CN110138583A - A kind of methods of exhibiting of warning intelligent analysis - Google Patents
A kind of methods of exhibiting of warning intelligent analysis Download PDFInfo
- Publication number
- CN110138583A CN110138583A CN201910158199.3A CN201910158199A CN110138583A CN 110138583 A CN110138583 A CN 110138583A CN 201910158199 A CN201910158199 A CN 201910158199A CN 110138583 A CN110138583 A CN 110138583A
- Authority
- CN
- China
- Prior art keywords
- alarm
- data
- engine
- analysis
- unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0604—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0686—Additional information in the notification, e.g. enhancement of specific meta-data
Abstract
The present invention relates to internets and multimedia technology field.The present invention provides a kind of methods of warning intelligent analysis and displaying characterized by comprising Step1: the engine alarm data collected;Step2: to extraction specified attribute data after the engine alarm data polymerization analysis;Cluster result: being persisted to the interface of third party's full-text search engine by Step3, and provides the data filtering interface that web front end shows cluster data;Step4: output cluster alarm information.
Description
Technical field
The present invention relates to the displaying sides that warning intelligent analysis is realized in network technique field more particularly to a kind of industrial control system
Method and system.
Background technique
The present invention to the description of background technique belong to the relevant technologies of the invention, be only used for illustrating and be easy to understand
Summary of the invention of the invention, should not be construed as applicant be specifically identified to or estimate applicant be considered the present invention be put forward for the first time Shen
The prior art of the applying date please.
The alert event that network system generates is particularly important to the safe and stable operation of network system, alarms under normal circumstances
The generation frequency of event should be very low, illustrates that the possibility for the policing rule configuration that alarm occurs is not perfect if excessive;But
In abnormal condition, for example large-scale external network attack has occurred in system, then the announcement of a large amount of repeat type can occur
Alert event, further may cause the generation of alarm avalanche events, once the stalwartness to whole network safety management system occurs
Property be test, while safety-related personnel are when in face of a large amount of alarms for being greater than 1 second, can not also concentrate one's energy to check network and ask
Topic, these a large amount of irregular alarms of milli effectively auxiliary security personnel can not position and solve rapidly network risks.
Summary of the invention
The present invention proposes that a kind of intelligent alarm based on alarm feature is analyzed and methods of exhibiting, the program can be to a large amount of phases
Alarm with feature carries out clustering, so that the alarm bar number that safety officer sees will not be with the increasing of alarm event number
Increase more;Simultaneously propose the method that the result of a kind of pair of intellectual analysis is shown, effective solution is presented above to ask
Topic, has been successfully applied in actual items at present.
For the defect for solving the above-mentioned prior art, the embodiment of the present invention provides a kind of intelligent alarm based on alarm feature point
Analysis and methods of exhibiting and system, the present invention propose it is a kind of based on alarm feature intelligent alarm analysis and methods of exhibiting, the program
Clustering can be carried out to the alarm of a large amount of same characteristic features, so that the alarm bar number that safety officer sees will not be with alarm
Event number increases and increases;The method that the result of a kind of pair of intellectual analysis is shown, effective solution are proposed simultaneously
Problems set forth above has been successfully applied in actual items at present.
The present invention provides a kind of methods of warning intelligent analysis and displaying characterized by comprising Step1 reception is adopted
The engine alarm data collected;Step2 extracts specified attribute data after the engine alarm data polymerization analysis;Step3: will
Cluster result is persisted to the interface of third party's full-text search engine, and provides the data filtering that web front end shows cluster data
Interface;Step4 output cluster alarm information.
Preferably, this method further include: if alarm data is existing, be updated, if there is new type, then will
In these insertion of data into data libraries.
Preferably, database described in this method is Full-text database ElasticSearch.
Preferably, the polymerization analysis in this method step S2 specifically includes:
Step21: the engine is alerted into insertion Full-text database ElasticSearch, ElasticSearch number
Initial data is established according to the specific field according to library and indexes and encodes, and the coding and alarm data are established into mapping table;
Step22: it is matched, and is classified according to the specific field of alarm data;
Step23: all specific fields are respectively formed a barrel unit, the bucket unit, which includes, meets condition alarm collection
The sum of conjunction and all alarms;
Step24: inside the unit, maximum value is done according to the time of alarm record respectively and minimum value polymerize;
Step25: the result of clustering is obtained.
The present invention also provides the systems of a kind of warning intelligent analysis and displaying, comprising: receiving module collects
Engine alarm data;Polymerization analysis module, to extraction specified attribute data after the engine alarm data polymerization analysis;Cluster knot
Fruit persistence and retrieval module;Alarm module, output cluster alarm information.
Preferably, system further include: updating unit is updated if alarm data is existing, if there is new
Type, then will be in these insertion of data into data libraries.
Preferably, database described in the system is Full-text database ElasticSearch.
Preferably, polymerization analysis module described in the system specifically includes:
The engine is alerted insertion Full-text database ElasticSearch by index and map unit,
ElasticSearch database establishes initial data according to the specific field and indexes and encode, and by the coding and alarm
Data establish mapping table;
Taxon is matched, is matched according to the specific field of alarm data, and classify;
Aggregation units are alerted, all specific fields are respectively formed a barrel unit, the bucket unit includes the condition of satisfaction
Alarm set and the sum of all alarms;
Interior polymeric unit does maximum value according to the time of alarm record respectively and minimum value is poly- inside the unit
It closes;
Result unit is obtained, the result of clustering is obtained.
The present invention also provides a kind of computer equipment, including memory, processor and storage are on a memory and can be
The computer program run on processor, which is characterized in that the processor realizes any of the above-described method when executing described program
The step of.
The present invention also provides computer readable storage mediums, are stored thereon with computer program, which is characterized in that the journey
It realizes when sequence is executed by processor such as the step of above-mentioned either method.
The system and method for warning intelligent analysis provided by the invention and displaying, compared with prior art, of the invention is excellent
Point is as follows:
1. proposing a kind of new intelligent alarm clustering method, simplify, a large amount of repetition alarms are sorted out, this
Sample can greatly reduce the quantity of alarm, can save space from stored angles, can be improved performance from retrieval angle, from practical angle
Degree can more focus critical issue;
2. proposing a kind of new alarm cluster data methods of exhibiting, strong operability is high-efficient, is more convenient at Security Officer
Manage network alarm;
3. alarm data storage uses full-text search engine, the traditional relevant database of retrieval efficiency ratio is more efficient,
And multi-field is supported to segment intelligent retrieval;
4. information show lockingization, can be used for rapidly and efficiently illustrate information needed, can be faster according to other function
Product content is found, is positioned faster.
Detailed description of the invention
It, below will be to attached drawing needed in embodiment description in order to illustrate more clearly of technical solution of the present invention
It is briefly described:
Fig. 1 shows the present invention a kind of method and flow chart of warning intelligent analysis and displaying;
Fig. 2 shows the block diagrams of a kind of warning intelligent analysis of the invention and the system of displaying;
Fig. 3 shows the present invention a kind of method and preferred flow charts of warning intelligent analysis and displaying;
Fig. 4 shows the present invention a kind of system and preferred block diagram of warning intelligent analysis and displaying;
Fig. 5 shows the another preferred block diagram of the system of a kind of warning intelligent analysis of the present invention and displaying;
Fig. 6 shows the another preferred block diagram of the system of a kind of warning intelligent analysis of the present invention and displaying;
Fig. 7 shows a kind of engine original alarm data instance of the present invention;
Fig. 8 illustrates a kind of engine original alarm data instance.
Specific embodiment
In order to which the purpose of the present invention, technical solution and advantage is more clearly understood, with reference to the accompanying drawings and embodiments,
The present invention will be described in further detail.It should be appreciated that specific embodiment described herein is used only for explaining the present invention,
It is not intended to limit the present invention.
In following introductions, term " first ", " second " are only used for the purpose of description, and cannot be construed as to imply that it is opposite
Importance.
Following introductions provide multiple embodiments of the invention, and combination can be replaced or merged between different embodiments,
Therefore the present invention is it is also contemplated that all possible combinations comprising documented identical and/or different embodiments.Thus, if one
Embodiment include feature A, B, C, another embodiment include feature B, D, then the present invention also should be regarded as include containing A, B, C,
The every other possible combined embodiments of one or more of D, although the embodiment may not have in the following contents it is bright
True literature record.
In network system of the present invention, how to avoid the alert event frequency excessively high and a large amount of repetition of alarms problems.
Embodiment 1
Referring to Fig.1, the present embodiment provides the signal of a kind of method of warning intelligent analysis and displaying.
A kind of warning intelligent analysis and the method for displaying the following steps are included:
Step1: the engine alarm data collected;
In the present embodiment, engine original alarm data source is network alarm monitoring acquisition engine, and engine is by original alarm
The alarm collection module of background service is sent to Json data.Engine original alarm data are for example, see attached drawing 7.
In attribute-name shown in attached drawing 7, most important attribute is tag attribute, which is mainly used for clustering, identical
The alarm of tag is considered of a sort alarm.
Step2: to extraction specified attribute data after the engine alarm data polymerization analysis;
After acquisition module consumption data, the warning information of timing (interval 5 seconds can configure) retrieval identical type, and
By the result of polymerization analysis by calling polymerization persistence interface to be saved in search engine.
Batch data is inserted into full-text search engine, these data are the data sources of subsequent intellectual analysis.
Preferably, the database is Full-text database ElasticSearch.
Preferably, clustering function and original alarm store asynchronous execution.
There are two the key Designs for alerting intellectual analysis, and one is being related to for alarm feature, and one is cluster alarm structure
Design.Typical alarm feature tag is the character string of following splicing construction:
Tag={ deviceId }-{ policyId }-{ RuleId }-{ src }-{ dst }
Each field is already discussed above in above structure, thinks him if the tag in original alarm is identical
Belong to a kind of alarm.
Cluster alarm structure also includes following field other than all fields containing original alarm:
GroupAlert data format definition
| Serial number | Attribute-name | Description |
| 1 | StartTime | Alert initial time |
| 2 | EndTime | Alarm terminates the time |
Cluster result: being persisted to the interface of third party's full-text search engine by Step3, and is provided the front end Web and shown and gather
The data filtering interface of class data;
The data filtering interface supports the filtering of all fields, and support multiple fields with or the complex conditions such as combine
Filtering function.
The search engine such as full-text search engine, a kind of third party's full-text search engine of open source.
Step4: output cluster alarm information.
Cluster alarm information can be exported in various ways, for example, by using alarming page mode, such as attached drawing 8.
Preferably, polymerization alarm data is rendered on the left of the page with tabular form, the time including polymerization, the address ip,
Total number and affiliated type.
Preferably, it by the related information of background transfer, is rendered on the detail information of the right side page, the letter including head
Easy graphic simulation, histogram is shown and tab switching display distinct device three parts
Preferably, head Simple figure simulation includes source address, destination address and device name, by image distribution,
Simple and clear displaying
Preferably, histogram is the data screened with earliest polymerization time and newest polymerization time, the number in 24 hours
According to the data that can show each hour, more than 30 days 24 hours in can then show daily data.Time can screen, specific hour
It is shown with the data of number of days.
Preferably .tab handoff association topological diagram information, illustrates MAC Address, IP address, Asset Type, assets position
It sets, vendor name, manufacturer's title and user's remark information.
To sum up, in basic embodiment of the invention, the alarm data of web front end inquiry is the alarm number after new cluster
According to, these data more can emphasis embody the frequency that alarm occurs, beginning and ending time, the position of generation, agreement, the policing rule of alarm
Etc. information, while also providing to similar one key filing function of alarm data, allow safety officer to same characteristic features
Alarm disposably confirms deletion to it.
Referring to Fig. 2, the present embodiment provides a kind of signal of the block diagram of warning intelligent analysis and displaying.
A kind of system of warning intelligent analysis and displaying, comprising:
Receiving module, the engine alarm data collected;
Polymerization analysis module, to extraction specified attribute data after the engine alarm data polymerization analysis;
Specified attribute data are inputted search engine by retrieval module;
Alarm module, output cluster alarm information.
Embodiment 2
The embodiment considers the update of cluster algorithm.1 something in common of the preferred embodiment and basic embodiment, no
It repeats again.
As shown in figure 3, a kind of warning intelligent analysis and methods of exhibiting of the embodiment, the Step2 further include:
Step21: if alarm data is existing, being updated, and if there is new type, is then inserted into these data
In database.
Correspondingly, a kind of warning intelligent analysis and display systems of the embodiment, as shown in figure 4, the polymerization analysis mould
Block further include:
Updating unit is updated if alarm data is existing, if there is new type, is then inserted these data
Enter in database.
It was updated if alarm data has existed with new data, if it is new alarm data, (tag does not have
Occurred), then these data are inserted into database.
Embodiment 3
The embodiment considers the demand for being suitble to industry control platform polymerization function, selects a kind of preferred implementation of clustering algorithm
Example.1 something in common of the preferred embodiment and basic embodiment, repeats no more.
As shown in figure 5, a kind of warning intelligent analysis of the embodiment and methods of exhibiting, the polymerization analysis specifically include:
Step21: the engine is alerted into insertion Full-text database ElasticSearch, ElasticSearch number
Initial data is established according to the specific field according to library and indexes and encodes, and the coding and alarm data are established into mapping table;
When being inserted into database, database is established index to initial data according to alarm feature Tag field above and (is arranged
Index), that is, Tag is encoded, and the coding and alarm data are established into mapping table, it is therefore an objective to do polymerize when
It can be with quick-searching to this alarm data.
Step22: it is matched, and is classified according to the specific field of alarm data;
When polymerization, the full fields match of Tag field according to alarm data is specified, is classified.
Step23: all specific fields are respectively formed a barrel unit, the bucket unit, which includes, meets condition alarm collection
The sum of conjunction and all alarms;
When classification, all tag are identical as a bucket Bucket, bucket, which includes, meets condition alarm set, Yi Jisuo
There is the sum of alarm;
Step24: inside the unit, maximum value is done according to the time of alarm record respectively and minimum value polymerize;
A maximum value and minimum value polymerization are done according to the time of alarm record inside bucket, then respectively, it is therefore an objective to be calculated
Out in a period of time it is all alarm occur in fact with terminate the time.
Step25: the result of clustering is obtained.
Obtain clustering as a result, number inside namely all Bucket and Bucket, earliest time,
The identifier (namely tag) of latest time and Bucket.
Correspondingly, a kind of warning intelligent analysis and display systems of the embodiment, as shown in Figure 6, further includes:
The engine is alerted insertion Full-text database ElasticSearch by index and map unit,
ElasticSearch database establishes initial data according to the specific field and indexes and encode, and by the coding and alarm
Data establish mapping table;
Taxon is matched, is matched according to the specific field of alarm data, and classify;
Aggregation units are alerted, all specific fields are respectively formed a barrel unit, the bucket unit includes the condition of satisfaction
Alarm set and the sum of all alarms;
Interior polymeric unit does maximum value according to the time of alarm record respectively and minimum value is poly- inside the unit
It closes;
Result unit is obtained, the result of clustering is obtained.
" module " and " unit " in this specification is to refer to complete independently or complete specific function with other component cooperation
The software and/or hardware of energy, wherein hardware for example can be FPGA (Field- Programmable Gate Array, scene
Programmable gate array), IC (Integrated Circuit, integrated circuit) etc..
The present invention also provides a kind of computer readable storage mediums, are stored thereon with computer program, which is located
Reason device realizes the step of above-mentioned method for empowerment management control request when executing.Wherein, computer readable storage medium can
To include but is not limited to any kind of disk, including floppy disk, CD, DVD, CD-ROM, mini drive and magneto-optic disk,
(including molecule is deposited for ROM, RAM, EPROM, EEPROM, DRAM, VRAM, flash memory device, magnetic or optical card, nanosystems
Reservoir IC), or it is suitable for any kind of medium or equipment of store instruction and/or data.
The present invention also provides a kind of computer equipment, including memory, processor and storage are on a memory and can be
The computer program run on processor, which is characterized in that processor is realized when executing program for empowerment management control request
Method the step of.In embodiments of the present invention, processor is the control centre of computer system, can be the processing of physical machine
Device is also possible to the processor of virtual machine.
It is described above to be merely a preferred embodiment of the present invention, any essence and formal limit not are made to the present invention
System.Although the present invention is disclosed as above with preferred embodiment, however, it is not intended to limit the invention, for those skilled in the art
Member for, without departing from the scope of the present invention, can use the disclosure above technology contents make it is various change and
The equivalent embodiment of variation.In every case without departing from the spirit and principles in the present invention, implement according to the technical essence of the invention to above
Any simple modification, equivalent replacement, improvement made by example etc., should all be included in the protection scope of the present invention.
Claims (10)
1. a kind of method of warning intelligent analysis and displaying characterized by comprising
Step1: the engine alarm data collected;
Step2: to extraction specified attribute data after the engine alarm data polymerization analysis;
Cluster result: being persisted to the interface of third party's full-text search engine by Step3, and is provided web front end and shown cluster numbers
According to data filtering interface;
Step4: output cluster alarm information.
2. a kind of method of warning intelligent analysis and displaying according to claim 1, which is characterized in that the Step2 is also
Include:
Step21: if alarm data is existing, being updated, if there is new type, then by these insertion of data into data
In library.
3. a kind of method of warning intelligent analysis and displaying according to claim 1, which is characterized in that the database is
Full-text database ElasticSearch.
4. a kind of method of warning intelligent analysis and displaying according to claim 3, which is characterized in that in the step S2
Polymerization analysis specifically include:
Step21: the engine is alerted into insertion Full-text database ElasticSearch, ElasticSearch database
Initial data is established according to the specific field and indexes and encodes, and the coding and alarm data are established into mapping table;
Step22: it is matched, and is classified according to the specific field of alarm data;
Step23: being respectively formed a barrel unit for all specific fields, and the bucket unit, which includes, meets condition alarm set, with
And the sum of all alarms;
Step24: inside the unit, maximum value is done according to the time of alarm record respectively and minimum value polymerize;
Step25: the result of clustering is obtained.
5. the system of a kind of warning intelligent analysis and displaying characterized by comprising
Receiving module, the engine alarm data collected;
Polymerization analysis module, to extraction specified attribute data after the engine alarm data polymerization analysis;
Specified attribute data are inputted search engine by cluster result persistence and retrieval module;
Alarm module, output cluster alarm information.
6. the system of a kind of warning intelligent analysis and displaying according to claim 5, which is characterized in that the polymerization analysis
Module further include:
Updating unit is updated if alarm data is existing, if there is new type, then by these data insert numbers
According in library.
7. a kind of method of warning intelligent analysis and displaying according to claim 5, which is characterized in that the database is
Full-text database ElasticSearch.
8. a kind of method of warning intelligent analysis and displaying according to claim 7, which is characterized in that the polymerization analysis
Module specifically includes:
The engine is alerted insertion Full-text database ElasticSearch by index and map unit,
ElasticSearch database establishes initial data according to the specific field and indexes and encode, and by the coding and alarm
Data establish mapping table;
Taxon is matched, is matched according to the specific field of alarm data, and classify;
Aggregation units are alerted, all specific fields are respectively formed a barrel unit, the bucket unit, which includes, meets condition alarm
Set and the sum of all alarms;
Interior polymeric unit does maximum value according to the time of alarm record respectively and minimum value polymerize inside the unit;
Result unit is obtained, the result of clustering is obtained.
9. a kind of computer equipment including memory, processor and stores the meter that can be run on a memory and on a processor
Calculation machine program, which is characterized in that the processor is realized described of any of claims 1-4 when executing described program
The step of method.
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the program is by processor
It realizes when execution such as the step of the method for any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910158199.3A CN110138583B (en) | 2019-03-03 | 2019-03-03 | Display method for intelligent alarm analysis |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910158199.3A CN110138583B (en) | 2019-03-03 | 2019-03-03 | Display method for intelligent alarm analysis |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110138583A true CN110138583A (en) | 2019-08-16 |
| CN110138583B CN110138583B (en) | 2022-04-12 |
Family
ID=67568491
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910158199.3A Active CN110138583B (en) | 2019-03-03 | 2019-03-03 | Display method for intelligent alarm analysis |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110138583B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111953541A (en) * | 2020-08-10 | 2020-11-17 | 腾讯科技(深圳)有限公司 | Alarm information processing method and device, computer equipment and storage medium |
| CN113377820A (en) * | 2021-07-12 | 2021-09-10 | 杭州安恒信息技术股份有限公司 | Aggregation alarm method and device, electronic equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107220295A (en) * | 2017-04-27 | 2017-09-29 | 银江股份有限公司 | A kind of people's contradiction reconciles case retrieval and mediation strategy recommends method |
| CN107256265A (en) * | 2017-06-14 | 2017-10-17 | 成都四方伟业软件股份有限公司 | A kind of search-engine results data visualization methods of exhibiting and system |
| CN107577588A (en) * | 2017-09-26 | 2018-01-12 | 北京中安智达科技有限公司 | A kind of massive logs data intelligence operational system |
| CN108804594A (en) * | 2018-05-28 | 2018-11-13 | 国家计算机网络与信息安全管理中心 | A kind of construction method and device of news content full-text search engine |
| CN109086384A (en) * | 2018-07-26 | 2018-12-25 | 珠海卓邦科技有限公司 | Water affairs management method and system based on user's portrait |
-
2019
- 2019-03-03 CN CN201910158199.3A patent/CN110138583B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107220295A (en) * | 2017-04-27 | 2017-09-29 | 银江股份有限公司 | A kind of people's contradiction reconciles case retrieval and mediation strategy recommends method |
| CN107256265A (en) * | 2017-06-14 | 2017-10-17 | 成都四方伟业软件股份有限公司 | A kind of search-engine results data visualization methods of exhibiting and system |
| CN107577588A (en) * | 2017-09-26 | 2018-01-12 | 北京中安智达科技有限公司 | A kind of massive logs data intelligence operational system |
| CN108804594A (en) * | 2018-05-28 | 2018-11-13 | 国家计算机网络与信息安全管理中心 | A kind of construction method and device of news content full-text search engine |
| CN109086384A (en) * | 2018-07-26 | 2018-12-25 | 珠海卓邦科技有限公司 | Water affairs management method and system based on user's portrait |
Non-Patent Citations (1)
| Title |
|---|
| 姚攀等: "基于ELK的日志分析系统研究及应用", 《计算机工程与设计》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111953541A (en) * | 2020-08-10 | 2020-11-17 | 腾讯科技(深圳)有限公司 | Alarm information processing method and device, computer equipment and storage medium |
| CN111953541B (en) * | 2020-08-10 | 2023-12-05 | 腾讯科技(深圳)有限公司 | Alarm information processing method, device, computer equipment and storage medium |
| CN113377820A (en) * | 2021-07-12 | 2021-09-10 | 杭州安恒信息技术股份有限公司 | Aggregation alarm method and device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110138583B (en) | 2022-04-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111352808B (en) | Alarm data processing method, device, equipment and storage medium | |
| CN111476662A (en) | Anti-money laundering identification method and device | |
| CN106656996B (en) | Information security risk assessment method | |
| CN110138583A (en) | A kind of methods of exhibiting of warning intelligent analysis | |
| CN110781960A (en) | Training method, classification method, device and equipment of video classification model | |
| CN109858869A (en) | Method and apparatus for handling event information | |
| CN108417035A (en) | Intelligent traffic monitoring system based on cloud platform | |
| CN109726737A (en) | Trajectory-based anomaly detection method and device | |
| CN113505048A (en) | Unified monitoring platform based on application system portrait and implementation method | |
| CN114969161A (en) | Data processing method and device and data center system | |
| CN113591580B (en) | Image annotation method and device, electronic equipment and storage medium | |
| CN112925899A (en) | Ranking model establishing method, case clue recommending device and medium | |
| CN110009473B (en) | Data processing method, device, equipment and storage medium | |
| CN110909992A (en) | Risk prediction method, device and equipment | |
| CN116192459A (en) | Edge node network security threat monitoring method based on edge-to-edge cooperation | |
| CN115860465A (en) | Enterprise associated data processing early warning method, system and device | |
| CN104317859B (en) | LED display intelligent classification system and method | |
| CN112115174A (en) | KYC method and system based on graph computing technology | |
| CN114547406A (en) | Data monitoring method, system, storage medium and electronic device | |
| CN103218255A (en) | Information management method and system for server assembly | |
| CN113343010A (en) | Image identification method, electronic equipment and computer readable storage medium | |
| CN112907412B (en) | Wisdom school internet classroom management and control system | |
| CN112862598A (en) | Channel information management method and device, electronic equipment and medium | |
| CN110895584B (en) | Method and apparatus for generating data | |
| CN113626090A (en) | Server firmware configuration method, device, equipment and readable medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210903 Address after: 310051 building 3, 351 Changhe Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province Applicant after: Hangzhou rischen Anke Technology Co.,Ltd. Address before: 100080 B106, 1st floor, block B, No.8 Xueqing Road, Haidian District, Beijing Applicant before: BEIJING LISICHEN ANKE TECHNOLOGY Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: Room 817-7, Building 1, No. 371, Mingxing Road, Economic and Technological Development Zone, Xiaoshan District, Hangzhou City, Zhejiang Province, 311215 Patentee after: Hangzhou Zhongdian Anke Modern Technology Co.,Ltd. Address before: 310051 building 3, 351 Changhe Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province Patentee before: Hangzhou rischen Anke Technology Co.,Ltd. |
|
| CP03 | Change of name, title or address |