CN115544202A - Alarm processing method, device and storage medium - Google Patents

Alarm processing method, device and storage medium Download PDF

Info

Publication number
CN115544202A
CN115544202A CN202110725324.1A CN202110725324A CN115544202A CN 115544202 A CN115544202 A CN 115544202A CN 202110725324 A CN202110725324 A CN 202110725324A CN 115544202 A CN115544202 A CN 115544202A
Authority
CN
China
Prior art keywords
alarm
fault
item
diagnosis
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110725324.1A
Other languages
Chinese (zh)
Inventor
李立锟
毕航华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Huawei Digital Technologies Co Ltd
Original Assignee
Beijing Huawei Digital Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Huawei Digital Technologies Co Ltd filed Critical Beijing Huawei Digital Technologies Co Ltd
Priority to CN202110725324.1A priority Critical patent/CN115544202A/en
Publication of CN115544202A publication Critical patent/CN115544202A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/30Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
    • G06F16/33Querying
    • G06F16/3331Query processing
    • G06F16/334Query execution
    • G06F16/3344Query execution using natural language analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/0703Error or fault processing not based on redundancy, i.e. by taking additional measures to deal with the error or fault not making use of redundancy in operation, in hardware, or in data representation
    • G06F11/079Root cause analysis, i.e. error or fault diagnosis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F40/00Handling natural language data
    • G06F40/30Semantic analysis

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computational Linguistics (AREA)
  • Artificial Intelligence (AREA)
  • Health & Medical Sciences (AREA)
  • Quality & Reliability (AREA)
  • Biomedical Technology (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Audiology, Speech & Language Pathology (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the application discloses an alarm processing method, an alarm processing device and a storage medium, and belongs to the technical field of AI. In the embodiment of the application, the NLP model obtained by the alarm description text training is used for processing the information of each alarm in the alarm event, so that one or more candidate fault reasons of the alarm event are obtained, one or more candidate fault reasons of the alarm event can be obtained without manually presetting a diagnosis rule, and the fault information corresponding to the alarm event is determined according to the one or more candidate fault reasons, so that the method is intelligent and efficient. When new alarms are increased subsequently, the alarms can be analyzed and processed only by correspondingly adding corresponding alarm description texts to train the NLP model, rule codes do not need to be developed again, workload is small, and maintenance cost is low.

Description

Alarm processing method, device and storage medium
Technical Field
The embodiment of the application relates to the technical field of Artificial Intelligence (AI), in particular to an alarm processing method, an alarm processing device and a storage medium.
Background
Various faults may occur during operation of network devices in the network to trigger alarms. After receiving the alarm information reported by the network device, the control device may process the alarm information, thereby determining the location of the fault, and repairing the fault or providing a method for repairing the fault.
In the related art, after receiving the alarm information, the control device may determine a trigger cause of the alarm information according to a diagnosis rule set in advance manually, and then determine a location point of the fault according to the determined trigger cause.
Therefore, in the related technology, the diagnosis rule needs to be manually preset to process the alarm information, so that the rule code needs to be redeveloped when a new rule needs to be added, the workload is large, the development difficulty is high, and the maintenance cost is high.
Disclosure of Invention
The embodiment of the application provides an alarm processing method, an alarm processing device and a storage medium, which can intelligently and efficiently process the alarm in the alarm event. The technical scheme is as follows:
in a first aspect, an alarm processing method is provided, where the method includes: acquiring an alarm event, wherein the alarm event comprises information of a plurality of alarms; processing the information of each alarm in the plurality of alarms through a first Natural Language Processing (NLP) model to obtain one or more candidate fault items corresponding to the alarm event, wherein the first NLP model is obtained through alarm description text training; and determining fault information corresponding to the alarm event according to one or more candidate fault items corresponding to the alarm event.
In the embodiment of the application, the NLP model obtained by the alarm description text training is used for processing the information of each alarm in the alarm event, so that one or more candidate fault reasons of the alarm event are obtained, one or more candidate fault reasons of the alarm event can be obtained without manually presetting a diagnosis rule, and the fault information corresponding to the alarm event is determined according to the one or more candidate fault reasons, so that the method is intelligent and efficient. When new alarms are increased subsequently, the alarms can be analyzed and processed only by correspondingly adding corresponding alarm description texts to train the NLP model, rule codes do not need to be developed again, workload is small, and maintenance cost is low.
Optionally, the processing, by the first natural language processing NLP model, information of each alarm of the multiple alarms, and the implementation process of obtaining one or more candidate fault items corresponding to the alarm event may be: taking information of each alarm in the plurality of alarms as input of the first NLP model, and processing the information of each alarm in the plurality of alarms through the first NLP model to obtain a diagnosis chain of the alarm event, where the diagnosis chain of the alarm event includes the plurality of alarms and one or more fault items, and the diagnosis chain is used to characterize a logical relationship between the plurality of alarms and the one or more fault items; and taking one or more fault items contained in the diagnosis chain as one or more candidate fault items corresponding to the alarm event.
After the information of a plurality of alarms included in an alarm event is processed through an NLP model, a diagnosis chain of the alarm event can be obtained, the diagnosis chain comprises a plurality of alarms and one or more fault items, and the diagnosis chain can represent the logical relations among the alarms and between the alarms and the fault items, so that the inference logic between the alarms and the fault items has strong interpretability.
It should be noted that, in the embodiment of the present application, the control device may further use the diagnosis chain of the alarm event as a part of subsequent fault information.
Optionally, before processing information of the alarm in the alarm event through the first NLP model, the method further includes: acquiring the alarm description text; and training a first initial NLP network according to alarm explanation information and alarm reasons respectively corresponding to a plurality of sample alarms in the alarm description text to obtain the first NLP model.
That is, in the embodiment of the present application, the first NLP model may learn a logical relationship between each sample alarm in the alarm description text and a logical relationship between the sample alarm and the fault item.
Optionally, the determining, according to one or more candidate fault items of the alarm event, an implementation process of fault information corresponding to the alarm event includes: calling a diagnosis interface of a diagnosis item corresponding to each candidate fault item in the one or more candidate fault items; acquiring the state information of the corresponding diagnosis item through the diagnosis interface of the diagnosis item corresponding to each candidate fault item; and determining the fault information corresponding to the alarm event according to the state information of the diagnosis item corresponding to each candidate fault item.
In the embodiment of the application, after one or more candidate fault items corresponding to the alarm event are determined, the corresponding candidate fault items can be diagnosed through the automatically generated diagnosis interface, so that the real fault item corresponding to the alarm event, namely, the reason for really causing the alarm event, is obtained, and the whole process is intelligent and efficient.
Optionally, the method further comprises: identifying the processing step corresponding to each sample alarm in the plurality of sample alarms contained in the alarm description text through a second NLP model to obtain a diagnosis item corresponding to the corresponding processing step; and generating a diagnosis interface of the diagnosis item corresponding to each processing step.
In the embodiment of the application, the processing steps included in the alarm description text can be identified through the NLP model to obtain the corresponding diagnosis item, and then the diagnosis interface corresponding to the diagnosis item is automatically generated. Subsequently, when the candidate fault item corresponding to the alarm event is diagnosed, the automatically generated diagnosis interface can be directly called for diagnosis, so that the whole diagnosis process is intelligent and efficient.
Optionally, according to the state information of each candidate fault item, the implementation process of determining the fault information corresponding to the alarm event may be: determining a target fault item of which the state information of the corresponding diagnosis item is inconsistent with the preset state information of the corresponding diagnosis item from the one or more candidate fault items; and generating fault information corresponding to the alarm event according to the target fault item and the repair method corresponding to the target fault item.
And determining the abnormal state diagnosis items through the acquired state information of the diagnosis items, and further determining real fault items in the candidate fault items according to the abnormal state diagnosis items, so that the abnormal state diagnosis items are real and reliable.
Optionally, the alarm description text includes at least one of a product information text, an alarm manual, and a fault maintenance experience text.
In the embodiment of the present application, the alarm description text may be at least one of a product information text, an alarm manual, or a fault maintenance experience text. Therefore, when newly added equipment or service occurs, only corresponding additional alarm description texts are needed to be added to train the first NLP model, the alarm of the newly added equipment or service can be processed, compared with a method for carrying out alarm identification by manually setting rules, the method does not need to redevelop rule codes, and is small in workload and low in maintenance cost.
In a second aspect, an alarm processing apparatus is provided, which has a function of implementing the behavior of the alarm processing method in the first aspect. The alarm processing device comprises at least one module, and the at least one module is used for implementing the alarm processing method provided by the first aspect.
In a third aspect, an alarm processing apparatus is provided, where the alarm processing apparatus includes a processor and a memory, and the memory is used to store a program for supporting the alarm processing apparatus to execute the alarm processing method provided in the first aspect, and store data used to implement the alarm processing method provided in the first aspect. The processor is configured to execute programs stored in the memory. The operating means of the memory device may further comprise a communication bus for establishing a connection between the processor and the memory.
In a fourth aspect, a computer-readable storage medium is provided, which has instructions stored therein, which when run on a computer, cause the computer to perform the alarm handling method of the first aspect described above.
In a fifth aspect, there is provided a computer program product containing instructions which, when run on a computer, cause the computer to perform the alarm handling method of the first aspect described above.
The technical effects obtained by the above second, third, fourth and fifth aspects are similar to the technical effects obtained by the corresponding technical means in the first aspect, and are not described herein again.
The beneficial effects brought by the technical scheme provided by the embodiment of the application at least comprise:
in the embodiment of the application, the NLP model obtained by the alarm description text training is used for processing the information of each alarm in the alarm event, so that one or more candidate fault reasons of the alarm event are obtained, one or more candidate fault reasons of the alarm event can be obtained without manually presetting a diagnosis rule, and the fault information corresponding to the alarm event is determined according to the one or more candidate fault reasons, so that the method is intelligent and efficient. When new alarms are increased subsequently, the alarms can be analyzed and processed only by correspondingly adding corresponding alarm description texts to train the NLP model, rule codes do not need to be developed again, workload is small, and maintenance cost is low.
Drawings
Fig. 1 is a network system architecture diagram according to an alarm processing method provided in an embodiment of the present application;
FIG. 2 is a schematic structural diagram of a computer device according to an embodiment of the present disclosure;
fig. 3 is a flowchart of an alarm processing method according to an embodiment of the present application;
FIG. 4 is a schematic diagram illustrating a diagnostic chain for an alarm event according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an alarm processing apparatus according to an embodiment of the present application.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present application more clear, the embodiments of the present application will be further described in detail with reference to the accompanying drawings.
Before explaining the embodiments of the present application in detail, an application scenario related to the embodiments of the present application will be described.
With the development of network technology, network architectures become increasingly complex, and accordingly, more network devices are provided in the network. When a network device in the network fails, the network device sends an alarm to the control device, and in this case, the failure needs to be quickly located according to the alarm to repair the failure, so that the influence of the failure on the service is reduced as much as possible. The alarm processing method provided by the embodiment of the application can be applied to the above scene to analyze and process the alarm, so as to obtain the fault information corresponding to the alarm.
Optionally, the alarm processing method provided by the embodiment of the present application may also be used for processing alarms in other scenarios. For example, in a banking system, when a risky user is present, an alarm may be reported to the control device. Correspondingly, the control device can also identify the risk user through the alarm processing method provided by the embodiment of the application. For another example, in the power system, when an alarm is received, the alarm may be processed by the alarm processing method provided in the embodiment of the present application, so as to determine a fault point, such as an abnormal power consumption point or an abnormal device, in the power system, where the alarm is triggered. For another example, in the field of industrial generation, the control device in the automation plant may receive an alarm reported by the detection device on the production line, and accordingly, the control device may also detect an abnormal point in the production process by using the method provided in the embodiment of the present application.
It should be noted that the foregoing are only several exemplary application scenarios given in the embodiment of the application, and the embodiment of the application is also applicable to other scenarios that require processing of an alarm to determine information of a fault point, a risk point, or an abnormal point, and the embodiment of the application is not described herein again.
Next, a system architecture related to the alarm processing method provided in the embodiment of the present application is introduced.
Fig. 1 is a schematic diagram of a network system architecture related to an alarm processing method provided in an embodiment of the present application. As shown in fig. 1, the network system includes an alarm processing device 101 and a plurality of network devices 102, wherein a communication connection is established between the alarm processing device 101 and the plurality of network devices 102.
In this embodiment, the alarm processing device 101 may be a control device corresponding to the plurality of network devices 102. In this case, each network device 102 may trigger an alarm and send information of the alarm to the alarm processing device 101 when a fault occurs in itself or there is an abnormality in traffic, or a certain network device 102 may trigger an alarm and send information of the alarm to the alarm processing device 101 when receiving alarms of other network devices 102.
After receiving the alarm information of each network device 102, the alarm processing device 101 may cluster the alarms according to the alarm information reported by each network device 102, so as to obtain an alarm event including information of multiple alarms. Then, the alarm processing device 101 may process each alarm in the alarm event by using the alarm processing method provided in the embodiment of the present application, so as to obtain fault information corresponding to the alarm event. Wherein, each alarm in the alarm event refers to an alarm with a certain association relation.
Optionally, in some possible cases, the alarm processing device 101 is not a control device corresponding to the plurality of network devices 102, but a server or a terminal device having a data processing function, in which case, the network system may further include a control device corresponding to the plurality of network devices 102. On this basis, each network device 102 may report the alarm information to the control device, and the control device clusters the alarm information reported by each network device 102, thereby obtaining an alarm event. Then, the control device may send the clustered alarm events to the alarm processing device 101, and the alarm processing device 101 processes each alarm in the alarm events according to the alarm processing method provided in the embodiment of the present application.
When the alarm processing device 101 is a control device corresponding to a plurality of network devices, the alarm processing device 101 may be a Network Cloud Engine (NCE), for example, the alarm processing device 101 is a Software Defined Network (SDN) controller or a cloud management platform. In this case, the plurality of network devices 102 are devices such as terminal devices and gateway devices that are managed and controlled by the alarm processing device 101, which is not limited in this embodiment of the present application.
When the alarm processing device 101 is not a control device corresponding to a plurality of network devices, the alarm processing device 101 may be a server or a terminal device. For example, the alarm processing device 101 is a server or a server cluster of a data center, or the alarm processing device 101 is a client device, which is not limited in this embodiment of the present application.
Optionally, in some possible cases, when the alarm processing method provided in the embodiment of the present application is applied to other scenarios, for example, in a power system or in the field of industrial production, the alarm processing device 101 may be a device having a function of centrally managing and controlling other devices, and accordingly, the plurality of network devices 102 are devices managed and controlled by the control device 101. Or, similarly, the alarm processing device 101 may also be a server or a terminal device, instead of being a control device corresponding to multiple network devices, which is not limited in this embodiment of the present application.
In the following embodiments, the alarm processing method provided in the embodiments of the present application is described by taking the alarm processing device 101 as a control device corresponding to a plurality of network devices 102 as an example. For the case that the alarm processing device 101 is another device, the following implementation manner may be referred to, and details are not described in this embodiment of the present application.
Fig. 2 is a schematic structural diagram of a computer device according to an embodiment of the present application. The alarm handling device in the system architecture shown in fig. 1 can be implemented by the computer device shown in fig. 2. Referring to fig. 2, the computer device includes one or more processors 201, a communication bus 202, a memory 203, and one or more communication interfaces 204.
The processor 201 may be a general-purpose Central Processing Unit (CPU), a Network Processor (NP), a microprocessor, or one or more integrated circuits such as an application-specific integrated circuit (ASIC), a Programmable Logic Device (PLD), or a combination thereof for implementing the disclosed aspects. The PLD may be a Complex Programmable Logic Device (CPLD), a field-programmable gate array (FPGA), a General Array Logic (GAL), or any combination thereof.
A communication bus 202 is used to transfer information between the above components. The communication bus 202 may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The memory 203 may be, but is not limited to, a read-only memory (ROM), a Random Access Memory (RAM), an electrically erasable programmable read-only memory (EEPROM), an optical disk (including a compact disk-read-only memory (CD-ROM), a compact disk, a laser disk, a digital versatile disk, a blu-ray disk, etc.), a magnetic disk storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The memory 203 may be self-contained and coupled to the processor 201 through the communication bus 202. The memory 203 may also be integrated with the processor 201.
The communication interface 204 uses any transceiver or the like for communicating with other devices or communication networks. The communication interface 204 includes a wired communication interface, and may also include a wireless communication interface. The wired communication interface may be an ethernet interface, for example. The ethernet interface may be an optical interface, an electrical interface, or a combination thereof. The wireless communication interface may be a Wireless Local Area Network (WLAN) interface, a cellular network communication interface, or a combination thereof.
In some embodiments, the computer device may include multiple processors, such as processor 201 and processor 205 shown in fig. 2. Each of these processors may be a single core processor or a multi-core processor. A processor herein may refer to one or more devices, circuits, and/or processing cores for processing data (e.g., computer program instructions).
In particular implementations, the computer device may also include an output device 206 and an input device 207, as one embodiment. The output device 206 is in communication with the processor 201 and may display information in a variety of ways. For example, the output device 206 may be a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display device, a Cathode Ray Tube (CRT) display device, a projector (projector), or the like. The input device 207 is in communication with the processor 201 and may receive user input in a variety of ways. For example, the input device 207 may be a mouse, a keyboard, a touch screen device, a sensing device, or the like.
In some embodiments, the memory 203 is used to store program code 208 for performing aspects of the present application, and the processor 201 may execute the program code 208 stored in the memory 203. The program code may include one or more software modules, and the computer device may implement the alarm processing method provided in the embodiment of fig. 3 below through the processor 201 and the program code 208 in the memory 203.
Next, an alarm processing method provided in the embodiment of the present application is described.
Fig. 3 is a flowchart of an alarm processing method provided in an embodiment of the present application, where the method may be applied to an alarm processing device in the foregoing system architecture, and hereinafter, taking the alarm processing device as a control device corresponding to multiple network devices as an example for description, referring to fig. 3, the method includes the following steps:
step 301: an alarm event is obtained, wherein the alarm event comprises information of a plurality of alarms.
In the embodiment of the application, when detecting a fault or service abnormality of the network device or receiving an alarm of another device, the network device may trigger an alarm of the network device and report information of the alarm to the control device.
Wherein the information of the alert may include alert content that can be used to indicate what type of alert the alert is. For example, the alarm content may be an ethernet loss of signal alarm. In addition, the alarm information may also include an alarm location, which may be location information of the network device reporting the alarm. Illustratively, the alarm location is an Internet Protocol (IP) address of a network device reporting the alarm information, or a Media Access Control (MAC) address of the network device reporting the alarm information, or a device identifier of the network device, where the device identifier is used to uniquely identify the network device.
After receiving the alarm information reported by each network device, the control device may cluster the received alarm information, thereby obtaining one or more alarm events. Each alarm event comprises information of a plurality of alarms, and the plurality of alarms in each alarm event have a certain incidence relation. For example, the multiple alarms may be alarms reported by some network devices having a connection relationship within a certain time period, and the embodiment of the present application does not specifically limit the association relationship between the alarms in the alarm event.
It should be noted that, in the embodiment of the present application, an example of obtaining an alarm event by using a control device is described in the alarm processing method provided in the embodiment of the present application.
Step 302: and processing the information of each alarm in the plurality of alarms through a first NLP model to obtain one or more candidate fault items of the alarm event, wherein the first NLP model is obtained through alarm description text training.
After the control equipment acquires an alarm event, taking information of each alarm in a plurality of alarms included in the alarm event as input of a first NLP model, and processing the information of each alarm in the plurality of alarms through the first NLP model to obtain a diagnosis chain of the alarm event, wherein the diagnosis chain of the alarm event comprises a plurality of alarms and one or more fault items, and the diagnosis chain is used for representing a logical relationship between the plurality of alarms and the one or more fault items; and taking one or more fault items contained in the diagnosis chain as one or more candidate fault items of the alarm event.
In the embodiment of the application, a first NLP model obtained through alarm description text training is deployed on the control equipment. It should be noted that the NLP algorithm is a hot topic in the AI field, and the NLP algorithm aims to make a machine understand the natural language of human beings, so as to give feedback to a user. In this embodiment of the present application, before processing information of an alarm in an alarm event through a first NLP model, a control device may first train a first initial NLP network by obtaining an alarm description text to obtain the first NLP model.
Illustratively, the control device may obtain an alarm description text, extract alarm interpretation information and alarm reasons corresponding to the plurality of sample alarms from the alarm description text, and train the first initial NLP network according to the alarm interpretation information and the alarm reasons corresponding to the plurality of sample alarms, respectively, to obtain the first NLP model.
Wherein the alarm description text comprises at least one of a product information text, an alarm manual and a fault maintenance experience text. The product information text may include a product manual of each network device controlled by the control device, and the product manual may include a description of the use of the corresponding network device, alarm interpretation information of a possible alarm to be generated, a reason for the alarm, and corresponding processing steps. An alarm manual may include a description document of alarms that may occur in a network, where the alarm manual may include alarm interpretation information for alarms that may be generated by network devices in the network, reasons for the alarms, and corresponding processing steps. The fault maintenance experience text may include information about alarms of network devices in the network and texts of related processing methods uploaded by a client or other related personnel, for example, the fault maintenance experience text may include a work order filled in when alarms of network devices are processed, which is not particularly limited in the embodiment of the present application.
The control device may obtain one or more of a product information text, an alarm manual, and a fault maintenance experience text as an alarm description text, and the number of each alarm description text may be one or more, which is not limited in the embodiment of the present application.
After the alarm description text is acquired, the control device may train the first initial NLP network through the acquired alarm description text.
The control device may use the alarm description text as an input of the first initial NLP network, detect keywords such as a sample alarm identifier, an alarm explanation, and an alarm reason in the alarm description text through the first initial NLP network, extract a paragraph or a sentence including the keywords, thereby obtaining alarm explanation information and an alarm reason corresponding to a plurality of sample alarms, and then extract keywords in the alarm reason of each sample alarm through the first initial NLP network. And then, taking the alarm interpretation information of each sample alarm as a prediction source, taking a keyword in the alarm reason of the corresponding sample alarm as a label of the alarm interpretation information, and training the first initial NLP network. The first initial NLP network can perform semantic analysis and text similarity calculation on the alarm explanation information of each sample alarm, so that alarm reasons corresponding to the alarm explanation information of each sample alarm are output, the output alarm reasons are compared with the set labels of the corresponding alarm explanation information to obtain the deviation between the output alarm reasons and the set labels of the corresponding alarm explanation information, parameters in the first initial NLP network are continuously adjusted through the deviation, and therefore the first initial NLP network gradually learns the logic relation between the alarm of each sample to obtain a first NLP model.
For example, for the alarm of ethernet LOSs of signal, if the alarm is identified as ETH _ LOS, the control device may detect keywords such as ETH _ LOS, alarm explanation, and alarm reason in the alarm description text through the first initial NLP network, and further extract paragraphs or statements including the keywords, so as to obtain alarm explanation information and alarm reason corresponding to the alarm of ETH _ LOS.
Exemplarily, the alarm interpretation information of ETH _ LOS is as follows:
Figure BDA0003138391170000071
Figure BDA0003138391170000081
exemplarily, the alarm reason for ETH _ LOS is as follows:
Figure BDA0003138391170000082
it should be noted that, the above is only one possible implementation manner for extracting the alarm interpretation information and the alarm reason provided in the embodiment of the present application, and in some other possible implementation manners, the alarm interpretation information and the alarm reason may also be extracted through other algorithms, or other keywords capable of indicating the alarm interpretation information and the alarm reason may also be detected through the third NLP model to implement extraction of the alarm interpretation information and the alarm reason of the sample alarm, which is not limited herein.
Optionally, in some possible implementations, the process of training the first initial NLP network to obtain the first NLP model may also be performed on other devices, that is, the first NLP model may be trained by other devices, and then, the first NLP model may be deployed on the control device. The implementation manner of training the first initial NLP network by other devices to obtain the first NLP model is the same as or similar to the above implementation manner, which is not limited in the embodiment of the present application.
Because the first NLP model learns the logical relationship between the alarms in each sample in the alarm description text and the alarm cause of each sample alarm, after the control device obtains an alarm event, the control device may input the information of multiple alarms included in the alarm event into the first NLP model, and the first NLP model may search for other alarms and alarm causes associated with each alarm included in the alarm event according to the learned logical relationship between the alarms in each sample and the alarm cause of each sample alarm, thereby generating a diagnostic chain of the alarm event. At this time, the diagnosis chain of the alarm event will include the fault item corresponding to each alarm in the alarm event and other alarms triggering the corresponding alarms, that is, the diagnosis chain of the alarm event will be able to represent the association relationship between the alarms and the logical relationship between each alarm and one or more fault items.
Exemplarily, it is assumed that the alarm event includes three alarms, namely, a link connectivity LOSs alarm channel _ LOCV, an ethernet signal LOSs alarm ETH _ LOS, and a physical board offline alarm BD _ STATUS. In the logical relationship between the alarms learned by the first NLP model and the corresponding alarm cause, the trigger cause of the channel _ LOCV is ETH _ LOS, that is, the channel _ LOCV is triggered by the alarm of ETH _ LOS. The trigger cause of the ETH _ LOS includes two alarms and two fault items, where the two alarms are the single-board hardware error alarm HARD _ BAD and BD _ STATUS, and the two fault items are the opposite-end single-board fault and the home-end single-board fault, that is, the alarm of the ETH _ LOS may be triggered by at least one of the two alarms of the HARD _ BAD and BD _ STATUS, or may be triggered by at least one of the two faults of the opposite-end single-board fault and the home-end single-board fault. The trigger reasons of BD _ STATUS comprise local end single board faults and POWER abnormity alarms POWER _ ABNORMAL, and the trigger reasons of HARD _ BAD comprise lost POWER module faults. In this way, the first NLP model may obtain a diagnosis chain of the alarm event as shown in fig. 4 according to the learned logical relationship between the alarms and the corresponding alarm reason. Therefore, the diagnosis chain comprises a plurality of fault items and a plurality of alarms, and the logical relationship among the alarms and the fault items are characterized.
After obtaining the diagnostic chain of the alarm event, the control device may use the non-repeated one or more fault items included in the diagnostic chain as one or more candidate fault items of the alarm event.
For example, in the diagnostic chain of the alarm event in fig. 4, the fault item of ETH _ LOS includes an opposite-end board fault and a local-end board fault, the fault item of BD _ STATUS includes a local-end board fault, and the fault item of HARD _ BAD triggering ETH _ LOS has a power LOSs module. And removing the duplication of the fault items to obtain a plurality of fault items of the diagnosis chain, namely the fault of the opposite end single board, the fault of the local end single board and the power loss module. And taking the plurality of fault items as a plurality of candidate fault items of the alarm event.
Step 303: and determining fault information corresponding to the alarm event according to one or more candidate fault items of the alarm event.
After obtaining the one or more candidate fault items of the alarm event, the control device may determine a real fault item corresponding to the alarm event from the one or more candidate fault items, and further generate fault information corresponding to the alarm event according to the real fault item.
For example, the control device may call a diagnosis interface of a diagnosis item corresponding to each candidate failure item of the one or more candidate failure items; acquiring the state information of the corresponding diagnosis item through the diagnosis interface of the diagnosis item corresponding to each candidate fault item; and determining fault information corresponding to the alarm event according to the state information of the diagnosis item corresponding to each candidate fault item.
It should be noted that the control device may store a mapping relationship between the failure item and the corresponding diagnosis item. Based on this, after obtaining the one or more candidate failure items, for a first candidate failure item therein, the control device may obtain, from the mapping relationship, one or more diagnostic items corresponding to the first candidate failure item. Then, for a first diagnostic item in the one or more diagnostic items corresponding to the first candidate failure item, the control device may call a diagnostic interface of the first diagnostic item.
It should be noted that the diagnostic interface corresponding to each diagnostic item may be obtained after the control device processes the processing steps of each sample alarm in the alarm description text in advance through the second NLP model.
For example, the control device may identify, in advance, through the second NLP model, a processing step corresponding to each sample alarm in the plurality of sample alarms included in the alarm description text, so as to obtain a diagnostic item corresponding to the corresponding processing step; and then, generating a diagnosis interface of the diagnosis item corresponding to each processing step.
The control device may first extract a processing step corresponding to each sample alarm from the alarm description text. Because there may be a plurality of alarm reasons corresponding to each sample alarm, and different processing steps may exist for different alarm reasons, there may be a plurality of processing steps corresponding to each sample alarm. And after the processing step corresponding to each sample alarm is obtained, the control equipment takes the processing step corresponding to each alarm reason of the corresponding sample alarm as the input of the second NLP model. The second NLP model may perform semantic analysis and keyword extraction on the received processing step, thereby obtaining a diagnostic item corresponding to the processing step. And then, the control device can acquire a code input by a relevant person and used for realizing diagnosis of the corresponding diagnosis item according to the acquired diagnosis item, and generate a diagnosis interface corresponding to the diagnosis item according to the acquired code.
Exemplarily, it is assumed that the processing steps corresponding to each alarm reason of ETH _ LOS are as follows:
Figure BDA0003138391170000091
and identifying the processing steps through a second NLP model to obtain three diagnostic items, namely whether the query port is enabled, the query of the working mode of the two end ports in butt joint and the query of the loopback state of the opposite end port.
After the three diagnostic items are obtained, for the diagnostic item of inquiring the working modes of the two end ports of the butt joint, the control device can obtain codes input by related personnel for realizing the working modes of the two end ports of the butt joint, and then automatically generate a diagnostic interface corresponding to the diagnostic item according to the obtained codes.
For each diagnosis item obtained by the second NLP model analysis, the control device may automatically generate a diagnosis interface corresponding to the corresponding diagnosis item with reference to the above method.
It should be noted that, in the embodiment of the present application, after the diagnostic interface corresponding to one diagnostic item is generated, the control device may name the diagnostic interface through the diagnostic item. Alternatively, in some possible implementations, the control device may also assign a corresponding interface identifier to the generated diagnostic interface, and store the interface identifier in correspondence with the diagnostic item.
In addition, as can be seen from the foregoing description, the sample alarm may correspond to a plurality of alarm reasons, and different processing steps may correspond to different alarm reasons. In this case, after analyzing the processing steps corresponding to the alarms of the respective samples through the second NLP model to obtain the diagnosis items of the corresponding processing steps, the control device may further use the alarm cause corresponding to each processing step as the fault item corresponding to the corresponding processing step, and further store the fault item corresponding to each processing step and the diagnosis item correspondingly to obtain the mapping relationship between the fault item and the diagnosis item.
As can be seen from the foregoing description, after the control device generates the diagnosis interface corresponding to the diagnosis item, the control device may name the corresponding diagnosis interface through the diagnosis item, that is, use the diagnosis item as the interface identifier of the corresponding diagnosis interface. In this case, taking a first diagnostic item of the one or more candidate diagnostic items as an example, the control device may call a diagnostic interface identified as the first diagnostic item by the interface when calling the diagnostic interface corresponding to the first diagnostic item. Alternatively, as can be seen from the foregoing description, the control device may also allocate an interface identifier to the diagnostic interface corresponding to the diagnostic item, and store the diagnostic item corresponding to the interface identifier correspondingly. In this case, the control device may obtain the interface identifier corresponding to the first diagnostic item from the stored mapping relationship between the diagnostic item and the interface identifier, and then call the diagnostic interface corresponding to the first diagnostic item according to the obtained interface identifier.
After the diagnostic interface of the first diagnostic item is called, the control device may obtain the status information of the first diagnostic item through the diagnostic interface corresponding to the first diagnostic item.
For example, the control device may obtain an alarm position included in information of an alarm triggered by the first candidate fault item in an alarm event, and determine the position information of the first diagnostic item according to the obtained alarm position and the diagnostic content indicated by the first diagnostic item. And then, acquiring the state information of the first diagnosis item through a diagnosis interface corresponding to the first diagnosis item according to the position information of the first diagnosis item.
For example, if the first candidate fault item is that the working mode of the opposite port is not matched or the inner loop is enabled by the opposite port, the first candidate fault item will correspond to two diagnostic items, which are respectively the working mode for querying and docking the ports at the two ends and the loopback state for querying and docking the opposite port. Assuming that the first diagnostic item is a working mode for querying and docking ports at two ends, and the alarm position included in the alarm information triggered by the first candidate fault item is port 1 of the network device a, the control device may determine, according to the alarm position and the diagnostic content indicated by the first diagnostic item, that the position information of the first diagnostic item is port 1 and an opposite port connected to port 1.
After obtaining the location information of the first diagnostic item, the control device may use the location information of the first diagnostic item as a query parameter of the diagnostic interface of the first diagnostic item, so as to obtain the status information of the first diagnostic item.
It should be noted that the control device may directly send a diagnosis instruction to the corresponding device through the diagnosis interface of the first diagnosis item to acquire the status information.
Optionally, the control device may also display a status information acquisition instruction of the first diagnostic item through a diagnostic interface of the first diagnostic item, so that the user acquires corresponding status information according to the status information acquisition instruction of the first diagnostic item, and inputs the acquired status information to the control device. Accordingly, the control device may receive the status information of the first diagnostic item input by the user.
For example, the location information of the first diagnostic item includes an address and a port number of the network device, the control device may send a diagnostic instruction to the network device indicated by the address of the network device through the diagnostic interface of the first diagnostic item, where the diagnostic instruction may carry the port number in the location information, and after receiving the diagnostic instruction, the network device queries the state information of the corresponding port according to the port number, and then feeds the state information back to the control device. And after receiving the state information fed back by the network equipment, the control equipment takes the state information as the state information of the first diagnosis item.
For each diagnostic item corresponding to the first candidate failure item, the control device may refer to the above-described method of obtaining status information of the first diagnostic item to obtain status information corresponding to each diagnostic item.
Further, for each candidate failure item of the one or more candidate failure items corresponding to the alarm event, the control device may refer to the above processing method for the first candidate failure item to process each candidate failure item, so as to obtain the status information of the diagnostic item corresponding to each candidate failure item.
After obtaining the state information of the diagnostic item corresponding to each candidate fault item, the control device may determine, from the one or more candidate fault items, a target fault item whose state information of the corresponding diagnostic item is inconsistent with the preset state information of the corresponding diagnostic item; and generating fault information corresponding to the alarm event according to the target fault item and the repair method corresponding to the target fault item.
For each diagnosis item, preset state information of the corresponding diagnosis item can be stored in the control device, and the preset state information is the state information of the diagnosis item under the condition that the device normally operates. Based on this, the control device may compare the acquired state information of each diagnostic item with the preset state information of the corresponding diagnostic item, and if the two are different, the state of the corresponding diagnostic item is abnormal, at this time, the candidate fault item corresponding to the corresponding diagnostic item is taken as a target fault item, and the target fault item is a real fault item corresponding to the alarm event.
And after the real fault item corresponding to the alarm event is determined, the control equipment generates fault information of the alarm event according to the real fault item. Wherein, the fault information includes a real fault item corresponding to the alarm event. In addition, the control device may further obtain, according to the real fault item corresponding to the alarm event, a processing step or a repairing method corresponding to the real fault item from the alarm description text, and further use the processing step or the repairing method as a part of the fault information of the alarm event.
Optionally, in some possible implementation manners, after the control device generates the fault information, the fault information may be sent to the upper operation and maintenance device, and the upper operation and maintenance device displays the fault information, so that the operation and maintenance personnel perform corresponding repair processing according to the fault information.
Or, in some possible implementation manners, after obtaining the fault information of the alarm event, the control device may further automatically perform a repair process according to a repair method or a process step included in the fault information, which is not limited in this embodiment of the present application.
In the embodiment of the application, the NLP model obtained by the alarm description text training is used for processing the information of each alarm in the alarm event, so that one or more candidate fault reasons of the alarm event are obtained, one or more candidate fault reasons of the alarm event can be obtained without manually presetting a diagnosis rule, and the fault information corresponding to the alarm event is determined according to the one or more candidate fault reasons, so that the method is intelligent and efficient. When new alarms are increased subsequently, the alarms can be analyzed and processed only by correspondingly adding corresponding alarm description texts to train the NLP model, rule codes do not need to be developed again, workload is small, and maintenance cost is low.
Secondly, in the embodiment of the application, the fault item corresponding to the alarm event is identified through the NLP model, and because the NLP model is obtained through the training of the alarm description text, even if the alarm information in the alarm event has human language deviation, the correct result can still be identified through the NLP model, and once the alarm information in the related art has language deviation, the corresponding fault item cannot be obtained through the manually set rule. Therefore, the method provided by the embodiment of the application is wider in applicability and more stable.
Thirdly, in the embodiment of the present application, after processing information of multiple alarms included in an alarm event through an NLP model, a diagnosis chain of the alarm event may be obtained, where the diagnosis chain includes multiple alarms and one or more fault items, and the diagnosis chain may represent logical relationships between the alarms and between the fault items, so that inference logic between the alarms and the fault items has strong interpretability.
Finally, in the embodiment of the present application, the processing steps in the alarm description text may be analyzed and processed in advance through the second NLP model to obtain the corresponding diagnosis item, so as to automatically generate the diagnosis interface corresponding to the diagnosis item. Therefore, when the candidate fault item corresponding to the alarm event is diagnosed subsequently, the automatically generated diagnosis interface can be directly called for diagnosis, so that the whole diagnosis process is intelligent and efficient.
Next, an alarm processing apparatus provided in an embodiment of the present application will be described.
Referring to fig. 5, an embodiment of the present application provides an alert processing apparatus 500, where the apparatus 500 includes: an acquisition module 501, a processing module 502 and a determination module 503;
an obtaining module 501, configured to execute step 301 in the foregoing embodiment;
a processing module 502 for performing step 302 in the foregoing embodiments;
a determining module 503, configured to perform step 302 in the foregoing embodiment.
The obtaining module 501, the processing module 502 and the determining module 503 can be implemented by a processor in the computer device shown in fig. 2.
Optionally, the processing module 502 is mainly configured to:
taking the information of each alarm in the plurality of alarms as the input of a first NLP model, and processing the information of each alarm in the plurality of alarms through the first NLP model to obtain a diagnosis chain of an alarm event, wherein the diagnosis chain of the alarm event comprises the plurality of alarms and one or more fault items, and the diagnosis chain is used for representing the logical relationship between the plurality of alarms and the one or more fault items;
and taking one or more fault items contained in the diagnosis chain as one or more candidate fault items corresponding to the alarm event.
Optionally, the apparatus 500 is further configured to:
acquiring an alarm description text;
and training the first initial NLP network according to alarm explanation information and alarm reasons which respectively correspond to a plurality of sample alarms in the alarm description text to obtain a first NLP model.
Optionally, the determining module 503 includes:
the calling submodule is used for calling a diagnosis interface of a diagnosis item corresponding to each candidate fault item in one or more candidate fault items;
the acquisition submodule is used for acquiring the state information of the corresponding diagnosis item through the diagnosis interface of the diagnosis item corresponding to each candidate fault item;
and the determining submodule is used for determining the fault information corresponding to the alarm event according to the state information of the diagnosis item corresponding to each candidate fault item.
Optionally, the apparatus 500 is further configured to:
identifying the processing step corresponding to each sample alarm in the plurality of sample alarms contained in the alarm description text through a second NLP model to obtain a diagnosis item corresponding to the corresponding processing step;
and generating a diagnosis interface of the diagnosis item corresponding to each processing step.
Optionally, the determining submodule is mainly configured to:
determining a target fault item with inconsistent state information of the corresponding diagnosis item and preset state information of the corresponding diagnosis item from one or more candidate fault items;
and generating fault information corresponding to the alarm event according to the target fault item and the repair device corresponding to the target fault item.
Optionally, the alarm description text includes at least one of a product information text, an alarm manual, and a fault maintenance experience text.
In summary, in the embodiment of the present application, the NLP model obtained by training the alarm description text is used to process the information of each alarm in the alarm event, so as to obtain one or more candidate fault causes of the alarm event, and the one or more candidate fault causes of the alarm event can be obtained without manually presetting a diagnosis rule, so as to determine the fault information corresponding to the alarm event according to the one or more candidate fault causes, which is intelligent and efficient. When new alarms are increased subsequently, the alarms can be analyzed and processed only by correspondingly adding corresponding alarm description texts to train the NLP model, rule codes do not need to be developed again, workload is small, and maintenance cost is low.
It should be noted that: in the alarm processing apparatus provided in the foregoing embodiment, when processing an alarm, only the division of each function module is illustrated, and in practical applications, the function allocation may be completed by different function modules according to needs, that is, the internal structure of the device is divided into different function modules, so as to complete all or part of the functions described above. In addition, the alarm processing apparatus and the alarm processing method provided by the above embodiments belong to the same concept, and specific implementation processes thereof are described in the method embodiments and are not described herein again.
In the above embodiments, the implementation may be wholly or partly realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the application to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored on a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website, computer, server, or data center to another website, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., digital Versatile Disk (DVD)), or a semiconductor medium (e.g., solid State Disk (SSD)), among others.
It will be understood by those skilled in the art that all or part of the steps for implementing the above embodiments may be implemented by hardware, or may be implemented by a program instructing relevant hardware, where the program may be stored in a computer-readable storage medium, and the above-mentioned storage medium may be a read-only memory, a magnetic disk or an optical disk, etc.
The above description should not be taken as limiting the embodiments of the present application, and any modifications, equivalents, improvements, etc. made within the spirit and principle of the embodiments of the present application should be included in the scope of the embodiments of the present application.

Claims (15)

1. An alarm processing method, characterized in that the method comprises:
acquiring an alarm event, wherein the alarm event comprises information of a plurality of alarms;
processing the information of each alarm in the plurality of alarms through a first natural language processing NLP model to obtain one or more candidate fault items corresponding to the alarm event, wherein the first NLP model is obtained through alarm description text training;
and determining fault information corresponding to the alarm event according to one or more candidate fault items corresponding to the alarm event.
2. The method according to claim 1, wherein the processing information of each of the plurality of alarms through the first NLP model to obtain one or more candidate fault items corresponding to the alarm event comprises:
taking information of each alarm in the plurality of alarms as input of the first NLP model, and processing the information of each alarm in the plurality of alarms through the first NLP model to obtain a diagnosis chain of the alarm event, where the diagnosis chain of the alarm event includes the plurality of alarms and one or more fault items, and the diagnosis chain is used to characterize a logical relationship between the plurality of alarms and the one or more fault items;
and taking one or more fault items contained in the diagnosis chain as one or more candidate fault items corresponding to the alarm event.
3. The method according to claim 1 or 2, characterized in that the method further comprises:
acquiring the alarm description text;
and training a first initial NLP network according to alarm explanation information and alarm reasons respectively corresponding to a plurality of sample alarms in the alarm description text to obtain the first NLP model.
4. The method according to claim 1, wherein the determining fault information corresponding to the alarm event according to one or more candidate fault items of the alarm event comprises:
calling a diagnosis interface of a diagnosis item corresponding to each candidate fault item in the one or more candidate fault items;
acquiring the state information of the corresponding diagnosis item through the diagnosis interface of the diagnosis item corresponding to each candidate fault item;
and determining the fault information corresponding to the alarm event according to the state information of the diagnosis item corresponding to each candidate fault item.
5. The method of claim 4, further comprising:
identifying the processing step corresponding to each sample alarm in the plurality of sample alarms contained in the alarm description text through a second NLP model to obtain a diagnosis item corresponding to the corresponding processing step;
and generating a diagnosis interface of the diagnosis item corresponding to each processing step.
6. The method according to claim 4 or 5, wherein the determining fault information corresponding to the alarm event according to the state information of each candidate fault item comprises:
determining a target fault item, of which the state information of the corresponding diagnosis item is inconsistent with the preset state information of the corresponding diagnosis item, from the one or more candidate fault items;
and generating fault information corresponding to the alarm event according to the target fault item and the repair method corresponding to the target fault item.
7. The method of claim 1, 3 or 5, wherein the alarm description text comprises at least one of a product information text, an alarm manual, and a fault maintenance experience text.
8. An alert processing apparatus, characterized in that the apparatus comprises:
the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring an alarm event, and the alarm event comprises information of a plurality of alarms;
the processing module is used for processing the information of each alarm in the plurality of alarms through a first Natural Language Processing (NLP) model to obtain one or more candidate fault items corresponding to the alarm event, and the first NLP model is obtained through alarm description text training;
and the determining module is used for determining the fault information corresponding to the alarm event according to the one or more candidate fault items corresponding to the alarm event.
9. The apparatus of claim 8, wherein the processing module is configured to:
taking information of each alarm in the plurality of alarms as input of the first NLP model, and processing the information of each alarm in the plurality of alarms through the first NLP model to obtain a diagnosis chain of the alarm event, where the diagnosis chain of the alarm event includes the plurality of alarms and one or more fault items, and the diagnosis chain is used to characterize a logical relationship between the plurality of alarms and the one or more fault items;
and taking one or more fault items contained in the diagnosis chain as one or more candidate fault items corresponding to the alarm event.
10. The apparatus of claim 8 or 9, wherein the apparatus is further configured to:
acquiring the alarm description text;
and training the first initial NLP network according to the alarm explanation information and the alarm reason which respectively correspond to the plurality of sample alarms and are included in the alarm description text to obtain the first NLP model.
11. The apparatus of claim 8, wherein the determining module comprises:
the calling submodule is used for calling a diagnosis interface of a diagnosis item corresponding to each candidate fault item in the one or more candidate fault items;
the acquisition submodule is used for acquiring the state information of the corresponding diagnosis item through the diagnosis interface of the diagnosis item corresponding to each candidate fault item;
and the determining submodule is used for determining the fault information corresponding to the alarm event according to the state information of the diagnosis item corresponding to each candidate fault item.
12. The apparatus of claim 11, wherein the apparatus is further configured to:
identifying the processing step corresponding to each sample alarm in the plurality of sample alarms contained in the alarm description text through a second NLP model to obtain a diagnosis item corresponding to the corresponding processing step;
and generating a diagnosis interface of the diagnosis item corresponding to each processing step.
13. The apparatus of claim 11 or 12, wherein the determination submodule is configured to:
determining a target fault item, of which the state information of the corresponding diagnosis item is inconsistent with the preset state information of the corresponding diagnosis item, from the one or more candidate fault items;
and generating fault information corresponding to the alarm event according to the target fault item and the repair device corresponding to the target fault item.
14. The apparatus of claim 8, 10 or 12, wherein the alarm description text comprises at least one of a product information text, an alarm manual, and a fault maintenance experience text.
15. A computer-readable storage medium having stored thereon instructions that, when executed on a computer, cause the computer to perform the method of any one of claims 1-7.
CN202110725324.1A 2021-06-29 2021-06-29 Alarm processing method, device and storage medium Pending CN115544202A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110725324.1A CN115544202A (en) 2021-06-29 2021-06-29 Alarm processing method, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110725324.1A CN115544202A (en) 2021-06-29 2021-06-29 Alarm processing method, device and storage medium

Publications (1)

Publication Number Publication Date
CN115544202A true CN115544202A (en) 2022-12-30

Family

ID=84717313

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110725324.1A Pending CN115544202A (en) 2021-06-29 2021-06-29 Alarm processing method, device and storage medium

Country Status (1)

Country Link
CN (1) CN115544202A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116932148A (en) * 2023-09-19 2023-10-24 山东浪潮数据库技术有限公司 Problem diagnosis system and method based on AI

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116932148A (en) * 2023-09-19 2023-10-24 山东浪潮数据库技术有限公司 Problem diagnosis system and method based on AI
CN116932148B (en) * 2023-09-19 2024-01-19 山东浪潮数据库技术有限公司 Problem diagnosis system and method based on AI

Similar Documents

Publication Publication Date Title
WO2018195252A1 (en) Field content based pattern generation for heterogeneous logs
US11348023B2 (en) Identifying locations and causes of network faults
CN113935497A (en) Intelligent operation and maintenance fault processing method, device and equipment and storage medium thereof
CN109783324B (en) System operation early warning method and device
CN111858352B (en) Method, device, equipment and storage medium for automatic test monitoring
CN115357470B (en) Information generation method and device, electronic equipment and computer readable medium
KR20190001501A (en) Artificial intelligence operations system of telecommunication network, and operating method thereof
CN113935487B (en) Visual satellite fault diagnosis knowledge generation method, device and system
CN116089231B (en) Fault alarm method and device, electronic equipment and storage medium
CN113986643A (en) Method, electronic device and computer program product for analyzing log file
CN114285725A (en) Network fault determination method and device, storage medium and electronic equipment
CN116107589B (en) Automatic compiling method, device and equipment of software codes and storage medium
US20230105304A1 (en) Proactive avoidance of performance issues in computing environments
US20230133541A1 (en) Alert correlating using sequence model with topology reinforcement systems and methods
CN113656252B (en) Fault positioning method, device, electronic equipment and storage medium
CN115544202A (en) Alarm processing method, device and storage medium
CN117827784A (en) Noise log filtering method and system
CN112579402A (en) Method and device for positioning faults of application system
CN115357493A (en) Test method, test device, electronic equipment and storage medium
CN115130112A (en) Quick start-stop method, device, equipment and storage medium
CN115438093A (en) Power communication equipment fault judgment method and detection system
CN114756301A (en) Log processing method, device and system
CN114385398A (en) Request response state determination method, device, equipment and storage medium
CN111290870B (en) Method and device for detecting abnormality
CN114510409A (en) Application program code detection method and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination