WO2023040381A1 - 告警因果关系挖掘方法、告警因果挖掘装置及存储介质 - Google Patents
告警因果关系挖掘方法、告警因果挖掘装置及存储介质 Download PDFInfo
- Publication number
- WO2023040381A1 WO2023040381A1 PCT/CN2022/098772 CN2022098772W WO2023040381A1 WO 2023040381 A1 WO2023040381 A1 WO 2023040381A1 CN 2022098772 W CN2022098772 W CN 2022098772W WO 2023040381 A1 WO2023040381 A1 WO 2023040381A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- alarm
- node
- environment
- system alarm
- mining
- Prior art date
Links
- 238000005065 mining Methods 0.000 title claims abstract description 146
- 230000001364 causal effect Effects 0.000 title claims abstract description 48
- 238000000034 method Methods 0.000 title claims abstract description 45
- 238000003860 storage Methods 0.000 title claims abstract description 9
- 230000002787 reinforcement Effects 0.000 claims abstract description 24
- 230000009471 action Effects 0.000 claims description 140
- 239000003795 chemical substances by application Substances 0.000 claims description 71
- 239000013598 vector Substances 0.000 claims description 56
- 230000003993 interaction Effects 0.000 claims description 41
- 230000007246 mechanism Effects 0.000 claims description 25
- 238000010586 diagram Methods 0.000 claims description 18
- 230000007613 environmental effect Effects 0.000 claims description 13
- 230000008569 process Effects 0.000 claims description 13
- 230000007704 transition Effects 0.000 claims description 13
- 238000009412 basement excavation Methods 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 5
- 238000004891 communication Methods 0.000 claims description 3
- 230000001960 triggered effect Effects 0.000 claims description 2
- 238000012546 transfer Methods 0.000 description 19
- 230000006870 function Effects 0.000 description 13
- 238000012512 characterization method Methods 0.000 description 9
- 230000000694 effects Effects 0.000 description 6
- 230000004927 fusion Effects 0.000 description 6
- 230000002452 interceptive effect Effects 0.000 description 6
- 238000004422 calculation algorithm Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000005457 optimization Methods 0.000 description 3
- 230000000737 periodic effect Effects 0.000 description 3
- 230000001186 cumulative effect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000004140 cleaning Methods 0.000 description 1
- 238000007418 data mining Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 238000007499 fusion processing Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/26—Visual data mining; Browsing structured data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/21—Design, administration or maintenance of databases
- G06F16/215—Improving data quality; Data cleansing, e.g. de-duplication, removing invalid entries or correcting typographical errors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
- G06F16/2228—Indexing structures
Definitions
- the embodiments of the present application relate to the technical field of the Internet, and in particular to a method for mining an alarm causality, an alarm causality mining device, and a storage medium.
- Causality mining algorithms are usually implemented by rule-based statistical methods. For example, mining is based on the co-occurrence frequency of variable pairs or the timing of variable fluctuations, and then uses variables to represent causal coefficients.
- causal mining has theoretical flaws. Specifically, if causality is defined by rules, if the established rules cannot correctly represent the causal relationship, the causal relationship mined is invalid. However, based on co-occurrence frequency and timing, only the correlation between variables can be mined, but the causality cannot be represented.
- the current emerging causal reasoning methods require expert experience to provide variable causal hypotheses for verification mining or random causal hypothesis graphs for verification mining. There are problems such as difficulty in obtaining variable causal hypotheses and too large hypothesis space.
- the embodiment of the present application provides a method for mining causality of alarms, including: building a system alarm environment based on deep reinforcement learning based on system alarm information and root cause label data of system alarm information; intelligent agents and system alarm environment through deep reinforcement learning Interact, learn and generate alert causality models that characterize alert causality and structure.
- An embodiment of the present application provides an alarm causality mining device, including: an agent module based on deep reinforcement learning and a system alarm environment module; the system alarm environment module builds a deep reinforcement system based on system alarm information and root cause label data of the system alarm information. Learned system alarm environment; the agent module interacts with the system alarm environment module to learn and generate an alarm causal model representing the causal relationship and structure of the alarm.
- An embodiment of the present application provides an alarm causality mining device, including: at least one processor; and a memory connected in communication with the at least one processor; wherein, the memory stores instructions that can be executed by the at least one processor, and the instructions are executed by at least one processor. Executed by one processor, so that at least one processor can execute the alarm causality mining method mentioned in the above embodiment.
- An embodiment of the present application provides a computer-readable storage medium storing a computer program, and when the computer program is executed by a processor, the alarm causality mining method mentioned in the above-mentioned embodiment is implemented.
- Fig. 1 is the flowchart of the alarm causality mining method in the embodiment of the present application
- FIG. 2 is a system alarm diagram generated based on Table 1 and Table 2 in the embodiment of the present application;
- Fig. 3 is a schematic structural diagram of an alarm causal excavation device in an embodiment of the present application.
- FIG. 4 is another system alarm diagram in the embodiment of the present application.
- Fig. 5 is a schematic diagram of the state space of the system alarm environment in the embodiment of the present application.
- FIG. 6 is a schematic structural diagram of the A2C model in the embodiment of the present application.
- FIG. 7 is a schematic diagram of the interaction between the alarm causality mining device 20 and the alarm causality mining target system 30 in the embodiment of the present application;
- FIG. 8 is a schematic diagram of the process of obtaining an alarm causal model by the alarm causality mining device 20 in the embodiment of the present application.
- FIG. 9 is a schematic diagram of the interaction between the alarm causality mining device 20 and the alarm causality mining target system 30 in another embodiment of the present application.
- FIG. 10 is a second schematic diagram of the process of obtaining the alarm causality model by the alarm causality mining device 20 in the embodiment of the present application;
- Fig. 11 is a schematic structural diagram of an alarm causal mining device in another embodiment of the present application.
- Fig. 12 is a schematic structural diagram of an alarm causal excavation device in another embodiment of the present application.
- the purpose of the embodiments of this application is to provide a method for mining alarm causality, an alarm causality mining device, and a storage medium, which can obtain an alarm causality model based on deep reinforcement learning, avoid the use of manual rules, and realize accurate mining and monitoring of alarm causality. characterization.
- the alarm causality mining method shown in FIG. 1 is executed by an alarm causality mining device, at least including but not limited to the following steps.
- Step 101 Based on the system alarm information and the root cause label data of the system alarm information, build a system alarm environment for deep reinforcement learning.
- Step 102 The agent interacts with the system alarm environment through deep reinforcement learning, and learns and generates an alarm causal model representing the alarm causality and structure.
- the system alarm environment of deep reinforcement learning is built according to the system alarm information and the root cause label data of the system alarm information, and the agent of deep reinforcement learning conducts exploratory interaction with the system alarm environment to continuously explore and optimize.
- the causal relationship between alarm variables is mined and represented to obtain the alarm causal model.
- the accurate mining and characterization of the alarm causal relationship is realized.
- the alarm causal model is obtained through deep reinforcement learning, avoiding the use of manual rules, thereby avoiding the problem of invalid causality caused by rule errors, and also avoiding the difficulty of obtaining variable causal assumptions and the problem of excessive hypothesis space.
- building a system alarm environment for deep reinforcement learning includes: obtaining a system alarm graph indicating the system alarm information and the root cause label data of the system alarm information;
- the system alarm graph includes the alarm category index, alarm feature vector and root cause mark of each node of the system; according to the system alarm graph, the system alarm environment is built.
- the alarm cause and effect excavation device includes a system alarm environment module, and the system alarm environment module builds a system alarm environment according to the system alarm map.
- the system alarm environment is constructed through the alarm graph, which makes the relationship between each node of the system more intuitive.
- system alarm graph can be generated by the system alarm graph generating module.
- the process of generating the system alarm graph based on the system alarm information by the system alarm graph generating module is illustrated below with an example.
- the system alarm information includes system alarm log data (as shown in Table 1) and alarm key performance indicator (Key Performance Indicator, KPI) information (as shown in Table 2).
- KPI Key Performance Indicator
- node represents a node.
- CPU Steal Time represents the CPU stealing time.
- CPU: *% means CPU usage *%
- Mem *% means memory usage *%
- InputR: *% means data input rate is *%
- OutputR: *% means data output rate is *%.
- the system alarm map generation module obtains the system alarm information shown in Table 1 and Table 2, and performs cleaning and convergence processing on the system alarm information to remove numerical fields, invalid character fields, etc. in the system alarm information.
- the system alarm map generation module classifies the processed data and assigns the alarm category index (Identity Document, ID) to obtain the system alarm category set dictionary.
- the alarm category set dictionary generated based on Table 1 is:
- the alarm category set dictionary indicates the corresponding relationship between the alarm category index and the actual alarm category.
- the alarm system diagram generation module can search the alarm category set dictionary according to the alarm category corresponding to the system alarm information of each node, and determine the alarm category index corresponding to the system alarm information, so that the system alarm information
- the corresponding alarm category index is recorded in the corresponding node of the system alarm graph, for the system alarm environment to respond to the instructions issued by the agent according to the alarm category index of each node.
- the system alarm map generation module can digitize the alarm log data and alarm KPI information of each node in the system. For example, through word2vec technology, the alarm log data and alarm KPI information are converted into vectors. For example, based on the system alarm information of node_1 to node_3 in Table 1 and Table 2, the generated vectors are shown in Table 3.
- the system alarm map generation module uses the node's log The vector and the KPI vector are fused to obtain the alarm feature vector of the node.
- the manner of merging the log vector and the KPI vector may be, for example, merging the log vector and the KPI vector into one vector, as shown in Table 4.
- the system alarm map generation module After obtaining the alarm category index and alarm feature vector of each node, the system alarm map generation module generates a system topology map according to the system topology data; combined with the system topology map, root cause label data, and the alarm category index and alarm feature vector of each node , to generate a system alarm graph.
- the topology graph includes nodes and edges. Nodes in the system can be microservices, component instances, etc., and edges can be defined as relationships such as microservice call relationships and microservice data flow directions.
- the root cause label data is used to indicate the root cause node. Specifically, in the system, if a node fails and spreads rapidly, triggering a failure alarm of its adjacent nodes, this node can be called the root cause node.
- the system alarm graph generating module combines the system topology graph, the root cause label data, and the alarm feature vector and alarm category index of each node to obtain the system alarm graph.
- each node can be, for example, an instantiated node of the system (such as a microservice component), the eigenvalue v of the node is the alarm eigenvector of the node, the eigenvalue Wid of the node is the alarm category index, and the eigenvalue rcn of the node Label the root cause.
- node_1 ["node_3”] indicates that the out-degree node of "node_1” is “node_3”
- node_2 ["node_3”] indicates that the out-degree node of "node_2” is “node_3”
- node_3 ["node_4"] indicates that the outgoing node of "node_3" is “node_4".
- N1 indicates node_1, v1 indicates the alarm feature vector of node_1, N2 indicates node_2, v2 indicates the alarm feature vector of node_2, N3 indicates node_3, v3 indicates the alarm feature vector of node_3, N4 indicates node_4, and v4 indicates the alarm feature vector of node_4.
- batch sample data can be processed to obtain a set of system alarm graphs, and a system alarm environment can be built based on the set of system alarm graphs.
- this embodiment does not limit the number of system alarm information.
- system alarm information can also include a kind of alarm information in the system alarm log data and alarm KPI information
- system alarm graph generation module uses the vector of the alarm information as the alarm feature vector of the node .
- system alarm information may also include other alarm information, which is not limited in this embodiment.
- system alarm map generation module can be a virtual module inside the alarm cause and effect mining device, or it can be a module of other devices independent of the alarm cause and effect mining device. This example does not limit the relationship between the system alarm map generation module and the alarm causality mining device.
- the system alarm environment can establish a corresponding relationship between the alarm category index and the mining action index according to the alarm category index in the alarm category collection dictionary, so that when the mining action index issued by the agent is received Finally, according to the corresponding relationship between the mining action index and the alarm category index, determine the next node corresponding to the mining action index, and adjust the environment state of the system alarm environment.
- the agent interacts with the system alarm environment through deep reinforcement learning, and learns and generates an alarm causal model representing the alarm causality and structure, including: the agent selects a mining action according to the current environment state of the system alarm environment; the system The alarm environment feeds back the reward value and inherited state to the agent according to the mining action, root cause marking, state transition mechanism and reward mechanism; among them, the index of the mining action corresponds to the index of the alarm category; the agent learns and Generate an alert causality model that characterizes alert causality and structure.
- an alarm causality mining device is constructed. As shown in FIG. 3 , the alarm causality mining device 10 includes an agent module 11 and a system alarm environment module 12 .
- the agent module 11 is responsible for the generation and learning of alarm mining strategies, and completes the mining of the causal relationship of alarm variables and the representation of the causal structure.
- the system alarm environment module 12 constructs the system alarm environment according to the system alarm graph set and the alarm category set generated by the system alarm graph generation module 13, manages the state transition mechanism and the action reward mechanism, and responds to the intelligent system according to the state transition mechanism and the action reward mechanism.
- the system alarm environment module 12 can also provide an environment interaction interface, so as to provide the agent module 11 with a system alarm environment for mining the causality of alarm variables.
- the system alarm environment module 12 stores a system alarm graph with root cause node labels, and the system alarm graph is composed of system nodes and relationship edges.
- the nodes of the system are microservice components, and the characteristics of the nodes are the characteristics of the alarm state, that is, the alarm feature vector; the relationship edge is the business relationship between the microservices, which can be the relationship between the call relationship and the data flow relationship between the microservices.
- the root cause node label indicates whether the node is the root cause of the system alarm graph.
- the agent module 11 conducts exploratory interaction with the system alarm environment module 12, and explores and walks the target node (root cause node) from the initial node during the interaction process. The agent module 11 accumulates Values are continuously explored and optimized to complete the mining and characterization of the causal relationship between alarm variables to obtain an alarm causal model.
- the system alarm environment module 12 includes: an environment state representation and transfer function component, an environment action space function component, an alarm cause and effect mining reward function component and an environment state reset function component.
- the environmental state characterization and transfer function component is responsible for the environmental state management of the system alarm environment, and stores the characterization mechanism and state transfer mechanism of the environmental state.
- the interactive operation between the agent module 11 and the system alarm environment module 12 includes: the agent module 11 selects the corresponding excavation action according to the environment state of the current system alarm environment, and the system alarm environment module 12 generates the system alarm environment according to the current environment state and the mining action. Transition to the corresponding inherited state.
- the environment state of the system alarm environment is determined according to the alarm state of the current node, and the alarm state of the current node is generated according to the alarm feature vector of the current node and the alarm feature vector of the adjacent nodes of the current node .
- the alarm status of the current node consists of two parts: the alarm status of the node itself and the alarm status of adjacent nodes.
- the adjacent nodes of the current node are the out-degree adjacent nodes or the in-degree adjacent nodes of the current node.
- the source node of the edge is the in-degree adjacency point of the target node
- the target node of the edge is the out-degree adjacency point of the source node.
- the expected successor nodes of nodes with the same alarm feature vector may be inconsistent.
- the alarm feature vector of the current node and the alarm feature vector of adjacent nodes can be obtained according to the current node and the current system alarm graph, and these two alarm feature vectors are fused to serve as the alarm state of the current node, and the current node
- the alarm status of is used as the environmental status of the system alarm environment.
- the environmental state (State) of the system alarm environment is characterized by the fusion of the alarm feature vector of the current node and the alarm feature vector of the out-degree adjacent nodes (or in-degree adjacent nodes), which is convenient for the agent module 11 to select mining actions.
- the adjacent node is an out-degree adjacent node or an in-degree adjacent node can be selected according to an application scenario, which is not limited in this embodiment.
- the process of merging the alarm feature vector of the current node and the alarm feature vectors of the adjacent nodes of the current node to obtain the alarm status of the current node is as follows: calculate the first fusion feature vector of the alarm feature vectors of the adjacent nodes of the current node, and the second A fusion feature vector is the mean value of the alarm feature vectors of the adjacent nodes of the current node; the alarm feature vector of the current node is spliced with the first fusion feature vector to obtain a second fusion feature vector, and the second fusion feature vector is the alarm state of the current node .
- the adjacent node is the out-degree adjacent node
- the current node is N3 as an example to illustrate the fusion process.
- the out-degree adjacent nodes of N3 are node N4 and node N1, and the environment state of the system alarm environment is [v3, (v4+v1)/2].
- v3 [1,2,3]
- v1 [2,3,4]
- v4 [2,5,6]
- you can get: v4+v2 [4,8,10]
- the state transition mechanism is responsible for determining the inherited state and inherited node of the system alarm environment according to the environment state of the current system alarm environment, the mining action, and the local action space of the current node.
- the state transition mechanism includes: when the mining action belongs to the local action space of the current node, take the adjacent node of the current node that contains the alarm category index corresponding to the index of the mining action as the successor node; As the inherited state of the system alarm environment; in the case that the mining action does not belong to the local action space of the current node, set the inherited state of the system alarm environment to a specified state, for example, zero state.
- the definition of the node transition action in the system alarm graph may be an action selected (or executed) for transitioning from the current node to the desired node.
- Node transfer actions are divided into global action space and local action space.
- the global action space refers to the optional transition action space in the sample environment of the alarm map of the whole system.
- the local action space refers to the transfer action space (effective action space) allowed by the sample environment where the current step is located.
- the state space of a certain system alarm environment is ABCDE, and action IDs are assigned to each state: 1:A, 2:B, 3:C, 4:D, 5:E. If the current state is B, then the global action space is ⁇ 1,2,3,4,5 ⁇ . If the node where the current step is located is node B and its local action space is ⁇ 1,3,4 ⁇ , it can choose action 3 to transfer to node C, but node B cannot transfer to node E.
- the index of the mining action is consistent with the index of the alarm category.
- its local action space is ⁇ 2, 3 ⁇ .
- the mining action is not 2 and 3, for example, the index of the mining action is 5, which is not in the local action space of the current node, then it is judged that the mining action is an illegal action, and the node transfer is not performed, and the system alarm environment inheritance state State_ is directly set to Specifies the state, such as the zero state.
- the accuracy of the node feature representation and the rationality of the transfer in the system alarm graph are guaranteed through the environment state representation mechanism and the state transition mechanism.
- the meaning of the mining action is to select the corresponding mining action according to the alarm (fruit alarm) status of the current node, and transfer to the node due to the alarm, so the mining action Definitions can be options for alerting.
- the system alarm information is collected (including but not limited to system alarm log data and KPI data), cleaned and converged through the system diagram generation module, and then the system alarm information is classified and indexed.
- the alarm category space is the action space
- the environmental state representation and transition function component corresponds each mining action to each alarm category
- the mining action index corresponds to the alarm category index one by one.
- the alarm causality mining reward functional component is responsible for feeding back corresponding rewards to the agent module 11 according to the reward mechanism, current environment state and execution actions, and the rewards represent the quality of the mining actions performed in the current state. Because in the same environment state, the rewards obtained by performing different mining actions are different, and the goal of the rewards is to better guide the agent module 11 to swim from the initial node to the target node (for example, it can be the root node of the system alarm graph Causal node) to quickly complete the mining and characterization of the causal relationship of alarm variables.
- the reward mechanism includes: determining the reward value according to whether the mining action belongs to the local action space of the current node, and after the mining action is performed, the type of the successor node of the system alarm environment.
- the system alarm environment module 12 performs a state transition after executing the mining action, and transfers the environmental state of the system alarm environment to the inherited state, which is reflected in the system alarm graph as transferring from the current node to the inherited node.
- the inherited nodes are divided into four categories: root cause nodes, in-degree adjacent nodes of root cause nodes, zero out-degree nodes (or non-root cause nodes) and normal nodes.
- the root cause node is the root cause node of the current system alarm graph, for example, node N5 in FIG. 4 .
- the in-degree adjacent node of the root cause node is the source node of the in-degree edge of the root cause node.
- the root cause node N5 has an in-degree edge N4 ⁇ N5, and its source node is N4, so N4 node is the source node of the root cause node N5 In-degree neighbor nodes.
- a zero-out-degree node is a node with an out-degree of 0 and is not a root node, such as nodes N1 and N6 in Figure 4, whose out-degree edge is equal to 0.
- Nodes other than the above types of nodes are classified as normal nodes, such as node N2 and node N3 in Fig. 4 .
- the system alarm environment module 12 executes the mining action and transfers the system alarm environment from the current node to the successor node.
- the currently executed mining action is an illegal action, negative rewards will be fed back;
- the action in the local action space of the node, and the successor node is the root cause node, then the feedback is positive reward; if the currently executed mining action belongs to the action in the local action space of the current node, and the successor node is the root cause node indegree If the currently executed mining action belongs to the local action space of the current node, and the successor node is a node with zero out-degree, then a negative reward will be fed back; if the currently executed mining action belongs to the current node’s The action in the local action space, and the successor node is a normal node, feedback 0 reward.
- the feedback reward is 0; and when transferring from node N3 to node N4, because node N4 is the root node in-degree adjacent node, the feedback is positive Reward; when transferring from node N4 to node N5, because node N5 is the root cause node, so feedback positive reward; if transferring from node N3 to node N1, because node N1 is a node with zero out-degree node, so feedback negative reward; If N3 performs an illegal action, it will feed back negative rewards.
- the environmental status reset functional component is responsible for resetting the system alarm environment according to the environmental status reset mechanism. Specifically, in the process of interaction between the agent and the system alarm environment, it also includes: after the system alarm environment executes the mining action sent by the agent, if the interaction termination condition is met, the environment state reset mechanism is triggered.
- the termination condition for the interaction between the agent and the system alarm environment includes at least one of: the number of interactions reaches an interaction threshold, the successor node is the root cause node, or the mining action does not belong to the local action space of the current node.
- the termination conditions for the interaction between the agent and the system alarm environment include but are not limited to: the number of mining explorations (i.e., the number of interactions) in the current interaction cycle reaches a specified value (i.e., the interaction threshold), and the mining exploration reaches the root cause node of the system alarm graph (i.e., the inheritance node is the root cause node) and the agent outputs illegal mining actions.
- Illegal mining actions refer to actions that do not belong to the local action space of the current node.
- the mechanism for resetting the environment state includes: randomly selecting a system alarm graph from the system alarm graph set generated based on the system alarm information and the root cause label data of the system alarm information as the system alarm graph of the system alarm environment; In the system alarm diagram of the alarm environment, select a node whose out-degree or in-degree is not 0 as the start node; use the alarm state of the start node as the environment state of the system alarm environment, and feed it back to the agent so that the agent and the system The alert environment is reinteracted.
- the agent is responsible for generating corresponding mining actions (Action) to interact with the system alarm environment according to the environment state of the system alarm environment, so as to realize alarm causal structure mining and characterization, and its functions include mining and characterization.
- the agent can adopt the A2C model of the actor-critic architecture in the deep reinforcement learning model.
- the structure of the A2C model is shown in Figure 6.
- the agent 11 consists of an actor (Actor) network model and a critic (Critic ) network model composition.
- the Actor network model is responsible for generating mining actions (Action) according to the environment state (State) of the system alarm environment 12. Therefore, the input dimension of the Actor model is consistent with the environment state (State) space dimension of the system alarm environment, and the output dimension is consistent with the system The action (Action) space dimension of the alarm environment is consistent.
- the method for mining causality of alarms mentioned in this embodiment is illustrated below in combination with different meanings of different system alarm information and topological edges in the system alarm graph.
- the alarm causality mining device 20 is communicatively connected with the alarm causality mining target system 30 .
- the alarm causality mining target system 30 collects system alarm logs and system topology, labels the root causes, packages them into system alarm samples, and uploads the system alarm samples to the alarm cause and effect mining device 20 .
- the alarm causality mining device 20 includes an agent module 21 and a system alarm environment module 22, and the steps for obtaining the alarm causality model are as follows:
- Step 201 The system alarm environment module 22 analyzes the system alarm samples uploaded by the alarm causality mining target system 30.
- Step 202 The system alarm environment module 22 constructs a system topology graph according to the system topology data, and creates graph node attributes.
- Node attributes include alarm feature vector v, alarm category index wid and node root cause tag rcn. Clean, converge, and classify the alarm logs of all system alarm samples, obtain the set of alarm categories, and assign indexes to the alarm categories.
- Step 203 the system alarm environment module 22 obtains the system alarm map. Specifically, taking a single sample as an example, the system alarm environment module 22 combines word2vec technology to vectorize the alarm log of the node, obtain the feature vector of the alarm log of the node, and assign it to the attribute v of the node corresponding to the system topology map; according to the steps
- the distribution result of the alarm category index in 203 is to obtain the alarm category index of the node, and assign it to the attribute wid of the node corresponding to the system topology map; set the attribute rcn value of the root cause node in the system topology map to 1 according to the root cause label information , and the rcn value of other node attributes is set to 0.
- the system alarm graph obtained above is stored in the system alarm graph collection.
- Step 204 The system alarm environment module 22 constructs the system alarm environment action space according to the set of alarm categories. Specifically, each alarm category corresponds to a mining action, and the mining action index is consistent with the alarm category index.
- the agent module 21 may include an Actor model and a Critic model.
- Step 206 The system alarm environment module 22 creates a system alarm environment and an interaction experience pool.
- Step 207 The system alarm environment module 22 resets the system alarm environment. First, a system alarm graph is randomly obtained from the system alarm graph set as the current system alarm graph A, and then a node with an out-degree not 0 is randomly selected from the current system alarm graph A as the current node, and finally according to the current node and its adjacent nodes The alarm feature vector v of the system alarm environment is fused to obtain the environment state (State) of the system alarm environment, and the environment state of the system alarm environment is fed back to the agent module 21 .
- State environment state
- Step 208 The agent module 21 reads the environment status of the system alarm environment, generates mining action (Action) according to the environment status of the system alarm environment, and sends it to the system alarm environment.
- Action mining action
- Step 209 The system alarm environment module 22 judges the legality of the Action, that is, judges whether the mining action is in the local action space of the current node. If the Action is illegal, go to step 210. If legal, go to step 211.
- Step 210 The system alarm environment module 22 does not transfer the inheritance node, directly sets the alarm environment inheritance state (State_) to zero state, sets the action reward to -10.0, and sets the period interaction end flag (done) to true (True). Then step 212 is executed.
- State_ alarm environment inheritance state
- Step 211 The system alarm environment module 22 transfers to the node containing the alarm category index (wid) corresponding to the mining action index, takes this node as an inherited node, and obtains the inherited state (State_) of the system alarm environment according to the inherited node.
- Step 212 The system alerts the environment module 22 to feed back the inheritance status, action rewards and cycle interaction end mark to the agent module 21.
- Step 213 The agent module 21 forms a quaternion (State, Action, reward, State_) from the current state, mining action, action reward, and inheritance state, and stores it in the interactive experience pool as an experience sample, and sends the system alarm environment
- the environment state (State) is updated to inherit state State_.
- Step 214 The agent module 21 accumulatively adds 1 to the step_counter.
- Step 215 The agent module 21 performs subsequent operations based on the following judgment results:
- episode_counter ⁇ episode_num go to step 207, otherwise go to step 208.
- Step 216 Complete the alarm causality mining, and export the Actor model of the agent module 21 as the target system alarm causality and structural representation model. It can provide secondary development support for the root cause location of system failures.
- the alarm causality mining device 20 is communicatively connected with the alarm causality mining target system 30 .
- the alarm causality mining target system 30 collects system alarm logs, alarm KPI information, and system topology, labels them as root causes, packages them into system alarm samples, and uploads the data to the alarm causality mining device 20 .
- the alarm causal mining device 20 includes an agent module 21 and a system alarm environment module 22, and the steps for obtaining the alarm causal model are as follows:
- Step 301 The system alarm environment module 22 analyzes the system alarm samples uploaded by the alarm causality mining target system.
- Step 302 The system alarm environment module 22 constructs a system topology graph according to the system topology data, and creates graph node attributes.
- Node attributes include alarm feature vector v, alarm category index wid and node root cause tag rcn. Clean, converge, and classify the alarm logs of all system alarm samples, obtain the set of alarm categories, and assign indexes to the alarm categories.
- Step 303 the system alarm environment module 22 obtains the system alarm map. Specifically, taking a single sample as an example, the system alarm environment module 22 combines word2vec technology to vectorize the alarm log of the node to obtain the log vector of the node; vectorize the node alarm KPI information to obtain the KPI vector of the node; Splicing and merging with the KPI vector to obtain the alarm feature vector of the node; assigning the alarm feature vector to the attribute v of the node corresponding to the system topology map; according to the assignment result of the alarm category index in step 203, obtaining the alarm category index of the node, and Assign a value to the attribute wid of the node corresponding to the system topology map; set the attribute rcn value of the root cause node in the system topology map to 1, and set the attribute rcn value of other nodes to 0 according to the root cause label information.
- the system alarm graph obtained above is stored in the system alarm graph collection.
- Step 304 The system alarm environment module 22 constructs the system alarm environment action space according to the set of alarm categories. Specifically, each alarm category corresponds to a mining action, and the mining action index is consistent with the alarm category index.
- the agent module 21 may include an Actor model and a Critic model.
- Step 306 The system alarm environment module 22 creates a system alarm environment and an interaction experience pool.
- Step 307 The system alarm environment module 22 resets the system alarm environment. First, a system alarm graph is randomly obtained from the system alarm graph set as the current system alarm graph A, and then a node with an out-degree not 0 is randomly selected from the current system alarm graph A as the current node, and finally according to the current node and its adjacent nodes The alarm feature vector v of the system alarm environment is fused to obtain the environment state (State) of the system alarm environment, and the environment state of the system alarm environment is fed back to the agent module 21 .
- State environment state
- Step 308 The agent module 21 reads the environment status of the system alarm environment, generates mining action (Action) according to the environment status of the system alarm environment, and sends it to the system alarm environment.
- Action mining action
- Step 309 The system alarm environment module 22 judges the legality of the Action, that is, judges whether the mining action is in the local action space of the current node. If the Action is illegal, go to step 310. If legal, go to step 311.
- Step 310 The system alarm environment module 22 does not transfer the inheritance node, directly sets the alarm environment inheritance state (State_) to zero state, sets the action reward to -10.0, and sets the period interaction end flag (done) to true (True). Then step 212 is executed.
- State_ alarm environment inheritance state
- Step 311 The system alarm environment module 22 transfers to the node containing the alarm category index (wid) corresponding to the mining action index, takes this node as an inherited node, and obtains the inherited state (State_) of the system alarm environment according to the inherited node.
- Step 312 The system alerts the environment module 22 to feed back the inheritance status, action rewards and cycle interaction end mark to the agent 21.
- Step 313 The agent module 21 forms a quaternion (State, Action, reward, State_) from the current state, mining action, action reward, and inheritance state, and stores it in the interactive experience pool as an experience sample, and sends the system alarm environment
- the environment state (State) is updated to inherit state State_.
- Step 314 The agent module 21 accumulatively adds 1 to the step_counter.
- Step 315 The agent module 21 performs subsequent operations based on the following judgment results:
- step_counter> episode_len
- episode_counter ⁇ episode_num go to step 307, otherwise go to step 308.
- Step 316 Complete the alarm causality mining, and export the Actor model of the agent as the target system alarm causality and structural representation model. It can provide secondary development support for the root cause location of system failures.
- step division of the above various methods is only for the sake of clarity of description. During implementation, it can be combined into one step or some steps can be split and decomposed into multiple steps. As long as they include the same logical relationship, they are all within the scope of protection of this patent. ; Adding insignificant modifications or introducing insignificant designs to the algorithm or process, but not changing the core design of the algorithm and process are all within the scope of protection of this patent.
- the embodiment of the present application also provides an alarm causal mining device.
- the alarm causal mining device 20 includes: an agent module 21 and a system alarm environment module 22 .
- the system alarm environment module 21 can build a deep reinforcement learning system alarm environment based on the system alarm information and the root cause label data of the system alarm information; the agent module 21 based on deep reinforcement learning interacts with the system alarm environment module 22 to learn and generate representations Alarm causality model for alarm causality and structure.
- the agent module 21 based on deep reinforcement learning interacts with the system alarm environment module 22 to learn and generate representations Alarm causality model for alarm causality and structure.
- this embodiment is a device implementation manner corresponding to the above-mentioned method embodiment, and this embodiment can be implemented in cooperation with the above-mentioned method embodiment.
- the relevant technical details mentioned in the foregoing method embodiments are still valid in this embodiment, and will not be repeated here in order to reduce repetition.
- the relevant technical details mentioned in this embodiment can also be applied to the above method embodiments.
- modules involved in this embodiment are logical modules.
- a logical unit can be a physical unit, or a part of a physical unit, or multiple physical units. Combination of units.
- units that are not closely related to solving the technical problem proposed in the present application are not introduced in this embodiment, but this does not mean that there are no other units in this embodiment.
- the embodiment of the present application also provides an alarm causal mining device, as shown in FIG. 12 , including: at least one processor 31; and a memory 32 connected in communication with at least one processor 31; The instructions executed by the processor 31 are executed by at least one processor 31, so that the at least one processor 31 can execute the above method embodiments.
- the memory 32 and the processor 31 are connected by a bus, and the bus may include any number of interconnected buses and bridges, and the bus connects one or more processors 31 and various circuits of the memory 32 together.
- the bus may also connect together various other circuits such as peripherals, voltage regulators, and power management circuits, all of which are well known in the art and therefore will not be further described herein.
- the bus interface provides an interface between the bus and the transceivers.
- a transceiver may be a single element or multiple elements, such as multiple receivers and transmitters, providing means for communicating with various other devices over a transmission medium.
- the data processed by the processor 31 is transmitted on the wireless medium through the antenna, further, the antenna also receives the data and transmits the data to the processor 31 .
- Processor 31 is responsible for managing the bus and general processing, and may also provide various functions including timing, peripheral interfacing, voltage regulation, power management, and other control functions. And the memory 32 may be used to store data used by the processor 31 when performing operations.
- the embodiment of the present application also provides a computer-readable storage medium storing a computer program.
- the above method embodiments are implemented when the computer program is executed by the processor.
- the program is stored in a storage medium, and includes several instructions to make a device ( It may be a single-chip microcomputer, a chip, etc.) or a processor (processor) to execute all or part of the steps of the methods in the various embodiments of the present application.
- the aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disc, etc., which can store program codes. .
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Quality & Reliability (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
Description
Claims (11)
- 一种告警因果关系挖掘方法,包括:基于系统告警信息和所述系统告警信息的根因标签数据,搭建深度强化学习的系统告警环境;通过所述深度强化学习的智能体与所述系统告警环境的交互,学习并生成表征告警因果关系和结构的告警因果模型。
- 根据权利要求1所述的告警因果关系挖掘方法,其中,所述基于所述系统告警信息和所述系统告警信息的根因标签数据,搭建深度强化学习的系统告警环境,包括:获取指示所述系统告警信息和所述系统告警信息的根因标签数据的系统告警图;所述系统告警图包括系统的各节点的告警类别索引、告警特征向量和根因标记;根据所述系统告警图,搭建所述系统告警环境。
- 根据权利要求2所述的告警因果关系挖掘方法,其中,所述通过所述深度强化学习的智能体与所述系统告警环境交互,学习并生成表征告警因果关系和结构的告警因果模型,包括:所述智能体根据所述系统告警环境当前的环境状态选择挖掘动作;所述系统告警环境根据所述挖掘动作、所述根因标记、状态转移机制和奖励机制,反馈奖励值和继承状态至所述智能体;其中,所述挖掘动作的索引与所述告警类别索引对应;所述智能体根据所述挖掘动作和所述奖励值,学习并生成表征告警因果关系和结构的告警因果模型。
- 根据权利要求3所述的告警因果关系挖掘方法,其中,所述系统告警环境的环境状态根据当前节点的告警状态确定,所述当前节点的告警状态根据所述当前节点的告警特征向量,以及所述当前节点的邻接节点的告警特征向量生成。
- 根据权利要求3所述的告警因果关系挖掘方法,其中,所述状态转移机制包括:在所述挖掘动作属于当前节点的局部动作空间的情况下,将所述当前节点 的含有与所述挖掘动作的索引对应的告警类别索引的邻接节点作为继承节点;将所述继承节点的告警状态作为所述系统告警环境的继承状态;在所述挖掘动作不属于所述当前节点的局部动作空间的情况下,将所述系统告警环境的继承状态设置为指定状态。
- 根据权利要求3所述的告警因果关系挖掘方法,其中,所述奖励机制包括:根据所述挖掘动作是否属于当前节点的局部动作空间,以及执行所述挖掘动作后,所述系统告警环境的继承节点的类型,确定所述奖励值。
- 根据权利要求3至6中任一项所述的告警因果关系挖掘方法,其中,在所述智能体与所述系统告警环境交互过程中,还包括:所述系统告警环境在执行完所述智能体下发的挖掘动作后,在满足交互终止条件的情况下,触发环境状态复位机制。
- 根据权利要求7所述的告警因果关系挖掘方法,其中,所述环境状态复位机制包括:在基于所述系统告警信息和所述系统告警信息的根因标签数据生成的系统告警图集合中,随机选取一个系统告警图,作为所述系统告警环境的系统告警图;从所述系统告警环境的系统告警图中,选择一个出度或入度不为0的节点作为起始节点;将所述起始节点的告警状态作为所述系统告警环境的环境状态,反馈给所述智能体,以便所述智能体与所述系统告警环境重新进行交互。
- 一种告警因果挖掘装置,包括:基于深度强化学习的智能体模块和系统告警环境模块;所述系统告警环境模块基于系统告警信息和系统告警信息的根因标签数据,搭建深度强化学习的系统告警环境;所述智能体模块与所述系统告警环境模块交互,学习并生成表征告警因果关系和结构的告警因果模型。
- 一种告警因果挖掘装置,包括:至少一个处理器;以及,与所述至少一个处理器通信连接的存储器;其中,所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所述至少一个处理器执行,以使 所述至少一个处理器能够执行如权利要求1至8中任一项所述的告警因果关系挖掘方法。
- 一种计算机可读存储介质,存储有计算机程序,所述计算机程序被处理器执行时,实现如权利要求1至8中任一项所述的告警因果关系挖掘方法。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111113557.2 | 2021-09-18 | ||
CN202111113557.2A CN113901126A (zh) | 2021-09-18 | 2021-09-18 | 告警因果关系挖掘方法、告警因果挖掘装置及存储介质 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2023040381A1 true WO2023040381A1 (zh) | 2023-03-23 |
Family
ID=79028951
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2022/098772 WO2023040381A1 (zh) | 2021-09-18 | 2022-06-14 | 告警因果关系挖掘方法、告警因果挖掘装置及存储介质 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN113901126A (zh) |
WO (1) | WO2023040381A1 (zh) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116257363A (zh) * | 2023-05-12 | 2023-06-13 | 中国科学技术大学先进技术研究院 | 资源调度方法、装置、设备及存储介质 |
CN116991683A (zh) * | 2023-08-03 | 2023-11-03 | 北京优特捷信息技术有限公司 | 一种告警信息处理方法、装置、设备及介质 |
CN117170997A (zh) * | 2023-11-03 | 2023-12-05 | 中保车服科技服务股份有限公司 | 用于告警信息的关联方法、系统、存储介质及设备 |
CN117709806A (zh) * | 2024-02-05 | 2024-03-15 | 慧新全智工业互联科技(青岛)有限公司 | 协同工作的多设备异常自动化检测方法及检测系统 |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113901126A (zh) * | 2021-09-18 | 2022-01-07 | 中兴通讯股份有限公司 | 告警因果关系挖掘方法、告警因果挖掘装置及存储介质 |
CN114637649A (zh) * | 2022-03-01 | 2022-06-17 | 清华大学 | 一种基于oltp数据库系统的告警根因分析方法及装置 |
CN114666204B (zh) * | 2022-04-22 | 2024-04-16 | 广东工业大学 | 一种基于因果强化学习的故障根因定位方法及系统 |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112003718A (zh) * | 2020-09-25 | 2020-11-27 | 南京邮电大学 | 一种基于深度学习的网络告警定位方法 |
CN112100392A (zh) * | 2020-07-28 | 2020-12-18 | 浙江大学 | 一种基于强化学习和知识图谱的设备故障溯因方法 |
CN112181758A (zh) * | 2020-08-19 | 2021-01-05 | 南京邮电大学 | 一种基于网络拓扑及实时告警的故障根因定位方法 |
CN113220946A (zh) * | 2021-05-25 | 2021-08-06 | 平安付科技服务有限公司 | 基于强化学习的故障链路搜索方法、装置、设备及介质 |
CN113240139A (zh) * | 2021-06-03 | 2021-08-10 | 南京中兴新软件有限责任公司 | 告警因果评估方法、故障根因定位方法及电子设备 |
WO2021179643A1 (zh) * | 2020-03-12 | 2021-09-16 | 华为技术有限公司 | 故障处理的方法、装置以及系统 |
CN113901126A (zh) * | 2021-09-18 | 2022-01-07 | 中兴通讯股份有限公司 | 告警因果关系挖掘方法、告警因果挖掘装置及存储介质 |
-
2021
- 2021-09-18 CN CN202111113557.2A patent/CN113901126A/zh active Pending
-
2022
- 2022-06-14 WO PCT/CN2022/098772 patent/WO2023040381A1/zh active Application Filing
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2021179643A1 (zh) * | 2020-03-12 | 2021-09-16 | 华为技术有限公司 | 故障处理的方法、装置以及系统 |
CN112100392A (zh) * | 2020-07-28 | 2020-12-18 | 浙江大学 | 一种基于强化学习和知识图谱的设备故障溯因方法 |
CN112181758A (zh) * | 2020-08-19 | 2021-01-05 | 南京邮电大学 | 一种基于网络拓扑及实时告警的故障根因定位方法 |
CN112003718A (zh) * | 2020-09-25 | 2020-11-27 | 南京邮电大学 | 一种基于深度学习的网络告警定位方法 |
CN113220946A (zh) * | 2021-05-25 | 2021-08-06 | 平安付科技服务有限公司 | 基于强化学习的故障链路搜索方法、装置、设备及介质 |
CN113240139A (zh) * | 2021-06-03 | 2021-08-10 | 南京中兴新软件有限责任公司 | 告警因果评估方法、故障根因定位方法及电子设备 |
CN113901126A (zh) * | 2021-09-18 | 2022-01-07 | 中兴通讯股份有限公司 | 告警因果关系挖掘方法、告警因果挖掘装置及存储介质 |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116257363A (zh) * | 2023-05-12 | 2023-06-13 | 中国科学技术大学先进技术研究院 | 资源调度方法、装置、设备及存储介质 |
CN116257363B (zh) * | 2023-05-12 | 2023-07-25 | 中国科学技术大学先进技术研究院 | 资源调度方法、装置、设备及存储介质 |
CN116991683A (zh) * | 2023-08-03 | 2023-11-03 | 北京优特捷信息技术有限公司 | 一种告警信息处理方法、装置、设备及介质 |
CN116991683B (zh) * | 2023-08-03 | 2024-01-30 | 北京优特捷信息技术有限公司 | 一种告警信息处理方法、装置、设备及介质 |
CN117170997A (zh) * | 2023-11-03 | 2023-12-05 | 中保车服科技服务股份有限公司 | 用于告警信息的关联方法、系统、存储介质及设备 |
CN117709806A (zh) * | 2024-02-05 | 2024-03-15 | 慧新全智工业互联科技(青岛)有限公司 | 协同工作的多设备异常自动化检测方法及检测系统 |
CN117709806B (zh) * | 2024-02-05 | 2024-05-28 | 慧新全智工业互联科技(青岛)有限公司 | 协同工作的多设备异常自动化检测方法及检测系统 |
Also Published As
Publication number | Publication date |
---|---|
CN113901126A (zh) | 2022-01-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2023040381A1 (zh) | 告警因果关系挖掘方法、告警因果挖掘装置及存储介质 | |
Neider et al. | Learning linear temporal properties | |
Palomares et al. | Consensus under a fuzzy context: Taxonomy, analysis framework AFRYCA and experimental case of study | |
Ripley et al. | Manual for RSIENA | |
CN114090902B (zh) | 一种基于异质网络的社交网络影响力预测方法、装置 | |
WO2019185039A1 (zh) | 数据处理方法和电子设备 | |
CN110929047A (zh) | 关注邻居实体的知识图谱推理方法和装置 | |
WO2022022233A1 (zh) | Ai模型更新的方法、装置、计算设备和存储介质 | |
Rkhami et al. | Learn to improve: A novel deep reinforcement learning approach for beyond 5G network slicing | |
JPWO2018083804A1 (ja) | 分析プログラム、情報処理装置および分析方法 | |
Gu et al. | Learning big Gaussian Bayesian networks: Partition, estimation and fusion | |
Huang et al. | Generating programmatic referring expressions via program synthesis | |
Huang et al. | Partitioned hybrid learning of Bayesian network structures | |
US11487604B2 (en) | Cognitive service request construction | |
CN116151384B (zh) | 量子电路处理方法、装置及电子设备 | |
CN114900435B (zh) | 一种连接关系预测方法及相关设备 | |
Shamsinejadbabaki et al. | Causality-based cost-effective action mining | |
Trabelsi et al. | Benchmarking dynamic Bayesian network structure learning algorithms | |
CN113342500B (zh) | 任务执行方法、装置、设备及存储介质 | |
CN115599990A (zh) | 一种知识感知结合深度强化学习的跨域推荐方法及系统 | |
WO2023091144A1 (en) | Forecasting future events from current events detected by an event detection engine using a causal inference engine | |
CN114898184A (zh) | 模型训练方法、数据处理方法、装置及电子设备 | |
KR20080087571A (ko) | 상황 예측 시스템 및 그 방법 | |
CN111581812B (zh) | 一种目标驱动、基于遗传算法的自适应系统规划生成方法 | |
US11775265B2 (en) | Method and system for library package management |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 22868758 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2401001330 Country of ref document: TH |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2022868758 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2022868758 Country of ref document: EP Effective date: 20240320 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |