CN111754077A - Alarm convergence analysis method and system - Google Patents
Alarm convergence analysis method and system Download PDFInfo
- Publication number
- CN111754077A CN111754077A CN202010458357.XA CN202010458357A CN111754077A CN 111754077 A CN111754077 A CN 111754077A CN 202010458357 A CN202010458357 A CN 202010458357A CN 111754077 A CN111754077 A CN 111754077A
- Authority
- CN
- China
- Prior art keywords
- alarm
- priority
- record
- determining
- priority corresponding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004458 analytical method Methods 0.000 title claims abstract description 26
- 238000012544 monitoring process Methods 0.000 claims abstract description 39
- 238000012423 maintenance Methods 0.000 claims abstract description 23
- 238000012545 processing Methods 0.000 claims description 35
- 238000000034 method Methods 0.000 description 10
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 230000000694 effects Effects 0.000 description 3
- 238000010276 construction Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012552 review Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0639—Performance analysis of employees; Performance analysis of enterprise or organisation operations
- G06Q10/06393—Score-carding, benchmarking or key performance indicator [KPI] analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G06Q50/40—
Abstract
The invention relates to an alarm convergence analysis method, which comprises the following steps: acquiring a monitoring index; determining whether an alarm record is generated or not according to the comparison of the monitoring index and a preset threshold value; giving the corresponding priority to the alarm record according to the priority setting rule; and converging the alarm records according to the priority. The alarm convergence analysis method can reduce the number of alarm notifications, and meanwhile helps operation and maintenance personnel to focus on the faults and problems with high priority.
Description
Technical Field
The invention relates to the technical field of monitoring systems, in particular to an alarm convergence analysis method and system.
Background
Along with the gradual deepening of the information-based construction, the construction scales of data centers, public clouds/private clouds, internet of things, edge computing and the like are larger and larger, and meanwhile, a monitoring system can also generate a large amount of alarms to help users to find, quickly respond and process problems in time.
In general, a monitoring system provides a function capable of setting a threshold, when a monitored monitoring index value exceeds the threshold, the system generates an alarm, and when the system generates the alarm, the monitoring system notifies the designated operation and maintenance personnel of the alarm content through mails or short messages.
With the increase of the alarms, the monitoring system lists a large amount of alarm information, and the severity of the alarms cannot be distinguished, so that the priority and the severity of the alarms are identified from a large amount of alarms depending on the experience of operation and maintenance personnel, and the condition that the fault problem needing emergency treatment is ignored is possibly brought, so that the usability and the user experience of the system are reduced, the fault positioning and analysis are not facilitated, and the operation and maintenance management efficiency is reduced.
Disclosure of Invention
The application provides an alarm convergence analysis method and system, which solve or partially solve the technical problems that a large amount of alarm information generated by a monitoring system in the prior art cannot distinguish whether the alarm information is serious or serious, depends on the experience of operation and maintenance personnel, and has low operation and maintenance management efficiency, reduce the number of alarm notifications, and simultaneously help the operation and maintenance personnel to focus on the technical effects of preferentially paying attention to faults and problems with high priority level.
The application provides an alarm convergence analysis method, which comprises the following steps:
acquiring a monitoring index;
determining whether an alarm record is generated or not according to the comparison of the monitoring index and a preset threshold value;
giving the alarm records corresponding priority according to a priority setting rule;
and converging the alarm records according to the priority.
Preferably, the determining whether to generate an alarm record according to the comparison between the monitoring index and a predetermined threshold includes:
and when the monitoring index exceeds the preset threshold value, generating the alarm record, otherwise, not generating the alarm record.
Preferably, the priority setting rule is: and determining the priority corresponding to the alarm record according to the time urgency of alarm processing and the risk severity of the alarm content.
Preferably, the priority is divided into: emergency, high, medium and low levels;
the risk severity of the alarm content is divided into: the risk is large, medium and small;
the time urgency of alarm processing is divided into: immediately, quickly and quickly.
Preferably, the determining the priority corresponding to the alarm record according to the time urgency and the risk severity of the alarm record includes:
if the risk severity of the alarm content is high and the time urgency of alarm processing is immediate, determining that the priority corresponding to the alarm record is urgent;
if the risk severity of the alarm content is in risk and the time urgency of alarm processing is immediate, determining that the priority corresponding to the alarm record is high;
if the risk severity of the alarm content is low and the time urgency of alarm processing is immediate, determining the priority corresponding to the alarm record as medium;
if the risk severity of the alarm content is high and the alarm processing time urgency is rapid, determining that the priority corresponding to the alarm record is high;
if the risk severity of the alarm content is in risk and the time urgency of alarm processing is rapid, determining the priority corresponding to the alarm record is in middle;
if the risk severity of the alarm content is low and the alarm processing time urgency is rapid, determining that the priority corresponding to the alarm record is low;
if the risk severity of the alarm content is high and the alarm processing time urgency is as fast as possible, determining the priority corresponding to the alarm record as medium;
if the risk severity of the alarm content is in risk and the time urgency of alarm processing is as fast as possible, determining that the priority corresponding to the alarm record is low;
and if the risk severity of the alarm content is low and the alarm processing time urgency is as fast as possible, determining that the priority corresponding to the alarm record is low.
Preferably, converging the alarm record according to the priority includes:
if the priority corresponding to the alarm record is urgent or high, sending an alarm notification;
and if the priority corresponding to the alarm record is medium or low, not sending an alarm notification.
Preferably, the alarm notification is sent to the operation and maintenance personnel through any one or more of WeChat, short message and mail.
Preferably, the method further comprises the following steps: storing the alarm records assigned with priorities.
Based on the same invention, the application also provides an alarm convergence analysis system, which comprises:
the monitoring index acquisition module is used for acquiring a monitoring index;
the alarm recording module is used for determining whether to generate an alarm record according to the comparison between the monitoring index and a preset threshold value;
the priority setting module is used for determining the priority corresponding to the alarm record according to the time urgency of alarm processing and the risk severity of the alarm content; the priority is divided into: emergency, high, medium and low levels;
the convergence module is used for converging the alarm records according to the priority, and sending an alarm notification if the priority corresponding to the alarm records is urgent or high; and if the priority corresponding to the alarm record is medium or low, not sending the alarm notice.
Preferably, the system further comprises a storage module for storing the alarm records with the priorities.
One or more technical solutions provided in the embodiments of the present application have at least the following technical effects or advantages:
according to the method, the alarm notification amount is reduced by analyzing the importance degree and the priority of the alarm record and adopting an alarm convergence method based on the alarm monitoring index aiming at the monitoring software, meanwhile, the priority and the importance degree of the alarm record are identified, and operation and maintenance personnel can be helped to quickly identify and process the fault problem with high priority emergency degree. Therefore, the technical problems that a large amount of alarm information generated by a monitoring system in the prior art cannot be distinguished in a serious and urgent manner, operation and maintenance management efficiency is low depending on experience of operation and maintenance personnel are effectively solved, the number of alarm notifications is reduced, and meanwhile, the operation and maintenance personnel can focus on the technical effect of preferentially paying attention to faults and problems with high priority levels.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flow chart of an alarm convergence analysis method according to an embodiment of the present application;
fig. 2 is a block diagram of a structure of an alarm convergence analysis system according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Referring to fig. 1, the present application provides an alarm convergence analysis method, including:
s1: acquiring a monitoring index;
s2: determining whether an alarm record is generated or not according to the comparison of the monitoring index and a preset threshold value;
s3: giving the corresponding priority to the alarm record according to the priority setting rule;
s4: and converging the alarm records according to the priority.
The method aims at monitoring software, reduces the alarm notification amount through analyzing the importance degree and the priority of the alarm record and through an alarm convergence method based on the alarm monitoring index, and meanwhile, identifies the priority and the importance degree of the alarm and helps operation and maintenance personnel to quickly identify and process the fault problem with high priority emergency degree.
In one embodiment, determining whether to generate an alarm record based on a comparison of the monitored indicator to a predetermined threshold comprises: and when the monitoring index exceeds a preset threshold value, generating an alarm record, otherwise, not generating the alarm record.
In one embodiment, the priority setting rule is: and determining the priority corresponding to the alarm record according to the time urgency of alarm processing and the risk severity of the alarm content. The priority is divided into: emergency, high, medium and low levels; the risk severity of the alert content is divided into: the risk is large, medium and small; the time urgency of alarm handling is divided into: immediately, quickly and quickly.
In one embodiment, determining the priority corresponding to the alarm record according to the time urgency and the risk severity of the alarm record comprises:
if the risk severity of the alarm content is high and the time urgency of alarm processing is immediate, determining that the priority corresponding to the alarm record is urgent;
if the risk severity of the alarm content is in risk and the time urgency of alarm processing is immediate, determining that the priority corresponding to the alarm record is high;
if the risk severity of the alarm content is small and the time urgency of alarm processing is immediate, determining the priority corresponding to the alarm record as medium;
if the risk severity of the alarm content is high and the alarm processing time urgency is rapid, determining that the priority corresponding to the alarm record is high;
if the risk severity of the alarm content is in risk and the time urgency of alarm processing is rapid, determining the priority corresponding to the alarm record as middle;
if the risk severity of the alarm content is small and the time urgency of alarm processing is rapid, determining that the priority corresponding to the alarm record is low;
if the risk severity of the alarm content is high and the alarm processing time urgency is as fast as possible, determining the priority corresponding to the alarm record as medium;
if the risk severity of the alarm content is in the risk and the time urgency of alarm processing is as fast as possible, determining that the priority corresponding to the alarm record is low;
and if the risk severity of the alarm content is low and the time urgency of alarm processing is as fast as possible, determining that the priority corresponding to the alarm record is low.
In one embodiment, the convergence of the alarm records according to priority comprises:
if the priority corresponding to the alarm record is urgent or high, sending an alarm notification to operation and maintenance personnel;
and if the priority corresponding to the alarm record is medium or low, not sending an alarm notification to the operation and maintenance personnel.
In one embodiment, the alarm notification is sent to the operation and maintenance personnel by any one or more of WeChat, SMS and email.
In one embodiment, the method further comprises: and storing the alarm records endowed with the priorities.
The alarm convergence analysis method of the present application is described in detail below by a specific example:
firstly, monitoring provides a function of setting the priority of monitoring indexes, the priority is divided into multiple levels, and for convenience of explanation, the simplified priorities are urgent, high, medium and low; then, when the monitoring system generates an alarm, the alarm analysis module marks the priority of the alarm according to the monitoring index;
and then, comparing the priority of the newly generated alarm record with all the priorities of the same monitored object, if the priority of the newly generated alarm record is the highest, generating a new alarm notification, and notifying corresponding operation and maintenance personnel through short messages or mails. If the priority of the newly generated alarm record is lower than or equal to the priority of the alarm already generated before, no alarm is generated. The operation and maintenance personnel can then view and review the alarms that have been notified, as well as the low priority alarms that are not notified, in the system.
Therefore, the number of alarm notifications is reduced, and meanwhile, operation and maintenance personnel can focus on the faults and problems with high priority levels. The method is wide in equipment application range and applicable to various monitoring systems such as a monitoring system, a log analysis system and an Internet of things monitoring system.
Based on the same invention, the present application further provides an alarm convergence analysis system, referring to fig. 2, including:
a monitoring index obtaining module 201, configured to obtain a monitoring index;
the alarm recording module 202 is used for determining whether an alarm record is generated according to the comparison between the monitoring index and a preset threshold value;
the priority setting module 203 is used for determining the priority corresponding to the alarm record according to the time urgency of alarm processing and the risk severity of the alarm content; the priority is divided into: emergency, high, medium and low levels;
the convergence module 204 is configured to converge the alarm records according to the priority, and send an alarm notification to operation and maintenance staff if the priority corresponding to the alarm record is urgent or high; and if the priority corresponding to the alarm record is medium or low, not sending an alarm notification to the operation and maintenance personnel.
In one embodiment, the system further comprises a storage module 205 for storing the alarm records assigned with priorities, and the operation and maintenance personnel can browse and view the alarms which are notified and the alarms with low priorities which are not notified by reading the data of the storage module.
The system is more economical in use cost and more convenient to carry. Has practical application value.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made in the embodiments of the present invention without departing from the spirit or scope of the embodiments of the invention. Thus, if such modifications and variations of the embodiments of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to encompass such modifications and variations.
Claims (10)
1. An alarm convergence analysis method, comprising:
acquiring a monitoring index;
determining whether an alarm record is generated or not according to the comparison of the monitoring index and a preset threshold value;
giving the alarm records corresponding priority according to a priority setting rule;
and converging the alarm records according to the priority.
2. The alarm convergence analysis method of claim 1 wherein the determining whether to generate an alarm record based on the comparison of the monitoring indicator to the predetermined threshold comprises:
and when the monitoring index exceeds the preset threshold value, generating the alarm record, otherwise, not generating the alarm record.
3. The alarm convergence analysis method of claim 1, wherein the priority setting rule is: and determining the priority corresponding to the alarm record according to the time urgency of alarm processing and the risk severity of the alarm content.
4. The alarm convergence analysis method of claim 3,
the priority is divided into: emergency, high, medium and low levels;
the risk severity of the alarm content is divided into: the risk is large, medium and small;
the time urgency of alarm processing is divided into: immediately, quickly and quickly.
5. The alarm convergence analysis method of claim 4 wherein determining the priority corresponding to the alarm record based on the time urgency and risk severity of the alarm record comprises:
if the risk severity of the alarm content is high and the time urgency of alarm processing is immediate, determining that the priority corresponding to the alarm record is urgent;
if the risk severity of the alarm content is in risk and the time urgency of alarm processing is immediate, determining that the priority corresponding to the alarm record is high;
if the risk severity of the alarm content is low and the time urgency of alarm processing is immediate, determining the priority corresponding to the alarm record as medium;
if the risk severity of the alarm content is high and the alarm processing time urgency is rapid, determining that the priority corresponding to the alarm record is high;
if the risk severity of the alarm content is in risk and the time urgency of alarm processing is rapid, determining the priority corresponding to the alarm record is in middle;
if the risk severity of the alarm content is low and the alarm processing time urgency is rapid, determining that the priority corresponding to the alarm record is low;
if the risk severity of the alarm content is high and the alarm processing time urgency is as fast as possible, determining the priority corresponding to the alarm record as medium;
if the risk severity of the alarm content is in risk and the time urgency of alarm processing is as fast as possible, determining that the priority corresponding to the alarm record is low;
and if the risk severity of the alarm content is low and the alarm processing time urgency is as fast as possible, determining that the priority corresponding to the alarm record is low.
6. The alarm convergence analysis method of claim 1 wherein converging the alarm records according to the priority comprises:
if the priority corresponding to the alarm record is urgent or high, sending an alarm notification;
and if the priority corresponding to the alarm record is medium or low, not sending an alarm notification.
7. The alarm convergence analysis method of claim 6,
and the alarm notice is sent to the operation and maintenance personnel through any one or more modes of WeChat, short message and mail.
8. The alarm convergence analysis method of claim 1, further comprising: storing the alarm records assigned with priorities.
9. An alarm convergence analysis system, comprising:
the monitoring index acquisition module is used for acquiring a monitoring index;
the alarm recording module is used for determining whether to generate an alarm record according to the comparison between the monitoring index and a preset threshold value;
the priority setting module is used for determining the priority corresponding to the alarm record according to the time urgency of alarm processing and the risk severity of the alarm content; the priority is divided into: emergency, high, medium and low levels;
the convergence module is used for converging the alarm records according to the priority, and sending an alarm notification if the priority corresponding to the alarm records is urgent or high; and if the priority corresponding to the alarm record is medium or low, not sending the alarm notice.
10. The alarm convergence analysis system of claim 9 further comprising a storage module for storing prioritized alarm records.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010458357.XA CN111754077A (en) | 2020-05-27 | 2020-05-27 | Alarm convergence analysis method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010458357.XA CN111754077A (en) | 2020-05-27 | 2020-05-27 | Alarm convergence analysis method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111754077A true CN111754077A (en) | 2020-10-09 |
Family
ID=72673832
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010458357.XA Pending CN111754077A (en) | 2020-05-27 | 2020-05-27 | Alarm convergence analysis method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111754077A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112866933A (en) * | 2021-03-18 | 2021-05-28 | 厦门科灿信息技术有限公司 | Method, device and terminal for controlling sending of alarm short message |
| CN114758430A (en) * | 2020-12-29 | 2022-07-15 | 深圳绿米联创科技有限公司 | Door lock management system, intelligent door lock, gateway equipment, cloud equipment and user terminal |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101145969A (en) * | 2007-10-25 | 2008-03-19 | 中兴通讯股份有限公司 | A method and system for reducing quantity of alarms reported by network elements |
| CN104980304A (en) * | 2015-06-15 | 2015-10-14 | 上海斐讯数据通信技术有限公司 | Alarm control method and alarm control system applied to network system |
-
2020
- 2020-05-27 CN CN202010458357.XA patent/CN111754077A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101145969A (en) * | 2007-10-25 | 2008-03-19 | 中兴通讯股份有限公司 | A method and system for reducing quantity of alarms reported by network elements |
| CN104980304A (en) * | 2015-06-15 | 2015-10-14 | 上海斐讯数据通信技术有限公司 | Alarm control method and alarm control system applied to network system |
Non-Patent Citations (1)
| Title |
|---|
| 邵海瑞: "火电机组运行报警分级研究及DCS应用", 《电站系统工程》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114758430A (en) * | 2020-12-29 | 2022-07-15 | 深圳绿米联创科技有限公司 | Door lock management system, intelligent door lock, gateway equipment, cloud equipment and user terminal |
| CN112866933A (en) * | 2021-03-18 | 2021-05-28 | 厦门科灿信息技术有限公司 | Method, device and terminal for controlling sending of alarm short message |
| CN112866933B (en) * | 2021-03-18 | 2022-10-14 | 厦门科灿信息技术有限公司 | Method, device and terminal for controlling sending of alarm short message |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110661659B (en) | Alarm method, device and system and electronic equipment | |
| CN108737132B (en) | Alarm information processing method and device | |
| AU2007261542B2 (en) | Method and system for monitoring non-occurring events | |
| CN111274094B (en) | Interface early warning method, system, equipment and storage medium | |
| CN111754077A (en) | Alarm convergence analysis method and system | |
| CN114595126A (en) | Rule engine based alarm method, system, storage device and terminal | |
| EP1386245B1 (en) | System and method for filtering messages based on context | |
| CN112328425A (en) | Anomaly detection method and system based on machine learning | |
| CN109347665A (en) | A kind of Website Usability alarm method and its system based on web log | |
| EP4158480A1 (en) | Actionability metric generation for events | |
| CN107968727A (en) | A kind of detection method, device and the medium of CIFS services | |
| CN115328733A (en) | Alarm method and device applied to business system, electronic equipment and storage medium | |
| CN111064656A (en) | Data management method, device, system, storage medium and electronic equipment | |
| CN112910733A (en) | Full link monitoring system and method based on big data | |
| CN111949421A (en) | SDK calling method and device, electronic equipment and computer readable storage medium | |
| JPH08286990A (en) | Electronic mail interlocking type fault monitoring system | |
| EP2743847A1 (en) | Targeted user notification of messages in a monitoring system | |
| CN112256548A (en) | Abnormal data monitoring method and device, server and storage medium | |
| CN113760669A (en) | Problem data warning method and device, electronic equipment and storage medium | |
| CN111245708B (en) | Mail processing method and device | |
| CN109194532B (en) | Method and device for pushing power grid alarm information | |
| CN113808725A (en) | Equipment early warning system and method | |
| CN113342619A (en) | Log monitoring method and system, electronic device and readable medium | |
| CN106034044A (en) | Alarm analysis method and device | |
| CN109508356B (en) | Data abnormality early warning method, device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20201009 |
|
| WD01 | Invention patent application deemed withdrawn after publication |