CN111127250A - Electric power data monitoring event analysis system and method - Google Patents
Electric power data monitoring event analysis system and method Download PDFInfo
- Publication number
- CN111127250A CN111127250A CN201911302456.2A CN201911302456A CN111127250A CN 111127250 A CN111127250 A CN 111127250A CN 201911302456 A CN201911302456 A CN 201911302456A CN 111127250 A CN111127250 A CN 111127250A
- Authority
- CN
- China
- Prior art keywords
- event
- information
- events
- analysis system
- power data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012544 monitoring process Methods 0.000 title claims abstract description 27
- 238000004458 analytical method Methods 0.000 title claims abstract description 24
- 238000000034 method Methods 0.000 title claims abstract description 19
- 238000002955 isolation Methods 0.000 claims abstract description 7
- 238000012545 processing Methods 0.000 claims description 25
- 230000006870 function Effects 0.000 claims description 19
- 238000005516 engineering process Methods 0.000 claims description 12
- 238000012423 maintenance Methods 0.000 claims description 5
- 230000002085 persistent effect Effects 0.000 claims description 3
- 238000012216 screening Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 9
- 238000004590 computer program Methods 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 6
- 230000008569 process Effects 0.000 description 5
- 238000012806 monitoring device Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000001914 filtration Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000002054 transplantation Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
- G06Q50/06—Electricity, gas or water supply
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/02—Standardisation; Integration
- H04L41/0213—Standardised network management protocols, e.g. simple network management protocol [SNMP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/02—Standardisation; Integration
- H04L41/024—Standardisation; Integration using relational databases for representation of network management data, e.g. managing via structured query language [SQL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0681—Configuration of triggering conditions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0686—Additional information in the notification, e.g. enhancement of specific meta-data
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S10/00—Systems supporting electrical power generation, transmission or distribution
- Y04S10/50—Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications
Abstract
The utility model provides an electric power data monitoring event analysis system and method, comprising a plurality of event collection modules, a plurality of event collection modules and a plurality of event collection modules, wherein the event collection modules are configured to remotely acquire event information of a network device, a workstation and an isolation device; the event service host is configured to acquire the event information uploaded by the event acquisition modules through a message bus, realize automatic control on the current limiting or fusing requested by each event acquisition module according to the quantity and flow of each event acquisition module, acquire the event information, analyze and extract event key information, and sequentially transmit corresponding event information according to a preset priority; and the event database is configured to store and classify the event information summarized by the event service host, and provides an access interface to receive the request of the event service host and provide the event information required to be read.
Description
Technical Field
The disclosure belongs to the technical field of transformer substation monitoring, and relates to a power data monitoring event analysis system and method.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
The method is used for tracing any data change event in the transformer substation, particularly for devices which do not have interfaces and are not provided with displays, such as data communication network shutdown machines and protection devices in the substation, and the devices cannot carry out real-time monitoring on local events due to the fact that no local alarm interface exists, and the recording and analysis of the events are particularly important.
At present, an event is sent to a master station in a station, and a remote real-time monitoring mode is carried out through the master station, so that the attention of a local event recording and analyzing function is insufficient;
the event is greatly influenced by software and hardware functions such as network communication safety, stability, bandwidth and the like in a mode of remotely transmitting the event to the master station for the second time; once the network fails, the continuity and integrity of the event records are destroyed, requiring the device to provide additional retransmission functions to ensure that the performance overhead and development effort are increased.
The current monitoring device mostly adopts a simple mode of recording files locally, has no further analysis function, and has low recording efficiency, small capacity, fixed and non-customizable recording format and non-real-time recording, and is easy to lose once the device fails or the recording capacity is increased;
the data flow of a monitoring device (such as a digital communication gateway machine of a transformer substation) in the transformer substation is very large, the requirements on the recording efficiency and the capacity are high, and the current recording technology cannot meet the requirements on the specificity, real-time efficiency, large throughput and high concurrency of events of the transformer substation.
Disclosure of Invention
In order to solve the problems, the invention provides an electric power data monitoring event analysis system and method, which realize distributed acquisition, edge calculation analysis and centralized report summarization of events, and improve the flexibility of event processing system deployment, the efficiency accuracy of event positioning and the overall robustness of the system.
According to some embodiments, the following technical scheme is adopted in the disclosure:
an electric power data monitoring event analysis system comprises an event acquisition module, an event service host and an event database, wherein:
the event acquisition modules comprise a plurality of modules and are configured to remotely acquire event information of the network device, the workstation and the isolation device;
the event service host is configured to acquire event information uploaded by the event acquisition modules through a message bus, realize automatic control over current limiting or fusing requested by each event acquisition module according to the quantity and flow of each event acquisition module, acquire the event information, analyze and extract event key information, and sequentially transmit corresponding event information according to a preset priority;
the event database is configured to store and classify the event information summarized by the event service host, and provide an access interface to receive the request of the event service host and provide the event information to be read.
As an optional implementation manner, the event collection module includes an SNMP microservice module, an SYSLOG microservice module and a microservice module, the SNMP microservice module is configured to perform event recording of network access and traffic overrun events for a router and a gateway-off device, and the SYSLOG microservice module performs event recording of events such as login and operation of a workstation in a station; the microserver module with the self-defined event recording interface records the events of operation, maintenance and operation of the microserver.
As an alternative embodiment, the event collection module has a standard SNMP protocol interface, a standard SYSLOG protocol interface, or/and a custom direct log call interface.
As an alternative implementation, the event collection module adopts a read mode, when an event occurs, the event can be responded quickly, the event is first recorded into the cache, the event is recorded into the cache in time sequence after being analyzed and processed, and the cached high-level event is sent to the event service host through the message bus with the cache.
In an alternative embodiment, the event service host includes at least two servers, one of the servers is used as a main server, the other server is used as a standby server, and hot switching is performed between the main server and the standby server.
As an alternative implementation, the primary server and the standby server perform timing or real-time synchronization according to the number of events, the time interval, and the states of the primary and standby machines, so as to ensure the integrity of the event records.
As an alternative embodiment, the event service host adopts a local RPC technology, adopts a load balancing mode, and realizes automatic control of current limiting or fusing of the event acquisition module request according to the number of links and the flow of the event acquisition module, thereby realizing high concurrency processing and high-efficiency summarizing functions of each event acquisition module.
As an alternative implementation, the event service host has a main stream SQL database access interface, and backups the event record to the database according to the actual requirement, so as to perform more generalized persistent record.
As an alternative embodiment, the event database includes a local KV database and an event SQL database, where the local KV database is used to store the aggregated event classification data, and the event SQL database is used to store the backup data.
The working method based on the system comprises the following steps:
each event acquisition module carries out initial configuration and remotely acquires event information of a network device, a workstation and an isolation device;
selecting a main server or a standby server in the event service host, monitoring the acquired event information, and replacing another event service host if the monitoring fails;
and acquiring uploaded event information, analyzing and screening the events, and if the events accord with the preset priority, sequentially uploading corresponding event information to wait for subsequent processing.
Compared with the prior art, the beneficial effect of this disclosure is:
the invention provides a terminal self-adaptive event monitoring and analyzing technology, develops an event monitoring and positioning analysis system, realizes distributed acquisition, edge calculation analysis and centralized report summarization of events, and improves the flexibility of event processing system deployment, the efficiency accuracy of event positioning and the overall robustness of the system.
The present disclosure provides a distributed high-concurrency data drainage technique, which implements hierarchical high-speed recording and serialization processing of events, and improves event recording efficiency and event recording integrity of a front end under a condition of big data concurrency.
The invention provides an event online configurable restart-free deployment technology, which realizes the consistent deployment of system functions and actual environment requirements, and improves the flexibility and adaptability of an event recording mode and the time integrity of events.
According to the distributed event processing method and system, the distributed arrangement of the event acquisition modules is adopted, the micro-service architecture is adopted, the distributed arrangement is supported, the expansion and the transplantation are easy, the shunting of event processing is realized to a certain extent, and the processing and recording pressure during a large amount of burst data is avoided; the hot standby function can be configured during distributed deployment, and the efficiency and timeliness of information transmission are improved.
The event acquisition module disclosed by the invention adopts a micro-service modular design, the interface and the functional module are easy to expand, and event recording can be carried out on other types of devices according to the requirements.
According to the method and the device, the corresponding event information is transmitted in sequence according to the preset priority, the requirements of rapid real-time performance and integrity of event records under the conditions of high speed, high concurrency and the like can be met, the event information with high priority is guaranteed to be uploaded and analyzed preferentially, a certain event is located rapidly, and the timeliness of event processing of a transformer substation is guaranteed.
The event recording grade, the event grade, the recording time interval, the recording capacity, the recording file format and the like can be flexibly configured according to actual requirements, can be automatically covered according to the configured time interval, and ensure that the storage capacity is not out of limit.
According to the method and the device, the event information is analyzed, screened and graded, and the event information with high priority is preferentially transmitted and displayed to remind relevant personnel to process, so that the events are timely solved, and the accurate positioning capability and the processing response capability of the events and accidents of the transformer substation are improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure, illustrate embodiments of the disclosure and together with the description serve to explain the disclosure and are not to limit the disclosure.
FIG. 1 is a system framework and deployment diagram of the present disclosure;
FIG. 2 is a flow chart of an acquisition microserver;
fig. 3 is a schematic view of the event service host process flow.
The specific implementation mode is as follows:
the present disclosure is further described with reference to the following drawings and examples.
It should be noted that the following detailed description is exemplary and is intended to provide further explanation of the disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of example embodiments according to the present disclosure. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
As described in the background, event records of the current substation are classified in an event record classification manner; the first-level buffer is used, so that the loss is easy and the recording is not timely; the format of the recorded file content is fixed and can not be configured; the recording speed is slow, and the recording is unreliable when the large data volume is high and concurrent.
To solve this problem, the present embodiment provides an event analysis system deployed in a substation monitoring device, as shown in fig. 1, including a collection front end and a server end.
The acquisition front end comprises a plurality of event acquisition modules which are configured to remotely acquire event information of the network device, the workstation and the isolation device;
the server side comprises an event service host and an event database, wherein:
the event service host is configured to acquire the event information uploaded by the event acquisition modules through a message bus, realize automatic control on the current limiting or fusing requested by each event acquisition module according to the quantity and flow of each event acquisition module, acquire the event information, analyze and extract event key information, and sequentially transmit corresponding event information according to a preset priority;
and the event database is configured to store and classify the event information summarized by the event service host, and provides an access interface to receive the request of the event service host and provide the event information required to be read.
Specifically, the event collection module has a functional service interface: a standard SNMP protocol interface, a standard SYSLOG protocol interface and a self-defined direct log calling interface. The system can respectively carry out remote event acquisition on the in-station equipment with the standard specification, such as a network device, a workstation, an isolation device and the like, so that the security events in the station can be recorded by diaries; the provided log recording interface can record events such as man-machine operation, maintenance, operation and the like on the machine, and a switchable debugging interface is provided for debugging of initial operation and maintenance personnel; because of the adoption of the micro-service modular design, the interfaces and the functional modules are easy to expand, and the event recording can be carried out on other types of devices according to the needs.
The interfaces are provided in the form of a micro-service module, can be deployed at an acquisition device end or independently set a micro-service host to form an event acquisition front end, and can be used for acquiring related logs in a targeted manner; for example, the SNMP micro-service module records events such as network access, flow overrun and the like aiming at equipment such as a router, a network shutdown and the like, and the SYSLOG micro-service module records events such as login, operation and the like of a workstation in the station; the micro service module with a user-defined event recording interface records events such as operation, maintenance, operation and the like of the local computer;
by the deployment mode, distributed deployment of micro-services and acquisition of various types of events are realized, shunting of event processing is realized to a certain extent, and processing and pressure recording during a large amount of burst data are avoided; the acquisition front end adopts a READTOR mode, the event can respond quickly when occurring, the event is firstly recorded into a cache, and is recorded into a KV database according to the time sequence after being analyzed and processed (the database has small volume, low requirements on software and hardware of the acquisition front end and high read-write speed), and meanwhile, the cached high-level event is sent to an event service host through a message bus with the cache. The mode of caching + KV library ensures the high speed and high efficiency of event record, and the message bus transmission technology with cache ensures the integrity of event transmission;
configuration items such as acquisition strategies, priorities, transmission directions, event types and the like are configured in advance, and uploading and filtering are carried out on event information through the configuration items, so that the priority uploading and transmission bandwidth of events can be ensured.
Events recorded by the event acquisition front end are collected to the event service host through the message bus to form a summary of all relevant events in the station. The event service host adopts a local RPC technology, if the event receiving adopts a thread pool + load balancing mode, the management of the function module adopts a service discovery technology and an RPC service management technology, and the automatic control of current limiting, fusing and the like of the acquisition front-end request is realized according to the number and the flow of links of the acquisition front-end, so that the high concurrent processing and the efficient summarizing function of the events of each acquisition module are realized; and the collected events are classified and recorded into a local KV library of the host, so that a global data basis is provided for subsequent in-station event analysis.
As shown in fig. 2, for the event collection front end, first, the loading configuration of each event collection module is performed, so as to implement initialization, and then, main/standby selection is performed, if an event service host (host) is selected, the event service host is registered to the message bus, so as to implement monitoring, and if monitoring is successful, the event collection front end waits for the occurrence of an event, so as to collect the event. If the monitoring is unsuccessful, the main-standby switching is carried out, and the events are collected after the occurrence of the events.
Meanwhile, the event service host has a main stream SQL database access interface, and can backup event records into a database according to actual requirements to carry out more generalized persistent records.
The two event service hosts have a hot standby function, and can perform timing or real-time synchronization according to the number of events, time intervals and states of the main hosts and the standby hosts, so that the integrity of event records is ensured.
As shown in fig. 3, the event service host is loaded and configured, initialization is implemented, whether the host is used or not is confirmed, if yes, the host is registered to the message bus, if successful, subsequent processing is continued, if unsuccessful, the host and standby are switched to the standby, and subsequent processing is performed. The subsequent processing comprises load balancing, corresponding loading and starting of the functional module are found, events are waited for, if the events occur, whether the events are high concurrency is determined, if the events occur, dynamic capacity expansion is carried out, if the events do not occur, screening, classifying and grading processing of the events are carried out, and information corresponding to preset conditions is transmitted to enter a database for backup.
If the time information which does not meet the preset conditions exists, instance information is created, the instance information is added into service management, load balancing and event processing are carried out, and the information in the database is combined according to the time sequence.
In conclusion, the system adopts a micro-service architecture, supports distributed deployment and is easy to expand and transplant; the hot standby function can be configured during distributed deployment.
The event record, search and processing performance is high by adopting a record mode of a cache, a second-level cache technology and a local database and adopting a high-speed search engine technology and a buffer type message bus technology, the requirements on the quick real-time performance and the integrity of the event record under the conditions of high speed, high concurrency and the like can be met, the event record is permanently stored, the event record can be automatically covered according to the configured time interval, and the storage capacity is not out of limit.
Meanwhile, the event recording parameters can be configured, and are specifically represented as follows:
the monitoring device and the device type can be configured, and certain types of events of the device are recorded;
the uploading platform and the uploading strategy are configurable, so that the source address and the destination address of an event can be recorded, the source direction and the destination direction can be recorded, and the recording integrity of the flow direction of the event is ensured;
the event recording grade, the event grade, the recording time interval, the recording capacity, the recording file format and the like can be flexibly configured according to actual requirements, and the log has types of auditing, operating, events and the like.
The system reserves a log event uploading interface, supports a standardized log uploading protocol (syslog and the like), is configurable, supports log import and export, can export the csv file and the report form of the common text file, and supports remote uploading of the log export file.
The system has a basic authority identification function, can configure whether a remote user has user authority for browsing, downloading, modifying and deleting, analyzes and processes after event collection, can analyze and process according to categories such as equipment type, log type, event type and event grade, generates an event report, and is convenient for quickly positioning a certain event.
For large-scale application occasions with high recording efficiency requirements, each service module can be respectively deployed on different hosts to customize configuration files, so that the function customization of the hosts is realized, and events with different grades and different types are respectively recorded. And remote data transmission is avoided when the system is completely deployed on a single host, so that higher recording and analysis efficiency is achieved.
Each service module supports the distributed cluster and the hot standby function through a message bus, and ensures that each host stores complete event records.
By configuring the address of the background host, the user authority and the like, the local event record can be posted to the background host according to the filtering condition, so that the remote event browsing is realized, and the event record file can also be uploaded to the background host.
As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present disclosure and is not intended to limit the present disclosure, and various modifications and changes may be made to the present disclosure by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present disclosure should be included in the protection scope of the present disclosure.
Although the present disclosure has been described with reference to specific embodiments, it should be understood that the scope of the present disclosure is not limited thereto, and those skilled in the art will appreciate that various modifications and changes can be made without departing from the spirit and scope of the present disclosure.
Claims (10)
1. An electric power data monitoring event analysis system is characterized in that: the event service system comprises an event acquisition module, an event service host and an event database, wherein:
the event acquisition modules comprise a plurality of modules and are configured to remotely acquire event information of the network device, the workstation and the isolation device;
the event service host is configured to acquire event information uploaded by the event acquisition modules through a message bus, realize automatic control over current limiting or fusing requested by each event acquisition module according to the quantity and flow of each event acquisition module, acquire the event information, analyze and extract event key information, and sequentially transmit corresponding event information according to a preset priority;
the event database is configured to store and classify the event information summarized by the event service host, and provide an access interface to receive the request of the event service host and provide the event information to be read.
2. The power data monitoring event analysis system of claim 1, wherein: the event acquisition module comprises an SNMP micro-service module, an SYSLOG micro-service module and a micro-service module, wherein the SNMP micro-service module is configured to record events of network access and flow overrun events of a router and a gateway-off device, and the SYSLOG micro-service module records events of login, operation and the like of a workstation in the station; the microserver module with the self-defined event recording interface records the events of operation, maintenance and operation of the microserver.
3. The power data monitoring event analysis system of claim 1, wherein: the event acquisition module is provided with a standard SNMP protocol interface, a standard SYSLOG protocol interface or/and a self-defined direct log calling interface.
4. The power data monitoring event analysis system of claim 1, wherein: the event acquisition module adopts an REACTRO mode, can quickly respond when an event occurs, firstly records the event into a cache, records the event into the cache according to a time sequence after analysis and processing, and simultaneously transmits the cached high-level event to the event service host through a message bus with the cache.
5. The power data monitoring event analysis system of claim 1, wherein: the event service host comprises at least two host machines, one host machine is used as a main server, the other host machine is used as a standby server, and hot switching is carried out between the main server and the standby server.
6. The power data monitoring event analysis system of claim 1, wherein: and the main server and the standby server carry out timing or real-time synchronization according to the number of events, the time interval and the states of the main and standby machines, so as to ensure the integrity of the event records.
7. The power data monitoring event analysis system of claim 1, wherein: the event service host computer adopts a local RPC technology, adopts a load balancing mode, and realizes automatic control of current limiting or fusing of the event acquisition module request according to the number of links and the flow of the event acquisition module, thereby realizing high concurrency processing and high-efficiency summarizing functions of all event acquisition modules.
8. The power data monitoring event analysis system of claim 1, wherein: the event service host computer is provided with a main stream SQL database access interface, backups the event record to the database according to the actual requirement, and carries out more generalized persistent record.
9. The power data monitoring event analysis system of claim 1, wherein: the event database comprises a local KV database and an event SQL database, the local KV database is used for storing the aggregated event classification data, and the event SQL database is used for storing backup data.
10. Method of operating a system according to any of claims 1-9, characterized in that: the method comprises the following steps:
each event acquisition module carries out initial configuration and remotely acquires event information of a network device, a workstation and an isolation device;
selecting a main server or a standby server in the event service host, monitoring the acquired event information, and replacing another event service host if the monitoring fails;
and acquiring uploaded event information, analyzing and screening the events, and if the events accord with the preset priority, sequentially uploading corresponding event information to wait for subsequent processing.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911302456.2A CN111127250B (en) | 2019-12-17 | 2019-12-17 | Power data monitoring event analysis system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911302456.2A CN111127250B (en) | 2019-12-17 | 2019-12-17 | Power data monitoring event analysis system and method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111127250A true CN111127250A (en) | 2020-05-08 |
| CN111127250B CN111127250B (en) | 2023-11-03 |
Family
ID=70498291
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911302456.2A Active CN111127250B (en) | 2019-12-17 | 2019-12-17 | Power data monitoring event analysis system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111127250B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112381597A (en) * | 2020-10-21 | 2021-02-19 | 国电南瑞南京控制系统有限公司 | Real-time clearing monitoring method and system for electric power spot market |
| CN112839080A (en) * | 2020-12-31 | 2021-05-25 | 四川瑞霆电力科技有限公司 | Edge Internet of things agent device and method for realizing acquisition and calculation based on configuration |
| CN114553878A (en) * | 2022-02-23 | 2022-05-27 | 南京南瑞信息通信科技有限公司 | Industrial control system active-standby operation power monitoring system based on LVS |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101714930A (en) * | 2009-12-30 | 2010-05-26 | 北京世纪互联宽带数据中心有限公司 | Method and system for realizing network monitoring |
| CN102457578A (en) * | 2011-12-16 | 2012-05-16 | 中标软件有限公司 | Distributed network monitoring method based on event mechanism |
| CN103124293A (en) * | 2012-12-31 | 2013-05-29 | 中国人民解放军理工大学 | Cloud data safe auditing method based on multi-Agent |
| CN106612199A (en) * | 2015-10-26 | 2017-05-03 | 华耀(中国)科技有限公司 | Network monitoring data collection and analysis system and method |
-
2019
- 2019-12-17 CN CN201911302456.2A patent/CN111127250B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101714930A (en) * | 2009-12-30 | 2010-05-26 | 北京世纪互联宽带数据中心有限公司 | Method and system for realizing network monitoring |
| CN102457578A (en) * | 2011-12-16 | 2012-05-16 | 中标软件有限公司 | Distributed network monitoring method based on event mechanism |
| CN103124293A (en) * | 2012-12-31 | 2013-05-29 | 中国人民解放军理工大学 | Cloud data safe auditing method based on multi-Agent |
| CN106612199A (en) * | 2015-10-26 | 2017-05-03 | 华耀(中国)科技有限公司 | Network monitoring data collection and analysis system and method |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112381597A (en) * | 2020-10-21 | 2021-02-19 | 国电南瑞南京控制系统有限公司 | Real-time clearing monitoring method and system for electric power spot market |
| CN112839080A (en) * | 2020-12-31 | 2021-05-25 | 四川瑞霆电力科技有限公司 | Edge Internet of things agent device and method for realizing acquisition and calculation based on configuration |
| CN114553878A (en) * | 2022-02-23 | 2022-05-27 | 南京南瑞信息通信科技有限公司 | Industrial control system active-standby operation power monitoring system based on LVS |
| CN114553878B (en) * | 2022-02-23 | 2024-04-02 | 南京南瑞信息通信科技有限公司 | Industrial control system main and standby operation power monitoring system based on LVS |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111127250B (en) | 2023-11-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110943870B (en) | Intelligent station panoramic data monitoring and analyzing system and method | |
| CN111106955B (en) | Intelligent station communication gateway machine and communication method | |
| CN111127250B (en) | Power data monitoring event analysis system and method | |
| CN103617287A (en) | Log management method and device in distributed environment | |
| CN102567531B (en) | General method for monitoring status of light database | |
| CN108052358B (en) | Distributed deployment system and method | |
| CN110855493B (en) | Application topological graph drawing device for mixed environment | |
| CN109871392B (en) | Slow sql real-time data acquisition method under distributed application system | |
| CN108848517B (en) | Rail transit signal coverage monitoring method | |
| CN112865311B (en) | Method and device for monitoring message bus of power system | |
| CN113505048A (en) | Unified monitoring platform based on application system portrait and implementation method | |
| CN112333020B (en) | Network security monitoring and data message analysis system based on quintuple | |
| CN101340692A (en) | Cutover alarm filtering method for mobile communication engineering | |
| CN109164720A (en) | Injection molding machine group of planes remote monitoring system and method based on IIoT | |
| CN105187490B (en) | A kind of transfer processing method of internet of things data | |
| CN112422349B (en) | Network management system, method, equipment and medium for NFV | |
| CN104021079A (en) | Real-time monitoring and analyzing system and method for host system data | |
| CN101771578B (en) | Network performance detection method and equipment | |
| CN111090698A (en) | Alarm synchronization method and device for centralized monitoring of distribution network 1+ N system | |
| CN113407611B (en) | Data integration distribution platform and system | |
| CN111654410B (en) | Gateway request monitoring method, device, equipment and medium | |
| CN113127592B (en) | Distributed storage system | |
| KR102221052B1 (en) | Fault Management System for SDN Network Equipment that supports open flow protocol | |
| CN117520597B (en) | Data record implementation method of inertial navigation data acquisition and analysis system | |
| CN116644039B (en) | Automatic acquisition and analysis method for online capacity operation log based on big data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20201211 Address after: Room 902, 9 / F, block B, Yinhe building, 2008 Xinluo street, hi tech Zone, Jinan City, Shandong Province Applicant after: Shandong Luneng Software Technology Co.,Ltd. intelligent electrical branch Address before: 250101 power intelligent robot production project 101 south of Feiyue Avenue and east of No.26 Road (in ICT Industrial Park) in Suncun District of Gaoxin, Jinan City, Shandong Province Applicant before: National Network Intelligent Technology Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| CB02 | Change of applicant information |
Address after: Room 902, 9 / F, block B, Yinhe building, 2008 Xinluo street, hi tech Zone, Jinan City, Shandong Province Applicant after: Shandong luruan Digital Technology Co.,Ltd. smart energy branch Address before: Room 902, 9 / F, block B, Yinhe building, 2008 Xinluo street, hi tech Zone, Jinan City, Shandong Province Applicant before: Shandong Luneng Software Technology Co.,Ltd. intelligent electrical branch |
|
| CB02 | Change of applicant information | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |