CN1975725A - Method and system for managing journal - Google Patents
Method and system for managing journal Download PDFInfo
- Publication number
- CN1975725A CN1975725A CN 200610124170 CN200610124170A CN1975725A CN 1975725 A CN1975725 A CN 1975725A CN 200610124170 CN200610124170 CN 200610124170 CN 200610124170 A CN200610124170 A CN 200610124170A CN 1975725 A CN1975725 A CN 1975725A
- Authority
- CN
- China
- Prior art keywords
- record
- merge
- querying condition
- log
- data source
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000002224 dissection Methods 0.000 claims description 10
- 241000270322 Lepidosauria Species 0.000 claims description 8
- 230000011218 segmentation Effects 0.000 claims description 8
- 239000000284 extract Substances 0.000 claims description 4
- 230000008878 coupling Effects 0.000 claims description 2
- 238000010168 coupling process Methods 0.000 claims description 2
- 238000005859 coupling reaction Methods 0.000 claims description 2
- 238000000605 extraction Methods 0.000 claims 1
- 238000005194 fractionation Methods 0.000 claims 1
- 238000007726 management method Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 7
- 238000013507 mapping Methods 0.000 description 5
- 238000012550 audit Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000001788 irregular Effects 0.000 description 1
Images
Landscapes
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention provides a log managing method and system, which includes: the management system maps records that have the same keyword segment to a combined record which is the data resource for searching; when receiving inquiry conditions from users, the management system finds the corresponding combined record in data resource according to the inquiry conditions, then retrieve the original log record from the combined record.
Description
Technical field
The present invention relates to information security field, relate in particular to a kind of method and system of admin log.
Background technology
Along with the application of ecommerce, produced a large amount of business information, need a large amount of security systems to guarantee the safety of business information.And the deployment of security system will produce a large amount of log informations, and this wherein not only has the relationship type information in the database, and also have a large amount of non-structured journal files.A large amount of information resources are dispersed in everywhere, deposit according to different classification, form, and are subjected to different security mechanism institute control and managements.Therefore, auditing department is the important means of security audit to the search of log information.
The most existing auditing system is to utilize database technology, and daily record is imported database, utilizes Structured Query Language (SQL) (Structured Query Language, SQL) inquiry then.Utilizing database technology, can inquire about most of daily record data, and derive the result, under the little situation of data volume, is the inquiry means of using always.
The inventor finds in the process of using the data base querying technology, the database SQL inquiry is based on string matching, need thoroughly contrast the inquiry field, causes search efficiency extremely low, the time that needs hour level for the inquiry of TB (Tera Bytes, terabyte) level data.Data base querying returns lot of data, but not according to the certain rules ordering, concerning the auditor, a large amount of irregular results are difficult to find the most qualified record.Moreover data base querying must clearly be known list structure, requires the maintainer to grasp certain database knowledge, and according to the certain grammar inquiry, these are concerning the security audit personnel, and querying condition is too complicated, inefficiency, and the resource of consumption will be many more.
Another technology of data query is exactly a search engine technique, has improved inquiry velocity, is applicable to quick, the fuzzy query of mass data, is mainly used in the site search aspect, supports that a large amount of users frequently inquires about.The inventor finds that in implementation process the result that search engine technique is searched for out is fuzzyyer, has been mingled with a lot of interfere informations, is unfavorable for the daily record search of security audit.
Summary of the invention
The purpose of embodiments of the invention is, a kind of method and system of admin log are provided, and can realize accurate inquiry, improves search efficiency.
In order to solve the problems of the technologies described above, embodiments of the invention provide a kind of method of admin log, and this method comprises:
The original log record that management system will have same critical field is mapped to a merge record as the search data source;
When management system receives user's querying condition, find merge record corresponding in the described search data source according to described querying condition with described querying condition, and
Obtain the original log record corresponding according to described merge record with described querying condition.
Correspondingly, embodiments of the invention also provide a kind of Log Administration System, comprising:
Pretreatment module is collected in daily record: be used to collect the original log record, and the original log record with same critical field is mapped to a merge record, be saved in the database as the search data source;
Search processing module: be used for finding the described search data source merge record corresponding, and obtain the original log record corresponding with described querying condition according to described merge record with described querying condition according to user's querying condition.
Wherein, described system also comprises:
Index file generation module: collect pretreatment module with daily record and couple, be used for producing index file according to described search data source with the search processing module.
Implement the present invention, have following beneficial effect:
In the technical scheme of the method and system of a kind of admin log that embodiments of the invention provide, the original log record that will have same critical field by Database Mapping is mapped to a merge record, one query obtains merge record through search processing then, this record is split into many raw readings, pass through query processing for the second time again, filter out ineligible original log record, needing to obtain the original log record, improved query precision like this.In addition, many the original log records with same keyword are mapped to a merge record, and be that indexing units is created index file with this merge record, reduced index record, also promptly saved a large amount of index space, also reduced number of processes, can significantly improve processing speed, solve the slow technical matters of inquiry velocity in the data base querying technology, simultaneously, reduce lower deployment cost, improved system performance.
Description of drawings
Fig. 1 is the structural representation of a kind of Log Administration System embodiment of the embodiment of the invention;
Fig. 2 is the structural representation of preferred embodiment of a kind of Log Administration System of the embodiment of the invention;
Fig. 3 is the main process flow diagram of method of a kind of admin log of the embodiment of the invention;
Fig. 4 is the particular flow sheet of step S21 among Fig. 3;
Fig. 5 is the particular flow sheet that generates the step of index file in the embodiment of the invention;
Fig. 6 is the particular flow sheet of Fig. 3 step S22.
Embodiment
In the technical scheme of the method and system of a kind of admin log that embodiments of the invention provide, the original log record that will have same critical field by Database Mapping is mapped to a merge record, one query obtains merge record through search processing then, this record is split into many raw readings, pass through query processing for the second time again, filter out ineligible original log record, obtain the original log record that needs.
Below in conjunction with accompanying drawing, specifically set forth the technical scheme of the specific embodiment of the invention.
With reference to figure 1, be the structural representation of a kind of Log Administration System embodiment of the embodiment of the invention.As known in the figure, this Log Administration System comprises:
Pretreatment module 1 is collected in daily record: be used to collect the original log record, and the original log record with same critical field (as: time field) is mapped to a merge record, be saved in the database as the search data source;
Search processing module 3: be used for finding the described search data source merge record corresponding, and obtain the original log record corresponding, return to user side 4 with described querying condition according to described merge record with described querying condition according to user's querying condition.
In order further to set forth the concrete technical scheme of the embodiment of the invention, provided an a kind of preferred embodiment of Log Administration System below.
With reference to figure 2, illustrate the structural representation of preferred embodiment of a kind of Log Administration System of the embodiment of the invention.This Log Administration System comprises: pretreatment module 1 and search processing module 3 are collected in daily record,
Wherein said system also comprises,
Index file generation module 2: collect pretreatment module 1 with daily record and couple, be used for producing index file according to described search data source with search processing module 3.
Wherein, daily record collection pretreatment module 1 comprises:
Merge record unit 102: collect agency 101 with daily record and couple, be used for the original log record with same critical field after handling through transcoding is mapped to a merge record, be saved in the database 103 as the search data source.
In the above-described embodiments, as shown in Figure 2, index file generation module 2 comprises:
Reptile processing unit 201: from database 103, obtain merge record information, and be saved in the private database 204;
Dissection process unit 202: couple with reptile processing unit 201, be used for described merge record information is carried out dissection process, and be saved in the temporary file, remove the data of private database 204 simultaneously;
Index creation unit 203: coupling with dissection process unit 202, be used for described merge record information is carried out word segmentation processing, then the content after the word segmentation processing is added up, is that indexing units is created index file with the merge record.
Query unit 301: be used for extracting the corresponding merge record of importing with the user of querying condition from described index file;
Record split cells 302: couple with described query unit 301, be used to be combined record and carry out deconsolidation process, be reduced into many raw readings;
Filter element 303: couple with record split cells 302, be used for extracting the raw readings corresponding, return to user side 4 with described querying condition from described many raw readings.
Last mask body has been set forth the concrete technical scheme of a kind of Log Administration System of the embodiment of the invention, below in conjunction with accompanying drawing, further sets forth a kind of concrete technical scheme of searching for the method for daily record of the embodiment of the invention.
With reference to figure 3, be the main process flow diagram of method of a kind of admin log of the embodiment of the invention, this method comprises:
Step S21, the original log record that management system will have same critical field is mapped to a merge record as the search data source;
Step S22 when management system receives user's querying condition, finds merge record corresponding with described querying condition in the described search data source according to described querying condition, and
Obtain the original log record corresponding according to described merge record with described querying condition.
As shown in Figure 4, step S21 specifically comprises:
Step S211, daily record is collected the agency and is regularly collected the new original log that produces, and carries out transcoding and handle, and is specially:
Collect agency (Agent) in various Log Source deploy daily records, be responsible for collecting the new daily record that produces, can inquire about according to the time period during user search for convenience, convert time of all daily records to unified format.
Step S212, the original log that daily record will be collected after the agency will handle through transcoding is saved in the tables of original record with the form that wall scroll writes down, and is specially:
Daily record is collected the agency original log record is transferred in the dedicated log database (LogDB) of merge record unit, and is as shown in table 1, and original log leaves in the corresponding tables of original record with the form of wall scroll record.
Table 1, tables of original record
| Field | Time | The IP address | User name | Message |
| Record 1 | 2006-5-25 12:24:38 | 192.168.0.2 | Zhang San | Login ground, |
| Record | ||||
| 2 | 2006-5-25 12:24:38 | 192.168.2.36 | Li Si | Use |
| Record | ||||
| 3 | 2006-5-25 12:24:39 | 192.168.0.2 | Zhang San | Download main.cpp file on the |
| Record | ||||
| 4 | 2006-5-25 12:24:39 | 192.168.0.2 | Zhang San | Download soft.tar.gz file on the ftp server |
Step S213, the view mapping is done to every tables of original record in the merge record unit, and the original log record with same critical field is mapped to a merge record, as the search data source, is saved in the database, specifically comprises:
For each tables of original record, create view, its form is as shown in table 2, identical time field is mapped in the same field of view, and the date is switched into big integer, for example 2006525122439, data type adopts character type, for the ease of splitting record later on, adopt XML tag to separate between each original log record.
The field of view is the same with tables of original record, comprises identical time field, but field type and length will adjust, and according to the length of physical record and the record number in p.s., adjusts field size in the view.
Table 2, view format
| Field | Time | The IP address | User name | Message |
| Record 1 | 2006525122438 | <a><r>192.168.0.2</r><r>192.168. 2.36</r></a> | <a><r>Zhang San</r><r>Li Si</r></a> | <a><r>Login ftp server</r><r>Use msn</r></a> |
| | 2006525122439 | <a><r>192.168.0.2</r><r>192.168. 0.2</r></a> | <a><r>Zhang San</r><r>Zhang San</r></a> | <a><r>Download main.cpp file on the ftp server</r><r>Download soft.tar.gz file on the ftp server</r></a> |
In the present embodiment, a kind of method of admin log also comprises the step that generates index file, and as shown in Figure 5, the step that generates index file specifically comprises:
Step S221, start-up by hand or timing log-on data storehouse reptile obtain recorded information from described search data source, and are saved in the private database, are specially:
The reptile processing unit connects database, obtains merge record information from database, extracts content of text and is kept in the system-specific database.This database need be preserved daily record original contents (original log record), and the uri address of log record, by this address designation daily record.Reptile is extracted all information in the view, in the database of every recorded and stored indexed file generation module, enters next step processing then.
Step S222, the dissection process unit carries out dissection process to described merge record information, and is saved in the temporary file, removes the data of private database simultaneously.
Step S223, the index creation unit is added up the content after the word segmentation processing then to carrying out word segmentation processing through the merge record information after the dissection process, is that indexing units is created index file with the merge record.
Wherein, comprise the full detail of original log in the index file, and the participle index information.
In the time of with data source ordering storage, another sorted lists of keywords (dictionary) is arranged, the mapping relations that are used to store keyword and record.
As shown in Figure 6, step S22 specifically comprises:
Step S231, management system is resolved user's querying condition according to query grammar, splits out the system queries condition, is specially:
The search processing module receives after the user inquiring condition of user's input, utilizes query unit according to query grammar the user inquiring condition to be resolved, and splits out the system queries condition,
As: time<2006525122438 and user name=" Zhang San ".
Step S232 searches the unit and extracts from described index file with the corresponding merge record of this system queries condition according to the system queries condition and be specially:
Query unit judge time of satisfying simultaneously be 2006525122438 and user name be Zhang San have only merge record 1 (reference table 2), therefore, return this merge record 1.The merge record that returns can show according to parameter marshallings such as time, frequencies, and can the return results number.
Step S233, the record split cells carries out deconsolidation process with described merge record, is reduced into many raw readings, is specially:
Search utility splits merge record 1 according to the xml mark, restores many raw readings, and is as shown in table 3.
Table 3, the raw readings form that restores
| Field | Time | The IP address | User name | Message |
| Record 1 | 2006-5-25 12:24:38 | 192.168.0.2 | Zhang San | Login |
| Record | ||||
| 2 | 2006-5-25 12:24:38 | 192.168.2.36 | Li Si | Use msn |
Step S234, filter element extract the original log record corresponding with described system queries condition from described many raw readings, filter out other original log record that does not meet described system queries condition, are specially:
According to querying condition, as: time<2006525122438 and user name=" Zhang San ", every original log record is inquired about once more, final qualified record is returned.Therefore, have only a record to return to the user, as shown in table 4.
The original log record of table 4, final search result
| Field | Time | The IP address | User name | Message |
| Record 1 | 2006-5-25 12:24:38 | 192.168.0.2 | Zhang San | Login ftp server |
From the above, comprised complete daily record data in the indexed file, so Search Results has also comprised complete log record.By this function, ephemeral data can be only preserved in the daily record data source, and after the index file generation module was handled data, daily record data just was kept in the index file, and data before this can be removed.Through binary search, the user can obtain the most qualified original log record, can select preserving type, derives forms such as xml, csv, html.
The foregoing description carries out log management according to the time-critical field, but the embodiment of the invention is not limited thereto, and can also carry out log management according to critical fielies such as IP address, host name, message field.
Implement specific embodiments of the invention and have following technique effect:
In the technical scheme of the method and system of a kind of admin log that embodiments of the invention provide, the original log record that will have same critical field by Database Mapping is mapped to a merge record, one query obtains merge record through search processing then, this record is split into many raw readings, pass through query processing for the second time again, filter out ineligible original log record, obtain the original log record of needs, improved query precision like this.In addition, many the original log records with same keyword are mapped to a merge record, and be that indexing units is created index file with this merge record, reduce index record, also promptly saved a large amount of index space, also reduced number of processes, can significantly improve inquiry velocity, simultaneously, reduce lower deployment cost, improved system performance.
Above disclosed is preferred embodiment of the present invention only, can not limit the present invention's interest field certainly with this, and therefore the equivalent variations of doing according to claim of the present invention still belongs to the scope that the present invention is contained.
Claims (9)
1, a kind of method of admin log is characterized in that, this method comprises:
The original log record that management system will have same critical field is mapped to a merge record as the search data source;
When management system receives user's querying condition, find merge record corresponding in the described search data source according to described querying condition with described querying condition,
Obtain the original log record corresponding according to described merge record with described querying condition.
2, the method for claim 1 is characterized in that, the original log record that described management system will have same critical field is mapped to a merge record as the search data source, specifically comprises:
A1, the new original log that produces of collection regularly are saved in the form of described original log with the wall scroll record in the tables of original record;
A2, the original log record that has same critical field in the described tables of original record is mapped to a merge record as the search data source.
3, method as claimed in claim 1 or 2 is characterized in that, described method also comprises the step that generates index file:
B1, start-up by hand or timing log-on data storehouse reptile obtain merge record information from described search data source;
B2, described recorded information is carried out dissection process;
B3, to carrying out word segmentation processing through the merge record information after the dissection process, then the content after the word segmentation processing is added up, be that indexing units is created index file with the merge record.
4, method as claimed in claim 3, it is characterized in that, it is described when management system receives user's querying condition, find merge record corresponding in the described search data source according to described querying condition, and obtain the original log record corresponding with described querying condition according to described merge record, specifically comprise:
C1, according to described querying condition from described index file, extract with the corresponding merge record of this querying condition;
C2, described merge record is carried out deconsolidation process, be reduced into many raw readings;
C3, extraction and the corresponding raw readings of described querying condition from described many raw readings.
5, a kind of Log Administration System is characterized in that, this system comprises:
Pretreatment module is collected in daily record: be used to collect the original log record, and the original log record with same critical field is mapped to a merge record, be saved in the database as the search data source;
Search processing module: be used for finding the described search data source merge record corresponding, and obtain the original log record corresponding with described querying condition according to described merge record with described querying condition according to user's querying condition.
6, system as claimed in claim 5 is characterized in that, described system also comprises:
Index file generation module: collect pretreatment module with daily record and couple, be used for producing index file according to described search data source with the search processing module.
As claim 5 or 6 described systems, it is characterized in that 7, described daily record is collected pretreatment module and comprised:
The agency is collected in daily record: be used for regularly collecting the new original log that produces, and carry out transcoding and handle, convert the Unified coding form to;
Merge record unit: collect the agency with daily record and couple, be used for the original log record with same critical field after handling through transcoding is mapped to a merge record, deposit in the database as the search data source.
8, system as claimed in claim 7 is characterized in that, described index file generation module comprises:
Reptile processing unit: from described database, obtain merge record information, and be saved in the private database;
Dissection process unit: couple with the reptile processing unit, be used for that described merge record information is carried out grammer and handle, and be saved in the temporary file, remove the data of private database simultaneously;
The index creation unit: coupling with the dissection process unit, be used for described merge record information is carried out word segmentation processing, then the content after the word segmentation processing is added up, is that indexing units is created index file with the merge record.
9, system as claimed in claim 8 is characterized in that, described search processing comprises:
Query unit: be used for extracting the corresponding merge record of importing with the user of querying condition from described index file;
Record split cells: couple with described query unit, be used for described merge record fractionation is reduced into many raw readings;
Filter element: split list and couple with described record, be used for extracting and the corresponding raw readings of described querying condition from described many raw readings.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006101241706A CN100426300C (en) | 2006-12-12 | 2006-12-12 | Method and system for managing journal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006101241706A CN100426300C (en) | 2006-12-12 | 2006-12-12 | Method and system for managing journal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1975725A true CN1975725A (en) | 2007-06-06 |
| CN100426300C CN100426300C (en) | 2008-10-15 |
Family
ID=38125793
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006101241706A Expired - Fee Related CN100426300C (en) | 2006-12-12 | 2006-12-12 | Method and system for managing journal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100426300C (en) |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101800668A (en) * | 2010-03-23 | 2010-08-11 | 成都市华为赛门铁克科技有限公司 | Method and device for merging logs |
| CN101937377A (en) * | 2009-06-29 | 2011-01-05 | 百度在线网络技术(北京)有限公司 | Data recovery method and device |
| CN102063477A (en) * | 2010-12-13 | 2011-05-18 | 百度在线网络技术(北京)有限公司 | Website data extraction device and method |
| CN102591867A (en) * | 2011-01-07 | 2012-07-18 | 清华大学 | Searching service method based on mobile device position |
| CN102833241A (en) * | 2012-08-20 | 2012-12-19 | 中国联合网络通信集团有限公司 | Streaming media service traffic record merged-processing method and device |
| CN103176971A (en) * | 2011-12-20 | 2013-06-26 | 触动多媒体技术(上海)有限公司 | Remote log information analysis system |
| CN103379099A (en) * | 2012-04-19 | 2013-10-30 | 阿里巴巴集团控股有限公司 | Hostile attack identification method and system |
| CN103903097A (en) * | 2014-04-04 | 2014-07-02 | 中国联合网络通信集团有限公司 | Business handling data processing method and device |
| CN104281672A (en) * | 2014-09-28 | 2015-01-14 | 网神信息技术(北京)股份有限公司 | Log data processing method and device |
| CN105975495A (en) * | 2016-04-26 | 2016-09-28 | 北京奇虎科技有限公司 | Big data storage and search method and apparatus |
| CN106294723A (en) * | 2016-08-10 | 2017-01-04 | 成都广达新网科技股份有限公司 | A kind of apply in the quick inspection method of system journal of embedded device and system |
| CN106815123A (en) * | 2015-12-01 | 2017-06-09 | 北京神州泰岳软件股份有限公司 | The pattern exhibition method and picture showing device of a kind of daily record data |
| CN108038135A (en) * | 2017-11-21 | 2018-05-15 | 平安科技(深圳)有限公司 | Electronic device, the method for multilist correlation inquiry and storage medium |
| CN108563629A (en) * | 2018-03-13 | 2018-09-21 | 北京仁和诚信科技有限公司 | A kind of daily record resolution rules automatic generation method and device |
| CN109101504A (en) * | 2017-06-20 | 2018-12-28 | 恒为科技(上海)股份有限公司 | A kind of efficient log compression and indexing means |
| CN109388621A (en) * | 2018-10-12 | 2019-02-26 | 厦门市美亚柏科信息股份有限公司 | For parsing the method, apparatus and computer-readable medium of journal file |
| CN109684279A (en) * | 2017-10-18 | 2019-04-26 | 中移(苏州)软件技术有限公司 | A kind of data processing method and system |
| WO2020113434A1 (en) * | 2018-12-04 | 2020-06-11 | 比特大陆科技有限公司 | Method and apparatus for processing time records |
| CN112463738A (en) * | 2020-11-20 | 2021-03-09 | 中国建设银行股份有限公司 | Log retrieval method, system, computer device and storage medium |
| CN112948328A (en) * | 2021-01-28 | 2021-06-11 | 长沙市到家悠享网络科技有限公司 | Retrieval method, device, equipment and medium of log data |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP3832077B2 (en) * | 1998-03-06 | 2006-10-11 | 富士ゼロックス株式会社 | Document management device |
| CN1633080A (en) * | 2003-12-24 | 2005-06-29 | 华为技术有限公司 | Method for implementing log in network management system |
| CN1761277B (en) * | 2004-10-11 | 2010-07-14 | 中兴通讯股份有限公司 | Device for dynamic analyzing call ticket and dynamic analyzing method |
| EP1662764A1 (en) * | 2004-11-30 | 2006-05-31 | Alcatel | Unified call log |
| CN1632793A (en) * | 2004-12-29 | 2005-06-29 | 复旦大学 | An optimization method for releasing relational data as XML document using buffer memory |
-
2006
- 2006-12-12 CN CNB2006101241706A patent/CN100426300C/en not_active Expired - Fee Related
Cited By (32)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101937377A (en) * | 2009-06-29 | 2011-01-05 | 百度在线网络技术(北京)有限公司 | Data recovery method and device |
| CN101800668B (en) * | 2010-03-23 | 2012-10-17 | 成都市华为赛门铁克科技有限公司 | Method and device for merging logs |
| CN101800668A (en) * | 2010-03-23 | 2010-08-11 | 成都市华为赛门铁克科技有限公司 | Method and device for merging logs |
| CN102063477A (en) * | 2010-12-13 | 2011-05-18 | 百度在线网络技术(北京)有限公司 | Website data extraction device and method |
| CN102591867A (en) * | 2011-01-07 | 2012-07-18 | 清华大学 | Searching service method based on mobile device position |
| CN103176971A (en) * | 2011-12-20 | 2013-06-26 | 触动多媒体技术(上海)有限公司 | Remote log information analysis system |
| CN103379099B (en) * | 2012-04-19 | 2017-08-04 | 阿里巴巴集团控股有限公司 | Hostile attack identification method and system |
| CN103379099A (en) * | 2012-04-19 | 2013-10-30 | 阿里巴巴集团控股有限公司 | Hostile attack identification method and system |
| CN102833241B (en) * | 2012-08-20 | 2015-05-20 | 中国联合网络通信集团有限公司 | Streaming media service traffic record merged-processing method and device |
| CN102833241A (en) * | 2012-08-20 | 2012-12-19 | 中国联合网络通信集团有限公司 | Streaming media service traffic record merged-processing method and device |
| CN103903097A (en) * | 2014-04-04 | 2014-07-02 | 中国联合网络通信集团有限公司 | Business handling data processing method and device |
| CN104281672A (en) * | 2014-09-28 | 2015-01-14 | 网神信息技术(北京)股份有限公司 | Log data processing method and device |
| CN104281672B (en) * | 2014-09-28 | 2021-02-12 | 网神信息技术(北京)股份有限公司 | Method and device for processing log data |
| CN106815123B (en) * | 2015-12-01 | 2020-11-20 | 北京神州泰岳软件股份有限公司 | Log data graph showing method and log data graph showing device |
| CN106815123A (en) * | 2015-12-01 | 2017-06-09 | 北京神州泰岳软件股份有限公司 | The pattern exhibition method and picture showing device of a kind of daily record data |
| CN105975495A (en) * | 2016-04-26 | 2016-09-28 | 北京奇虎科技有限公司 | Big data storage and search method and apparatus |
| CN106294723A (en) * | 2016-08-10 | 2017-01-04 | 成都广达新网科技股份有限公司 | A kind of apply in the quick inspection method of system journal of embedded device and system |
| CN109101504B (en) * | 2017-06-20 | 2023-09-19 | 恒为科技(上海)股份有限公司 | Log compression and indexing method |
| CN109101504A (en) * | 2017-06-20 | 2018-12-28 | 恒为科技(上海)股份有限公司 | A kind of efficient log compression and indexing means |
| CN109684279A (en) * | 2017-10-18 | 2019-04-26 | 中移(苏州)软件技术有限公司 | A kind of data processing method and system |
| CN109684279B (en) * | 2017-10-18 | 2020-12-08 | 中移(苏州)软件技术有限公司 | Data processing method and system |
| CN108038135A (en) * | 2017-11-21 | 2018-05-15 | 平安科技(深圳)有限公司 | Electronic device, the method for multilist correlation inquiry and storage medium |
| CN108563629A (en) * | 2018-03-13 | 2018-09-21 | 北京仁和诚信科技有限公司 | A kind of daily record resolution rules automatic generation method and device |
| CN108563629B (en) * | 2018-03-13 | 2022-04-19 | 北京仁和诚信科技有限公司 | Automatic log analysis rule generation method and device |
| CN109388621B (en) * | 2018-10-12 | 2021-05-07 | 厦门市美亚柏科信息股份有限公司 | Method, apparatus and computer readable medium for parsing log file |
| CN109388621A (en) * | 2018-10-12 | 2019-02-26 | 厦门市美亚柏科信息股份有限公司 | For parsing the method, apparatus and computer-readable medium of journal file |
| WO2020113434A1 (en) * | 2018-12-04 | 2020-06-11 | 比特大陆科技有限公司 | Method and apparatus for processing time records |
| CN113227996A (en) * | 2018-12-04 | 2021-08-06 | 区块链联合香港有限公司 | Method and apparatus for processing time records |
| EP3961414A4 (en) * | 2018-12-04 | 2022-06-08 | Hong Kong Sunstar Technology Co., Limited | Method and apparatus for processing time records |
| CN113227996B (en) * | 2018-12-04 | 2024-07-05 | 香港星辰科技有限公司 | Method and device for processing time records |
| CN112463738A (en) * | 2020-11-20 | 2021-03-09 | 中国建设银行股份有限公司 | Log retrieval method, system, computer device and storage medium |
| CN112948328A (en) * | 2021-01-28 | 2021-06-11 | 长沙市到家悠享网络科技有限公司 | Retrieval method, device, equipment and medium of log data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100426300C (en) | 2008-10-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1975725A (en) | Method and system for managing journal | |
| CN100339855C (en) | Content management system | |
| CN1916905A (en) | Method for carrying out retrieval hint based on inverted list | |
| CN100520778C (en) | Internet topics file searching method, reptile system and search engine | |
| CN1873642A (en) | Searching engine with automating sorting function | |
| CN103631909B (en) | System and method for combined processing of large-scale structured and unstructured data | |
| CN101196898A (en) | Method for applying phrase index technology into internet search engine | |
| CN1609859A (en) | Search result clustering method | |
| CN101046820A (en) | System and method for prioritizing websites during a webcrawling process | |
| CN1941786A (en) | Method and apparatus for publishing content through blog | |
| CN101051309A (en) | Researching system and method used in digital labrary | |
| CN102710795A (en) | Hotspot collecting method and device | |
| CN101075252A (en) | Method and system for searching network | |
| CN1468403A (en) | Internet searching system to be easy by user and method thereof | |
| CN101079064A (en) | Web page sequencing method and device | |
| CN1858737A (en) | Method and system for data searching | |
| CN101261629A (en) | Specific information searching method based on automatic classification technology | |
| CN101051313A (en) | Integrated data source finding method for deep layer net page data source | |
| CN102200979A (en) | Distributed parallel information retrieval system and distributed parallel information retrieval method | |
| CN101201838A (en) | Method for improving searching engine based on keyword index using phrase index technique | |
| CN1949226A (en) | Multidimensional data reading and writing method and apparatus in on-line analytical processing system | |
| CN102831253A (en) | Distributed full-text retrieval system | |
| CN1831825A (en) | Document management method and apparatus and document search method and apparatus | |
| CN1794239A (en) | Automatic generating system of template network station possessing searching function and its method | |
| CN104166683A (en) | Data mining method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20081015 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |