CN108173690A - A kind of active forewarning and the control method for being automatically positioned traffic failure - Google Patents
A kind of active forewarning and the control method for being automatically positioned traffic failure Download PDFInfo
- Publication number
- CN108173690A CN108173690A CN201711449010.3A CN201711449010A CN108173690A CN 108173690 A CN108173690 A CN 108173690A CN 201711449010 A CN201711449010 A CN 201711449010A CN 108173690 A CN108173690 A CN 108173690A
- Authority
- CN
- China
- Prior art keywords
- control method
- automatically positioned
- monitoring
- traffic failure
- active forewarning
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
- H04L67/025—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0677—Localisation of faults
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0811—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/51—Discovery or management thereof, e.g. service location protocol [SLP] or web services
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Environmental & Geological Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of active forewarning and the control method of traffic failure is automatically positioned, is included the following steps:S1:Previously according to different types of operation system, different classes of knowledge base is created and is configured;S2:According to the distribution of business and deployment scenario, monitor mode is selected;S3:Monitor supervision platform is established according to practical environment, all kinds of monitoring is set to be configured;S4:Regular operation system security sweep is established, and Auto-matching early warning is carried out to scanning result;S5:When an error occurs, it is compared, screened in knowledge base by the pre-alert notification of triggering, merger, forming effective fault automatic location.Active forewarning provided by the invention and the control method for being automatically positioned traffic failure can establish the O&M early warning of complete set and the model of fast automatic positioning failure, so as to improve the integration capability of operation system operation, effectively reduce business risk.
Description
Technical field
The present invention relates to a kind of business fault treatment method more particularly to a kind of active forewarning and it is automatically positioned traffic failure
Control method.
Background technology
During operation system (such as the applied system of the polymorphic types such as online shopping mall, outer calling platform) operation and maintenance,
It is frequently encountered following various problems or failure:
1st, business module dysfunction is fallen back to applicating maintenance personnel there by way of customer complaint, just knows and be
System has been led to the problem of or failure;
2nd, it when user's sensitive data is stolen that initiation is large-scale to complain, just responds to come to trace the safe thing having occurred and that
Part problem.It is weak using personnel, operation maintenance personnel and developer's general safety consciousness, such as privacy of user of maliciously divulging a secret,
Weak passwurd setting, code XSS cause all kinds of security incidents across station loophole etc.;
3rd, the work that daily O&M repeats does not deeply consider optimization and promotes maintenance work efficiency;
4th, lack the examination of production environment operation, maloperation causes production major accident and generates;
5th, operation maintenance personnel lacks " revering " heart to production environment, and operation is random, leads to production development accident frequently;
6th, lack the problem of necessary and failure is summarized, do not form effective automatic early-warning mechanism;
Usually majority company and enterprise can be coped with or be evaded with the following method:
1st, this failure used for influence user sits on, it is desirable that operation maintenance personnel strengthens business monitoring.
2nd, coordinate test, exploitation, O&M etc. and analyze this failure in many ways, while simulation test is carried out in test environment.
Processing mode general at present exists following insufficient:
1st, lack failure in-depth analysis and summary and the inspection of " understanding the rest by analogy " formula, such as its other party of investigation production environment
The hidden danger point in face;
2nd, simple managerial requirement lacks the guiding opinion of specific landing operation, such as which business function needs
Key monitoring, using active monitoring or passive monitoring, be using Intranet or outer net monitor mode etc.;
3rd, lack the function of problem or fault automatic location.
Invention content
The technical problems to be solved by the invention are to provide a kind of active forewarning and are automatically positioned the controlling party of traffic failure
Method can establish the O&M early warning of complete set and the model of fast automatic positioning failure, so as to improve operation system operation
Integration capability effectively reduces business risk.
The present invention is to solve above-mentioned technical problem and the technical solution adopted is that providing a kind of active forewarning and being automatically positioned
The control method of traffic failure, includes the following steps:S1:Previously according to different types of operation system, create and configuration is different
The knowledge base of classification;S2:According to the distribution of business and deployment scenario, monitor mode is selected;S3:Prison is established according to practical environment
Platform is controlled, all kinds of monitoring is set to be configured;S4:Regular operation system security sweep is established, and Auto-matching is carried out to scanning result
Early warning;S5:When an error occurs, it is compared, screened in knowledge base by the pre-alert notification of triggering, merger, formed effective
Fault automatic location.
Above-mentioned active forewarning and the control method for being automatically positioned traffic failure, wherein, the monitoring side in the step S1
Formula is active monitor mode or passive monitoring mode.
Above-mentioned active forewarning and the control method for being automatically positioned traffic failure, wherein, configuration is monitored in the step S2
It can including Intranet service URL detection of connectivity, outer net service URL detection of connectivity, the monitoring of host CPU/memory usage, disk
It is monitored with space, main program monitors and port monitoring.
Above-mentioned active forewarning and the control method for being automatically positioned traffic failure, wherein, the safety in the step S3 is swept
It retouches including privacy of user of maliciously divulging a secret, weak passwurd setting and code XSS across station loophole.
Above-mentioned active forewarning and the control method for being automatically positioned traffic failure, wherein, the step S3 is further included to net
PV, UV value of standing and user concurrent number are scanned monitoring.
Above-mentioned active forewarning and the control method for being automatically positioned traffic failure, wherein, the early warning type includes short message
Gateway, mail or Advise By Wire.
The present invention comparison prior art has following advantageous effect:Active forewarning provided by the invention is simultaneously automatically positioned business
The control method of failure can establish the O&M early warning of complete set and the model of fast automatic positioning failure, so as to improve industry
The integration capability for system operation of being engaged in, effectively reduces business risk.
Description of the drawings
Fig. 1 is active forewarning of the present invention and is automatically positioned the control flow schematic diagram of traffic failure.
Specific embodiment
The invention will be further described with reference to the accompanying drawings and examples.
Fig. 1 is active forewarning of the present invention and is automatically positioned the control flow schematic diagram of traffic failure.
Fig. 1, active forewarning provided by the invention and the control method for being automatically positioned traffic failure are referred to, including walking as follows
Suddenly:
S1:Previously according to different types of operation system, different classes of knowledge base is created and is configured;
S2:According to the distribution of business and deployment scenario, monitor mode is selected;
S3:Monitor supervision platform is established according to practical environment, all kinds of monitoring is set to be configured;
S4:Regular operation system security sweep is established, and Auto-matching early warning is carried out to scanning result;
S5:When an error occurs, it is compared, screened in knowledge base by the pre-alert notification of triggering, merger, be formed with
The fault automatic location of effect.
Specific framework and the realization of the present invention is given below.
First, operation system early warning is established
1. application system early warning discusses on extensive issues with service application side and exploitation and checks on important service, according to business reality
The distribution on border and deployment scenario set monitor mode.According to practical environment into monitor supervision platform is established, monitoring type is selected actively
Monitoring or passive monitoring, set all kinds of monitoring, are usually configured:Service URL detection of connectivity (intranet and extranet), host CPU/memory make
Monitored with rate, the monitoring of disk free space, main program or port monitoring etc., must ensure that every monitoring is all authentic and valid.
2. safe early warning is accomplished to minimize as possible in terms of operation system and host permission, security risk is reduced, such as be
System password complexity setting requirements;Establish regular operation system security sweep, to scanning result carry out Auto-matching, notice to pair
The responsible person answered.Such as security sweep finds that same IP occurs XSS for more times across station loophole, just trigger to corresponding developer or
Supervisor sends pre-alert notification.
3. working efficiency early warning, the work of daily repetition can also establish early warning.Such as journal file is deleted daily, often
It imports the operations such as file, can be with pre-alert notification to counterpart personnel, it is proposed that Optimization Work efficiency as early as possible.
4. maloperation or malicious operation early warning, when there is the operation of maloperation or malicious sabotage, early warning is carried out in time and is led to
Corresponding people is known, to evade the risk for the fault in production being likely to occur, such as the operations such as rm-rf* in time.
As above the active forewarning mode enumerated is common type in real work, in practical business system maintenance work
In or need continuous optimization and supplement.For example, with the continuous development and popularization of E-shop system, website PV, UV value,
Situations such as user concurrent number, also can increase and embody therewith, at this moment just need through the early warning mechanism established in advance this
The thing of operation system failure may be caused to come out to early warning in a manner of digital by specific quantization, operation management person can pass through
These data specifically counted are analyzed, and make corresponding adjustment.
2nd, alarm mode
The mode of early warning can be selected according to actual working environment, and usual early warning type has:Short Message Service Gateway, mail,
Advise By Wire, and the most commonly used is exactly Short Message Service Gateway, and counterpart personnel is notified by way of short message warning.
3rd, knowledge base is established
According to different types of operation system, different classes of knowledge base is created and is configured, can be stored in database,
It can also be stored in a manner of text or binary system etc. according to practical business development.According to different failure mode service class
Type classifies, while needs the dilatation in view of later stage knowledge base.Project construction initial stage just needs to set initial knowledge
The ability of fault automatic location by being docked with the early warning system having built up, is accomplished in library.When an error occurs,
By comparison, screening, merger of the pre-alert notification of triggering in problem base, effective fault automatic location is formed, and can be through
The result notice tentatively automatically analyzed is to the personnel specified.It illustrates:There is part in the electronic emporium of Luoyang base platform
Service exception
Failure is classified and is defined the level with urgency level according to business is important.
The active forewarning short message or mail received has:
1. the alarm of testing outside operation system
2. the alarm of outer net IP port connectivities
3. the no alarm of testing inside operation system
4. internal network port connectivity no alarm
5. business host process no alarm
The merger that condition is carried out with knowledge base by the information of operation system active forewarning is analyzed, and comprehensive deduction may public network
There is exception in the network that middle part is originated from telecommunications, is then handled for the fault location.
Certainly, the present invention also needs to constantly strengthen analysing in depth problem or the comprehensive of failure, constantly goes to supplement
With improve knowledge base, according to actual application environment come continuous strengthening the real result and provide fault location accuracy rate.
In conclusion active forewarning provided by the invention and being automatically positioned the control method of traffic failure, specific advantage is such as
Under:1. operating officer effectively grasps application system operating status in time.2. effectively promote the safety of application system.3. synthesis carries
The working efficiency of the personnel such as high application, O&M, exploitation.It, can be with when breaking down 4. substantially reduce operation system failure rate
It improves disposition rate and shortens failure Deal with Time.
Although the present invention is disclosed as above with preferred embodiment, however, it is not to limit the invention, any this field skill
Art personnel, without departing from the spirit and scope of the present invention, when can make a little modification and it is perfect, therefore the present invention protection model
It encloses to work as and is subject to what claims were defined.
Claims (6)
1. a kind of active forewarning and the control method for being automatically positioned traffic failure, which is characterized in that include the following steps:
S1:Previously according to different types of operation system, different classes of knowledge base is created and is configured;
S2:According to the distribution of business and deployment scenario, monitor mode is selected;
S3:Monitor supervision platform is established according to practical environment, all kinds of monitoring is set to be configured;
S4:Regular operation system security sweep is established, and Auto-matching early warning is carried out to scanning result;
S5:When an error occurs, it is compared, screened in knowledge base by the pre-alert notification of triggering, merger, formed effective
Fault automatic location.
2. active forewarning as described in claim 1 and the control method for being automatically positioned traffic failure, which is characterized in that the step
Monitor mode in rapid S1 is active monitor mode or passive monitoring mode.
3. active forewarning as described in claim 1 and the control method for being automatically positioned traffic failure, which is characterized in that the step
Monitoring configuration, which includes Intranet service URL detection of connectivity, outer net service URL detection of connectivity, host CPU/memory, in rapid S2 makes
It is monitored with rate, the monitoring of disk free space, main program monitors and port monitoring.
4. active forewarning as described in claim 1 and the control method for being automatically positioned traffic failure, which is characterized in that the step
Security sweep in rapid S3 includes malice and divulges a secret privacy of user, weak passwurd setting and code XSS across station loophole.
5. active forewarning as claimed in claim 4 and the control method for being automatically positioned traffic failure, which is characterized in that the step
Rapid S3 is further included is scanned monitoring to website PV, UV value and user concurrent number.
6. active forewarning as described in claim 1 and the control method for being automatically positioned traffic failure, which is characterized in that described pre-
Alert type includes Short Message Service Gateway, mail or Advise By Wire.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711449010.3A CN108173690A (en) | 2017-12-27 | 2017-12-27 | A kind of active forewarning and the control method for being automatically positioned traffic failure |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711449010.3A CN108173690A (en) | 2017-12-27 | 2017-12-27 | A kind of active forewarning and the control method for being automatically positioned traffic failure |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108173690A true CN108173690A (en) | 2018-06-15 |
Family
ID=62518603
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711449010.3A Pending CN108173690A (en) | 2017-12-27 | 2017-12-27 | A kind of active forewarning and the control method for being automatically positioned traffic failure |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108173690A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108833188A (en) * | 2018-07-17 | 2018-11-16 | 顺丰科技有限公司 | A kind of warning message management method, device, equipment and storage medium |
CN109218071A (en) * | 2018-07-17 | 2019-01-15 | 华为技术有限公司 | Dial testing method and device under a kind of NFV environment |
CN109547494A (en) * | 2019-01-02 | 2019-03-29 | 广东电网有限责任公司 | Network security detection gateway and system |
WO2020042086A1 (en) * | 2018-08-30 | 2020-03-05 | 深圳市互盟科技股份有限公司 | Method and system for implementing devops |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101404803A (en) * | 2008-11-13 | 2009-04-08 | 浪潮通信信息系统有限公司 | Multidimensional monitoring method for network management system |
CN102546219A (en) * | 2010-12-31 | 2012-07-04 | 中国移动通信集团甘肃有限公司 | Method and system for monitoring defaulting subscribers |
CN102761454A (en) * | 2011-04-28 | 2012-10-31 | 中兴通讯股份有限公司 | Method and system for monitoring internet of things |
US20130013967A1 (en) * | 2006-12-22 | 2013-01-10 | Commvault Systems, Inc. | Systems and methods for remote monitoring in a computer network |
CN102932191A (en) * | 2012-11-26 | 2013-02-13 | 赛特斯网络科技(南京)有限责任公司 | Method for implementing real-time intelligent fault analysis based on dynamic link in IPTV (Internet Protocol Television) network |
CN107291830A (en) * | 2017-05-27 | 2017-10-24 | 宁夏共享模具有限公司 | A kind of creation method of equipment knowledge base |
-
2017
- 2017-12-27 CN CN201711449010.3A patent/CN108173690A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130013967A1 (en) * | 2006-12-22 | 2013-01-10 | Commvault Systems, Inc. | Systems and methods for remote monitoring in a computer network |
CN101404803A (en) * | 2008-11-13 | 2009-04-08 | 浪潮通信信息系统有限公司 | Multidimensional monitoring method for network management system |
CN102546219A (en) * | 2010-12-31 | 2012-07-04 | 中国移动通信集团甘肃有限公司 | Method and system for monitoring defaulting subscribers |
CN102761454A (en) * | 2011-04-28 | 2012-10-31 | 中兴通讯股份有限公司 | Method and system for monitoring internet of things |
CN102932191A (en) * | 2012-11-26 | 2013-02-13 | 赛特斯网络科技(南京)有限责任公司 | Method for implementing real-time intelligent fault analysis based on dynamic link in IPTV (Internet Protocol Television) network |
CN107291830A (en) * | 2017-05-27 | 2017-10-24 | 宁夏共享模具有限公司 | A kind of creation method of equipment knowledge base |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108833188A (en) * | 2018-07-17 | 2018-11-16 | 顺丰科技有限公司 | A kind of warning message management method, device, equipment and storage medium |
CN109218071A (en) * | 2018-07-17 | 2019-01-15 | 华为技术有限公司 | Dial testing method and device under a kind of NFV environment |
CN109218071B (en) * | 2018-07-17 | 2020-09-29 | 华为技术有限公司 | Dial testing method and device under NFV environment |
CN108833188B (en) * | 2018-07-17 | 2021-12-28 | 顺丰科技有限公司 | Alarm information management method, device, equipment and storage medium |
WO2020042086A1 (en) * | 2018-08-30 | 2020-03-05 | 深圳市互盟科技股份有限公司 | Method and system for implementing devops |
CN109547494A (en) * | 2019-01-02 | 2019-03-29 | 广东电网有限责任公司 | Network security detection gateway and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108173690A (en) | A kind of active forewarning and the control method for being automatically positioned traffic failure | |
US7893830B2 (en) | System and method of dynamically weighted analysis for intrusion decision-making | |
US20220038492A1 (en) | System and Method for Assigning Threat Valuations to Network Events and Security Events | |
EP1741223B1 (en) | Method, apparatus and computer program for distinguishing relevant network security threats using comparison of refined intrusion detection audits and intelligent security analysis | |
JP6833672B2 (en) | How to detect attacks on the work environment connected to the communication network | |
CN101984603B (en) | Power sensitive information detection method based on e-mail interception | |
US20120047581A1 (en) | Event-driven auto-restoration of websites | |
US11374954B1 (en) | Detecting anomalous network behavior | |
CN105049592B (en) | Mobile intelligent terminal voice safety protection method and system | |
CN112787992A (en) | Method, device, equipment and medium for detecting and protecting sensitive data | |
EP2936772B1 (en) | Network security management | |
CN110048932B (en) | Method, device and equipment for detecting effectiveness of mail monitoring function and storage medium | |
CN107315952A (en) | Method and apparatus for determining application program suspicious actions | |
US20180183819A1 (en) | System to detect machine-initiated events in time series data | |
CN115001792A (en) | Accuracy evaluation method for learning industrial Internet security perception system | |
CN109327432A (en) | A kind of method for handling computer network information security events | |
CN106789234B (en) | Automatic alarm test system and method for call center | |
CN105163296A (en) | Multi-dimensional spam message filtering method and system | |
CN113709170A (en) | Asset safe operation system, method and device | |
Tarmazakov et al. | Modern approaches to prevent fraud in mobile communications networks | |
US7367055B2 (en) | Communication systems automated security detection based on protocol cause codes | |
CN110378120A (en) | Application programming interfaces attack detection method, device and readable storage medium storing program for executing | |
CN113360907A (en) | Hacker intrusion prevention method based on IDES and NIDES | |
CN114037286A (en) | Big data based automatic sensitive data detection method and system for power dispatching | |
EP2911362B1 (en) | Method and system for detecting intrusion in networks and systems based on business-process specification |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20180615 |
|
WD01 | Invention patent application deemed withdrawn after publication |