CN111832260A - Method for converting syslog to general alarm log of power system - Google Patents
Method for converting syslog to general alarm log of power system Download PDFInfo
- Publication number
- CN111832260A CN111832260A CN202010452444.4A CN202010452444A CN111832260A CN 111832260 A CN111832260 A CN 111832260A CN 202010452444 A CN202010452444 A CN 202010452444A CN 111832260 A CN111832260 A CN 111832260A
- Authority
- CN
- China
- Prior art keywords
- rule
- application
- syslog
- information
- log
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 29
- 238000006243 chemical reaction Methods 0.000 claims abstract description 16
- 238000012544 monitoring process Methods 0.000 claims abstract description 16
- 238000012806 monitoring device Methods 0.000 claims abstract description 14
- 230000014509 gene expression Effects 0.000 claims description 27
- 238000005215 recombination Methods 0.000 claims description 8
- 230000006798 recombination Effects 0.000 claims description 8
- 230000008521 reorganization Effects 0.000 claims description 4
- 238000011551 log transformation method Methods 0.000 claims description 2
- 230000000694 effects Effects 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 12
- 238000004590 computer program Methods 0.000 description 7
- 239000000284 extract Substances 0.000 description 5
- 101100513046 Neurospora crassa (strain ATCC 24698 / 74-OR23-1A / CBS 708.71 / DSM 1257 / FGSC 987) eth-1 gene Proteins 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000000605 extraction Methods 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000003252 repetitive effect Effects 0.000 description 2
- 238000002955 isolation Methods 0.000 description 1
- 230000009191 jumping Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/10—Text processing
- G06F40/12—Use of codes for handling textual entities
- G06F40/151—Transformation
Abstract
The invention discloses a method for converting syslog to a general alarm log of an electric power system, which defines a log conversion rule and converts the syslog into GB/T31992 general alarm log content based on the rule, wherein the GB/T31992 general alarm log content is stipulated by technical specification of network safety monitoring devices of electric power monitoring systems. The method provided by the invention has universality for syslog conversion, and meanwhile, the method can reduce repeated software development activities, shorten project implementation period and reduce application cost.
Description
Technical Field
The invention relates to the field of power monitoring and network security monitoring, in particular to a method for converting syslog to a general alarm log of a power system.
Background
The safety information of equipment such as a server, a workstation, a switch, a firewall, transverse isolation and the like is required to be acquired in technical specifications of a network safety monitoring device of an electric power monitoring system, the specification stipulates that a monitored object needs to upload safety acquisition information by using a GB/T31992 format, but for some old station transformation, the standard of a new station cannot be supported, and syslog of the monitored equipment needs to be analyzed to meet the safety information acquisition required by the specification. At present, a method for converting syslog logs into GB/T31992 logs by mainstream manufacturers is to develop corresponding syslog log analysis libraries aiming at equipment of different manufacturers and different models, and the method is poor in universality and low-efficiency repetitive development.
Disclosure of Invention
The embodiment of the invention provides a method for converting syslog logs to general alarm logs of an electric power system based on rules, which can convert the syslog logs into general alarm log contents based on GB/T31992 electric power system agreed by technical specifications of network safety monitoring devices of electric power monitoring systems (hereinafter referred to as specifications) by adopting the steps of rule matching, information extraction, information recombination and the like for the syslog logs.
The technical solution adopted by the present invention to solve the above technical problems is to provide a log conversion method, which includes:
based on the pre-defined log-conversion rules,
and converting the syslog into a GB/T31992 universal alarm log of the power system agreed by technical specifications of network safety monitoring devices of the power monitoring system.
Preferably, the predefined log conversion rule is stored in a rule file;
the rule file only contains one index rule group;
the index rule group at least comprises a list rule item;
the list rule item is composed of application names of syslog, and each application name of the list rule item is necessarily corresponding to one application rule group;
the list rule item at least comprises an application rule group;
the set of application rules defines rules for extracting information from the syslog and rules for reorganizing the extracted information.
Specifically, the rule items included in the application rule group include a pattern, a log level, a log type, a log subtype, a regular expression group, an information reassembly rule, a regular expression matching group, and a sub-application rule group.
Further, the converting the syslog into a GB/T31992 universal alarm log agreed by "technical specification of network safety monitoring device of power monitoring system" for power system comprises:
step 7, obtaining recombined information according to alarm information defined in technical specification of network safety monitoring device of power monitoring system, information of rule item of information recombination rule and variable $ { X } in application rule set, and executing step 8;
and 8, generating alarm content in GB/T31992 format according to the log grade, the log type, the log subtype rule items and the recombination information in the application rule group, wherein the alarm content conforms to the technical specification of the power monitoring system network safety monitoring device.
Further, the extracting information from the syslog message body according to the regular expression groups in the application rule groups respectively includes that each regular expression in the regular expression groups only extracts one piece of information;
furthermore, the restructuring information is obtained according to the information of the information restructuring rule item and the variable $ { X } in the application rule group, and the generated restructuring information is a message in a format of GB/T31992 that meets the requirements of technical specification of network safety monitoring devices of power monitoring systems.
Advantageous effects
According to the method for converting the syslog into the general alarm log of the power system, the content conversion of the syslog to the GB/T31992 format required by the 'Specification' on the content level is realized by using the mode of rule matching, information extraction and information recombination based on the rules.
Drawings
Fig. 1 is a diagram of a switch syslog according to an embodiment of the present invention, which illustrates an admin user successfully logging into the switch via IP address 192.168.9.194;
fig. 2 is another switch syslog provided by an embodiment of the present invention, depicting an admin user logging off of the switch via IP address 192.168.9.194;
FIG. 3 is a diagram of an alarm meeting the "Specification" definition, describing "successful login" according to an embodiment of the present invention;
FIG. 4 is another example of an alarm meeting the "Specification" definition, illustrating "log out";
FIG. 5 is a diagram illustrating the contents of rules provided by an embodiment of the present invention;
fig. 6 is a switch syslog illustrating that network port eth1 is enabled according to an embodiment of the present invention;
fig. 7 is another switch syslog provided by an embodiment of the present invention, which depicts that the network port eth1 is disabled;
FIG. 8 is a diagram of an alarm meeting the "Specification" definition, depicting "Port UP" according to an embodiment of the present invention;
fig. 9 is another alarm content according to the "specification" definition provided by the embodiment of the present invention, describing "network port DOWN";
FIG. 10 is another rule context provided by an embodiment of the present invention;
fig. 11 is a flowchart of log conversion according to an embodiment of the present invention.
Detailed Description
The invention is further described with reference to specific examples. The following examples are only for illustrating the technical solutions of the present invention more clearly, and the protection scope of the present invention is not limited thereby.
As described above, in the prior art, a method for converting syslog logs into GB/T31992 logs is to develop corresponding syslog analysis libraries for devices of different manufacturers and different models, and such a method is poor in generality and has low-efficiency repetitive development.
After studying the above technical problem, the inventors provide a method for converting a syslog based on a rule into a general alarm log of an electric power system in this specification, which includes a description format defining the rule and a log conversion step based on the rule.
Firstly, the description format of the rule includes that the description format of the rule adopts an ini file format for description, and specifically:
1) there is and only one "index rule set", namely: a [ rule _ index ] group, under which there must be a list item consisting of "application names" of syslog, each application name must correspond to a set of application rules named "application name". The target of the index rule set is to find an application rule set corresponding to the syslog according to the application name or log content of the syslog, and the index rule set may be composed of the following rule items:
2) at least one 'application rule group', the purpose of the application rule group is to extract the required information according to the message content of the syslog, the information is matched according to the rule defined by the 'application rule group' or according to the log content of the syslog, and the information is recombined according to the result rule, and the application rule group can be composed of the following rule items:
3) the rule items level, type and subtype in the application rule group correspond to the grade, type and subtype of a safety event defined in technical Specification of network safety monitoring devices of the power monitoring system; matchX defines a syslog message matching rule; regular x defines a regular expression that extracts information from the syslog message body; result is defined for the information reorganization rule.
4) Matching the syslog according to a plurality of regular X regular expressions in the rule items and extracting information, wherein each regular expression only extracts one piece of information;
5) the result of the result information recombination is the message content part in GB/T31992 required by the Specification.
Secondly, the rule-based log transformation step comprises, specifically:
s1: loading a rule file;
s2: reading the syslog, and extracting information such as a log application name, time, a message body and the like;
s3: checking whether the application name of the syslog is in a list rule item in an index rule group [ rule _ index ], and if not, jumping to S2; otherwise, go to S4, go to the application rule group corresponding to the application name;
s4: checking whether the application rule group has the matchX and list rule items, if so, executing S5, otherwise, executing S6;
s5: respectively matching the syslog by using the matchX rule, if the matching can be successfully performed, recording the sequence number X, finding the name of the Xth application rule group from the list item of the application rule group, and executing S4;
s6: extracting information from the syslog message body according to a regularX rule item in the application rule group, storing the extracted information into a variable $ { X }, and executing S7;
s7: referring to the alarm information content defined in the 'Specification', recombining information according to a result rule item in an application rule group and variable $ { X } information extracted by regular X, and executing S8;
s8: and generating the alarm content in GB/T31992 format according to the specification according to the level, type, subtype and result recombination information in the application rule group.
The process provided by the present invention is further illustrated below with reference to specific examples.
Example 1: the syslog application name is the message body digest
With reference to fig. 1, fig. 2, fig. 3, fig. 4, fig. 5, and fig. 11, a method for converting a rule-based syslog into a common alarm log of an electric power system includes defining a rule description format and a log content conversion step.
First, description of rules for converting syslog of fig. 1 and 2 into log contents of GB/T31992 format of fig. 3 and 4 is shown in fig. 5.
Secondly, the log conversion step is as follows:
s1: loading a rule;
s2: reading the syslog, and analyzing information such as an application name, time, a message body and the like of the log;
s3: extracting the application name "WEB/4/webop _ log _ SUC" of the syslog log shown in fig. 1, finding the corresponding application name "WEB/4/webop _ log _ SUC" in the list rule item, turning to the application rule group [ WEB/4/webop _ log _ SUC ], and executing S4;
s4: the "admin" string is extracted from the syslog message body shown in FIG. 1 using the regular1 regular expression in the application rule set [ WEB/4/WEBOPT _ LOGIN _ SUC ] and stored in the $ {1} variable. Extracting a '192.168.8.194' character string from the syslog message body shown in the figure 1 by using a regular2 regular expression, storing the character string into a $ {2} variable, and executing S5;
s5: and recombining the information by using a result expression in an application rule group (WEB/4/WEBOPT _ LOGIN _ SUC). The value of the variable $ {1} is used to replace the variable $ {1} and the value of the variable $ {2} is used to replace the variable $ {2}, and the result after replacement is: result is admin 192.168.8.196, execute S6;
s6: all information can be provided for generating the log shown in FIG. 3 according to the level, type, and subtype configuration values in the application rule set [ WEB/4/WEBOPT _ LOGIN _ SUC ].
Example 2: syslog application name non-message body digest
With reference to fig. 6, 7, 8, 9, 10, and 11, a method for converting syslog into a common alarm log for an electric power system according to the present invention includes a description format defining rules and a log content conversion step.
First, the rule content is the rule configuration file shown in fig. 10, which is used to convert the syslog of fig. 6 and 7 into the log content in the GB/T31992 format of fig. 8 and 9.
The conversion steps for fig. 6 are:
s1: loading a rule;
s2: reading the syslog, and analyzing information such as an application name, time, a message body and the like of the log;
s3: extracting the application name "kernel" of the syslog log shown in fig. 6 and 7, finding the corresponding application name "kernel" in the list rule item in the index rule group, and transferring to the application rule group [ kernel ], and executing S4;
s4: since mode in the application rule group [ kernel ] is part and there is a list sub-application rule group, match syslog log with matchX, match syslog log with match1 rule shown in fig. 6, take sequence number 1 of match1, jump to 1 st sub-application rule group "LINK _ UP" of list, and execute S5;
s5: since there are no modes and lists in the application rule set [ LINK _ UP ], regularX is used to extract information from the syslog. The regular expression regular1 extracts the "eth 1" string from the syslog message body shown in fig. 6, stores the string in the $ {1} variable, and executes S6;
s6: the information is reassembled using the result expression in the application rule set [ LINK _ UP ]. And replacing the variable $ 1 with the value of the variable $ 1, wherein the result after replacement is as follows: result-eth 1, execute S7;
s7: all information can be provided for generating the log shown in fig. 8 according to the level, type, and subtype configuration values in the application rule group LINK _ UP.
The conversion steps for fig. 7 are:
s1: loading a rule;
s2: reading the syslog, and analyzing information such as an application name, time, a message body and the like of the log;
s3: matching the index rule groups, extracting the application name 'kernel' of the syslog log shown in fig. 7, finding the corresponding application name 'kernel' in the list rule item, turning to the application rule group [ kernel ], and executing S4;
s4: since mode in the application rule set [ kernel ] is part, and there is a list sub-application rule set, the syslog log is matched using matchX. The syslog shown in fig. 7 matches the rule of match2, takes the sequence number of match2, jumps to the 2 nd sub-application rule group "LINK _ DOWN" of list, and executes S5.
S5: since there are no modes and lists in the application rule set [ LINK _ DOWN ], the information is extracted from the syslog using the regular expression rule. Regular expression rule regular1 extracts an "eth 1" character string from the syslog message body shown in fig. 7, stores the string in $ {1} variable, and executes S6;
s6: the information is reassembled using the result expression in the application rule set LINK DOWN. And replacing the variable $ 1 with the value of the variable $ 1, wherein the result after replacement is as follows: result-eth 1, execute S7;
s7: all information can be provided for generating the log shown in fig. 9 according to the level, type, and subtype configuration values in the application rule group LINK _ DOWN.
It can be seen from the above embodiments that the method for converting the syslog to the general alarm log of the power system provided by the present invention realizes the content conversion of the syslog to the GB/T31992 format required by the "specification" on the content level by using the rule-based rule matching, information extraction, and information reassembly, and compared with the prior art, the method has universality, can reduce inefficient repeated software development, improve applicability and expandability, shorten the project implementation period, and reduce application cost.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.
Claims (6)
1. A method of log conversion, the method comprising:
based on the pre-defined log-conversion rules,
and converting the syslog into a GB/T31992 universal alarm log of the power system agreed by technical specifications of network safety monitoring devices of the power monitoring system.
2. The method of claim 1, wherein the predefined log transformation rules are saved in a rule file;
the rule file only contains one index rule group;
the index rule group at least comprises a list rule item;
the list rule item is composed of application names of syslog, and each application name of the list rule item is necessarily corresponding to one application rule group;
the list rule item at least comprises an application rule group;
the set of application rules defines rules for extracting information from the syslog and rules for reorganizing the extracted information.
3. The method of claim 2, wherein the application rule group comprises rule items including patterns, log levels, log types, log sub-types, regular expression groups, information reassembly rules, regular expression match groups, and sub-application rule groups.
4. The method according to claim 3, wherein the converting the syslog into GB/T31992 electric power system general alarm log agreed by technical Specification for network safety monitoring devices of electric power monitoring systems comprises:
step 1, loading a rule file;
step 2, reading the syslog, and extracting an application name, time and a message body in the syslog;
step 3, checking whether the application name exists in a list rule item in the index rule group, and if so, executing step 4; otherwise, returning to the step 2;
step 4, turning to an application rule group corresponding to the application name, checking whether a regular expression matching group and a sub-application rule group exist in the application rule group, if so, executing step 5, otherwise, executing step 6;
step 5, matching syslog logs by using regular expression matching groups respectively, recording a sequence number X if matching is successful, finding the name of the Xth application rule group from the sub-application rule groups of the application rule group, and executing step 4;
step 6, extracting information from the syslog message body according to the regular expression group in the application rule group, storing the extracted information into a variable $ { X }, and executing step 7;
step 7, obtaining recombined information according to alarm information defined in technical specification of network safety monitoring device of power monitoring system, information of rule item of information recombination rule and variable $ { X } in application rule set, and executing step 8;
and 8, generating alarm content in GB/T31992 format according to the log grade, the log type, the log subtype rule items and the recombination information in the application rule group, wherein the alarm content conforms to the technical specification of the power monitoring system network safety monitoring device.
5. The method of claim 4, wherein the extracting information from the syslog message body according to the regular expression groups in the application rule groups respectively comprises extracting only one information per regular expression in the regular expression groups.
6. The method according to claim 4, wherein the obtaining of the reorganization information according to the information of the information reorganization rule item in the application rule set and the variable $ { X }, includes that the generated reorganization information is a message in a GB/T31992 format meeting the technical specification of the network safety monitoring device of the power monitoring system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010452444.4A CN111832260B (en) | 2020-05-26 | 2020-05-26 | Method for converting syslog log into universal alarm log of power system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010452444.4A CN111832260B (en) | 2020-05-26 | 2020-05-26 | Method for converting syslog log into universal alarm log of power system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111832260A true CN111832260A (en) | 2020-10-27 |
| CN111832260B CN111832260B (en) | 2024-03-26 |
Family
ID=72913896
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010452444.4A Active CN111832260B (en) | 2020-05-26 | 2020-05-26 | Method for converting syslog log into universal alarm log of power system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111832260B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113285824A (en) * | 2021-05-06 | 2021-08-20 | 国网福建省电力有限公司 | Method and device for monitoring security of network configuration command |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007249694A (en) * | 2006-03-16 | 2007-09-27 | Nec Corp | Log format conversion device, log format conversion method and log format conversion program |
| CN101291256A (en) * | 2008-06-02 | 2008-10-22 | 杭州华三通信技术有限公司 | Method and system for upgrading system log to alarm |
| WO2013026312A1 (en) * | 2011-08-23 | 2013-02-28 | 中兴通讯股份有限公司 | Alarming method and system based on log detection |
| KR101239401B1 (en) * | 2012-10-05 | 2013-03-06 | 강명훈 | Log analysys system of the security system and method thereof |
| US20180060211A1 (en) * | 2016-08-24 | 2018-03-01 | International Business Machines Corporation | Applying consistent log levels to application log messages |
| CN109274178A (en) * | 2018-11-14 | 2019-01-25 | 国网甘肃省电力公司电力科学研究院 | A kind of automatic analysis system and method for the preposition operation information of power scheduling |
| CN109325009A (en) * | 2018-09-19 | 2019-02-12 | 亚信科技(成都)有限公司 | The method and device of log parsing |
| CN109376532A (en) * | 2018-10-31 | 2019-02-22 | 云南电网有限责任公司 | Power network security monitoring method and system based on the analysis of ELK log collection |
| CN109768623A (en) * | 2019-02-02 | 2019-05-17 | 鼎信信息科技有限责任公司 | Monitoring method, device, computer equipment and the storage medium of electric system |
| CN110635951A (en) * | 2019-10-10 | 2019-12-31 | 北京科东电力控制系统有限责任公司 | Electric power safety monitoring standardized communication method, safety monitoring device and master station management platform |
-
2020
- 2020-05-26 CN CN202010452444.4A patent/CN111832260B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007249694A (en) * | 2006-03-16 | 2007-09-27 | Nec Corp | Log format conversion device, log format conversion method and log format conversion program |
| CN101291256A (en) * | 2008-06-02 | 2008-10-22 | 杭州华三通信技术有限公司 | Method and system for upgrading system log to alarm |
| WO2013026312A1 (en) * | 2011-08-23 | 2013-02-28 | 中兴通讯股份有限公司 | Alarming method and system based on log detection |
| KR101239401B1 (en) * | 2012-10-05 | 2013-03-06 | 강명훈 | Log analysys system of the security system and method thereof |
| US20180060211A1 (en) * | 2016-08-24 | 2018-03-01 | International Business Machines Corporation | Applying consistent log levels to application log messages |
| CN109325009A (en) * | 2018-09-19 | 2019-02-12 | 亚信科技(成都)有限公司 | The method and device of log parsing |
| CN109376532A (en) * | 2018-10-31 | 2019-02-22 | 云南电网有限责任公司 | Power network security monitoring method and system based on the analysis of ELK log collection |
| CN109274178A (en) * | 2018-11-14 | 2019-01-25 | 国网甘肃省电力公司电力科学研究院 | A kind of automatic analysis system and method for the preposition operation information of power scheduling |
| CN109768623A (en) * | 2019-02-02 | 2019-05-17 | 鼎信信息科技有限责任公司 | Monitoring method, device, computer equipment and the storage medium of electric system |
| CN110635951A (en) * | 2019-10-10 | 2019-12-31 | 北京科东电力控制系统有限责任公司 | Electric power safety monitoring standardized communication method, safety monitoring device and master station management platform |
Non-Patent Citations (3)
| Title |
|---|
| D. MASTROGIANNIS: "Investigation of acoustic emissions and pressure stimulated currents detected during bending of restored marble epistyles within the frame of log-periodic power-law models", PROCEDIA STRUCTURAL INTEGRITY, vol. 10, pages 319 - 325 * |
| 蒋鸿城: "海量日志分析在浙江电力的应用于实践", 浙江电力, vol. 36, no. 12, pages 27 - 32 * |
| 金学成;孙炜;梁野;郭玉金;谢忠华;: "电力二次系统内网安全监视平台的设计和实现", 电力系统自动化, no. 16, pages 104 - 109 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113285824A (en) * | 2021-05-06 | 2021-08-20 | 国网福建省电力有限公司 | Method and device for monitoring security of network configuration command |
| CN113285824B (en) * | 2021-05-06 | 2023-05-12 | 国网福建省电力有限公司 | Method and device for monitoring security of network configuration command |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111832260B (en) | 2024-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8108536B1 (en) | Systems and methods for determining the trustworthiness of a server in a streaming environment | |
| US11783029B2 (en) | Methods and apparatus to improve feature engineering efficiency with metadata unit operations | |
| CN105187395B (en) | The method and system of Malware network behavior detection are carried out based on couple in router | |
| CN106843957A (en) | System firmware upgrade method and device | |
| CN110826064A (en) | Malicious file processing method and device, electronic device and storage medium | |
| CN106528393A (en) | Method and device for Mock testing of WebService | |
| CN111104677B (en) | Vulnerability patch detection method and device based on CPE specification | |
| Kobayashi et al. | Towards an NLP-based log template generation algorithm for system log analysis | |
| CN114077741B (en) | Software supply chain safety detection method and device, electronic equipment and storage medium | |
| CN105205398B (en) | It is a kind of that shell side method is looked into based on APK shell adding software dynamic behaviours | |
| CN111832260A (en) | Method for converting syslog to general alarm log of power system | |
| US20220405184A1 (en) | Method, electronic device, and computer program product for data processing | |
| CN104516970B (en) | A kind of method and apparatus for carrying out log analysis | |
| CN110858132B (en) | Configuration security detection method and device for printing equipment | |
| WO2023072002A1 (en) | Security detection method and apparatus for open source component package | |
| CN111222181A (en) | AI model supervision method, system, server and storage medium | |
| CN115935358A (en) | Malicious software identification method and device, electronic equipment and storage medium | |
| CN105141590B (en) | The method and system of plug-in sample extraction | |
| CN114510717A (en) | ELF file detection method and device and storage medium | |
| CN106649352B (en) | Data processing method and device | |
| CN111913877B (en) | Fuzzy test method and device for text configuration file | |
| CN114510409A (en) | Application program code detection method and computer readable storage medium | |
| CN114650211A (en) | Fault repairing method, device, electronic equipment and computer readable storage medium | |
| CN109560964B (en) | Equipment compliance checking method and device | |
| CN113420569A (en) | Code translation method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |