CN115550156A - Alarm method, system, terminal and storage medium based on multi-tenant distribution - Google Patents
Alarm method, system, terminal and storage medium based on multi-tenant distribution Download PDFInfo
- Publication number
- CN115550156A CN115550156A CN202211502996.7A CN202211502996A CN115550156A CN 115550156 A CN115550156 A CN 115550156A CN 202211502996 A CN202211502996 A CN 202211502996A CN 115550156 A CN115550156 A CN 115550156A
- Authority
- CN
- China
- Prior art keywords
- alarm
- abnormal
- information
- rule
- alarm rule
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 230000002159 abnormal effect Effects 0.000 claims abstract description 96
- 230000001960 triggered effect Effects 0.000 claims description 19
- 238000004590 computer program Methods 0.000 claims description 11
- 238000012545 processing Methods 0.000 claims description 9
- 238000012216 screening Methods 0.000 claims description 6
- 230000000694 effects Effects 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 7
- 238000004891 communication Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 5
- 230000005856 abnormality Effects 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0681—Configuration of triggering conditions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0604—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0604—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
- H04L41/0618—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time based on the physical or logical position
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Alarm Systems (AREA)
Abstract
The application relates to an alarming method, a system, a terminal and a storage medium based on multi-tenant distribution, which comprises the steps of obtaining abnormal information, abnormal object information, a platform topological structure and an alarming rule base; determining an alarm object and an alarm path associated with the abnormal object according to the abnormal object information and the platform topological structure; obtaining a corresponding alarm rule according to the alarm object and the alarm rule base; and obtaining an alarm result according to the abnormal information and an alarm rule alarm path. The method and the device have the effect of improving the alarm efficiency of the multi-tenant network platform.
Description
Technical Field
The present application relates to the field of network security, and in particular, to a method, a system, a terminal, and a storage medium for alerting based on multi-tenant distribution.
Background
In a multi-tenant distributed network platform, three roles are usually possessed, one is a platform administrator which can manage the platform including tenants and users in the platform, the other is a platform tenant which can manage self resources and all users under the self flag, and the other is a platform user which can only manage self. The tenants have multiple levels, upper tenants can manage lower tenants, the multiple levels of tenants and corresponding users can be managed in a cross mode, and when abnormal conditions occur, different alarm strategies need to be determined according to alarm rules which are not set through roles according to the abnormal conditions.
Under the complex authority relationship network of a multi-tenant distribution type network platform, the situations that the alarm operation data volume is large, an object needing to be alarmed is alarmed repeatedly and the like easily occur, and the alarm efficiency is low.
In view of the above related technologies, the inventors consider that there is a defect of low alarm efficiency of the multi-tenant network platform.
Disclosure of Invention
In order to improve the alarm efficiency of a multi-tenant network platform, the application provides an alarm method, an alarm system, a terminal and a storage medium based on multi-tenant distribution.
In a first aspect, the present application provides an alarm method based on multi-tenant distribution, which adopts the following technical solution:
an alarming method based on multi-tenant distribution comprises the following steps:
acquiring abnormal information, abnormal object information, a platform topological structure and an alarm rule base;
determining an alarm object and an alarm path associated with the abnormal object according to the abnormal object information and the platform topological structure;
obtaining a corresponding alarm rule according to the alarm object and the alarm rule base;
and obtaining an alarm result according to the abnormal information, the alarm rule and the alarm path.
By adopting the technical scheme, the alarm object and the alarm path are obtained firstly through the abnormal object information and the platform topological structure, then the alarm rule corresponding to the alarm object is called, and the alarm result is obtained according to the alarm rule and the alarm object, so that the alarm efficiency is improved.
Optionally, the determining, according to the abnormal object information and the platform topology structure, an alarm object and an alarm path associated with the abnormal object includes:
acquiring the subordinate information of the abnormal object in a platform topological structure;
and obtaining an alarm object and an alarm path associated with the abnormal object according to the subordinate information.
By adopting the technical scheme, the alarm objects associated with the abnormal objects are obtained by analyzing the management authority in the platform, and the alarm objects are arranged step by step according to the management authority to obtain the alarm path, so that the occurrence of repeated alarm is reduced.
Optionally, the obtaining an alarm result according to the abnormal information, the alarm rule, and the alarm path includes:
judging whether to trigger the alarm rule of the current alarm object according to the abnormal information and the alarm rule;
if the alarm rule of the current object is triggered, judging whether the alarm rule of the upper-level alarm object is triggered according to the alarm path and the alarm rule;
and acquiring the triggered alarm rule step by step and giving an alarm to the corresponding alarm object.
By adopting the technical scheme, when the abnormity happens, whether the abnormal information triggers the alarm rule is verified step by step from the alarm rule of the abnormal object, when the alarm rule is not triggered, the alarm of the alarm object is not needed, and because the step by step verification mode is adopted, the larger calculation amount is not generated for the abnormal information which does not trigger the alarm rule.
Optionally, the determining whether to trigger the alarm rule of the upper-level alarm object according to the alarm path and the alarm rule includes:
according to the alarm rule, whether the user is alarmed is judged firstly;
if yes, judging whether the abnormal information meets the alarm rule.
By adopting the technical scheme, whether the alarm is received or not is set in the alarm rule, unnecessary alarm information can be reduced, and the calculated amount of the alarm is reduced.
Optionally, the method further includes obtaining an alarm result according to the global alarm rule:
acquiring a global alarm rule;
obtaining a triggered global alarm rule according to the global alarm rule and the abnormal information;
and obtaining a corresponding alarm object according to the triggered global alarm rule.
By adopting the technical scheme, when the platform is abnormal, each abnormality needs to be recorded, so that the running stability of the platform is obtained; therefore, by setting the global alarm rule, when an abnormality occurs, whether the global alarm rule is triggered needs to be verified, so that the running state of the platform is monitored.
Optionally, the obtaining of the abnormal information, the abnormal object information, the platform topology and the alarm rule base includes:
acquiring platform data in a server;
obtaining user authority information according to the platform data;
obtaining a platform topological structure according to the user authority information;
and determining abnormal object information according to the platform data.
By adopting the technical scheme, the management relation among the users is obtained by obtaining the authority information of the users in the platform data, and then according to the platform data, the abnormal data is judged, and according to the abnormal data, the abnormal information is obtained.
Optionally, the method further includes: and according to the alarm rule of the superior user, the alarm rule of the subordinate user is changed.
In a second aspect, the present application provides an alarm system based on multi-tenant distribution, which adopts the following technical solution:
an alerting system based on multi-tenant distribution, comprising:
the first acquisition module is used for acquiring abnormal information and abnormal object information;
the second acquisition module is used for acquiring a platform topological structure and an alarm rule base;
the screening module is used for determining an alarm object associated with the abnormal object and a corresponding alarm rule according to the abnormal object information, the platform topological structure and the alarm rule base;
and the data processing module is used for obtaining an alarm result according to the abnormal information and the alarm rule.
In a third aspect, the present application provides an electronic device having a feature of stably transmitting encrypted data.
The third objective of the present application is achieved by the following technical solutions:
an electronic device comprises a memory and a processor, wherein the memory is stored with a computer program which can be loaded by the processor and executes the data encryption transmission method.
In a fourth aspect, the present application provides a computer storage medium capable of storing a corresponding program and having a feature of facilitating stable transmission of encrypted data.
The fourth application purpose of the present application is achieved by the following technical solutions:
a computer-readable storage medium storing a computer program that can be loaded by a processor and that executes any one of the above-described data encryption transmission methods.
In summary, the present application includes at least one of the following beneficial technical effects: determining a role to be alarmed by acquiring an alarm object associated with an abnormal object; judging whether to alarm the alarm object step by step according to the alarm rule of the alarm object; on the basis of defining the alarm object, the alarm rule is judged step by step, which is beneficial to improving the alarm efficiency.
Drawings
Fig. 1 is a system diagram of an alerting system based on multi-tenant distribution according to an embodiment of the present application.
Fig. 2 is a flowchart of an alerting method based on multi-tenant distribution according to an embodiment of the present application.
Fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Description of reference numerals: 1. a first acquisition module; 2. a second acquisition module; 3. a screening module; 4. a data processing module; 301. a CPU; 302. a ROM; 303. a RAM; 304. a bus; 305. an I/O interface; 306. an input section; 307. an output section; 308. a storage section; 309. a communication section; 310. a driver; 311. a removable media.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is further described in detail below with reference to fig. 1-3 and the embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The application discloses an alarm system based on multi-tenant distribution.
Referring to fig. 1, an alerting system based on multi-tenant distribution includes: a first obtaining module 1, configured to obtain abnormal information and abnormal object information; the abnormal information can be the conditions that the resource is accessed abnormally, is attacked by the network, is shared by abnormal resources and the like; in the embodiment of the application, the first obtaining module 1 may adopt a monitor, a firewall of a platform, and the like; the second acquisition module 2 is used for acquiring a platform topological structure and an alarm rule base; in the embodiment of the present application, the second obtaining module 2 may adopt a data query tool, mySQL, or the like; the screening module 3 is used for determining an alarm object associated with the abnormal object and a corresponding alarm rule according to the abnormal object information, the platform topological structure and the alarm rule base; and the data processing module 4 is used for obtaining an alarm result according to the abnormal information and the alarm rule.
In one example, a firewall of a tenant platform detects data abnormality, and determines an object generating abnormal data and abnormal information; the screening module 3 screens all alarm objects associated with the abnormal object from the platform topological structure and obtains an alarm rule corresponding to the alarm object; the data processing module 4 judges the alarm rule triggered by the abnormal information according to the alarm rule and the abnormal information, and sends an alarm to the alarm object triggered by the alarm rule.
Referring to fig. 2, the application discloses an alarm method based on multi-tenant distribution, which comprises the following specific steps:
s101: and acquiring abnormal information, abnormal object information, a platform topological structure and an alarm rule base.
Specifically, platform data in a server is obtained; obtaining user authority information according to the platform data; obtaining a platform topological structure according to the user authority information; obtaining abnormal data with abnormality according to the platform data; and determining abnormal object information according to the abnormal data.
In one example, the platform users comprise a plurality of levels of tenants, users and a platform administrator, each tenant manages a plurality of users or tenants, the platform administrator manages all the tenants, and the platform administrator, the tenants and the users are in tree-shaped association from top to bottom according to the management relationship; according to the management relation between the tenant and the user, a platform topological structure can be obtained; each user of the platform corresponds to one alarm rule, and the alarm rules of all the users are stored in an alarm rule base; when an abnormal condition occurs, abnormal data or problems exist in information of a certain tenant or user, the user marked with the abnormal data is an abnormal object, and the type of the abnormal data or problems is abnormal information.
S102: and determining an alarm object and an alarm path associated with the abnormal object according to the abnormal object information and the platform topological structure.
Specifically, obtaining the dependency information of the abnormal object in the platform topology structure; and obtaining an alarm object path associated with the abnormal object according to the subordinate information.
Specifically, according to the alarm rule, an alarm rule and an alarm object which need to be alarmed to a superior level are obtained; meanwhile, cross management exists between users and tenants, and one tenant has a plurality of management paths facing the users; therefore, all the alarm rules and alarm objects which need to alarm to the superior level need to be screened out; according to a platform topological structure, with an abnormal object as a base point, searching a tenant or a user associated with the abnormal object from an upper level or a lower level, wherein the acquired tenant and the user are both alarm objects; then according to the alarm object and the platform topological structure, obtaining an alarm path; and obtaining an alarm path, and verifying whether the alarm rule is triggered step by step.
S103: and obtaining a corresponding alarm rule according to the alarm object and the alarm rule base.
Specifically, after the alarm object is obtained, whether to alarm the alarm object needs to be judged according to an alarm rule set by the alarm object, so that the alarm rule corresponding to the alarm object needs to be called from the alarm rule base.
S104: and obtaining an alarm result according to the abnormal information, the alarm rule and the alarm path.
When the current user is alerted, whether the previous tenant is alerted needs to be considered, and therefore when the current user is alerted, whether the alert rule of the previous tenant is met needs to be judged.
Specifically, judging whether to trigger the alarm rule of the current alarm object according to the abnormal information and the alarm rule; if not, no alarm is given to any user.
If the alarm rule of the current object is triggered, judging whether to trigger the alarm rule of the upper-level alarm object according to the alarm path and the alarm rule; if not, the object needing to be alarmed is the current object.
If the alarm is needed to be given to the upper-level alarm object, whether the alarm is given to the upper-level alarm object is judged according to the alarm rule; if not, the object needing to be alarmed does not comprise the upper-level alarm object.
If yes, judging whether the abnormal information meets the alarm rule; when the abnormal information does not trigger the alarm rule, the object to be alarmed does not include the upper-level alarm object. When the abnormal information meets the alarm rule, judging whether to trigger the alarm rule of the upper-level alarm object.
And acquiring the triggered alarm rule step by step and alarming the corresponding alarm object.
In one example, the platform includes an administrator a, a tenant B, a tenant C, and a user D, the user D being under the management of tenant C, the tenant C being under the management of tenant B, the platform administrator a managing tenant B. When the data of the user D is abnormal and meets the self alarm rule, before the data is alarmed to the user D, whether the data needs to be alarmed to the tenant C firstly or not and whether the data needs to be alarmed to the tenant B and the administrator A or not need to be judged, and abnormal information is judged sequentially firstly through the alarm rule preset by the tenant C, the tenant B and the administrator A; if the judgment result is that the alarm needs to be given to the tenant C, judging whether the abnormal information meets the alarm rule of the tenant C; if the alarm rule of the tenant C is met, before the alarm is given to the tenant C, whether the alarm needs to be given to the tenant B or not needs to be judged; and if the judgment result is that the object is not needed, the alarm objects are the tenant C and the user D.
In the multi-tenant distribution-based alarm method in the application, the user can set a global alarm rule according to the self authority, the global alarm rule needs to be judged when an exception occurs, and each user set with the global alarm rule should be determined as an alarm object, so when the alarm object is determined, the method further includes:
acquiring a global alarm rule; obtaining a triggered global alarm rule according to the global alarm rule and the abnormal information; and obtaining a corresponding alarm object according to the triggered global alarm rule.
On the other hand, the alarm method based on multi-tenant distribution further comprises the following steps: and according to the alarm rule of the superior user, the alarm rule of the subordinate user is changed.
Specifically, the alarm rule coverage of the upper level user is larger than the alarm rule of the lower level user, and when the alarm rule of the upper level user changes, the alarm rule of the lower level user administered by the upper level user should be changed synchronously.
Fig. 3 shows a schematic structural diagram of an electronic device suitable for implementing embodiments of the present application.
As shown in fig. 3, the electronic apparatus includes a Central Processing Unit (CPU) 301 that can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM) 302 or a program loaded from a storage section into a Random Access Memory (RAM) 303. In the RAM 303, various programs and data necessary for system operation are also stored. The CPU 301, ROM 302, and RAM 303 are connected to each other via a bus 304. An input/output I/O interface 305 is also connected to bus 304.
The following components are connected to the I/O interface 305: an input portion 306 including a keyboard, a mouse, and the like; an output section 307 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 308 including a hard disk and the like; and a communication section 309 including a network interface card such as a LAN card, a modem, or the like. The communication section 309 performs communication processing via a network such as the internet. A drive 310 is also connected to the I/O interface 305 as needed. A removable medium 311 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 310 as necessary, so that a computer program read out therefrom is mounted into the storage section 308 as necessary.
In particular, according to embodiments of the present application, the process described above with reference to the flowchart fig. 2 may be implemented as a computer software program. For example, embodiments of the present application include a computer program product comprising a computer program embodied on a machine-readable medium, the computer program comprising program code for performing the method illustrated by the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 309, and/or installed from the removable medium 311. The above-described functions defined in the system of the present application are executed when the computer program is executed by the Central Processing Unit (CPU) 301.
It should be noted that the computer readable medium shown in the present application may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules described in the embodiments of the present application may be implemented by software or hardware. The described units or modules may also be provided in a processor, and may be described as: a processor comprises a first acquisition module 1, a second acquisition module 2, a screening module 3 and a data processing module 4. Wherein the designation of a unit or module does not in some way constitute a limitation of the unit or module itself.
As another aspect, the present application also provides a computer-readable storage medium, which may be included in the electronic device described in the above embodiments; or may be separate and not incorporated into the electronic device. The computer-readable storage medium stores one or more programs that, when executed by one or more processors, perform the data encryption transmission method described herein.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the disclosure herein is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the disclosure. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.
Claims (10)
1. An alarming method based on multi-tenant distribution is characterized by comprising the following steps:
acquiring abnormal information, abnormal object information, a platform topological structure and an alarm rule base;
determining an alarm object and an alarm path associated with the abnormal object according to the abnormal object information and the platform topological structure;
obtaining a corresponding alarm rule according to the alarm object and the alarm rule base;
and obtaining an alarm result according to the abnormal information, the alarm rule and the alarm path.
2. The multi-tenant distribution based alerting method according to claim 1, wherein the determining of the alerting object and the alerting path associated with the abnormal object according to the abnormal object information and the platform topology comprises:
acquiring the subordinate information of the abnormal object in a platform topological structure;
and obtaining an alarm object and an alarm path associated with the abnormal object according to the subordinate information.
3. The multi-tenant distribution based alerting method according to claim 2, wherein obtaining an alerting result according to the exception information, the alerting rule and the alerting path comprises:
judging whether to trigger the alarm rule of the current alarm object according to the abnormal information and the alarm rule;
if the alarm rule of the current object is triggered, judging whether the alarm rule of the upper-level alarm object is triggered according to the alarm path and the alarm rule;
and acquiring the triggered alarm rule step by step and alarming the corresponding alarm object.
4. The multi-tenant distribution based alarm method according to claim 3, wherein the determining whether to trigger the alarm rule of the upper level alarm object according to the alarm path and the alarm rule comprises:
according to the alarm rule, whether the user is alarmed is judged firstly;
if yes, judging whether the abnormal information meets the alarm rule.
5. The multi-tenant distribution based alerting method of claim 3, further comprising obtaining an alerting result according to a global alerting rule:
acquiring a global alarm rule;
obtaining a triggered global alarm rule according to the global alarm rule and the abnormal information;
and obtaining a corresponding alarm object according to the triggered global alarm rule.
6. The multi-tenant distribution-based alarm method according to claim 1, wherein the acquiring of the abnormal information, the abnormal object information, the platform topology and the alarm rule base comprises:
acquiring platform data in a server;
obtaining user authority information according to the platform data;
obtaining a platform topological structure according to the user authority information;
and determining abnormal object information according to the platform data.
7. The multi-tenant distribution based alerting method of claim 1, further comprising: and according to the upper-level user alarm rule, changing the lower-level user alarm rule.
8. An alerting system based on multi-tenant distribution, comprising:
the first acquisition module (1) is used for acquiring abnormal information and abnormal object information;
the second acquisition module (2) is used for acquiring a platform topological structure and an alarm rule base;
the screening module (3) determines an alarm object associated with the abnormal object and a corresponding alarm rule according to the abnormal object information, the platform topological structure and the alarm rule base;
and the data processing module (4) is used for obtaining an alarm result according to the abnormal information and the alarm rule.
9. An electronic device comprising a memory and a processor, the memory having stored thereon a computer program, characterized in that the processor, when executing the program, implements the method according to any of claims 1 to 7.
10. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, carries out the method according to any one of claims 1 to 7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211502996.7A CN115550156A (en) | 2022-11-29 | 2022-11-29 | Alarm method, system, terminal and storage medium based on multi-tenant distribution |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211502996.7A CN115550156A (en) | 2022-11-29 | 2022-11-29 | Alarm method, system, terminal and storage medium based on multi-tenant distribution |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115550156A true CN115550156A (en) | 2022-12-30 |
Family
ID=84722069
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211502996.7A Pending CN115550156A (en) | 2022-11-29 | 2022-11-29 | Alarm method, system, terminal and storage medium based on multi-tenant distribution |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115550156A (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6707795B1 (en) * | 1999-04-26 | 2004-03-16 | Nortel Networks Limited | Alarm correlation method and system |
CN105991337A (en) * | 2015-03-02 | 2016-10-05 | 中国移动通信集团广东有限公司 | Alarm compression method and alarm compression device |
CN107682173A (en) * | 2017-08-07 | 2018-02-09 | 上海天旦网络科技发展有限公司 | Fault automatic location method and system based on Trading Model |
WO2021057576A1 (en) * | 2019-09-29 | 2021-04-01 | 中兴通讯股份有限公司 | Method for constructing cloud network alarm root cause relational tree model, device, and storage medium |
CN113708489A (en) * | 2021-08-17 | 2021-11-26 | 深圳供电局有限公司 | Electric power secondary equipment warning method and system |
CN114020581A (en) * | 2021-11-23 | 2022-02-08 | 浪潮通信信息系统有限公司 | Alarm correlation method based on topological optimization FP-Growth algorithm |
CN114710532A (en) * | 2022-04-02 | 2022-07-05 | 中国科学院水生生物研究所 | Museum safety electricity utilization alarm suppression method and device |
CN115344449A (en) * | 2021-05-14 | 2022-11-15 | 中国移动通信集团浙江有限公司 | Alarm analysis method, device, equipment and storage medium |
-
2022
- 2022-11-29 CN CN202211502996.7A patent/CN115550156A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6707795B1 (en) * | 1999-04-26 | 2004-03-16 | Nortel Networks Limited | Alarm correlation method and system |
CN105991337A (en) * | 2015-03-02 | 2016-10-05 | 中国移动通信集团广东有限公司 | Alarm compression method and alarm compression device |
CN107682173A (en) * | 2017-08-07 | 2018-02-09 | 上海天旦网络科技发展有限公司 | Fault automatic location method and system based on Trading Model |
WO2021057576A1 (en) * | 2019-09-29 | 2021-04-01 | 中兴通讯股份有限公司 | Method for constructing cloud network alarm root cause relational tree model, device, and storage medium |
CN115344449A (en) * | 2021-05-14 | 2022-11-15 | 中国移动通信集团浙江有限公司 | Alarm analysis method, device, equipment and storage medium |
CN113708489A (en) * | 2021-08-17 | 2021-11-26 | 深圳供电局有限公司 | Electric power secondary equipment warning method and system |
CN114020581A (en) * | 2021-11-23 | 2022-02-08 | 浪潮通信信息系统有限公司 | Alarm correlation method based on topological optimization FP-Growth algorithm |
CN114710532A (en) * | 2022-04-02 | 2022-07-05 | 中国科学院水生生物研究所 | Museum safety electricity utilization alarm suppression method and device |
Non-Patent Citations (1)
Title |
---|
万莹等: "基于时间、空间和规则的无线网络告警关联方法", 《计算机科学》 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10860406B2 (en) | Information processing device and monitoring method | |
EP3208996A1 (en) | Method and apparatus for efficient storage and processing of global and local cyber threat data in a distributed factor graph database | |
CN106716953B (en) | Dynamic quantification of cyber-security risks in a control system | |
US9794153B2 (en) | Determining a risk level for server health check processing | |
CN110753112A (en) | Elastic expansion method and device of cloud service | |
US9514176B2 (en) | Database update notification method | |
CN106874135B (en) | Method, device and equipment for detecting machine room fault | |
CN110737891A (en) | host intrusion detection method and device | |
CN111679968A (en) | Interface calling abnormity detection method and device, computer equipment and storage medium | |
CN111343267B (en) | Configuration management method and system | |
CN107403112B (en) | Data checking method and equipment thereof | |
CN112995236A (en) | Internet of things equipment safety management and control method, device and system | |
US8370800B2 (en) | Determining application distribution based on application state tracking information | |
CN115174353A (en) | Fault root cause determination method, device, equipment and medium | |
CN110599278B (en) | Method, apparatus, and computer storage medium for aggregating device identifiers | |
CN115550156A (en) | Alarm method, system, terminal and storage medium based on multi-tenant distribution | |
CN111274032A (en) | Task processing system and method, and storage medium | |
CN113132431B (en) | Service monitoring method, service monitoring device, electronic device, and medium | |
CN114443437A (en) | Alarm root cause output method, apparatus, device, medium, and program product | |
CN108566293B (en) | Electronic device, zk node information notification method, and storage medium | |
CN113282455A (en) | Monitoring processing method and device | |
CN113778780A (en) | Application stability determination method and device, electronic equipment and storage medium | |
CN115174224B (en) | Information security monitoring method and device suitable for industrial control network | |
CN115190008B (en) | Fault processing method, fault processing device, electronic equipment and storage medium | |
CN110262756B (en) | Method and device for caching data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20221230 |
|
RJ01 | Rejection of invention patent application after publication |