Intranet or outer net monitor mode etc.;
3rd, lack the function of problem or fault automatic location.
Invention content
The technical problems to be solved by the invention are to provide a kind of active forewarning and are automatically positioned the controlling party of traffic failure Method can establish the O&M early warning of complete set and the model of fast automatic positioning failure, so as to improve operation system operation Integration capability effectively reduces business risk.
The present invention is to solve above-mentioned technical problem and the technical solution adopted is that providing a kind of active forewarning and being automatically positioned The control method of traffic failure, includes the following steps:S1:Previously according to different types of operation system, create and configuration is different The knowledge base of classification;S2:According to the distribution of business and deployment scenario, monitor mode is selected;S3:Prison is established according to practical environment Platform is controlled, all kinds of monitoring is set to be configured;S4:Regular operation system security sweep is established, and Auto-matching is carried out to scanning result Early warning;S5:When an error occurs, it is compared, screened in knowledge base by the pre-alert notification of triggering, merger, formed effective Fault automatic location.
Above-mentioned active forewarning and the control method for being automatically positioned traffic failure, wherein, the monitoring side in the step S1 Formula is active monitor mode or passive monitoring mode.
Above-mentioned active forewarning and the control method for being automatically positioned traffic failure, wherein, configuration is monitored in the step S2 It can including Intranet service URL detection of connectivity, outer net service URL detection of connectivity, the monitoring of host CPU/memory usage, disk It is monitored with space, main program monitors and port monitoring.
Above-mentioned active forewarning and the control method for being automatically positioned traffic failure, wherein, the safety in the step S3 is swept It retouches including privacy of user of maliciously divulging a secret, weak passwurd setting and code XSS across station loophole.
Above-mentioned active forewarning and the control method for being automatically positioned traffic failure, wherein, the step S3 is further included to net PV, UV value of standing and user concurrent number are scanned monitoring.
Above-mentioned active forewarning and the control method for being automatically positioned traffic failure, wherein, the early warning type includes short message Gateway, mail or Advise By Wire.
The present invention comparison prior art has following advantageous effect:Active forewarning provided by the invention is simultaneously automatically positioned business The control method of failure can establish the O&M early warning of complete set and the model of fast automatic positioning failure, so as to improve industry The integration capability for system operation of being engaged in, effectively reduces business risk.
Description of the drawings
Fig. 1 is active forewarning of the present invention and is automatically positioned the control flow schematic diagram of traffic failure.
Specific embodiment
The invention will be further described with reference to the accompanying drawings and examples.
Fig. 1 is active forewarning of the present invention and is automatically positioned the control flow schematic diagram of traffic failure.
Fig. 1, active forewarning provided by the invention and the control method for being automatically positioned traffic failure are referred to, including walking as follows Suddenly:
S1:Previously according to different types of operation system, different classes of knowledge base is created and is configured;
S2:According to the distribution of business and deployment scenario, monitor mode is selected;
S3:Monitor supervision platform is established according to practical environment, all kinds of monitoring is set to be configured;
S4:Regular operation system security sweep is established, and Auto-matching early warning is carried out to scanning result;
S5:When an error occurs, it is compared, screened in knowledge base by the pre-alert notification of triggering, merger, be formed with The fault automatic location of effect.
Specific framework and the realization of the present invention is given below.
First, operation system early warning is established
1. application system early warning discusses on extensive issues with service application side and exploitation and checks on important service, according to business reality The distribution on border and deployment scenario set monitor mode.According to practical environment into monitor supervision platform is established, monitoring type is selected actively Monitoring or passive monitoring, set all kinds of monitoring, are usually configured:Service URL detection of connectivity (intranet and extranet), host CPU/memory make Monitored with rate, the monitoring of disk free space, main program or port monitoring etc., must ensure that every monitoring is all authentic and valid.
2. safe early warning is accomplished to minimize as possible in terms of operation system and host permission, security risk is reduced, such as be System password complexity setting requirements;Establish regular operation system security sweep, to scanning result carry out Auto-matching, notice to pair The responsible person answered.Such as security sweep finds that same IP occurs XSS for more times across station loophole, just trigger to corresponding developer or Supervisor sends pre-alert notification.
3. working efficiency early warning, the work of daily repetition can also establish early warning.Such as journal file is deleted daily, often It imports the operations such as file, can be with pre-alert notification to counterpart personnel, it is proposed that Optimization Work efficiency as early as possible.
4. maloperation or malicious operation early warning, when there is the operation of maloperation or malicious sabotage, early warning is carried out in time and is led to Corresponding people is known, to evade the risk for the fault in production being likely to occur, such as the operations such as rm-rf* in time.
As above the active forewarning mode enumerated is common type in real work, in practical business system maintenance work In or need continuous optimization and supplement.For example, with the continuous development and popularization of E-shop system, website PV, UV value, Situations such as user concurrent number, also can increase and embody therewith, at this moment just need through the early warning mechanism established in advance this The thing of operation system failure may be caused to come out to early warning in a manner of digital by specific quantization, operation management person can pass through These data specifically counted are analyzed, and make corresponding adjustment.
2nd, alarm mode
The mode of early warning can be selected according to actual working environment, and usual early warning type has:Short Message Service Gateway, mail, Advise By Wire, and the most commonly used is exactly Short Message Service Gateway, and counterpart personnel is notified by way of short message warning.
3rd, knowledge base is established
According to different types of operation system, different classes of knowledge base is created and is configured, can be stored in database, It can also be stored in a manner of text or binary system etc. according to practical business development.According to different failure mode service class Type classifies, while needs the dilatation in view of later stage knowledge base.Project construction initial stage just needs to set initial knowledge The ability of fault automatic location by being docked with the early warning system having built up, is accomplished in library.When an error occurs, By comparison, screening, merger of the pre-alert notification of triggering in problem base, effective fault automatic location is formed, and can be through The result notice tentatively automatically analyzed is to the personnel specified.It illustrates:There is part in the electronic emporium of Luoyang base platform Service exception
Failure is classified and is defined the level with urgency level according to business is important.
The active forewarning short message or mail received has:
1. the alarm of testing outside operation system
2. the alarm of outer net IP port connectivities
3. the no alarm of testing inside operation system
4. internal network port connectivity no alarm
5. business host process no alarm
The merger that condition is carried out with knowledge base by the information of operation system active forewarning is analyzed, and comprehensive deduction may public network There is exception in the network that middle part is originated from telecommunications, is then handled for the fault location.
Certainly, the present invention also needs to constantly strengthen analysing in depth problem or the comprehensive of failure, constantly goes to supplement With improve knowledge base, according to actual application environment come continuous strengthening the real result and provide fault location accuracy rate.
In conclusion active forewarning provided by the invention and being automatically positioned the control method of traffic failure, specific advantage is such as Under:1. operating officer effectively grasps application system operating status in time.2. effectively promote the safety of application system.3. synthesis carries The working efficiency of the personnel such as high application, O&M, exploitation.It, can be with when breaking down 4. substantially reduce operation system failure rate It improves disposition rate and shortens failure Deal with Time.
Although the present invention is disclosed as above with preferred embodiment, however, it is not to limit the invention, any this field skill Art personnel, without departing from the spirit and scope of the present invention, when can make a little modification and it is perfect, therefore the present invention protection model It encloses to work as and is subject to what claims were defined.

Claims (6)

1. a kind of active forewarning and the control method for being automatically positioned traffic failure, which is characterized in that include the following steps:
S1:Previously according to different types of operation system, different classes of knowledge base is created and is configured;
S2:According to the distribution of business and deployment scenario, monitor mode is selected;
S3:Monitor supervision platform is established according to practical environment, all kinds of monitoring is set to be configured;
S4:Regular operation system security sweep is established, and Auto-matching early warning is carried out to scanning result;
S5:When an error occurs, it is compared, screened in knowledge base by the pre-alert notification of triggering, merger, formed effective Fault automatic location.
2. active forewarning as described in claim 1 and the control method for being automatically positioned traffic failure, which is characterized in that the step Monitor mode in rapid S1 is active monitor mode or passive monitoring mode.
3. active forewarning as described in claim 1 and the control method for being automatically positioned traffic failure, which is characterized in that the step Monitoring configuration, which includes Intranet service URL detection of connectivity, outer net service URL detection of connectivity, host CPU/memory, in rapid S2 makes It is monitored with rate, the monitoring of disk free space, main program monitors and port monitoring.
4. active forewarning as described in claim 1 and the control method for being automatically positioned traffic failure, which is characterized in that the step Security sweep in rapid S3 includes malice and divulges a secret privacy of user, weak passwurd setting and code XSS across station loophole.
5. active forewarning as claimed in claim 4 and the control method for being automatically positioned traffic failure, which is characterized in that the step Rapid S3 is further included is scanned monitoring to website PV, UV value and user concurrent number.
6. active forewarning as described in claim 1 and the control method for being automatically positioned traffic failure, which is characterized in that described pre- Alert type includes Short Message Service Gateway, mail or Advise By Wire.
CN201711449010.3A 2017-12-27 2017-12-27 A kind of active forewarning and the control method for being automatically positioned traffic failure Pending CN108173690A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711449010.3A CN108173690A (en) 2017-12-27 2017-12-27 A kind of active forewarning and the control method for being automatically positioned traffic failure

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711449010.3A CN108173690A (en) 2017-12-27 2017-12-27 A kind of active forewarning and the control method for being automatically positioned traffic failure

Publications (1)

Publication Number Publication Date
CN108173690A true CN108173690A (en) 2018-06-15

Family

ID=62518603

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711449010.3A Pending CN108173690A (en) 2017-12-27 2017-12-27 A kind of active forewarning and the control method for being automatically positioned traffic failure

Country Status (1)

Country Link
CN (1) CN108173690A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108833188A (en) * 2018-07-17 2018-11-16 顺丰科技有限公司 A kind of warning message management method, device, equipment and storage medium
CN109218071A (en) * 2018-07-17 2019-01-15 华为技术有限公司 Dial testing method and device under a kind of NFV environment
CN109547494A (en) * 2019-01-02 2019-03-29 广东电网有限责任公司 Network security detection gateway and system
WO2020042086A1 (en) * 2018-08-30 2020-03-05 深圳市互盟科技股份有限公司 Method and system for implementing devops

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101404803A (en) * 2008-11-13 2009-04-08 浪潮通信信息系统有限公司 Multidimensional monitoring method for network management system
CN102546219A (en) * 2010-12-31 2012-07-04 中国移动通信集团甘肃有限公司 Method and system for monitoring defaulting subscribers
CN102761454A (en) * 2011-04-28 2012-10-31 中兴通讯股份有限公司 Method and system for monitoring internet of things
US20130013967A1 (en) * 2006-12-22 2013-01-10 Commvault Systems, Inc. Systems and methods for remote monitoring in a computer network
CN102932191A (en) * 2012-11-26 2013-02-13 赛特斯网络科技(南京)有限责任公司 Method for implementing real-time intelligent fault analysis based on dynamic link in IPTV (Internet Protocol Television) network
CN107291830A (en) * 2017-05-27 2017-10-24 宁夏共享模具有限公司 A kind of creation method of equipment knowledge base

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130013967A1 (en) * 2006-12-22 2013-01-10 Commvault Systems, Inc. Systems and methods for remote monitoring in a computer network
CN101404803A (en) * 2008-11-13 2009-04-08 浪潮通信信息系统有限公司 Multidimensional monitoring method for network management system
CN102546219A (en) * 2010-12-31 2012-07-04 中国移动通信集团甘肃有限公司 Method and system for monitoring defaulting subscribers
CN102761454A (en) * 2011-04-28 2012-10-31 中兴通讯股份有限公司 Method and system for monitoring internet of things
CN102932191A (en) * 2012-11-26 2013-02-13 赛特斯网络科技(南京)有限责任公司 Method for implementing real-time intelligent fault analysis based on dynamic link in IPTV (Internet Protocol Television) network
CN107291830A (en) * 2017-05-27 2017-10-24 宁夏共享模具有限公司 A kind of creation method of equipment knowledge base

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108833188A (en) * 2018-07-17 2018-11-16 顺丰科技有限公司 A kind of warning message management method, device, equipment and storage medium
CN109218071A (en) * 2018-07-17 2019-01-15 华为技术有限公司 Dial testing method and device under a kind of NFV environment
CN109218071B (en) * 2018-07-17 2020-09-29 华为技术有限公司 Dial testing method and device under NFV environment
CN108833188B (en) * 2018-07-17 2021-12-28 顺丰科技有限公司 Alarm information management method, device, equipment and storage medium
WO2020042086A1 (en) * 2018-08-30 2020-03-05 深圳市互盟科技股份有限公司 Method and system for implementing devops
CN109547494A (en) * 2019-01-02 2019-03-29 广东电网有限责任公司 Network security detection gateway and system

Similar Documents

Publication Publication Date Title
CN108173690A (en) A kind of active forewarning and the control method for being automatically positioned traffic failure
US7893830B2 (en) System and method of dynamically weighted analysis for intrusion decision-making
US20220038492A1 (en) System and Method for Assigning Threat Valuations to Network Events and Security Events
EP1741223B1 (en) Method, apparatus and computer program for distinguishing relevant network security threats using comparison of refined intrusion detection audits and intelligent security analysis
JP6833672B2 (en) How to detect attacks on the work environment connected to the communication network
CN101984603B (en) Power sensitive information detection method based on e-mail interception
US20120047581A1 (en) Event-driven auto-restoration of websites
US11374954B1 (en) Detecting anomalous network behavior
CN105049592B (en) Mobile intelligent terminal voice safety protection method and system
CN112787992A (en) Method, device, equipment and medium for detecting and protecting sensitive data
EP2936772B1 (en) Network security management
CN110048932B (en) Method, device and equipment for detecting effectiveness of mail monitoring function and storage medium
CN107315952A (en) Method and apparatus for determining application program suspicious actions
US20180183819A1 (en) System to detect machine-initiated events in time series data
CN115001792A (en) Accuracy evaluation method for learning industrial Internet security perception system
CN109327432A (en) A kind of method for handling computer network information security events
CN106789234B (en) Automatic alarm test system and method for call center
CN105163296A (en) Multi-dimensional spam message filtering method and system
CN113709170A (en) Asset safe operation system, method and device
Tarmazakov et al. Modern approaches to prevent fraud in mobile communications networks
US7367055B2 (en) Communication systems automated security detection based on protocol cause codes
CN110378120A (en) Application programming interfaces attack detection method, device and readable storage medium storing program for executing
CN113360907A (en) Hacker intrusion prevention method based on IDES and NIDES
CN114037286A (en) Big data based automatic sensitive data detection method and system for power dispatching
EP2911362B1 (en) Method and system for detecting intrusion in networks and systems based on business-process specification

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20180615

WD01 Invention patent application deemed withdrawn after publication