CN111698127A - System, method and device for monitoring state of equipment in network - Google Patents

System, method and device for monitoring state of equipment in network Download PDF

Info

Publication number
CN111698127A
CN111698127A CN202010355653.7A CN202010355653A CN111698127A CN 111698127 A CN111698127 A CN 111698127A CN 202010355653 A CN202010355653 A CN 202010355653A CN 111698127 A CN111698127 A CN 111698127A
Authority
CN
China
Prior art keywords
monitored
information
equipment
network
monitoring
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010355653.7A
Other languages
Chinese (zh)
Inventor
李玉祥
周云雷
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou H3C Technologies Co Ltd
New H3C Technologies Co Ltd
Original Assignee
Hangzhou H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou H3C Technologies Co Ltd filed Critical Hangzhou H3C Technologies Co Ltd
Priority to CN202010355653.7A priority Critical patent/CN111698127A/en
Publication of CN111698127A publication Critical patent/CN111698127A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0213Standardised network management protocols, e.g. simple network management protocol [SNMP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0817Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]

Abstract

The application provides a state monitoring system, a method and a device of equipment in a network, which belong to the technical field of communication, wherein the state monitoring system comprises a monitoring server and a monitored network connected with the monitoring server, the monitored network comprises a plurality of monitored equipment, and the monitoring server and each monitored equipment are provided with Simple Network Management Protocol (SNMP) functions. The SNMP function is configured in the monitoring server and the monitored equipment in the monitored network, so that the monitored equipment can send the state information of the monitored equipment to the monitoring server through the SNMP function, and the monitoring server determines whether the monitored equipment is abnormal or not according to the state information of the monitored equipment, and thus, the dynamic monitoring of the state of the monitored equipment in the monitored network and the timely discovery and maintenance of abnormal conditions are realized.

Description

System, method and device for monitoring state of equipment in network
Technical Field
The present application relates to the field of communications technologies, and in particular, to a system, a method, and an apparatus for monitoring states of devices in a network.
Background
The stability of the network environment is a basic condition for ensuring the normal operation of the applications and schemes deployed on the network. In a network environment in which devices and an underlying network structure change frequently, it is a challenge to ensure stability of the network environment. Therefore, how to dynamically monitor the devices in the whole network and timely discover abnormal conditions in the network and give an alarm is a precondition for ensuring the stability of the network environment.
In the prior art, when monitoring devices in a network, Telnet or ssh is generally adopted to log in each device in the network to record a network topology structure of the device, and a command is sent to query a device state of the device, a device port state and statistical information of the device port, and then changes of the network structure each time are manually recorded. That is to say, in the prior art, when monitoring the devices in the network each time, the devices log on the devices to inquire the states of the devices, and then manually record the topological structure of the whole network, and in practical application, the devices in the network are more, so that the method has the advantages of huge workload, extremely low efficiency, more time consumption for scanning the whole network, and failure to find and alarm in time when the devices are abnormal.
Therefore, how to dynamically, timely and effectively monitor the states of the devices in the network is one of the considerable technical problems.
Disclosure of Invention
In view of the above, the present application provides a system, a method and a device for monitoring the status of a device in a network, which are used to dynamically and timely monitor the status of the device in the network.
Specifically, the method is realized through the following technical scheme:
according to a first aspect of the present application, there is provided a system for monitoring the status of devices in a network, comprising: the monitoring system comprises a monitoring server and a monitored network connected with the monitoring server, wherein the monitored network comprises a plurality of monitored devices, and the monitoring server and each monitored device are respectively configured with a Simple Network Management Protocol (SNMP) function, wherein:
the monitored equipment is used for monitoring the state information of the monitored equipment and sending the state information of the monitored equipment to the monitoring server by utilizing the SNMP function;
the monitoring server is used for receiving the state information of the monitored equipment through the SNMP function; and if the monitored equipment is determined to be abnormal based on the state information, outputting alarm information.
According to a second aspect of the present application, a method for monitoring the status of a device in a network is provided, which is applied in a monitoring server, wherein the monitored server is configured with a Simple Network Management Protocol (SNMP) function; and the method, comprising:
acquiring the state information of the monitored equipment in the monitored network through the SNMP function;
and if the monitored equipment is determined to be abnormal based on the state information, outputting alarm information.
According to a third aspect of the present application, a status monitoring apparatus for a device in a network is provided, which is applied in a monitoring server, and the monitored server is configured with a Simple Network Management Protocol (SNMP) function; and the apparatus, comprising:
the information acquisition module is used for acquiring the state information of the monitored equipment in the monitored network through the SNMP function;
and the alarm module is used for outputting alarm information if the monitored equipment is determined to be abnormal based on the state information.
According to a fourth aspect of the present application, there is provided a monitoring server comprising a processor and a machine-readable storage medium storing machine-executable instructions capable of being executed by the processor, the processor being caused by the machine-executable instructions to perform the method provided by the first aspect of the embodiments of the present application.
According to a fifth aspect of the present application, there is provided a machine-readable storage medium storing machine-executable instructions that, when invoked and executed by a processor, cause the processor to perform the method as provided by the first aspect of the embodiments of the present application.
The beneficial effects of the embodiment of the application are as follows:
according to the system, the method and the device for monitoring the state of the equipment in the network, provided by the embodiment of the application, the SNMP function is configured in the monitoring server and the monitored equipment in the monitored network, so that the monitored equipment can send the state information of the monitored equipment to the monitoring server through the SNMP function, and the monitoring server can determine whether the monitored equipment is abnormal or not according to the state information of the monitored equipment, and thus the dynamic monitoring of the state of the monitored equipment in the monitored network and the timely discovery and maintenance of abnormal conditions are realized.
Drawings
Fig. 1 is a schematic structural diagram of a system for monitoring states of devices in a network according to an exemplary embodiment of the present application;
FIG. 2 is an interactive flow chart illustrating a method for monitoring the status of devices within a network according to an exemplary embodiment of the present application;
FIG. 3 is a logic diagram illustrating status information transmission according to an exemplary embodiment of the present application;
FIG. 4 is a Web interaction interface presentation schematic shown in an exemplary embodiment of the present application;
fig. 5 is a schematic application scenario diagram illustrating a method for monitoring a status of a device in a network according to an exemplary embodiment of the present application;
FIG. 6 is a flow chart illustrating a monitoring server implementing a method for monitoring the status of devices within a network according to an exemplary embodiment of the present application;
FIG. 7 is a block diagram illustrating a status monitoring apparatus for a device in a network according to an exemplary embodiment of the present application;
fig. 8 is a block diagram of a monitoring server according to an exemplary embodiment of the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the corresponding listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
For better understanding of the system and method for detecting the status of devices in a network provided by the present application, the technical terms related to the present application will be introduced:
simple Network Management Protocol (SNMP) is a standard Network Management Protocol in the internet, and is widely used for realizing access and Management of a Management device to a managed device. The SNMP functionality has the following advantages: and intelligent management of the network equipment is supported. By using the SNMP-based network management platform, a network administrator can inquire the running state and parameters of network equipment, set parameter values, find faults and complete fault diagnosis, and can also carry out capacity planning and report making; supporting management of devices of different physical characteristics. The SNMP functionality provides only the most basic set of functionality, making the management tasks relatively independent of the physical characteristics and networking technology of the managed device, thereby enabling management of devices from different vendors.
Remote Network Monitoring (RMON) mainly implements statistics and alarm functions, and is used for Remote Monitoring and management of managed devices by management devices in a Network. The statistical function means that the managed device can periodically or continuously track and count various traffic information on a network segment connected to its port, such as the total number of messages received by a certain port in a certain period of time, or the total number of received ultra-long messages. The alarm function means that the managed device can monitor the value of a specified MIB variable, and when the value reaches an alarm threshold (for example, the port rate reaches a specified value, or the proportion of broadcast messages reaches a specified value), a log can be automatically generated.
It should be noted that the management device may be understood as a monitoring server in the present application; the managed device can be understood as the monitored device in the application, and the monitoring server in the application utilizes the SNMP characteristic to realize the management and dynamic monitoring of the monitored device and feed back the state of the monitored device in time, so that the purposes of finding abnormal monitored devices in time and giving an alarm in time are achieved.
The inventor finds that, when monitoring the devices in the networking, the device state query needs to be logged in each device in the networking every time, which results in that much time is consumed for scanning the whole networking, and the device port cannot be found and alarmed in time when an abnormal message appears, and the change state of the device port cannot be recorded in real time, and the device cannot be dynamically deleted or added when the device in the networking changes. In addition, the inventor also finds that professional-level network monitoring software is also used, but the professional-level network monitoring software is not only high in cost, but also tedious in deployment, and some functions of the professional-level network monitoring software are not simple and efficient to use. Furthermore, the monitoring software is generally only suitable for networking with relatively stable environment, and when the equipment in networking frequently changes, the monitoring software does not support the change of dynamic induction networking.
In order to solve the above problems, the present application provides a system for monitoring states of devices in a network, including a monitoring server and a monitored network connected to the monitoring server, where the monitored network includes a plurality of monitored devices, and the monitoring server and each monitored device are configured with a simple network management protocol SNMP function, and when monitoring devices, each monitored device can monitor its own state, and then send its own state information to the monitoring server by using the SNMP function, so that the monitoring server can respectively determine whether each monitored device is abnormal according to the state information sent from each monitored device after receiving the state information of each monitored device, and when determining that any monitored device is abnormal, can output alarm information. By adopting the system, the state information of each monitored device in the network can be dynamically and timely acquired, and the monitored device with abnormity is analyzed based on the acquired state information, so that the aim of timely discovering the abnormal device is fulfilled.
It should be noted that, in the present application, the monitoring server may be formed by a plurality of servers together, or may be implemented by an independent server, which may be determined according to actual situations. In addition, the network of the application can be simple networking or complex networking, wherein the complex networking refers to the fact that multi-level monitored equipment exists, such as a core layer, an access layer and the like, then the access layer is connected with bottom layer equipment downwards and is connected with the core layer upwards, and then the core layer is connected with a monitoring server; the simple networking refers to networking without a hierarchical relationship, and is directly connected to the monitoring server, and other connection relationships may exist, which may be determined according to actual networking. The monitored device in the embodiment of the present application may be, but is not limited to, a network device such as a switch.
The following describes the status monitoring system of the devices in the network in detail.
Referring to fig. 1, fig. 1 is a schematic structural diagram of a status monitoring system of a device in a network shown in the present application, where the status monitoring system includes: the monitoring system comprises a monitoring server 101 and a monitored network 102 connected with the monitoring server 101, wherein the monitored network 102 comprises a plurality of monitored devices 102-1-102-n, the monitoring server 101 and each monitored device 102-i (i is between 1-n, and n is the number of the monitored devices in the monitored network) are respectively configured with a Simple Network Management Protocol (SNMP) function, and the SNMP function comprises the following steps: the interaction flow of the monitoring server 101 and the monitored device implementing the status monitoring method can be shown in fig. 2, and includes the following steps:
s201, the monitored equipment 102-i monitors the state information of the monitored equipment.
Specifically, the SNMP function is opened on each monitored device 102-i in the monitored network 102 to ensure that other devices such as the monitoring server can access the monitored device 102-i through the SNMP function and send its own related information to the outside, and referring to fig. 3, the monitored device 102-i can send part of the status information, such as the basic information, to the monitoring server 101 through the leftmost arrow in fig. 3. The SNMP function includes an SNMP Trap function, which can implement sending of relevant information of the monitored device 102-i, for example, the monitored device 102-i can send an SNMP Trap message to the monitoring server 101, where the Trap message can be written to the relevant information of the monitored device, as shown in fig. 3, the monitored device 102-i can send another part of status information to the monitoring server 101 through the rightmost arrow in fig. 3, that is, the monitored device is carried in the SNMP Trap message, the monitoring server 101 has an SNMP information obtaining program and an SNMP Trap analyzing program, the SNMP information obtaining program can actively obtain and passively receive basic information and device port statistical information sent by the monitored device, and the SNMP Trap analyzing program can analyze the status information from the Trap message.
In this step, the monitored device 102-i may set its own status detection period to monitor its own status information at regular time. Alternatively, the monitored device 102-i may set a status detection condition, and monitor its own status information when a certain status of itself (which may be a status affecting the normal operation of the monitored device 102-i) satisfies the status detection condition.
S202, the monitored device 102-i sends the state information of the monitored device to the monitoring server 101 by utilizing the SNMP function.
Specifically, each monitored device opens the SNMP function, and the SNMP Trap message can realize the external transmission of information, so the monitored device carries the state information of the monitored device in the SNMP Trap message and directly transmits the state information to the monitoring server 101.
Alternatively, the monitored device 102-i may support a heartbeat function, and the monitored device 102-i may carry the SNMP Trap message by periodically sending a heartbeat packet and then reach the monitoring server 101.
The status information of the monitored device in this step may include, but is not limited to: device operational state information, device startup state information, device port statistics, and the like. The device boot state information may include, but is not limited to, information such as cold boot, warm boot, and normal boot. Device port state information may include, but is not limited to, port UP information and port DOWN information.
Optionally, each monitored device is further configured with a remote network monitoring RMON function; when the status information of the monitored device includes device port statistics information, the monitored device may start the RMON function to count the device port statistics information of the monitored device, please refer to fig. 3, which separately illustrates an information flow direction of the monitored device sending the device port statistics information for convenience of understanding. Specifically, when the monitored device is a switch, the device port statistical information of the switch in the present application may include, but is not limited to: the total number of messages received by the port of the switch, the total number of sent messages, the number of messages with errors in receiving, the number of messages with errors in sending, the number of broadcast packets passing through the port, the number of multicast packets, the number of packets with errors in CRC (cyclic redundancy check) check, the number of packets with too short messages, the number of packets with too long messages and other error type messages are counted.
S203, the monitoring server 101 receives the state information sent by the monitored equipment 102-i by using the SNMP function, and outputs alarm information if the monitored equipment 102-i is determined to be abnormal based on the state information.
In this step, after receiving the status information sent by the monitored device 102-i by using the SNMP function, the monitoring server 101 may determine whether the monitored device 102-i is abnormal according to the received status information, and output an alarm information when the monitored device 102-i is abnormal, where the alarm information may carry analyzed abnormal conditions. Specifically, when the alarm information is output, the alarm information can be displayed to the operation and maintenance personnel by mail or in a command mode. Taking the example that the state information includes the device start information as an example, if the received device start information is the monitored device 102-i cold start or hot start, it may determine that the monitored device 102-i is abnormal in start, so as to output the alarm information, and the alarm information carries the monitored device 102-i to be cold start or hot start, thereby achieving the purpose of finding the abnormality in time. Therefore, when seeing the alarm information, the operation and maintenance personnel can timely position the position and abnormal conditions of the abnormal monitored equipment so as to maintain the equipment, achieve the effect of timely finding out the timely maintenance and further realize the quick recovery of the monitored equipment.
Optionally, when the status information of the monitored device includes the device port status information, if the device port status information is port DOWN, the monitoring server 101 may also determine that the monitored device port is abnormal, and similarly output the alarm information of the monitored device port abnormality.
Optionally, when the state information of the monitored device further includes device port statistical information, if the monitoring server 101 determines that an abnormal packet exists in the device port statistical information, it determines that the device to be monitored is in an abnormal state, and outputs alarm information.
Specifically, when the monitored device is a switch, the switch is usually configured to hang down a plurality of devices, and a large number of messages flowing through the switch by the plurality of devices that are hung down are generally collected in the device port statistical information.
Based on any one of the above embodiments, the state monitoring system provided by the present application further includes: the database 103, see also fig. 1, in which:
the database 103 is used for storing the state information of the monitored equipment written by the monitoring server; and an in-place table is stored in the database, wherein the in-place table is used for storing in-place information of the monitored equipment, and the in-place information is used for representing whether the monitored equipment is on line or not.
On this basis, the monitoring server 101 is configured to obtain an ARP table of the current network to be monitored through the SNMP function; and determining that the changed IP address exists by comparing the current ARP table with the APR table obtained last time, determining that the newly added monitored equipment exists when the changed IP address is determined to be the IP address of the monitored equipment, and updating the on-bit table in the database 103.
In specific implementation, the monitoring server 101 may periodically execute an information obtaining program to obtain some other information of the monitored device, for example, periodically obtain an Address Resolution Protocol (ARP) table of the monitored network 102, where the APR table records a corresponding relationship between a Media Access Control (MAC) Address and an Internet Protocol (IP) Address of the monitored device in the current monitored network. The monitoring server 101 regularly acquires the ARP table of the monitored network, so that whether the monitored equipment in the monitored network changes or not can be found by comparing the ARP table acquired this time with the ARP table acquired last time, and when the comparison result is consistent, it indicates that the monitored equipment in the monitored network does not change from the last detection to the current time; and when the comparison result is inconsistent, the inconsistent IP address can be found, then whether the IP address is the IP address of the monitored equipment or not is judged, if the IP address is the IP address of the monitored equipment, the monitored equipment which is newly added to the monitored network but does not support the heartbeat packet is determined to be found by the method, and therefore the purpose of automatically sensing the change in the monitored network is achieved.
On this basis, the monitoring server 101 may add the presence information of the newly added monitored device to the presence table in the database.
Specifically, the in-place table stored in the database records the direct correspondence between the identifier of the monitored device and the in-place information, so that whether the monitored device is in place can be accurately recorded. The above-mentioned obtaining method of the in-place information may be: if the monitoring server 101 can obtain the state information of the monitored device this time, it can be understood that the monitored device can be connected to the monitoring server 101, and this indicates that the monitored device is online, and the presence information may use "1" to indicate that the monitored device is present, and use "0" to indicate that the monitored device is not online.
Based on any of the above embodiments, the monitoring server 101 in this embodiment is further configured to establish a connection with the monitored device if the in-place information in the bit table indicates that the corresponding monitored device is not online; if the monitored equipment still cannot be connected with the monitoring equipment after the set times is exceeded, determining that the monitored equipment is abnormal and outputting alarm information; and if the offline time length of the monitored equipment with the online presence information representing the offline state reaches the set time length, deleting the presence information of the monitored equipment from the presence table and outputting alarm information.
In specific implementation, in order to ensure whether each monitored device in the monitored network is online, the monitoring server 101 may initially acquire the presence information of each monitored device in the monitored network in a form of acquiring an APR table of the monitored network; however, the state of the monitored device changes at any time, in order to accurately obtain the more accurate state of the monitored device, the monitoring server 101 may periodically detect whether all the monitored devices recorded in the bit table are still online through the SNMP function, that is, whether the monitored devices can be connected to the monitored device, when a certain monitored device is not connected, the in-place information of the monitored device may be marked as "0", which indicates that the monitored device is not in place, in order to more accurately determine the in-place state of the monitored device, when the timing time of the next set number of times reaches, the monitored device may be tried to be connected, if the monitored device is still not connected beyond the set number of times, the monitored device is determined to be not online, then the alarm information is output at this time, so as to prevent the occurrence of false alarm. Alternatively, the set number of times may be, but is not limited to, 5.
In addition, in this embodiment, because the monitoring server 101 regularly acquires the presence information of the monitored device, when it is determined that the monitored device is not online for the first time, based on a subsequent connection attempt, when it is determined that the offline duration of the monitored device reaches the set duration, it indicates that the monitored device may be deleted from the monitored network, so that the presence information of the monitored device may not be maintained any longer, that is, the presence information of the monitored device is deleted from the presence table, and meanwhile, for the convenience of query by operation and maintenance personnel, alarm information indicating that the offline duration of the monitored device reaches the set duration is output. Alternatively, the set time period may be, but is not limited to, 24 hours or the like. For example, if the monitoring server determines that a certain monitored device is not online for more than 1 day continuously, the presence information of the monitored device may be deleted from the presence table.
It should be noted that the database 103 may maintain an alarm information history table, and when the monitoring server 101 outputs alarm information, the alarm information output in the past may be written into the alarm information history table of the database, so that the operation and maintenance personnel may query the alarm information.
Optionally, the database 103 may further store a monitored device record table, where the record table is used to record the identification information of the monitored device included in the monitored network. On the basis, when the monitored device is not online for 1 day continuously, the identification information of the monitored device which is not online can be deleted from the monitored device record table, and the identification information of the monitored device can include, but is not limited to, the hardware identification of the monitored device and the like, such as a MAC address.
Alternatively, when the status information of the monitored device includes the device port statistical information, the monitoring server 101 may write the device port statistical information of the monitored device into the database for storage.
Optionally, the database 103 provided in this embodiment further stores an equipment port history table, where the equipment port history table is used to store port status information of the monitored equipment.
Based on any of the above embodiments, the monitoring server 101 is further configured to display the status information of the monitored device after receiving the status query instruction.
In a specific implementation, the monitoring server 101 in this embodiment includes at least one SNMP server and a query server, where the SNMP server is configured to execute the status monitoring process provided in any one of the above embodiments, and the query server is configured to display status information of a monitored device after receiving a status query instruction, and generally, a monitored network is managed by one SNMP server. Specifically, the query server is taken as a Web server for illustration, and the Web server is a Web layer, when an operation and maintenance person needs to query related information of a monitored network, or when the operation and maintenance person receives alarm information, a query instruction can be sent to the Web server through a Web client, so that after receiving the query instruction, the Web can query information needed by the operation and maintenance person from the database 103 and send the information to the Web client, and the Web client displays the queried information to the operation and maintenance person, as shown in fig. 4, a Web interaction interface displayed to the operation and maintenance person can have a topology structure of the monitored network, device port statistical information of the monitored device, alarm information, a device port history table and the like, so that the operation and maintenance person can monitor the state of the monitored device in the monitored network in real time, thereby facilitating maintenance and rapid positioning and troubleshooting when an abnormal condition occurs, the condition that the network is paralyzed due to the long-time non-positioning problem is avoided.
According to the state monitoring system of the equipment in the network, the SNMP function is configured in the monitoring server and the monitored equipment in the monitored network, so that the monitored equipment can send the state information of the monitored equipment to the monitoring server through the SNMP function, and further the monitoring server determines whether the monitored equipment is abnormal or not according to the state information of the monitored equipment, therefore, dynamic monitoring of the state of the monitored equipment in the monitored network and timely discovery and maintenance of abnormal conditions are achieved, and the troubleshooting time of network environment problems is effectively saved.
In order to better understand the system for monitoring the state of the device in the network provided by the present application, taking the monitored device as a switch, the monitoring server including an SNMP server and a Web server, and the monitoring system further including a database as an example for explanation, refer to a scene diagram shown in fig. 5. The Web server and the database may be understood as a Web layer, the scenario in fig. 5 includes a plurality of monitored networks, each monitored network is connected to one SNMP server, the SNMP server may be understood as a service layer, the plurality of monitored networks may share one Web server, or one monitored network corresponds to one Web server, which may be determined according to actual situations. The monitored equipment layer is mainly responsible for pushing the state information of the switch, or waiting for the SNMP server in the service layer to actively capture the state information of the switch at regular time, and the like. The service layer is mainly responsible for receiving the state information sent by the monitored equipment layer, then carrying out analysis processing, then judging whether an abnormal switch exists according to the analysis processing result of the state information, and then outputting alarm information when determining that the abnormal switch exists, for example, a mail is pushed to a Web server of the Web layer, and the Web server in the Web layer can be displayed to operation and maintenance personnel through an interactive page of a Web client after receiving the alarm information, so that the operation and maintenance personnel can locate and solve the abnormality. Or, when the operation and maintenance personnel need to query the network environment of a certain monitored network, the operation and maintenance personnel interact with the Web server through the Web client, for example, a state query instruction is sent through triggering click operation, so that the Web server receives the query instruction and queries the required data in the database and feeds the data back to the operation and maintenance personnel, for example, a topology structure diagram of the monitored network, equipment port statistical information of the switch, historical alarm information, port historical state information and the like are displayed, and the operation and maintenance personnel can conveniently locate problems and investigate the network environment.
Specifically, because the situation that the connection relation and the position of the switch frequently change possibly occurs in the monitored network, if the change needs to be accurately and dynamically monitored, a single mode is used for monitoring whether the change is not accurate enough or not real-time enough, and the scheme adopts a mode of combining active capture based on SNMP, push of the tested switch and superposition of historical records to accurately, real-time and dynamically monitor the state of the switch.
In order to achieve the effect, the switch opens the SNMP function, the SNMP Trap function and the RMON function, so that the switch can send the state information detected by the switch to the SNMP server through the SNMP, meanwhile, the switch can also obtain the equipment port statistical information of the switch by using the RMON function and then send the statistical information to the SNMP server, and after receiving the state information sent by the switch, the SNMP server can analyze and process the state information, judge whether the switch is abnormal or not and output alarm information when the switch is abnormal. Therefore, dynamic and timely monitoring of the state of the monitored network and abnormal condition processing are realized. In addition, the SNMP can also store the information in a database so as to be convenient for operation and maintenance personnel to query, and further realize the quick positioning of abnormal information.
In addition, the SNMP server can actively acquire other information of each switch from the monitored network, for example, an ARP table is acquired each time in an active capturing mode, whether a newly added IP address exists is determined by comparing the APR table captured this time with the ARP table captured last time, when the newly added IP address exists, whether the newly added IP address belongs to the IP address of the switch is judged in the IP addresses, if yes, the newly added switch exists is indicated, and then the newly added IP address is added into a monitored switch record table maintained by the database, and then real-time monitoring is carried out.
It should be noted that the switch sends the state information in different manners, and the switch state recorded by the SNMP server is also different, such as a manner of actively sending a heartbeat packet, and a manner of sending an SNMP Trap message.
Specifically, an on-line table may be maintained in the database, where the on-line table may include a down switch record table of switches that cannot be connected to the on-line table and an on-line switch record table connected to the switches, where the switch in the down switch record table is used in combination with the on-line switch table for a period of time from being taken off (the time is usually greater than or equal to the lease time of ARP) to determine whether there is a new on-line switch in the down switch record report, and when there is a new on-line switch in the switch, the identifier of the switch is removed from the down switch record table, and then the identifier of the switch is added to the on-line switch record table. However, for the offline switch, when the offline (non-online) time of the switch exceeds the lease time of the ARP, the re-accessed switch can be monitored by using the active capture mode, and when the offline switch is not online for more than 1 day continuously, the related information of the switch will be deleted.
For the reason of the above method, the following three situations are generally found in the switch access network:
(1) the network cable is firstly accessed into the network, and then the switch is powered on and started.
(2) The exchanger is started and then accessed into the network.
(3) The network wire of the switch is pulled out, and the network is accessed again after a period of time.
For the cases (1) and (2), the new access device can be monitored in time by respectively using switch pushing and active grabbing, but for the case (3), if the time for the switch to be disconnected from the network is less than the lease time of the ARP, the active grabbing (by comparing the change of the ARP) cannot sense the switch which is reconnected, if the switch does not support sending heartbeat packets, the state of the switch cannot be pushed actively, in the above case, the switch is disconnected from monitoring, but after the bit list is introduced, the monitored switch can continue to monitor for a period of time within the period of network disconnection, the period of time is the lease time of the ARP, the state of the switch during the monitoring is off-line state, and the SNMP server only checks whether the switch is on-line, does not occupy too much network traffic, namely, only occupies little network bandwidth for monitoring the whole network, a switch is removed from the bit list when its down time exceeds 1 day. By adopting the mode, all the switches in the network can be accurately monitored in real time and dynamically.
Based on the same inventive concept, an embodiment of the present application further provides a method for monitoring a state of a device in a network, where the method is applied to the monitoring server, the monitoring server is configured with an SNMP function, and a process for implementing the method by the monitoring server may be shown in fig. 6, where the process includes the following steps:
s601, acquiring the state information of the monitored equipment in the monitored network through the SNMP function.
And S602, if the monitored equipment is determined to be abnormal based on the state information, outputting alarm information.
In particular, reference may be made to the relevant description in fig. 2 with regard to the implementation of the relevant flow in fig. 6, which is not described in detail here.
Optionally, the method for monitoring the state of the device in the network provided by the present application further includes:
acquiring an Address Resolution Protocol (ARP) table of a current monitored network through an SNMP function;
determining that a changed IP address exists by comparing the current ARP table with the APR table obtained last time, and determining that the newly added monitored equipment exists when the changed IP address is determined to be the IP address of the monitored equipment;
and updating an in-place table in a database according to the state of the newly added monitored equipment, wherein the in-place table is used for storing in-place information of the monitored equipment, and the in-place information is used for representing whether the monitored equipment is on line or not.
Optionally, the method for monitoring the state of the device in the network provided by the present application further includes the following steps:
if the in-place information in the bit table represents that the corresponding monitored equipment is not on-line, establishing connection with the monitored equipment;
if the monitored equipment still cannot be connected with the monitoring equipment after the set times is exceeded, determining that the monitored equipment is abnormal and outputting alarm information;
and if the offline time length of the monitored equipment with the online presence information representing the offline time length reaches the set time length, deleting the online presence information of the monitored equipment from the presence table and outputting alarm information.
Optionally, the method for monitoring the state of the device in the network provided by the present application further includes the following steps:
acquiring equipment port statistical information of the monitored equipment;
if the abnormal message exists in the device port statistical information, determining that the device hung down by the monitored device is abnormal, and outputting alarm information.
For the description provided in this embodiment, please refer to the related description about the monitoring server in the status monitoring system, which is not listed in detail here.
Based on the same inventive concept, the application also provides a state monitoring device of the equipment in the network, which corresponds to the state monitoring method of the equipment in the network. The implementation of the apparatus for monitoring the status of the devices in the network may refer to the above description of the method for monitoring the status of the devices in the network, and is not discussed here.
Referring to fig. 7, fig. 7 is a diagram illustrating a status monitoring apparatus for a device in a network according to an exemplary embodiment of the present application, which is applied to a monitoring server, where the monitored server is configured with a simple network management protocol SNMP function; and the above apparatus, comprising:
an information obtaining module 701, configured to obtain, through an SNMP function, status information of a monitored device in a monitored network;
an alarm module 702, configured to output alarm information if it is determined that the monitored device is abnormal based on the state information.
A possible embodiment provides a device for monitoring a status of a device in a network, further including: fig. 7 also shows an ARP table acquiring module 703, a determining module 704, and an updating module 705, where:
an ARP table obtaining module 703, configured to obtain an ARP table of a current monitored network through an SNMP function;
a determining module 704, configured to determine that a changed IP address exists by comparing the current ARP table with the last obtained APR table, and determine that a newly added monitored device exists when the changed IP address is determined to be the IP address of the monitored device;
an updating module 705, configured to update an in-place table in the database according to a state of the newly added monitored device, where the in-place table is used to store in-place information of the monitored device, and the in-place information is used to represent whether the monitored device is online.
A possible embodiment provides a device for monitoring a status of a device in a network, further including: a connection establishing module 706 and a deleting module 707, also refer to fig. 7, in which:
a connection establishing module 706, configured to establish a connection with the monitored device if the in-place information in the in-place table indicates that the corresponding monitored device is not online;
the alarm module 702 is further configured to determine that the monitored device is abnormal and output alarm information if the monitored device still cannot be connected to the monitored device for more than a set number of times;
and a deleting module 707, configured to delete the in-place information of the monitored device from the in-place table and output alarm information if it is determined that the offline duration of the monitored device whose in-place information represents offline reaches a set duration.
In a possible embodiment, the obtaining module 701 is further configured to obtain device port statistical information of the monitored device;
the alarm module 702 is further configured to determine that the device to be monitored hangs down the device abnormally if it is determined that the abnormal packet exists in the device port statistical information, and output alarm information.
A possible embodiment provides a device for monitoring a status of a device in a network, further including: the presentation module 708, also shown with reference to fig. 7, wherein:
the displaying module 708 is configured to display the status information of the monitored device after receiving the status query instruction.
Based on the same inventive concept, the present application provides a monitoring server, as shown in fig. 8, including a processor 801 and a machine-readable storage medium 802, where the machine-readable storage medium 802 stores machine-executable instructions capable of being executed by the processor 801, and the processor 801 is caused by the machine-executable instructions to perform the method for monitoring the status of devices in a network according to the present application.
The machine-readable storage medium may include a RAM (Random Access Memory) and a NVM (Non-volatile Memory), such as at least one disk Memory. Alternatively, the machine-readable storage medium may be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also a DSP (Digital Signal Processor), an ASIC (Application Specific Integrated Circuit), an FPGA (Field-Programmable Gate Array) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component.
In addition, the embodiment of the present application provides a machine-readable storage medium, which stores machine-executable instructions, and when the machine-readable storage medium is called and executed by a processor, the machine-executable instructions cause the processor to execute the method for monitoring the state of the device in the network provided by the embodiment of the present application.
For the embodiment of the monitoring server and the machine-readable storage medium, the content of the related method is substantially similar to that of the foregoing method embodiment, so that the description is relatively simple, and for the relevant points, reference may be made to part of the description of the method embodiment.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.

Claims (11)

1. A system for monitoring the status of devices within a network, comprising: the monitoring system comprises a monitoring server and a monitored network connected with the monitoring server, wherein the monitored network comprises a plurality of monitored devices, and the monitoring server and each monitored device are respectively configured with a Simple Network Management Protocol (SNMP) function, wherein:
the monitored equipment is used for monitoring the state information of the monitored equipment and sending the state information of the monitored equipment to the monitoring server by utilizing the SNMP function;
the monitoring server is used for receiving the state information of the monitored equipment through the SNMP function; and if the monitored equipment is determined to be abnormal based on the state information, outputting alarm information.
2. The system of claim 1, wherein the condition monitoring system further comprises: the database is used for storing the state information of the monitored equipment written by the monitoring server; the database stores an in-place table, wherein the in-place table is used for storing in-place information of the monitored equipment, and the in-place information is used for representing whether the monitored equipment is on line or not;
the monitoring server is used for acquiring an ARP table of a current monitored network through an SNMP function; and determining that the changed IP address exists by comparing the current ARP table with the APR table obtained last time, determining that the newly added monitored equipment exists when the changed IP address is determined to be the IP address of the monitored equipment, and updating the in-place table in the database.
3. The system of claim 2,
the monitoring server is further configured to establish a connection with the monitored device if the in-place information in the in-place table indicates that the corresponding monitored device is not online; if the monitored equipment still cannot be connected with the monitoring equipment after the set times is exceeded, determining that the monitored equipment is abnormal and outputting alarm information; and if the offline time length of the monitored equipment with the online presence information representing the offline state reaches the set time length, deleting the presence information of the monitored equipment from the presence table and outputting alarm information.
4. The system of claim 2, wherein the database further stores a device port history table for storing port status information of the monitored device.
5. The system of claim 2, wherein each monitored device is further configured with a remote network monitoring (RMON) function; and the status information includes device port statistics, then
The monitored device is used for generating device port statistical information through the RMON function;
the monitoring server is further configured to determine that the monitored device is abnormal when it is determined that an abnormal message exists in the device port statistical information, and output alarm information; and writing the device port statistical information into the database.
6. The system according to any one of claims 1 to 5,
and the monitoring server is also used for displaying the state information of the monitored equipment after receiving the state query instruction.
7. A state monitoring method of equipment in a network is characterized in that the method is applied to a monitoring server, and the monitored server is configured with a Simple Network Management Protocol (SNMP) function; and the method, comprising:
acquiring the state information of the monitored equipment in the monitored network through the SNMP function;
and if the monitored equipment is determined to be abnormal based on the state information, outputting alarm information.
8. The method of claim 7, further comprising:
acquiring an Address Resolution Protocol (ARP) table of a current monitored network through an SNMP function;
determining that a changed IP address exists by comparing the current ARP table with the APR table obtained last time, and determining that the newly added monitored equipment exists when the changed IP address is determined to be the IP address of the monitored equipment;
and updating an in-place table in a database according to the state of the newly added monitored equipment, wherein the in-place table is used for storing in-place information of the monitored equipment, and the in-place information is used for representing whether the monitored equipment is on line or not.
9. The method of claim 8, further comprising:
if the in-place information in the in-place table represents that the corresponding monitored equipment is not on-line, establishing connection with the monitored equipment;
if the monitored equipment still cannot be connected with the monitoring equipment after the set times is exceeded, determining that the monitored equipment is abnormal and outputting alarm information;
and if the offline time length of the monitored equipment with the online presence information representing the offline state reaches the set time length, deleting the presence information of the monitored equipment from the presence table and outputting alarm information.
10. The method of claim 7, further comprising:
acquiring equipment port statistical information of the monitored equipment;
if the abnormal message exists in the device port statistical information, determining that the device hung down by the monitored device is abnormal, and outputting alarm information.
11. A state monitoring device of equipment in a network is characterized in that the device is applied to a monitoring server, and the monitored server is configured with a Simple Network Management Protocol (SNMP) function; and the apparatus, comprising:
the information acquisition module is used for acquiring the state information of the monitored equipment in the monitored network through the SNMP function;
and the alarm module is used for outputting alarm information if the monitored equipment is determined to be abnormal based on the state information.
CN202010355653.7A 2020-04-29 2020-04-29 System, method and device for monitoring state of equipment in network Pending CN111698127A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010355653.7A CN111698127A (en) 2020-04-29 2020-04-29 System, method and device for monitoring state of equipment in network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010355653.7A CN111698127A (en) 2020-04-29 2020-04-29 System, method and device for monitoring state of equipment in network

Publications (1)

Publication Number Publication Date
CN111698127A true CN111698127A (en) 2020-09-22

Family

ID=72476874

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010355653.7A Pending CN111698127A (en) 2020-04-29 2020-04-29 System, method and device for monitoring state of equipment in network

Country Status (1)

Country Link
CN (1) CN111698127A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112235147A (en) * 2020-10-20 2021-01-15 珠海格力电器股份有限公司 Method, gateway and system for acquiring equipment energy consumption data
CN112468346A (en) * 2020-12-13 2021-03-09 北京哈工信息产业股份有限公司 SNMP-based equipment monitoring and early warning visualization system
CN113688149A (en) * 2021-07-20 2021-11-23 青岛海尔科技有限公司 Monitoring method and device
CN115242602A (en) * 2022-07-20 2022-10-25 北京天一恩华科技股份有限公司 Network equipment life cycle management method, device, equipment and medium
CN115277485A (en) * 2022-07-25 2022-11-01 绿盟科技集团股份有限公司 Network data control method and device and electronic equipment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104954184A (en) * 2015-06-15 2015-09-30 四川长虹电器股份有限公司 Monitoring and alarming method and system for cloud background server cluster

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104954184A (en) * 2015-06-15 2015-09-30 四川长虹电器股份有限公司 Monitoring and alarming method and system for cloud background server cluster

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112235147A (en) * 2020-10-20 2021-01-15 珠海格力电器股份有限公司 Method, gateway and system for acquiring equipment energy consumption data
CN112468346A (en) * 2020-12-13 2021-03-09 北京哈工信息产业股份有限公司 SNMP-based equipment monitoring and early warning visualization system
CN113688149A (en) * 2021-07-20 2021-11-23 青岛海尔科技有限公司 Monitoring method and device
CN115242602A (en) * 2022-07-20 2022-10-25 北京天一恩华科技股份有限公司 Network equipment life cycle management method, device, equipment and medium
CN115242602B (en) * 2022-07-20 2023-11-14 北京天一恩华科技股份有限公司 Network equipment life cycle management method, device, equipment and medium
CN115277485A (en) * 2022-07-25 2022-11-01 绿盟科技集团股份有限公司 Network data control method and device and electronic equipment
CN115277485B (en) * 2022-07-25 2023-09-26 绿盟科技集团股份有限公司 Control method and device for network data and electronic equipment

Similar Documents

Publication Publication Date Title
CN111698127A (en) System, method and device for monitoring state of equipment in network
CA2493525C (en) Method and apparatus for outage measurement
US7974219B2 (en) Network troubleshooting using path topology
US20030225876A1 (en) Method and apparatus for graphically depicting network performance and connectivity
CN110659109B (en) System and method for monitoring openstack virtual machine
US20040008727A1 (en) Network resource management in a network device
US10868709B2 (en) Determining the health of other nodes in a same cluster based on physical link information
WO2001098916A1 (en) Liveexception system
AU2001270017A1 (en) Liveexception system
CN106789177A (en) A kind of system of dealing with network breakdown
CN112333020B (en) Network security monitoring and data message analysis system based on quintuple
EP1622310B1 (en) Administration method and system for network management systems
CN106911510B (en) Usability monitoring system and method for network access system
CN114039892B (en) Network jitter analysis and visualization method and system
CN103634166A (en) Equipment survival detection method and equipment survival detection device
CN102377619A (en) Automatic detecting and processing method for communication abnormality of simple network management protocol (SNMP) agent
KR100500836B1 (en) Fault management system of metro ethernet network and method thereof
CN103716377B (en) A kind of method and smart card for realizing UPS remote monitorings
CN111343033B (en) Network management system for multi-layer difference
CN104796294A (en) Cloud acceleration network monitoring system and method
KR101556781B1 (en) fault and lifetime prediction information service supply system for network eauipment
JP2016146519A (en) Network monitoring system, monitoring device, and monitoring method
Doliwa et al. Network monitoring and management for company with hybrid and distributed infrastructure
CN113395179B (en) Method for improving readability of BGP peer jitter alarm information in IP network
CN115022184A (en) BS topology analysis system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200922