CN115437870A - Method, device, computer equipment and storage medium for monitoring business process data - Google Patents

Method, device, computer equipment and storage medium for monitoring business process data Download PDF

Info

Publication number
CN115437870A
CN115437870A CN202110610123.7A CN202110610123A CN115437870A CN 115437870 A CN115437870 A CN 115437870A CN 202110610123 A CN202110610123 A CN 202110610123A CN 115437870 A CN115437870 A CN 115437870A
Authority
CN
China
Prior art keywords
data
abnormal
user
business
business system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110610123.7A
Other languages
Chinese (zh)
Inventor
谭荫锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Securities Co Ltd
Original Assignee
Ping An Securities Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Securities Co Ltd filed Critical Ping An Securities Co Ltd
Priority to CN202110610123.7A priority Critical patent/CN115437870A/en
Publication of CN115437870A publication Critical patent/CN115437870A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3065Monitoring arrangements determined by the means or processing involved in reporting the monitored data
    • G06F11/3072Monitoring arrangements determined by the means or processing involved in reporting the monitored data where the reporting involves data filtering, e.g. pattern matching, time or event triggered, adaptive or policy-based reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/0793Remedial or corrective actions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/3003Monitoring arrangements specially adapted to the computing system or computing system component being monitored
    • G06F11/302Monitoring arrangements specially adapted to the computing system or computing system component being monitored where the computing system component is a software system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/1805Append-only file systems, e.g. using logs or journals to store data
    • G06F16/1815Journaling file systems

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Quality & Reliability (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Mathematical Physics (AREA)
  • Debugging And Monitoring (AREA)

Abstract

本申请涉及业务异常监控领域,揭示了一种业务流程数据的监控方法、装置、计算机设备及存储介质,其中方法包括:获取各业务系统的日志数据;对所述日志数据进行筛选,以获取异常数据,所述异常数据为所述业务系统出现异常情况的数据,所述异常数据包括用户的ID号;依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,找出所述用户调用的业务系统;依据用户调用所述业务系统的操作时间顺序对各个所述业务系统逐个进行排查,以找出问题系统;依据预设的分析策略对操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施。本申请能够输出提高业务系统出现异常的监控与处理效率。

Figure 202110610123

This application relates to the field of business anomaly monitoring, and discloses a business process data monitoring method, device, computer equipment, and storage medium, wherein the method includes: obtaining log data of each business system; screening the log data to obtain abnormal Data, the abnormal data is the data of the abnormal situation in the business system, the abnormal data includes the ID number of the user; according to the ID number, the call chain of the user is called, and tracked according to the call chain, Find out the business system called by the user; check each business system one by one according to the operation time sequence of the business system called by the user to find the problem system; analyze the operation behavior and the problem according to the preset analysis strategy The system analyzes to obtain abnormal events, and takes corresponding remedial measures for the abnormal events according to the analysis strategy. This application can output and improve the monitoring and processing efficiency of exceptions in the business system.

Figure 202110610123

Description

业务流程数据的监控方法、装置、计算机设备及存储介质Monitoring method, device, computer equipment and storage medium for business process data

技术领域technical field

本申请涉及到业务异常监控领域,特别是涉及到一种业务流程数据的监控方法、装置、计算机设备及存储介质。The present application relates to the field of business anomaly monitoring, in particular to a method, device, computer equipment and storage medium for monitoring business process data.

背景技术Background technique

现有技术中,证券行业的业务可通过客户调用相应的系统自行操作完成,例如客户下单买股票,从前端下单,经过多个中后台核心系统,最后报送到交易所,交易所返回结果后,再按原来通道返回反馈信息并展示在客户前端上,这个过程需要调用到诸如用于交易操作的交易系统、用于管理客户信息的账号系统等多个系统,而只要其中一个系统出现异常,整个过程则难以完成,但是目前业务系统的风险监控较为分散、不全面,通常靠客户发现问题然后上报,以及靠人工对问题进行分析处理,处置的时效较低,对于异常的处理不全面,效率低。In the existing technology, the business of the securities industry can be completed by the customer calling the corresponding system. For example, the customer places an order to buy stocks, places an order from the front end, passes through multiple middle and background core systems, and finally submits it to the exchange, and the exchange returns After the result, return the feedback information according to the original channel and display it on the front end of the client. This process needs to call multiple systems such as the transaction system for transaction operations, the account system for managing customer information, etc., and as long as one of the systems appears Abnormal, the whole process is difficult to complete, but the risk monitoring of the current business system is relatively scattered and incomplete. Usually, the customer finds the problem and reports it, and manually analyzes and handles the problem. The timeliness of disposal is low, and the handling of abnormalities is not comprehensive ,low efficiency.

发明内容Contents of the invention

本申请的主要目的为提供一种业务流程数据的监控方法、装置、计算机设备及存储介质,旨在解决目前的证券业务流程对于异常的处理不全面,效率低的问题。The main purpose of this application is to provide a monitoring method, device, computer equipment and storage medium for business process data, aiming to solve the problem of incomplete and inefficient handling of exceptions in current securities business processes.

为了实现上述发明目的,本申请提出一种业务流程数据的监控方法,包括:In order to achieve the purpose of the above invention, this application proposes a monitoring method for business process data, including:

获取各业务系统的日志数据;Obtain the log data of each business system;

对所述日志数据进行筛选,以获取异常数据,所述异常数据为所述业务系统出现异常情况的数据,所述异常数据包括引起所述异常情况的用户的ID号;Screening the log data to obtain abnormal data, the abnormal data is the data of the abnormal situation in the business system, and the abnormal data includes the ID number of the user who caused the abnormal situation;

依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户调用的业务系统;其中,所述调用链为用户依次调用各业务系统的信息流;Retrieve the call chain of the user according to the ID number, and track according to the call chain, so as to find out the business system called by the user from each of the business systems; wherein, the call chain is the user in turn Call the information flow of each business system;

依据用户调用所述业务系统的操作时间顺序对各个所述业务系统逐个进行排查,以找出问题系统,所述问题系统为用户进行操作行为时出现异常的系统;Investigate each of the business systems one by one according to the order of operation time when the user invokes the business system to find out the problem system, and the problem system is a system that is abnormal when the user performs an operation behavior;

依据预设的分析策略对所述操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施。Analyzing the operational behavior and the problematic system according to a preset analysis strategy to obtain abnormal events, and taking corresponding remedial measures for the abnormal events according to the analysis strategy.

进一步地,所述获取各业务系统的日志数据之后,还包括:Further, after acquiring the log data of each business system, it also includes:

对所述日志数据进行逻辑校验及字符规则校验,以对所述日志数据进行清洗;Carrying out logical verification and character rule verification on the log data to clean the log data;

从时间维度将清洗处理后的所述日志数据划分为实时操作数据、历史操作数据;Dividing the cleaned log data into real-time operation data and historical operation data from the time dimension;

从类型维度将清洗处理后的所述日志数据划分为不同分类的操作类型数据;Dividing the cleaned log data into operation type data of different classifications from the type dimension;

获取所述日志数据的用户的ID;the ID of the user who obtained the log data;

以所述用户的ID为主体,将所述实时操作数据、历史操作数据、操作类型数据进行关联归并,得到优化后的日志数据。Taking the user ID as the main body, the real-time operation data, historical operation data, and operation type data are associated and merged to obtain optimized log data.

进一步地,所述异常数据包括第一异常数据、第二异常数据以及第三异常数据;所述对所述日志数据进行筛选,以获取异常数据,包括:Further, the abnormal data includes first abnormal data, second abnormal data and third abnormal data; the filtering of the log data to obtain abnormal data includes:

将所述日志数据通过与预设的关键词匹配进行排查,筛选出所述第一异常数据;Examining the log data by matching preset keywords to filter out the first abnormal data;

从筛选出所述第一异常数据后的剩余数据中抽取第一预设位置的操作频率数据,判断所述操作频率数据是否超过预设值;extracting the operating frequency data at a first preset position from the remaining data after filtering out the first abnormal data, and judging whether the operating frequency data exceeds a preset value;

若是,则判定与所述第一预设位置对应的数据为第二异常数据;If yes, then determine that the data corresponding to the first preset position is the second abnormal data;

从筛选出所述第二异常数据后的剩余数据中抽取第二预设位置的字段,并判断所述字段是否为预设字段;extracting a field at a second preset position from the remaining data after filtering out the second abnormal data, and judging whether the field is a preset field;

若是,则判定与所述第二预设位置对应的数据为第三异常数据。If so, it is determined that the data corresponding to the second preset position is the third abnormal data.

进一步地,所述依据预设的分析策略对所述操作行为以及所述问题系统进行分析,得到异常事件之后,还包括:Further, the analysis of the operation behavior and the problematic system according to the preset analysis strategy, after obtaining the abnormal event, further includes:

对所述异常事件进行安全审计,获取所述异常事件的安全等级;Performing a security audit on the abnormal event to obtain the security level of the abnormal event;

将所述异常事件通过预设通知方式发送至所述安全等级指定的负责人。The abnormal event is sent to the person in charge designated by the security level through a preset notification method.

进一步地,所述获取各业务系统的日志数据之前,还包括:Further, before acquiring the log data of each business system, it also includes:

获取用户的输入信息;Obtain user input information;

依据所述输入信息获取需要调用的业务系统。The service system to be called is obtained according to the input information.

进一步地,所述依据所述ID号调取所述用户的调用链之前,还包括:Further, before calling the call chain of the user according to the ID number, it also includes:

当所述调用的业务系统为指定业务系统,在所述指定业务系统中建立连接池,并以所述ID号以及依次调用所述指定业务系统的操作时间点作为节点,根据所述节点生成调用链;When the called business system is a designated business system, a connection pool is established in the designated business system, and the ID number and the operation time points of sequentially calling the designated business system are used as nodes, and calls are generated according to the nodes chain;

当所述调用的业务系统不为指定业务系统,将所述调用的业务系统的操作时间点作为节点,并关联各节点以生成调用链。When the called business system is not a designated business system, the operation time point of the called business system is used as a node, and each node is associated to generate a call chain.

进一步地,所述依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户调用的业务系统,包括:Further, the calling the user's call chain according to the ID number, and tracking according to the call chain, so as to find out the service system called by the user from each of the service systems, includes:

按照所述调用链的节点的关联顺序,依次判断所述业务系统是否为指定业务系统;According to the association sequence of the nodes of the call chain, sequentially determine whether the business system is a designated business system;

若是,依据用户的ID号以及操作时间点从各所述业务系统中查找用户调用的业务系统;If so, search the service system invoked by the user from each of the service systems according to the ID number of the user and the operation time point;

若否,依据关联顺序中当前节点的上一个节点的操作时间点以及下一个节点的操作时间点从各所述业务系统中查找用户调用的业务系统。If not, search for the service system invoked by the user from each of the service systems according to the operation time point of the previous node and the operation time point of the next node in the association sequence.

本申请还提供一种业务流程数据的监控装置,包括:The present application also provides a monitoring device for business process data, including:

数据获取模块:用于获取各业务系统的日志数据;Data acquisition module: used to acquire log data of each business system;

数据筛选模块:用于对所述日志数据进行筛选,以获取异常数据,所述异常数据为所述业务系统出现异常情况的数据,所述异常数据包括引起所述异常情况的用户的ID号;Data screening module: used to filter the log data to obtain abnormal data, the abnormal data is the data of the abnormal situation in the business system, and the abnormal data includes the ID number of the user who caused the abnormal situation;

数据追踪模块:用于依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户调用的业务系统;其中,所述调用链为用户依次调用各业务系统的信息流;Data tracking module: used to call the call chain of the user according to the ID number, and track according to the call chain, so as to find out the business system called by the user from each of the business systems; wherein, the The call chain described above is for the user to call the information flow of each business system in turn;

异常排查模块:用于依据用户调用所述业务系统的操作时间顺序对各个所述业务系统逐个进行排查,以找出问题系统,所述问题系统为用户进行操作行为时出现异常的系统;Abnormal troubleshooting module: used to check each of the business systems one by one according to the operation time sequence of the user calling the business system to find out the problem system, and the problem system is a system that appears abnormal when the user performs an operation behavior;

异常处理模块:用于依据预设的分析策略对所述操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施。Abnormality processing module: used to analyze the operation behavior and the problematic system according to the preset analysis strategy, obtain the abnormal event, and take corresponding remedial measures for the abnormal event according to the analysis strategy.

本申请还提供一种计算机设备,包括存储器和处理器,所述存储器存储有计算机程序,所述处理器执行所述计算机程序时实现上述任一项所述业务流程数据的监控方法的步骤。The present application also provides a computer device, including a memory and a processor, the memory stores a computer program, and the processor implements the steps of any one of the methods for monitoring business process data described above when executing the computer program.

本申请还提供一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现上述任一项所述业务流程数据的监控方法的步骤。The present application also provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the steps of the method for monitoring business process data described in any one of the above items are implemented.

本申请例提供了一种证券IT系统的业务流程数据的监控方法,通过获取各业务系统的日志数据,对所述日志数据进行筛选,以获取异常数据,并获取异常数据中的用户的ID号,通过所述ID号找到用户的调用链,依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户的业务系统,对各个所述业务系统逐个进行排查,以找出问题系统,依据预设的分析策略对所述用户的操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施,监控证券业务流程的各个业务系统出现的异常情况以及处理异常情况,以实现对异常事件进行事前预警、事中监控、事后审计,在用户调用各个业务系统过程中,实现全链路监控,快速解决异常问题,提高业务流程异常的解决效率。This application example provides a monitoring method for the business process data of the securities IT system, by obtaining the log data of each business system, screening the log data to obtain abnormal data, and obtaining the ID number of the user in the abnormal data , find the call chain of the user through the ID number, call the call chain of the user according to the ID number, and track according to the call chain, so as to find out the service of the user from each of the business systems System, check each of the business systems one by one to find out the problem system, analyze the operation behavior of the user and the problem system according to the preset analysis strategy, obtain abnormal events, and analyze the problem according to the analysis strategy Take corresponding remedial measures for the abnormal event, monitor the abnormal situation in each business system of the securities business process and deal with the abnormal situation, so as to realize the pre-warning, in-event monitoring, and post-event audit of the abnormal event. In the process, full-link monitoring is realized, abnormal problems are quickly resolved, and the efficiency of business process exception resolution is improved.

附图说明Description of drawings

图1为本申请业务流程数据的监控方法的一实施例流程示意图;Fig. 1 is a schematic flow diagram of an embodiment of the method for monitoring business process data of the present application;

图2为本申请业务流程数据的监控方法的另一实施例流程示意图;FIG. 2 is a schematic flow diagram of another embodiment of the method for monitoring business process data of the present application;

图3为本申请业务流程数据的监控装置的一实施例结构示意图;FIG. 3 is a schematic structural diagram of an embodiment of a monitoring device for business process data of the present application;

图4为本申请计算机设备的一实施例结构示意框图。Fig. 4 is a schematic block diagram of an embodiment of the computer equipment of the present application.

本申请目的的实现、功能特点及优点将结合实施例,参照附图做进一步说明。The realization, functional features and advantages of the present application will be further described in conjunction with the embodiments and with reference to the accompanying drawings.

具体实施方式detailed description

为了使本申请的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本申请进行进一步详细说明。应当理解,此处描述的具体实施例仅仅用以解释本申请,并不用于限定本申请。In order to make the purpose, technical solution and advantages of the present application clearer, the present application will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present application, and are not intended to limit the present application.

参照图1,本申请实施例提供一种业务流程数据的监控方法,包括步骤S10-S50,对于所述业务流程数据的监控方法的各个步骤的详细阐述如下。Referring to FIG. 1 , an embodiment of the present application provides a method for monitoring business process data, including steps S10-S50. The steps of the method for monitoring business process data are described in detail as follows.

S10、获取各业务系统的日志数据。S10. Obtain log data of each business system.

本实施例中应用于具有若干个业务系统的电子数据系统中,所述电子数据系统包含由若干个业务系统并且每个业务系统还可以包含若干个子业务系统,例如,所述电子数据系统为证券行业的电子数据系统,用于监控证券业务流程的各个业务系统出现的异常情况以及处理异常情况,以实现对各个业务系统出现或可能出现的异常事件进行事前预警、事中监控、事后审计,在用户调用各个业务系统过程中,实现全链路监控,快速解决异常问题,其中,所述业务系统包括交易系统、账户系统等,例如用户可通过交易系统进行股票交易,用户通过账户系统签订协议、上传用户信息等。本实施例中,实时监控各业务系统,获取海量的各个业务系统的日志数据,所述日志数据包括用户信息、用户调用信息、系统操作信息等。进一步的,所述日志数据通过区块链技术进行打包、存储,通过区块链技术打包日志数据并存储后,可以对日志数据实现深根溯源,可以完整地查询到每一个业务系统所产生的每一次的日志数据。This embodiment is applied to an electronic data system with several business systems. The electronic data system includes several business systems and each business system may also include several sub-business systems. For example, the electronic data system is a securities The industry's electronic data system is used to monitor and deal with abnormal situations in various business systems of the securities business process, so as to realize pre-warning, in-process monitoring, and post-event audit of abnormal events that occur or may occur in various business systems. In the process of users calling various business systems, full-link monitoring is realized to quickly solve abnormal problems. The business systems include trading systems, account systems, etc. Upload user information, etc. In this embodiment, each business system is monitored in real time, and a large amount of log data of each business system is obtained, and the log data includes user information, user call information, system operation information, and the like. Further, the log data is packaged and stored through the blockchain technology, and after the log data is packaged and stored through the blockchain technology, the log data can be deeply traced to the source, and the information generated by each business system can be completely queried. log data each time.

S20、对所述日志数据进行筛选,以获取异常数据,所述异常数据为所述业务系统出现异常情况的数据,所述异常数据包括引起所述异常情况的用户的ID号。S20. Filter the log data to obtain abnormal data, the abnormal data is the data of the abnormal situation in the business system, and the abnormal data includes the ID number of the user who caused the abnormal situation.

本实施例中,由于获取到的每个业务系统的日志数据中的信息量较多,需要对所述日志数据中的数据进行筛选,以筛选出异常数据。对日志数据进行筛选处理时,可先对日志数据进行清洗、优化、建模归类等处理。在一种实施方式中,由于不确定业务系统出现异常时所产生的数据,而可以确定业务系统正常运行时所产生的数据,因此通过配置正则表达式对正常数据进行筛选,当所述日志数据满足所述正则表达式时,确定所述日志数据为正常数据,然后将日志数据中除所述正常数据外的数据确定为异常数据。通过对日志数据进行筛选处理,以筛选出异常数据,所述异常数据是业务系统出现异常情况的数据,例如用户在交易系统出错无法下单,或者是用户通过交易系统下单异常等,此时产生的日志数据无法满足正常数据的筛选条件,便确定为异常数据。进一步的,所述异常数据包括引起所述异常情况的用户的ID号,每一个业务系统所产生的日志数据均带有用户的ID号,ID号是用户在该业务系统的唯一标识,通过ID号识别每一个不同的用户。In this embodiment, since the acquired log data of each business system has a large amount of information, it is necessary to filter the data in the log data to filter out abnormal data. When filtering log data, the log data can be cleaned, optimized, modeled and classified first. In one embodiment, the data generated when the business system is running normally can be determined due to the uncertainty of the data generated when the business system is abnormal. Therefore, the normal data is filtered by configuring regular expressions. When the log data When the regular expression is satisfied, the log data is determined to be normal data, and then data in the log data other than the normal data is determined to be abnormal data. Filter out the abnormal data by filtering the log data. The abnormal data is the data of the abnormal situation in the business system. If the generated log data cannot meet the filtering conditions of normal data, it is determined as abnormal data. Further, the abnormal data includes the ID number of the user who caused the abnormal situation, and the log data generated by each business system has the ID number of the user, and the ID number is the unique identification of the user in the business system. number to identify each distinct user.

S30、依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户调用的业务系统;其中,所述调用链为用户依次调用各业务系统的信息流。S30. Retrieve the call chain of the user according to the ID number, and trace according to the call chain, so as to find out the service system called by the user from each of the service systems; wherein, the call chain is The user calls the information flow of each business system in turn.

本实施例中,在获取了异常数据中的用户的ID号后,通过所述ID号找到用户的调用链,所述调用链是基于区块链技术将用户的ID号作为标识,将ID号所调用的业务系统与所述标识建立关联信息,根据所述标识与所调用的各个业务系统分别打包成区块,并链接成区块链,得到调用链;所述调用链为用户依次调用各业务系统的信息流,所述信息流包含业务系统的调用时间、调用接口、函数传入、函数输出等信息,再根据所述调用链进行追踪,也即依据调用链从上述业务系统中找到用户调用的业务系统,从而获取了用户在操作证券业务流程所调用的各个业务系统。In this embodiment, after obtaining the ID number of the user in the abnormal data, the call chain of the user is found through the ID number. The called business system establishes association information with the identification, packs them into blocks according to the identification and each called business system, and links them into a block chain to obtain a call chain; the call chain is for the user to call each The information flow of the business system, the information flow includes the calling time of the business system, the calling interface, the function input, the function output and other information, and then trace according to the call chain, that is, find the user from the above business system according to the call chain The business system called, so as to obtain the various business systems called by the user when operating the securities business process.

S40、依据用户调用所述业务系统的操作时间顺序对各个所述业务系统逐个进行排查,以找出问题系统,所述问题系统为用户进行操作行为时出现异常的系统。S40. Check each of the business systems one by one according to the operation time sequence of the user invoking the business systems to find out the problematic system, and the problematic system is a system in which an abnormality occurs when the user performs an operation behavior.

本实施例中,依据所述ID号找出所述用户操作证券业务流程所使用到的业务系统后,可通过调用链有针对性地找出出现异常的节点,也即找出用户操作时出现异常的问题系统,依据用户的操作时间顺序对各个所述业务系统逐个进行排查,将用户对各个业务系统的操作形成操作链条,再根据所述异常数据依次对所述业务系统进行排查,得到问题系统,所述问题系统为用户操作时出现异常的系统。在一种应用场景中,用户可以完成整个证券业务的操作流程,也即系统跑完了整个调用链,但会出现异常情况,例如下单频率过大而导致出现异常数据,此时根据异常数据依序对各业务系统进行排查,从而确定出现异常的问题系统;在另一种应用场景中,用户没有完成整个正确业务的操作流程,例如只停留在某一系统出现了异常,这时由于上一节点出现异常无法进入一节点,也即没有跑完整个调用链,此时,所停留的节点对应的业务系统为问题系统。In this embodiment, after finding out the business system used by the user to operate the securities business process according to the ID number, the abnormal node can be found through the call chain, that is, the abnormal node can be found out during the user operation. The abnormal problem system checks each of the business systems one by one according to the user's operation time sequence, forms an operation chain for the user's operation on each business system, and then checks the business systems in turn according to the abnormal data to obtain the problem system, the problematic system is a system in which abnormalities occur during user operations. In one application scenario, the user can complete the operation process of the entire securities business, that is, the system runs through the entire call chain, but there will be abnormal situations, such as excessive order frequency resulting in abnormal data. At this time, according to the abnormal data Check each business system in order to determine the abnormal problem system; in another application scenario, the user did not complete the entire correct business operation process, for example, only staying in a certain system and an exception occurred. The node is abnormal and cannot enter a node, that is, the entire call chain has not been run. At this time, the business system corresponding to the node where it stays is the problem system.

S50、依据预设的分析策略对所述操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施。S50. Analyze the operation behavior and the problematic system according to a preset analysis strategy to obtain an abnormal event, and take corresponding remedial measures for the abnormal event according to the analysis strategy.

本实施例中,在找出问题系统以及用户在该问题系统上的操作行为后,依据预设的分析策略对所述用户的操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施。所述分析策略包括获取问题系统的日志信息以及用户的操作行为信息,所述操作行为信息包括用户的历史操作行为信息,以及当前的操作行为信息,例如下单操作、查询操作、投诉操作、上传资料等。然后针对所述日志信息以及操作行为信息分析出对应的异常事件,然后针对异常事件采取补救措施。例如异常事件可以为“单位时间内用户下单频率过高”、“用户协议未签署”等,上述分析策略为业务专家和技术专家共同制定的,并收集了大量数据后针对不同类型的业务及其对应的风险点制定相应的分析策略。例如针对下单频率过高进行限流,由于日志数据的数据量巨大,通过上述方法可以快速地筛选出证券业务流程中出现的异常数据,再确定异常数据对应的异常事件,从而可以根据异常事件采取有针对的措施。In this embodiment, after the problematic system and the user's operation behavior on the problematic system are found, the user's operation behavior and the problematic system are analyzed according to the preset analysis strategy to obtain abnormal events, and according to the The above analysis strategy takes corresponding remedial measures for the abnormal event. The analysis strategy includes obtaining the log information of the problematic system and the user's operation behavior information. The operation behavior information includes the user's historical operation behavior information and current operation behavior information, such as ordering operations, query operations, complaint operations, uploading information, etc. Then analyze corresponding abnormal events according to the log information and operation behavior information, and then take remedial measures for the abnormal events. For example, abnormal events can be "the user's order frequency is too high per unit time", "the user agreement has not been signed", etc. The above analysis strategy is jointly formulated by business experts and technical experts, and a large amount of data is collected for different types of business and Develop corresponding analysis strategies for the corresponding risk points. For example, if the order frequency is too high to limit the flow, due to the huge amount of log data, the above method can quickly filter out the abnormal data that appears in the securities business process, and then determine the abnormal event corresponding to the abnormal data, so that according to the abnormal event Take targeted measures.

本实施例提供了一种证券IT系统的业务流程数据的监控方法,通过获取各业务系统的日志数据,对所述日志数据进行筛选,以获取异常数据,并获取异常数据中的用户的ID号,通过所述ID号找到用户的调用链,依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户的业务系统,对各个所述业务系统逐个进行排查,以找出问题系统,依据预设的分析策略对所述用户的操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施,监控证券业务流程的各个业务系统出现的异常情况以及处理异常情况,以实现对异常事件进行事前预警、事中监控、事后审计,在用户调用各个业务系统过程中,实现全链路监控,快速解决异常问题,提高业务流程异常的解决效率。This embodiment provides a method for monitoring the business process data of a securities IT system, by obtaining the log data of each business system, screening the log data to obtain abnormal data, and obtaining the ID number of the user in the abnormal data , find the call chain of the user through the ID number, call the call chain of the user according to the ID number, and track according to the call chain, so as to find out the service of the user from each of the business systems System, check each of the business systems one by one to find out the problem system, analyze the operation behavior of the user and the problem system according to the preset analysis strategy, obtain abnormal events, and analyze the problem according to the analysis strategy Take corresponding remedial measures for the abnormal event, monitor the abnormal situation in each business system of the securities business process and deal with the abnormal situation, so as to realize the pre-warning, in-event monitoring, and post-event audit of the abnormal event. In the process, full-link monitoring is realized, abnormal problems are quickly resolved, and the efficiency of business process exception resolution is improved.

在一种应用场景中,客户在APP做科创板股票交易,发现报错了,无法下单,这时通过监控检查到出现异常,通过客户对应的客户号找到对应的调用链,然后检查整个调用链,发现客户的订单信息只停留在交易系统,即找到问题系统,然后根据问题系统以及用户操作行为信息分析出对应的异常事件,例如检查交易系统该客户有无协议,发现该客户没有协议,则进一步追踪至帐户系统,检查该客户有无签署协议、录像和语音有无留档等,如果检查结果符合要求,说明该客户已经签署协议,是帐户系统与交易系统数据发生了问题,返回帐户系统与交易系统继续排除原因,若检查结果是该客户有无签署协议,则得到异常事件是“客户没有签署协议”,这时可采取相应的补救措施,即给出解决方案,重新把该客户的协议信息同步给交易系统。In one application scenario, a customer trades stocks on the Science and Technology Innovation Board on the APP, and finds that an error has been reported and cannot place an order. At this time, an exception is detected through monitoring, and the corresponding call chain is found through the corresponding customer number of the customer, and then the entire call is checked. It is found that the customer's order information only stays in the trading system, that is, the problematic system is found, and then the corresponding abnormal events are analyzed based on the problematic system and user operation behavior information. For example, checking whether the customer has an agreement in the trading system and finding that the customer has no agreement, It will further trace to the account system to check whether the customer has signed the agreement, whether the video and voice are kept on file, etc. If the inspection results meet the requirements, it means that the customer has signed the agreement, and there is a problem with the account system and transaction system data. Return to the account The system and the trading system continue to eliminate the cause. If the result of the check is whether the customer has signed the agreement, the abnormal event is "the customer has not signed the agreement". At this time, corresponding remedial measures can be taken, that is, a solution is given, and the customer Synchronize the protocol information to the trading system.

在一个实施例中,如图2所示,获取各业务系统的日志数据之后,还包括:In one embodiment, as shown in Figure 2, after obtaining the log data of each business system, it also includes:

S11:对所述日志数据进行逻辑校验及字符规则校验,以对所述日志数据进行清洗;S11: Perform logic verification and character rule verification on the log data, so as to clean the log data;

S12:从时间维度将清洗处理后的所述日志数据划分为实时操作数据、历史操作数据;S12: Divide the cleaned log data into real-time operation data and historical operation data from the time dimension;

S13:从类型维度将清洗处理后的所述日志数据划分为不同分类的操作类型数据;S13: Divide the cleaned log data into operation type data of different classifications from the type dimension;

S14:获取所述日志数据的用户的ID;S14: The ID of the user who acquires the log data;

S15:以所述用户的ID为主体,将所述实时操作数据、历史操作数据、操作类型数据进行关联归并,得到优化后的日志数据。S15: Taking the ID of the user as the main body, correlating and merging the real-time operation data, historical operation data, and operation type data to obtain optimized log data.

本实施例中,由于日志数据存在大量的冗余信息,在获取各业务系统的日志数据之后,对所述日志数据进行逻辑校验,以剔除日志数据中不必要的字段或纠正日志数据中出现错误的字段,然后再进行字符规则筛选校验,通过预设字符格式进行匹配对比,排除不符合规则的错误数据,完成对日志数据进行清洗。进一步还可以对清洗过的日志数据进行优化,从时间维度将清洗处理后的所述日志数据划分为实时操作数据、历史操作数据,实时操作数据为当前用户对系统进行操作的数据,历史操作数据是历史上用户对系统进行操作的数据,从类型维度将清洗处理后的所述日志数据划分为不同分类的操作类型数据,操作类型包括交易等类型,然后获取所述日志数据的用户的ID,将所述实时操作数据、历史操作数据、操作类型数据进行关联归并数据融合,得到优化后的日志数据,这样通过将各个业务系统的日志数据分类,并以用户ID为主体进行数据融合,可为后续查询提供更加便利的条件,提高对日志数据的查询效率。In this embodiment, since there is a large amount of redundant information in the log data, after the log data of each business system is obtained, the log data is logically checked to eliminate unnecessary fields in the log data or to correct any occurrences in the log data. Wrong fields, and then filter and check the character rules, match and compare through the preset character format, eliminate the wrong data that does not conform to the rules, and complete the cleaning of the log data. Further, the cleaned log data can be optimized, and the cleaned log data can be divided into real-time operation data and historical operation data from the time dimension. The real-time operation data is the data of the current user operating the system, and the historical operation data It is the data that users have operated on the system in history. From the type dimension, the log data after cleaning is divided into different types of operation type data. The operation type includes transaction and other types, and then the ID of the user who obtained the log data, The real-time operation data, historical operation data, and operation type data are associated and merged to obtain optimized log data. In this way, by classifying the log data of each business system and performing data fusion with the user ID as the main body, it can be Subsequent queries provide more convenient conditions and improve the query efficiency of log data.

在一个实施例中,所述异常数据包括第一异常数据、第二异常数据以及第三异常数据;所述对所述日志数据进行筛选,以获取异常数据,包括:In one embodiment, the abnormal data includes first abnormal data, second abnormal data and third abnormal data; the filtering of the log data to obtain abnormal data includes:

将所述日志数据通过与预设的关键词匹配进行排查,筛选出所述第一异常数据;Examining the log data by matching preset keywords to filter out the first abnormal data;

从筛选出所述第一异常数据后的剩余数据中抽取第一预设位置的操作频率数据,判断所述操作频率数据是否超过预设值;extracting the operating frequency data at a first preset position from the remaining data after filtering out the first abnormal data, and judging whether the operating frequency data exceeds a preset value;

若是,则判定与所述第一预设位置对应的数据为第二异常数据;If yes, then determine that the data corresponding to the first preset position is the second abnormal data;

从筛选出所述第二异常数据后的剩余数据中抽取第二预设位置的字段,并判断所述字段是否为预设字段;extracting a field at a second preset position from the remaining data after filtering out the second abnormal data, and judging whether the field is a preset field;

若是,则判定与所述第二预设位置对应的数据为第三异常数据。If so, it is determined that the data corresponding to the second preset position is the third abnormal data.

本实施例中,针对证券业务流程的IT系统,所述异常数据包括第一异常数据或/和第二异常数据或/和第三异常数据,通过下述方式筛选出第一异常数据、第二异常数据以及第三异常数据。首先将所述日志数据通过与预设的关键词匹配进行排查,筛选出第一异常数据,例如出现“报错”、“异常”等关键词的数据,则可以直接初步筛选出对应的异常数据;经此的剩余数据,可以通过判断是否满足预设条件来进一步筛选出异常数据,具体地,从筛选出所述第一异常数据后的剩余数据中抽取第一预设位置的操作频率数据,判断所述操作频率数据是否超过预设值,例如下单异常的数据,用户正常下单频率为单位时间内10次,但是出现的操作数据却是单位时间内20次,也即操作频率数据超过了上述预设值,这时可判定上述第一预设位置对应的数据为第二异常数据;进一步地,从筛选出所述第二异常数据后的剩余数据中抽取第二预设位置的字段,判断该字段是否为预设字段,若是,则判定与所述第二预设位置对应的数据为第三异常数据,例如该第二预设位置数据归零,字段为空,则说明系统出现了异常,这时可判定上述第二预设位置的数据为第三异常数据,如此通过上述步骤筛选出异常数据,以便后续可根据上述异常数据分析出异常原因,提高异常数据的分析效率。In this embodiment, for the IT system of the securities business process, the abnormal data includes the first abnormal data or/and the second abnormal data or/and the third abnormal data, and the first abnormal data, the second abnormal data are screened out in the following manner abnormal data and third abnormal data. Firstly, the log data is checked by matching with the preset keywords, and the first abnormal data is screened out, such as data with keywords such as "error report" and "abnormality", then the corresponding abnormal data can be directly initially screened out; After the remaining data, abnormal data can be further screened out by judging whether the preset conditions are met. Specifically, the operating frequency data at the first preset position is extracted from the remaining data after the first abnormal data is screened out, and the judgment is made. Whether the operation frequency data exceeds the preset value, for example, abnormal order data, the user’s normal order frequency is 10 times per unit time, but the operation data that appears is 20 times per unit time, that is, the operation frequency data exceeds For the preset value, it can be determined that the data corresponding to the first preset position is the second abnormal data; further, the field of the second preset position is extracted from the remaining data after filtering out the second abnormal data, Judging whether the field is a preset field, if so, then judging that the data corresponding to the second preset position is the third abnormal data, for example, the data of the second preset position is reset to zero, and the field is empty, indicating that the system has Abnormal. At this time, it can be determined that the data at the second preset position is the third abnormal data. In this way, the abnormal data is screened out through the above steps, so that the cause of the abnormality can be analyzed based on the above abnormal data, and the analysis efficiency of abnormal data can be improved.

在一个实施例中,所述依据预设的分析策略对所述操作行为以及所述问题系统进行分析,得到异常事件之后,还包括:In one embodiment, the analysis of the operation behavior and the problematic system according to the preset analysis strategy, after obtaining the abnormal event, further includes:

对所述异常事件进行安全审计,获取所述异常事件的安全等级;Performing a security audit on the abnormal event to obtain the security level of the abnormal event;

将所述异常事件通过预设通知方式发送至所述安全等级指定的负责人。The abnormal event is sent to the person in charge designated by the security level through a preset notification method.

本实施例中,依据预设的分析策略对所述用户的操作行为以及所述问题系统进行分析,得到异常事件之后,对所述异常事件进行安全审计,确定所述异常事件的影响情况,包括所述异常事件是用户引起的异常意见或是个别异常事件或是整体异常事件,从而获取所述异常事件的安全等级,再将所述异常事件通过预设通知方式发送至所述安全等级指定的负责人,不同异常事件的处理需要通知不同安全等级指定的负责人,告知负责人目前正确业务流程存在异常的风险,提高系统异常的反馈效率。In this embodiment, the operation behavior of the user and the problematic system are analyzed according to the preset analysis strategy, and after the abnormal event is obtained, a security audit is performed on the abnormal event to determine the impact of the abnormal event, including The abnormal event is an abnormal opinion caused by the user or an individual abnormal event or an overall abnormal event, so as to obtain the security level of the abnormal event, and then send the abnormal event to the specified security level through the preset notification method. The person in charge, the handling of different abnormal events needs to notify the person in charge designated by different security levels, inform the person in charge that there is an abnormal risk in the current correct business process, and improve the feedback efficiency of system abnormalities.

在另一个实施例中,在得到异常事件之后,进一步验证客户身份,包括获取用户预留的图像信息、语音信息等,然后通过语音识别、语义识别、图像识别技术对客户进行身份验证,确保客户的身份正确,确保客户使用的业务系统的安全性。In another embodiment, after obtaining the abnormal event, further verify the identity of the customer, including obtaining the image information and voice information reserved by the user, and then verify the identity of the customer through voice recognition, semantic recognition, and image recognition technologies to ensure that the customer The identity of the customer is correct to ensure the security of the business system used by the customer.

在一个实施例中,所述获取各业务系统的日志数据之前,还包括:In one embodiment, before obtaining the log data of each business system, it also includes:

获取用户的输入信息;Obtain user input information;

依据所述输入信息获取需要调用的业务系统。The service system to be called is obtained according to the input information.

本实施例中,不同的用户由于权限的不同,所能使用到的业务系统的范围不同,在获取各业务系统的日志数据之前,获取用户的输入信息,依据所述输入信息获取需要调用的业务系统,从而确定该用户在当前的输入信息下,所能使用到的所有业务系统,在后续获取日志数据时,仅仅需要获取该些调用的业务系统的数据,而无法调用的业务系统便可不查询检索其数据库,以提高日志数据的获取效率,提高资源的利用率。In this embodiment, different users have different scopes of business systems due to different permissions. Before obtaining the log data of each business system, the user's input information is obtained, and the business that needs to be called is obtained according to the input information. system, so as to determine all the business systems that the user can use under the current input information. When obtaining the log data later, it is only necessary to obtain the data of the business systems that are called, and the business systems that cannot be called do not need to be queried Search its database to improve the efficiency of log data acquisition and resource utilization.

在一个实施例中,所述依据所述ID号调取所述用户的调用链之前,还包括:In one embodiment, before calling the user's call chain according to the ID number, it further includes:

当所述调用的业务系统为指定业务系统,在所述指定业务系统中建立连接池,并以所述ID号以及依次调用所述指定业务系统的操作时间点作为节点,根据所述节点生成调用链;When the called business system is a designated business system, a connection pool is established in the designated business system, and the ID number and the operation time points of sequentially calling the designated business system are used as nodes, and calls are generated according to the nodes chain;

当所述调用的业务系统不为指定业务系统,将所述调用的业务系统的操作时间点作为节点,并关联各节点以生成调用链。When the called business system is not a designated business system, the operation time point of the called business system is used as a node, and each node is associated to generate a call chain.

本实施例中,在调取用户的调用链之前,不同的调用链根据用户所调用的业务系统而生成,当所述调用的业务系统为指定业务系统,在所述指定业务系统中建立连接池,并以所述ID号以及调用所述指定业务系统的操作时间点作为节点,根据所述节点生成调用链,例如调用的业务系统为研发提供的可控的系统,则在指定业务系统中建立连接池,并以用户的ID号以及调用指定业务系统的操作时间点作为调用链的节点的key放入连接池,然后根据所述节点便可生成用户调用指定业务系统的调用链;当所述调用的业务系统不为指定业务系统,将所述调用的业务系统的操作时间点作为节点,并关联各节点以生成调用链,例如是客户或供应商等提供的不可控的系统,则将调用的业务系统的操作时间点作为节点,然后关联各个调用系统所对应的各个节点以建立用户的信息流,从而得到调用链。即所述调用链为用户依次调用各业务系统的信息流,其中,每一业务系统对应一个调用链的节点。In this embodiment, before calling the user's call chain, different call chains are generated according to the business system called by the user. When the called business system is a designated business system, a connection pool is established in the designated business system , and use the ID number and the operation time point of invoking the specified business system as nodes, and generate a call chain based on the nodes, for example, if the called business system provides a controllable system for research and development, then it will be established in the specified business system Connection pool, and put the key of the node of the call chain into the connection pool with the ID number of the user and the operation time point of calling the specified business system, and then according to the node, a call chain for the user to call the specified business system can be generated; when the If the called business system is not a designated business system, the operation time point of the called business system is used as a node, and each node is associated to generate a call chain. For example, if it is an uncontrollable system provided by a customer or supplier, the call The operating time point of the business system is used as a node, and then each node corresponding to each calling system is associated to establish the user's information flow, thereby obtaining the calling chain. That is, the call chain is an information flow in which the user calls each service system in turn, wherein each service system corresponds to a node of the call chain.

在一个实施例中,所述依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户调用的业务系统,包括:In one embodiment, the calling chain of the user is called according to the ID number, and tracking is carried out according to the chain, so as to find out the business system called by the user from each business system, including :

按照所述调用链的节点的关联顺序,依次判断所述业务系统是否为指定业务系统;According to the association sequence of the nodes of the call chain, sequentially determine whether the business system is a designated business system;

若是,依据用户的ID号以及操作时间点从各所述业务系统中查找用户调用的业务系统;If so, search the service system invoked by the user from each of the service systems according to the ID number of the user and the operation time point;

若否,依据关联顺序中当前节点的上一个节点的操作时间点以及下一个节点的操作时间点从各所述业务系统中查找用户调用的业务系统。If not, search for the service system invoked by the user from each of the service systems according to the operation time point of the previous node and the operation time point of the next node in the association sequence.

本实施例中,依据ID号调取用户对应的调用链,即通过调用链获悉用户调用了哪些业务系统,由于个别业务系统并不是企业研发提供的可控系统,而是外来的对接系统,例如股票交易,需要报送到交易所,则需要对接到交易所的系统,则这个系统即为外来对接的不可控系统,在调用时无法存储有客户的客户号,故而按照所述调用链的节点的关联顺序,依次判断所述业务系统是否为指定业务系统,若是,则可直接依据用户的ID号以及操作时间点从各业务系统中查找用户的业务系统;若否,则无法采用ID号来进行查询,这时可通过操作时间点来进行查找,依据关联顺序中当前节点的上一个节点的操作时间点以及下一个节点的操作时间点从各所述业务系统中查找用户的业务系统,从而不再限制业务系统是否为外部系统或内部系统,提高对证券业务流程的监控应用的广泛性。In this embodiment, the calling chain corresponding to the user is retrieved according to the ID number, that is, which business systems the user has called through the calling chain, because individual business systems are not controllable systems provided by enterprise research and development, but external docking systems, for example For stock trading, if it needs to be reported to the exchange, it needs to be connected to the system of the exchange. Then this system is an uncontrollable system connected to the outside world. It cannot store the customer's customer number when calling, so according to the node of the call chain According to the associated sequence, determine whether the business system is a designated business system in turn, if so, you can directly search for the user’s business system from each business system based on the user’s ID number and operation time point; if not, you cannot use the ID number to find the user’s business system Inquiry, at this time, can be searched through the operation time point, according to the operation time point of the previous node of the current node in the association sequence and the operation time point of the next node, the user's business system is searched from each of the business systems, so that It no longer restricts whether the business system is an external system or an internal system, and improves the extensiveness of the monitoring and application of securities business processes.

参照图3,本申请还提供一种业务流程数据的监控装置,包括:Referring to Figure 3, the present application also provides a monitoring device for business process data, including:

数据获取模块10:用于获取各业务系统的日志数据;Data acquisition module 10: used to acquire log data of each business system;

数据筛选模块20:用于对所述日志数据进行筛选,以获取异常数据,所述异常数据为所述业务系统出现异常情况的数据,所述异常数据包括引起所述异常情况的用户的ID号;Data screening module 20: used to filter the log data to obtain abnormal data, the abnormal data is the data of the abnormal situation in the business system, and the abnormal data includes the ID number of the user who caused the abnormal situation ;

数据追踪模块30:用于依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户调用的业务系统;其中,所述调用链为用户依次调用各业务系统的信息流;Data tracking module 30: used to call the call chain of the user according to the ID number, and track according to the call chain, so as to find out the business system called by the user from each of the business systems; wherein, The call chain is the information flow of each business system called by the user in turn;

异常排查模块40:用于依据用户调用所述业务系统的操作时间顺序对各个所述业务系统逐个进行排查,以找出问题系统,所述问题系统为用户进行操作行为时出现异常的系统;Abnormality checking module 40: used to check each of the business systems one by one according to the operation time sequence of the user calling the business system, to find out the problem system, and the problem system is a system where an exception occurs when the user performs an operation behavior;

异常处理模块50:用于依据预设的分析策略对所述操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施。Abnormality processing module 50: used to analyze the operation behavior and the problematic system according to the preset analysis strategy, obtain the abnormal event, and take corresponding remedial measures for the abnormal event according to the analysis strategy.

如上所述,可以理解地,本申请中提出的所述业务流程数据的监控装置的各组成部分可以实现如上所述业务流程数据的监控方法任一项的功能。As mentioned above, it can be understood that each component of the device for monitoring business process data proposed in this application can realize the function of any one of the methods for monitoring business process data described above.

参照图4,本申请实施例中还提供一种计算机设备,该计算机设备可以是移动终端,其内部结构可以如图4所示。该计算机设备包括通过系统总线连接的处理器、存储器、网络接口和显示装置及输入装置。其中,该计算机设备的网络接口用于与外部的终端通过网络连接通信。该计算机设备的输入装置用于接收用户的输入。该计算机设计的处理器用于提供计算和控制能力。该计算机设备的存储器包括存储介质。该存储介质存储有业务系统、计算机程序和数据库。该计算机设备的数据库用于存放数据。该计算机程序被处理器执行时以实现一种业务流程数据的监控方法。Referring to FIG. 4 , an embodiment of the present application further provides a computer device, which may be a mobile terminal, and its internal structure may be as shown in FIG. 4 . The computer equipment includes a processor, a memory, a network interface, and a display device and an input device connected through a system bus. Wherein, the network interface of the computer device is used to communicate with external terminals through a network connection. The input device of the computer equipment is used for receiving user's input. The computer is designed with a processor to provide computing and control capabilities. The memory of the computer device includes storage media. The storage medium stores business systems, computer programs and databases. The database of the computer device is used to store data. When the computer program is executed by the processor, a method for monitoring business process data is realized.

上述处理器执行上述的业务流程数据的监控方法,包括:获取各业务系统的日志数据;对所述日志数据进行筛选,以获取异常数据,所述异常数据为所述业务系统出现异常情况的数据,所述异常数据包括引起所述异常情况的用户的ID号;依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户调用的业务系统;其中,所述调用链为用户依次调用各业务系统的信息流;依据用户调用所述业务系统的操作时间顺序对各个所述业务系统逐个进行排查,以找出问题系统,所述问题系统为用户进行操作行为时出现异常的系统;依据预设的分析策略对所述操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施。The processor executes the above-mentioned monitoring method of business process data, including: obtaining log data of each business system; screening the log data to obtain abnormal data, and the abnormal data is data of abnormal situations in the business systems , the abnormal data includes the ID number of the user who caused the abnormal situation; according to the ID number, the call chain of the user is called, and traced according to the call chain, to find out from each of the business systems The business system invoked by the user; wherein, the invocation chain is the information flow of the user invoking each business system in turn; each of the business systems is checked one by one according to the operation time sequence of the user invoking the business system to find out the problem system, the problematic system is a system in which abnormality occurs when the user performs an operation behavior; analyze the operation behavior and the problematic system according to a preset analysis strategy, obtain abnormal events, and analyze the abnormality according to the analysis strategy The event takes appropriate remedial action.

所述计算机设备提供了一种证券IT系统的业务流程数据的监控方法,通过获取各业务系统的日志数据,对所述日志数据进行筛选,以获取异常数据,并获取异常数据中的用户的ID号,通过所述ID号找到用户的调用链,依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户的业务系统,对各个所述业务系统逐个进行排查,以找出问题系统,依据预设的分析策略对所述用户的操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施,监控证券业务流程的各个业务系统出现的异常情况以及处理异常情况,以实现对异常事件进行事前预警、事中监控、事后审计,在用户调用各个业务系统过程中,实现全链路监控,快速解决异常问题,提高业务流程异常的解决效率。The computer equipment provides a method for monitoring the business process data of the securities IT system, by obtaining the log data of each business system, screening the log data to obtain abnormal data, and obtaining the ID of the user in the abnormal data number, find the user's call chain through the ID number, call the user's call chain according to the ID number, and track according to the call chain, so as to find out the user's call chain from each of the business systems Business system, check each of the business systems one by one to find out the problem system, analyze the operation behavior of the user and the problem system according to the preset analysis strategy, obtain abnormal events, and according to the analysis strategy Take corresponding remedial measures for the abnormal events, monitor the abnormal situations in each business system of the securities business process and deal with the abnormal situations, so as to realize pre-warning, in-process monitoring, and post-event audit of abnormal events. In the process, realize full-link monitoring, quickly solve abnormal problems, and improve the efficiency of solving business process exceptions.

本申请一实施例还提供一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被所述处理器执行时实现一种业务流程数据的监控方法,包括步骤:获取各业务系统的日志数据;对所述日志数据进行筛选,以获取异常数据,所述异常数据为所述业务系统出现异常情况的数据,所述异常数据包括引起所述异常情况的用户的ID号;依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户调用的业务系统;其中,所述调用链为用户依次调用各业务系统的信息流;依据用户调用所述业务系统的操作时间顺序对各个所述业务系统逐个进行排查,以找出问题系统,所述问题系统为用户进行操作行为时出现异常的系统;依据预设的分析策略对所述操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施。An embodiment of the present application also provides a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by the processor, a method for monitoring business process data is implemented, including the steps of: obtaining log data; filter the log data to obtain abnormal data, the abnormal data is the data of the abnormal situation in the business system, and the abnormal data includes the ID number of the user who caused the abnormal situation; according to the The ID number calls the call chain of the user, and traces according to the call chain, so as to find out the business system called by the user from each of the business systems; wherein, the call chain is for the user to call each The information flow of the business system; check each of the business systems one by one according to the operation time sequence of the user calling the business system to find out the problem system, and the problem system is the system where the user operates abnormally; The established analysis strategy analyzes the operation behavior and the problematic system to obtain abnormal events, and takes corresponding remedial measures for the abnormal events according to the analysis strategy.

所述计算机可读存储介质提供了一种证券IT系统的业务流程数据的监控方法,通过获取各业务系统的日志数据,对所述日志数据进行筛选,以获取异常数据,并获取异常数据中的用户的ID号,通过所述ID号找到用户的调用链,依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户的业务系统,对各个所述业务系统逐个进行排查,以找出问题系统,依据预设的分析策略对所述用户的操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施,监控证券业务流程的各个业务系统出现的异常情况以及处理异常情况,以实现对异常事件进行事前预警、事中监控、事后审计,在用户调用各个业务系统过程中,实现全链路监控,快速解决异常问题,提高业务流程异常的解决效率。The computer-readable storage medium provides a method for monitoring the business process data of the securities IT system, by obtaining the log data of each business system, the log data is screened to obtain abnormal data, and the The ID number of the user, find the call chain of the user through the ID number, call the call chain of the user according to the ID number, and track the call chain according to the call chain, so as to find out the call chain of the user from each of the business systems According to the business system of the user mentioned above, each business system is checked one by one to find out the problem system, and the operation behavior of the user and the problem system are analyzed according to the preset analysis strategy to obtain abnormal events, and according to the The above-mentioned analysis strategy takes corresponding remedial measures for the abnormal events, monitors the abnormal situations in each business system of the securities business process and handles the abnormal situations, so as to realize pre-warning, in-process monitoring, and post-event audit of abnormal events. In the process of each business system, realize full-link monitoring, quickly solve abnormal problems, and improve the efficiency of solving abnormal business processes.

本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机程序来指令相关的硬件来完成,所述的计算机程序可存储于一非易失性计算机可读取存储介质中,该计算机程序在执行时,可包括如上述各方法的实施例的流程。Those of ordinary skill in the art can understand that all or part of the processes in the methods of the above embodiments can be implemented through computer programs to instruct related hardware, and the computer programs can be stored in a non-volatile computer-readable memory In the medium, when the computer program is executed, it may include the processes of the embodiments of the above-mentioned methods.

本申请所提供的和实施例中所使用的对存储器、存储、数据库或其它介质的任何引用,均可包括非易失性和/或易失性存储器。Any reference to memory, storage, database or other media provided herein and used in the examples may include non-volatile and/or volatile memory.

非易失性存储器可以包括只读存储器(ROM)、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦除可编程ROM(EEPROM)或闪存。易失性存储器可包括随机存取存储器(RAM)或者外部高速缓冲存储器。作为说明而非局限,RAM以多种形式可得,诸如静态RAM(SRAM)、动态RAM(DRAM)、同步DRAM(SDRAM)、双速据率SDRAM(SSRSDRAM)、增强型SDRAM(ESDRAM)、同步链路(Synchlink)DRAM(SLDRAM)、存储器总线(Rambus)直接RAM(RDRAM)、直接存储器总线动态RAM(DRDRAM)、以及存储器总线动态RAM(RDRAM)等。Nonvolatile memory can include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory. Volatile memory can include random access memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in various forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (SSRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), etc.

需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、装置、物品或者方法不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、装置、物品或者方法所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、装置、物品或者方法中还存在另外的相同要素。It should be noted that, in this document, the term "comprising", "comprising" or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, apparatus, article or method comprising a set of elements includes not only those elements, It also includes other elements not expressly listed, or elements inherent in the process, apparatus, article, or method. Without further limitations, an element defined by the phrase "comprising a ..." does not preclude the presence of additional same elements in the process, apparatus, article or method comprising the element.

以上所述仅为本申请的优选实施例,并非因此限制本申请的专利范围。The above descriptions are only preferred embodiments of the present application, and are not intended to limit the patent scope of the present application.

凡是利用本申请说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本申请的专利保护范围内。Any equivalent structure or equivalent process transformation made by using the contents of the specification and drawings of this application, or directly or indirectly used in other related technical fields, is also included in the scope of patent protection of this application.

Claims (10)

1.一种业务流程数据的监控方法,其特征在于,包括:1. A method for monitoring business process data, comprising: 获取各业务系统的日志数据;Obtain the log data of each business system; 对所述日志数据进行筛选,以获取异常数据,所述异常数据为所述业务系统出现异常情况的数据,所述异常数据包括引起所述异常情况的用户的ID号;Screening the log data to obtain abnormal data, the abnormal data is the data of the abnormal situation in the business system, and the abnormal data includes the ID number of the user who caused the abnormal situation; 依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户调用的业务系统;其中,所述调用链为用户依次调用各业务系统的信息流;Retrieve the call chain of the user according to the ID number, and track according to the call chain, so as to find out the business system called by the user from each of the business systems; wherein, the call chain is the user in turn Call the information flow of each business system; 依据用户调用所述业务系统的操作时间顺序对各个所述业务系统逐个进行排查,以找出问题系统,所述问题系统为用户进行操作行为时出现异常的系统;Investigate each of the business systems one by one according to the order of operation time when the user invokes the business system to find out the problem system, and the problem system is a system that is abnormal when the user performs an operation behavior; 依据预设的分析策略对所述操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施。Analyzing the operational behavior and the problematic system according to a preset analysis strategy to obtain abnormal events, and taking corresponding remedial measures for the abnormal events according to the analysis strategy. 2.根据权利要求1所述的业务流程数据的监控方法,其特征在于,所述获取各业务系统的日志数据之后,还包括:2. The monitoring method of business process data according to claim 1, characterized in that, after acquiring the log data of each business system, further comprising: 对所述日志数据进行逻辑校验及字符规则校验,以对所述日志数据进行清洗;Carrying out logical verification and character rule verification on the log data to clean the log data; 从时间维度将清洗处理后的所述日志数据划分为实时操作数据、历史操作数据;Dividing the cleaned log data into real-time operation data and historical operation data from the time dimension; 从类型维度将清洗处理后的所述日志数据划分为不同分类的操作类型数据;Dividing the cleaned log data into operation type data of different classifications from the type dimension; 获取所述日志数据的用户的ID;the ID of the user who obtained the log data; 以所述用户的ID为主体,将所述实时操作数据、历史操作数据、操作类型数据进行关联归并,得到优化后的日志数据。Taking the user ID as the main body, the real-time operation data, historical operation data, and operation type data are associated and merged to obtain optimized log data. 3.根据权利要求1所述的业务流程数据的监控方法,其特征在于,所述异常数据包括第一异常数据、第二异常数据以及第三异常数据;所述对所述日志数据进行筛选,以获取异常数据,包括:3. The monitoring method of business process data according to claim 1, wherein the abnormal data includes first abnormal data, second abnormal data, and third abnormal data; the filtering of the log data, to get exception data, including: 将所述日志数据通过与预设的关键词匹配进行排查,筛选出所述第一异常数据;Examining the log data by matching preset keywords to filter out the first abnormal data; 从筛选出所述第一异常数据后的剩余数据中抽取第一预设位置的操作频率数据,判断所述操作频率数据是否超过预设值;extracting the operating frequency data at a first preset position from the remaining data after filtering out the first abnormal data, and judging whether the operating frequency data exceeds a preset value; 若是,则判定与所述第一预设位置对应的数据为第二异常数据;If yes, then determine that the data corresponding to the first preset position is the second abnormal data; 从筛选出所述第二异常数据后的剩余数据中抽取第二预设位置的字段,并判断所述字段是否为预设字段;extracting a field at a second preset position from the remaining data after filtering out the second abnormal data, and judging whether the field is a preset field; 若是,则判定与所述第二预设位置对应的数据为第三异常数据。If so, it is determined that the data corresponding to the second preset position is the third abnormal data. 4.根据权利要求1所述的业务流程数据的监控方法,其特征在于,所述依据预设的分析策略对所述操作行为以及所述问题系统进行分析,得到异常事件之后,还包括:4. The monitoring method of business process data according to claim 1, characterized in that, analyzing the operation behavior and the problematic system according to the preset analysis strategy, and after obtaining the abnormal event, further comprising: 对所述异常事件进行安全审计,获取所述异常事件的安全等级;Performing a security audit on the abnormal event to obtain the security level of the abnormal event; 将所述异常事件通过预设通知方式发送至所述安全等级指定的负责人。The abnormal event is sent to the person in charge designated by the security level through a preset notification method. 5.根据权利要求1所述的业务流程数据的监控方法,其特征在于,所述获取各业务系统的日志数据之前,还包括:5. The monitoring method of business process data according to claim 1, characterized in that, before acquiring the log data of each business system, further comprising: 获取用户的输入信息;Obtain user input information; 依据所述输入信息获取需要调用的业务系统。The service system to be called is obtained according to the input information. 6.根据权利要求5所述的业务流程数据的监控方法,其特征在于,所述依据所述ID号调取所述用户的调用链之前,还包括:6. The monitoring method of business process data according to claim 5, characterized in that, before calling the call chain of the user according to the ID number, further comprising: 当所述调用的业务系统为指定业务系统,在所述指定业务系统中建立连接池,并以所述ID号以及依次调用所述指定业务系统的操作时间点作为节点,根据所述节点生成调用链;When the called business system is a designated business system, a connection pool is established in the designated business system, and the ID number and the operation time points of sequentially calling the designated business system are used as nodes, and calls are generated according to the nodes chain; 当所述调用的业务系统不为指定业务系统,将所述调用的业务系统的操作时间点作为节点,并关联各节点以生成调用链。When the called business system is not a designated business system, the operation time point of the called business system is used as a node, and each node is associated to generate a call chain. 7.根据权利要求6所述的业务流程数据的监控方法,其特征在于,所述依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户调用的业务系统,包括:7. The monitoring method of business process data according to claim 6, characterized in that, the calling chain of the user is called according to the ID number, and tracking is carried out according to the calling chain, so as to obtain from each of the Find out the business system invoked by the user in the business system, including: 按照所述调用链的节点的关联顺序,依次判断所述业务系统是否为指定业务系统;According to the association sequence of the nodes of the call chain, sequentially determine whether the business system is a designated business system; 若是,依据用户的ID号以及操作时间点从各所述业务系统中查找用户调用的业务系统;If so, search the service system invoked by the user from each of the service systems according to the ID number of the user and the operation time point; 若否,依据关联顺序中当前节点的上一个节点的操作时间点以及下一个节点的操作时间点从各所述业务系统中查找用户调用的业务系统。If not, search for the service system invoked by the user from each of the service systems according to the operation time point of the previous node and the operation time point of the next node in the association sequence. 8.一种业务流程数据的监控装置,其特征在于,包括:8. A monitoring device for business process data, comprising: 数据获取模块:用于获取各业务系统的日志数据;Data acquisition module: used to acquire log data of each business system; 数据筛选模块:用于对所述日志数据进行筛选,以获取异常数据,所述异常数据为所述业务系统出现异常情况的数据,所述异常数据包括引起所述异常情况的用户的ID号;Data screening module: used to filter the log data to obtain abnormal data, the abnormal data is the data of the abnormal situation in the business system, and the abnormal data includes the ID number of the user who caused the abnormal situation; 数据追踪模块:用于依据所述ID号调取所述用户的调用链,并按照所述调用链进行追踪,以从各所述业务系统中找出所述用户调用的业务系统;其中,所述调用链为用户依次调用各业务系统的信息流;Data tracking module: used to call the call chain of the user according to the ID number, and track according to the call chain, so as to find out the business system called by the user from each of the business systems; wherein, the The call chain described above is the information flow of each business system called by the user in turn; 异常排查模块:用于依据用户调用所述业务系统的操作时间顺序对各个所述业务系统逐个进行排查,以找出问题系统,所述问题系统为用户进行操作行为时出现异常的系统;Abnormal troubleshooting module: used to check each of the business systems one by one according to the operation time sequence of the user calling the business system to find out the problem system, and the problem system is a system that appears abnormal when the user performs an operation behavior; 异常处理模块:用于依据预设的分析策略对所述操作行为以及所述问题系统进行分析,得到异常事件,并依据所述分析策略对所述异常事件采取相应的补救措施。Abnormality processing module: used to analyze the operation behavior and the problematic system according to the preset analysis strategy, obtain the abnormal event, and take corresponding remedial measures for the abnormal event according to the analysis strategy. 9.一种计算机设备,包括存储器和处理器,所述存储器存储有计算机程序,其特征在于,所述处理器执行所述计算机程序时实现权利要求1至7中任一项所述业务流程数据的监控方法的步骤。9. A computer device, comprising a memory and a processor, the memory stores a computer program, wherein the processor implements the business process data according to any one of claims 1 to 7 when executing the computer program The steps of the monitoring method. 10.一种计算机可读存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现权利要求1至7中任一项所述业务流程数据的监控方法的步骤。10. A computer-readable storage medium, on which a computer program is stored, characterized in that, when the computer program is executed by a processor, the steps of the method for monitoring business process data according to any one of claims 1 to 7 are realized .
CN202110610123.7A 2021-06-01 2021-06-01 Method, device, computer equipment and storage medium for monitoring business process data Pending CN115437870A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110610123.7A CN115437870A (en) 2021-06-01 2021-06-01 Method, device, computer equipment and storage medium for monitoring business process data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110610123.7A CN115437870A (en) 2021-06-01 2021-06-01 Method, device, computer equipment and storage medium for monitoring business process data

Publications (1)

Publication Number Publication Date
CN115437870A true CN115437870A (en) 2022-12-06

Family

ID=84272305

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110610123.7A Pending CN115437870A (en) 2021-06-01 2021-06-01 Method, device, computer equipment and storage medium for monitoring business process data

Country Status (1)

Country Link
CN (1) CN115437870A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117112371A (en) * 2023-10-25 2023-11-24 杭银消费金融股份有限公司 Observable full-link log tracking method and system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105591821A (en) * 2016-01-06 2016-05-18 北京京东尚科信息技术有限公司 Monitoring system and business system
CN107483221A (en) * 2016-06-08 2017-12-15 阿里巴巴集团控股有限公司 A kind of across application problem investigation method, apparatus and system
CN107688899A (en) * 2017-08-22 2018-02-13 北京潘达互娱科技有限公司 Business process monitoring method and device
WO2020233015A1 (en) * 2019-05-20 2020-11-26 平安普惠企业管理有限公司 Link tracking method and apparatus
CN112433991A (en) * 2020-11-20 2021-03-02 苏宁金融科技(南京)有限公司 Problem positioning method and device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105591821A (en) * 2016-01-06 2016-05-18 北京京东尚科信息技术有限公司 Monitoring system and business system
CN107483221A (en) * 2016-06-08 2017-12-15 阿里巴巴集团控股有限公司 A kind of across application problem investigation method, apparatus and system
CN107688899A (en) * 2017-08-22 2018-02-13 北京潘达互娱科技有限公司 Business process monitoring method and device
WO2020233015A1 (en) * 2019-05-20 2020-11-26 平安普惠企业管理有限公司 Link tracking method and apparatus
CN112433991A (en) * 2020-11-20 2021-03-02 苏宁金融科技(南京)有限公司 Problem positioning method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117112371A (en) * 2023-10-25 2023-11-24 杭银消费金融股份有限公司 Observable full-link log tracking method and system
CN117112371B (en) * 2023-10-25 2024-01-26 杭银消费金融股份有限公司 Observable full-link log tracking method and system

Similar Documents

Publication Publication Date Title
CN109461078B (en) Abnormal transaction identification method and system based on fund transaction network
CN111343173B (en) Data access abnormity monitoring method and device
US7818338B2 (en) Problem determination service
CN110704231A (en) A fault handling method and device
CN111475370A (en) Operation and maintenance monitoring method, device and equipment based on data center and storage medium
CN105556552A (en) Fraud detection and analysis
CN109669844A (en) Equipment obstacle management method, apparatus, equipment and storage medium
CN110246033B (en) Credit risk monitoring method, device, equipment and storage medium
CN112766974A (en) Risk account identification method and device, computer equipment and storage medium
US20230004478A1 (en) Systems and methods of continuous stack trace collection to monitor an application on a server and resolve an application incident
CN109409780B (en) Change processing method, device, computer equipment and storage medium
CN114996079A (en) Operation and maintenance monitoring method and device, computer equipment and computer readable storage medium
CN117891749A (en) API application safety monitoring method, device, equipment and storage medium
CN112434335A (en) Business problem processing method and device, computer equipment and storage medium
CN115437870A (en) Method, device, computer equipment and storage medium for monitoring business process data
CN111782456A (en) Anomaly detection method and device, computer equipment and storage medium
CN113255929B (en) Method and device for acquiring interpretable reasons of abnormal user
CN116452212B (en) Intelligent customer service commodity knowledge base information management method and system
CN112069031A (en) Abnormal query method, device, equipment and computer readable storage medium
CN111352975A (en) Data quality management method, client, server and system
US7801914B2 (en) System, method and computer-program product for allowing an entity to capture, integrate, and report desired information relating to a specific situation in a given process-related work environment
CN117290183A (en) ETL-based cross-system exception monitoring processing method and device
CN116680699A (en) Vulnerability priority ordering system, vulnerability priority ordering method, computer equipment and storage medium
CN115934487A (en) Log monitoring and warning method, device, computer equipment and storage medium
CN115169468A (en) Data processing method and device, electronic equipment and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination