WO2023213060A1 - Management method and system based on zabbix monitoring platform - Google Patents

Management method and system based on zabbix monitoring platform Download PDF

Info

Publication number
WO2023213060A1
WO2023213060A1 PCT/CN2022/128007 CN2022128007W WO2023213060A1 WO 2023213060 A1 WO2023213060 A1 WO 2023213060A1 CN 2022128007 W CN2022128007 W CN 2022128007W WO 2023213060 A1 WO2023213060 A1 WO 2023213060A1
Authority
WO
WIPO (PCT)
Prior art keywords
monitoring
query
zabbix
platform
data
Prior art date
Application number
PCT/CN2022/128007
Other languages
French (fr)
Chinese (zh)
Inventor
钱寅
吴志远
谢虎
李琳
潘圆
霍正鸣
Original Assignee
上海欣诺通信技术股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 上海欣诺通信技术股份有限公司 filed Critical 上海欣诺通信技术股份有限公司
Publication of WO2023213060A1 publication Critical patent/WO2023213060A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/069Management of faults, events, alarms or notifications using logs of notifications; Post-processing of notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Environmental & Geological Engineering (AREA)
  • Debugging And Monitoring (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A management method and system based on a Zabbix monitoring platform. The system comprises a monitoring management platform and a Zabbix monitoring platform connected to the monitoring management platform by means of an API interface. The method comprises: outputting a query command in a state in which a monitoring management platform acquires a query command, and, according to the query command, acquiring at least one query instruction matching the query command; and in a state in which a Zabbix monitoring platform acquires a query instruction, the Zabbix monitoring platform acquiring query data matching the query instruction from a Zabbix client according to the query instruction, and returning the query data to the monitoring management platform.

Description

一种基于Zabbix监控平台的管理方法及系统A management method and system based on Zabbix monitoring platform 技术领域Technical field
本发明涉及网络安全监控技术领域,具体涉及基于Zabbix监控平台的管理方法及系统。The present invention relates to the technical field of network security monitoring, and specifically relates to a management method and system based on Zabbix monitoring platform.
背景技术Background technique
目前由于城市大数据信息庞大,管理部门即使是安排维护人员加强巡视,也无法完全保障它们的安全,无法实时有效地获得设备的信息,面对异常情况无法实现实时监控和快速高效的管理。为更好地保障电信管网安全,保护好网管的全面性,迫切需要采用新技术、新模式管理与监控。该方案存在以下突出问题:zabbix的用户权限控制还需要加强,比如多租户共有1套zabbix系统,每个用户希望只能看到自己有关的系统的监控界面,现有系统比较难实现。图形展示功能薄弱,各种信息混杂在一起,造成运维困难。例如一旦系统出现故障,则无法快速判断故障发生点或者发生原因。At present, due to the huge amount of urban big data information, even if the management department arranges maintenance personnel to strengthen inspections, they cannot fully guarantee their safety, cannot effectively obtain equipment information in real time, and cannot achieve real-time monitoring and fast and efficient management in the face of abnormal situations. In order to better ensure the security of telecommunications pipe networks and protect the comprehensiveness of network management, there is an urgent need to adopt new technologies and new models of management and monitoring. This solution has the following outstanding problems: Zabbix user permission control needs to be strengthened. For example, there is a Zabbix system for multi-tenants. Each user hopes to only see the monitoring interface of his own system, which is difficult to implement with the existing system. The graphical display function is weak and various information is mixed together, making operation and maintenance difficult. For example, once a system failure occurs, it is impossible to quickly determine the point or cause of the failure.
发明内容Contents of the invention
针对现有技术的不足,本发明提供一种基于Zabbix监控平台的管理方法和系统,具体地:In view of the shortcomings of the existing technology, the present invention provides a management method and system based on the Zabbix monitoring platform, specifically:
一方面,本发明提供一种基于Zabbix监控平台的管理方法,其中,包括:监控管理平台、通过API接口连接所述监控管理平台的所述Zabbix监控平台,还包括:On the one hand, the present invention provides a management method based on the Zabbix monitoring platform, which includes: a monitoring management platform, the Zabbix monitoring platform connected to the monitoring management platform through an API interface, and also includes:
于监控管理平台获取到查询命令的状态下输出所述查询命令,并 根据所述查询命令获取与所述查询命令匹配的至少一个查询指令;Output the query command when the monitoring and management platform obtains the query command, and obtain at least one query command matching the query command according to the query command;
于所述Zabbix监控平台获取到所述查询指令的状态下,所述Zabbix监控平台根据所述查询指令于Zabbix客户端中获取于所述查询指令匹配的查询数据,并将所述查询数据返回至所述监控管理平台。In the state where the Zabbix monitoring platform obtains the query instruction, the Zabbix monitoring platform obtains the query data matching the query instruction from the Zabbix client according to the query instruction, and returns the query data to The monitoring and management platform.
优选地,上述的一种基于Zabbix监控平台的管理方法,其中,包括:Preferably, the above-mentioned management method based on Zabbix monitoring platform includes:
所述监控管理平台根据所述查询数据判定是否形成警示通知;The monitoring and management platform determines whether to form a warning notification based on the query data;
于警示通知形成的状态下,根据所述警示通知读取与所述警示通知匹配的目标账户,并根据所述目标账户发送所述警示通知。In the state where the warning notification is formed, the target account matching the warning notification is read according to the warning notification, and the warning notification is sent according to the target account.
优选地,上述的一种基于Zabbix监控平台的管理方法,其中,于监控管理平台获取到查询命令的状态下输出所述查询命令,并根据所述查询命令获取与所述查询命令匹配的至少一个查询指令;Preferably, the above-mentioned management method based on Zabbix monitoring platform, wherein the query command is output when the monitoring management platform obtains the query command, and at least one matching query command is obtained according to the query command. query instructions;
监控管理平台获取到查询命令的状态下先输出所述查询命令,并根据所述查询命令获取与所述查询命令匹配的查询目标;When the monitoring and management platform obtains the query command, it first outputs the query command, and obtains the query target matching the query command according to the query command;
根据所述查询目标形成一查询目标流信息;Form a query target flow information according to the query target;
根据所述查询目标流信息形成匹配所述查询目标信息的至少一个查询指令。At least one query instruction matching the query target information is formed according to the query target flow information.
优选地,上述的一种基于Zabbix监控平台的管理方法,其中,所述监控管理平台根据所述查询数据判定是否形成警示通知具体包括:Preferably, the above-mentioned management method based on Zabbix monitoring platform, wherein the monitoring and management platform determines whether to form a warning notification based on the query data specifically includes:
于所述监控管理平台获取到查询数据的状态下,所述查询数据读取进程监控数据、监控状态数据、文件状态数据、信安日志监控数据;When the monitoring and management platform obtains query data, the query data reads process monitoring data, monitoring status data, file status data, and Principal log monitoring data;
于所述进程监控数据、监控状态数据、文件状态数据、信安日志监控数据中任意数据匹配预定的监控数据时则形成所述警示通知。The warning notification is generated when any data among the process monitoring data, monitoring status data, file status data, and Xin'an log monitoring data matches predetermined monitoring data.
优选地,上述的一种基于Zabbix监控平台的管理方法,其中, 警示通知形成的状态下,根据所述警示通知读取与所述警示通知匹配的目标账户,并根据所述目标账户发送所述警示通知具体包括:Preferably, the above-mentioned management method based on Zabbix monitoring platform, wherein, in a state where a warning notification is formed, the target account matching the warning notification is read according to the warning notification, and the target account is sent according to the target account. Warning notices specifically include:
于警示通知形成的状态下,根据所述警示通知读取与所述警示通知匹配的目标账户;In a state where an alert notification is formed, read the target account matching the alert notification according to the alert notification;
获取目标账户中上一个警示通知的读取顺序;Get the reading order of the previous alert notification in the target account;
根据所述读取顺序发送所述警示通知。The alert notification is sent according to the reading sequence.
另一方面,本发明再提供一种基于Zabbix监控平台的管理系统,其中,包括:监控管理平台、通过API接口连接所述监控管理平台的所述Zabbix监控平台,所述Zabbix监控平台连接有至少一个DPI服务器;On the other hand, the present invention further provides a management system based on the Zabbix monitoring platform, which includes: a monitoring management platform, the Zabbix monitoring platform connected to the monitoring management platform through an API interface, and the Zabbix monitoring platform is connected to at least a DPI server;
所述Zabbix监控平台至少包括连接于Zabbix服务端的Zabbix客户端、设备端、程序端、Zabbix数据存储单元;The Zabbix monitoring platform at least includes a Zabbix client, a device, a program, and a Zabbix data storage unit connected to the Zabbix server;
所述监控管理平台至少包括连接于一监控服务端的监控显示单元、第三方接口单元、监控数据存储单元,所述Zabbix服务端连接所述监控服务端,该系统用于实现上述中任一项基于Zabbix监控平台的管理方法。The monitoring management platform at least includes a monitoring display unit, a third-party interface unit, and a monitoring data storage unit connected to a monitoring server. The Zabbix server is connected to the monitoring server. The system is used to implement any of the above based on Management method of Zabbix monitoring platform.
再一方面,本发明再提供一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器运行的计算机程序,其中,所述处理器执行所述计算机程序时实现如上述任一项基于Zabbix监控平台的管理方法。In another aspect, the present invention provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein when the processor executes the computer program, any one of the above is implemented. The project is based on the management method of Zabbix monitoring platform.
最后,本申请再提供一种计算机程序产品,其中,包括计算机可读代码,或者承载有计算机可读代码的可读存储介质,当计算机可读代码在电子设备的处理器中运行时,所述电子设备中的处理器执行用于实现任一项基于Zabbix监控平台的管理方法。Finally, this application provides a computer program product, which includes computer readable code, or a readable storage medium carrying computer readable code. When the computer readable code is run in a processor of an electronic device, the The processor in the electronic device executes any management method based on the Zabbix monitoring platform.
与现有技术相比,本发明的有益效果是:Compared with the prior art, the beneficial effects of the present invention are:
通过上述技术方案,监控管理平台获取到查询命令的状态下,根据所述查询命令获取与所述查询命令匹配的查询目标,根据所述查询目标形成一查询目标流信息,根据所述查询目标流信息形成匹配所述查询目标信息的至少一个查询指令,于所述Zabbix监控平台获取到所述查询指令的状态下,所述Zabbix监控平台根据所述查询指令于Zabbix客户端中获取于所述查询指令匹配的查询数据,并将所述查询数据返回至所述监控管理平台。用户根据反馈的查询数据即可快速判断出现故障的原因。Through the above technical solution, when the monitoring and management platform obtains the query command, it obtains the query target matching the query command according to the query command, forms a query target flow information according to the query target, and forms a query target flow information according to the query target flow. The information forms at least one query instruction that matches the query target information. When the Zabbix monitoring platform obtains the query instruction, the Zabbix monitoring platform obtains the query in the Zabbix client according to the query instruction. Instruct matching query data, and return the query data to the monitoring management platform. Users can quickly determine the cause of the failure based on the feedback query data.
附图说明Description of the drawings
图1为本发明实施例一提供的一种基于Zabbix监控平台的管理方法的流程图;Figure 1 is a flow chart of a management method based on Zabbix monitoring platform provided in Embodiment 1 of the present invention;
图2为本发明实施例二提供的一种基于Zabbix监控平台的管理系统的结构示意图;Figure 2 is a schematic structural diagram of a management system based on Zabbix monitoring platform provided in Embodiment 2 of the present invention;
图3为本发明实施例三提供的一种电子设备的结构示意图。FIG. 3 is a schematic structural diagram of an electronic device provided in Embodiment 3 of the present invention.
具体实施方式Detailed ways
现有的Zabbix监控平台作为一个运维,需要会使用监控系统查看服务器状态以及网站流量指标,利用监控系统的数据去了解上线发布的结果,和网站的健康状态。但是Zabbix监控平台通常显示的方式很不友好,通常将所有数据同时显示,故而在出现故障的时候,无法准确获取故障所关联的设备状态,例如A设备出现故障,Zabbix监控平台按照预定定义的逻辑输出A设备的警示通知,但是维修人员无法快速制造A设备产生故障的原因,需要于众多信息中查询。基于此,本申请提供一种基于Zabbix监控平台的管理方法及系统As an operation and maintenance platform, the existing Zabbix monitoring platform needs to use the monitoring system to check the server status and website traffic indicators, and use the data of the monitoring system to understand the results of the online release and the health status of the website. However, the display method of the Zabbix monitoring platform is usually very unfriendly. It usually displays all data at the same time. Therefore, when a fault occurs, the device status associated with the fault cannot be accurately obtained. For example, if device A fails, the Zabbix monitoring platform will follow the predefined logic. A warning notification of equipment A is output, but the maintenance personnel cannot quickly determine the cause of the failure of equipment A and need to query a large amount of information. Based on this, this application provides a management method and system based on Zabbix monitoring platform
如图1所示,一种基于Zabbix监控平台的管理方法,包括:监控管理平台、通过API接口连接所述监控管理平台的所述Zabbix监控平台,所述Zabbix监控平台连接有至少一个DPI服务器;具体地:所述Zabbix监控平台至少包括连接于Zabbix服务端的Zabbix客户端、设备端、程序端、Zabbix数据存储单元,所述监控管理平台至少包括连接于一监控服务端的监控显示单元、第三方接口单元、监控数据存储单元,所述Zabbix服务端连接所述监控服务端。还包括:As shown in Figure 1, a management method based on the Zabbix monitoring platform includes: a monitoring management platform, the Zabbix monitoring platform connected to the monitoring management platform through an API interface, and the Zabbix monitoring platform is connected to at least one DPI server; Specifically: the Zabbix monitoring platform at least includes a Zabbix client, a device, a program, and a Zabbix data storage unit connected to the Zabbix server. The monitoring management platform at least includes a monitoring display unit and a third-party interface connected to a monitoring server. unit and a monitoring data storage unit, and the Zabbix server is connected to the monitoring server. Also includes:
步骤S110、于监控管理平台获取到查询命令的状态下输出所述查询命令,并根据所述查询命令获取与所述查询命令匹配的至少一个查询指令;进一步地,其中,具体包括:Step S110: Output the query command when the monitoring and management platform obtains the query command, and obtain at least one query command matching the query command according to the query command; further, it specifically includes:
步骤S1101、于监控管理平台获取到查询命令的状态下先输出所述查询命令,并根据所述查询命令获取与所述查询命令匹配的查询目标;其中查询命令可由监控管理平台输出,例如监控管理平台接收外部输入的查询目标信息,根据所述查询目标信息形成所述查询命令。Step S1101: When the monitoring and management platform obtains the query command, first output the query command, and obtain the query target matching the query command according to the query command; wherein the query command can be output by the monitoring and management platform, for example, monitoring management The platform receives externally input query target information and forms the query command based on the query target information.
查询命令形成后即可发送,并由相应的设备进行执行,查询指令则根据监控管理平台内部存储的数据形成,示意性地,根据该查询命令可以先模拟出该查询命令的传输路径,根据该传输路径获取到相应的查询目标。After the query command is formed, it can be sent and executed by the corresponding device. The query command is formed based on the data stored inside the monitoring management platform. Schematically, according to the query command, the transmission path of the query command can be simulated first. According to the query command, The transmission path obtains the corresponding query target.
步骤S1102、根据所述查询目标形成一查询目标流信息,其中所述查询目标流信息匹配查询命令传递的信号流。例如当前收到设备A处于故障告警状态,则需要对设备A发生一查询命令,该查询命令的传递过程即可为理解为查询命令传递的信号流。Step S1102: Form a query target flow information according to the query target, wherein the query target flow information matches the signal flow transmitted by the query command. For example, if it is currently received that device A is in a fault alarm state, a query command needs to be issued to device A. The transmission process of the query command can be understood as a signal flow transmitted by the query command.
步骤S1103、根据所述查询目标流信息形成匹配所述查询目标信息的至少一个查询指令。查询指令则为获取与该查询指令匹配的查询对象的状态下。Step S1103: Form at least one query instruction matching the query target information according to the query target flow information. The query instruction is in the state of obtaining the query object matching the query instruction.
继续以A设备故障为例,A设备故障原因可能为设备A自身的原因,也有可能为其他设备导致。例如A设备有信号传递的上一个设备,以及与上一个设备有信号传递的上上一个设备。故而查询对象至少包括与该信号流匹配的所有设备的工作状态,每一个设备均有一个对应的查询指令。Continuing to take the failure of device A as an example, the cause of the failure of device A may be caused by device A itself or may be caused by other devices. For example, device A has the previous device for signal transmission, and the previous device for signal transmission with the previous device. Therefore, the query object at least includes the working status of all devices matching the signal flow, and each device has a corresponding query command.
步骤S120、于所述Zabbix监控平台获取到所述查询指令的状态下,所述Zabbix监控平台根据所述查询指令于Zabbix客户端中获取于所述查询指令匹配的查询数据,并将所述查询数据返回至所述监控管理平台。Step S120: When the Zabbix monitoring platform obtains the query instruction, the Zabbix monitoring platform obtains the query data matching the query instruction from the Zabbix client according to the query instruction, and converts the query instruction into the Zabbix client. The data is returned to the monitoring and management platform.
所述Zabbix监控平台获取到所述查询指令的对应的状态下,根据所述查询指令于Zabbix客户端中获取查询数据,需要说明的是该查询数据不仅包含当前查询指令所需要的数据,同时还需要包含该设备历史运行数据。所述Zabbix监控平台将所述查询数据发送至监控管理平台,并由所述监控管理平台显示所述查询数据。When the Zabbix monitoring platform obtains the corresponding state of the query instruction, it obtains query data from the Zabbix client according to the query instruction. It should be noted that the query data not only contains the data required by the current query instruction, but also Need to include historical operating data of the device. The Zabbix monitoring platform sends the query data to the monitoring and management platform, and the monitoring and management platform displays the query data.
其中,历史运行数据用于供用户判断是否真实发生了故障,当前查询指令所需要的数据用于判断当前故障是否继续存在。例如根据历史运行数据实现所有的设备均处于正常工作状态,那么形成故障的原因则可能因为系统自身的故障产生的误告警。该告警故障并未真实存储,若历史运行数据出现了异常,则排除监控平台自身的故障,确认告警的真实性,在告警真实发生的状态下,根据当前查询指令的所需要的数据判断故障是否异常,如当前查询指令的所需要的数据处于异常状态,则故障继续存在,根据当前查询指令结合历史运行数据盘查故障原因,如当前查询指令的所需数据处于正常状态,则根据历史运行数据排查故障发生及消失的原因。Among them, historical operating data is used for users to determine whether a fault has actually occurred, and the data required by the current query command is used to determine whether the current fault continues to exist. For example, if all equipment is in normal working condition based on historical operating data, then the cause of the fault may be false alarms generated by the system itself. The alarm fault is not actually stored. If there is an abnormality in the historical operating data, the fault of the monitoring platform itself must be eliminated to confirm the authenticity of the alarm. In the state where the alarm actually occurs, determine whether the fault is based on the data required by the current query command. Abnormality. If the data required by the current query command is in an abnormal state, the fault continues to exist. The cause of the fault will be investigated based on the current query command and historical operating data. If the data required by the current query command is in a normal state, troubleshooting will be based on historical operating data. Reasons for the occurrence and disappearance of faults.
通过上述技术方案,监控管理平台获取到查询命令的状态下,根 据所述查询命令获取与所述查询命令匹配的查询目标,根据所述查询目标形成一查询目标流信息,根据所述查询目标流信息形成匹配所述查询目标信息的至少一个查询指令,于所述Zabbix监控平台获取到所述查询指令的状态下,所述Zabbix监控平台根据所述查询指令于Zabbix客户端中获取于所述查询指令匹配的查询数据,并将所述查询数据返回至所述监控管理平台。用户根据反馈的查询数据即可快速判断出现故障的原因。Through the above technical solution, when the monitoring and management platform obtains the query command, it obtains the query target matching the query command according to the query command, forms a query target flow information according to the query target, and forms a query target flow information according to the query target flow. The information forms at least one query instruction that matches the query target information. When the Zabbix monitoring platform obtains the query instruction, the Zabbix monitoring platform obtains the query in the Zabbix client according to the query instruction. Instruct matching query data, and return the query data to the monitoring management platform. Users can quickly determine the cause of the failure based on the feedback query data.
例如当前设备A处于故障状态,监控管理平台获取到查询设备A的查询命令的状态下,监控管理平台首先预估与该查询命令的信息流,以及与该信息流匹配的查询对象,例如该查询命令由设备A1、设备A2、设备A3、设备A4、设备A5进行传输最后到达设备A。那么该信息流的流通路径为设备A1→设备A2→设备A3→设备A4→设备A5→设备A,根据该信息流形成与信息流匹配的查询目标流信息。则对应的查询目标流信息可为设备A1的状态信息→设备A2的状态信息→设备A3的状态信息→设备A4的状态信息→设备A5的状态信息→设备A的状态信息,根据所述查询目标流信息形成设备A1的查询指令、设备A2的查询指令、A3的查询指令、A4的查询指令、A5的查询指令、A的查询指令,根据该查询指令于Zabbix监控平台中获取对应的查询数据,其中根据所述查询指令于Zabbix客户端中获取查询数据,需要说明的是该查询数据不仅包含当前查询指令所需要的数据,同时还需要包含该设备历史运行数据。将获取的当前查询指令所需要的数据和备历史运行数据同时反馈至监控管理平台,方便用户查询系统当前的状态。For example, when device A is currently in a fault state and the monitoring and management platform obtains a query command for querying device A, the monitoring and management platform first estimates the information flow corresponding to the query command and the query object matching the information flow, such as the query The command is transmitted by device A1, device A2, device A3, device A4, and device A5 and finally reaches device A. Then the circulation path of the information flow is device A1→device A2→device A3→device A4→device A5→device A, and query target flow information matching the information flow is formed based on the information flow. Then the corresponding query target flow information may be the status information of device A1 → the status information of device A2 → the status information of device A3 → the status information of device A4 → the status information of device A5 → the status information of device A, according to the query target The flow information forms the query command of device A1, the query command of device A2, the query command of A3, the query command of A4, the query command of A5, and the query command of A. According to the query command, the corresponding query data is obtained in the Zabbix monitoring platform. The query data is obtained from the Zabbix client according to the query command. It should be noted that the query data not only contains the data required by the current query command, but also needs to contain historical operating data of the device. The obtained data required for the current query command and the historical operation data will be fed back to the monitoring and management platform at the same time to facilitate users to query the current status of the system.
作为进一步地优选实施方案,上述的基于Zabbix监控平台的管理方法,其中,还包括:As a further preferred embodiment, the above-mentioned management method based on Zabbix monitoring platform also includes:
步骤S130、所述监控管理平台根据所述查询数据判定是否形成警示通知;具体包括:Step S130: The monitoring and management platform determines whether to form a warning notification based on the query data; specifically including:
步骤S1301、于所述监控管理平台获取到查询数据的状态下,所述查询数据读取进程监控数据、监控状态数据、文件状态数据、信安日志监控数据;Step S1301: When the monitoring and management platform obtains query data, the query data reads process monitoring data, monitoring status data, file status data, and Security log monitoring data;
步骤S1302、于所述进程监控数据、监控状态数据、文件状态数据、信安日志监控数据中任意数据匹配预定的监控数据时则形成所述警示通知。Step S1302: The warning notification is generated when any data among the process monitoring data, monitoring status data, file status data, and security log monitoring data matches predetermined monitoring data.
示意性地,进程监控数据由所述监控管理平台中的应用进程监控形成,该模块监控DPI服务器、接口服务器,当控DPI服务器、接口服务器的应用进程状态为异常状态将产生告警。Schematically, the process monitoring data is formed by the application process monitoring in the monitoring management platform. This module monitors the DPI server and the interface server. When the application process status of the DPI server and the interface server is abnormal, an alarm will be generated.
文件状态数据由所述监控管理平台中的文件目录监控形成,该模块监控DPI服务器,当DPI服务器的文件大小大于2G时产生告警,时间间隔大于5分钟或者匹配其他预定情况时产生告警。File status data is formed by file directory monitoring in the monitoring and management platform. This module monitors the DPI server and generates an alarm when the file size of the DPI server is greater than 2G. An alarm is generated when the time interval is greater than 5 minutes or matches other predetermined conditions.
监控状态数据由所述监控管理平台中的策略加载监控模块形成,该模块监控DPI服务器,当某个DPI服务器处于被监控状态,但监控的某监控项数值可能监控异常,这统一返回页面异常值。如果页面返回了正常值,当策略加载异常DPI数量大于0,则会产生告警。The monitoring status data is formed by the policy loading monitoring module in the monitoring management platform. This module monitors the DPI server. When a DPI server is in the monitored state, but the value of a certain monitoring item monitored may be abnormal, this will uniformly return page abnormal values. . If the page returns a normal value and the number of abnormal policy loading DPIs is greater than 0, an alarm will be generated.
信安日志监控数据由所述监控管理平台中的信安日志监控模块形成,该模块监控DPI服务器,如果某一个DPI服务器处于被监控的状态,则监控某个监控项可能会出现异常,这种情况返回页面异常值产生告警。The principal log monitoring data is formed by the principal log monitoring module in the monitoring management platform. This module monitors the DPI server. If a certain DPI server is in a monitored state, an abnormality may occur in monitoring a certain monitoring item. In this case, the return Abnormal page values generate alarms.
步骤S140、于警示通知形成的状态下,根据所述警示通知读取与所述警示通知匹配的目标账户,并根据所述目标账户发送所述警示通知。具体地:Step S140: When the warning notification is formed, read the target account matching the warning notification according to the warning notification, and send the warning notification according to the target account. specifically:
步骤S1401、于警示通知形成的状态下,根据所述警示通知读取与所述警示通知匹配的目标账户;该目标账户通常为与该警示通知对应的关系人。Step S1401: In a state where a warning notification is formed, read the target account matching the warning notification according to the warning notification; the target account is usually a related person corresponding to the warning notification.
步骤S1402、获取目标账户中上一个警示通知的读取顺序;每个目标账户均设置由至少两个接收警示通知的方式,例如当前账户接收方式为邮箱、微信和短信。则先获取上一个警示通知发送状态下,微信、邮箱和短信的接收到该警示通知的阅读时间,根据一阅读时隔形成所述读取顺序,上一个警示通知,微信的接收时间为12:00,邮箱的接收时间为12:05,短信的接收时间为12:10,微信的读取时间为12:15,此时微信的时间差10分钟,邮箱和短信均未阅读。则此时微信的阅读时隔为10分钟,邮箱和短信的阅读时隔为M+5、M(M为阅读最大值,即在首次阅读完成后的三小时定义为阅读最大值),则此时的读取顺序为微信、短信和邮箱。Step S1402: Obtain the reading order of the previous warning notification in the target account; each target account is set with at least two methods for receiving warning notifications, for example, the current account receiving methods are email, WeChat and SMS. Then first obtain the reading time of the warning notification received by WeChat, email and SMS when the last warning notification was sent, and form the reading sequence according to a reading interval. The reception time of the previous warning notification and WeChat is 12: 00, the receiving time of the mailbox is 12:05, the receiving time of the text message is 12:10, and the reading time of WeChat is 12:15. At this time, the time difference of WeChat is 10 minutes, and neither the mailbox nor the text message has been read. At this time, the reading interval of WeChat is 10 minutes, and the reading interval of email and text messages is M+5, M (M is the maximum reading value, that is, three hours after the first reading is completed is defined as the maximum reading value), then this The reading order is WeChat, SMS and email.
步骤S1403、根据所述读取顺序发送所述警示通知。Step S1403: Send the warning notification according to the reading sequence.
通过此种方式,旨在使得用户通过最习惯的方式接收警示通知。另外当阅读时隔达到最大值的时候,自动将该警示通知的阅读状态调整为已读状态。因为网络通讯对实时要求较高,通过在阅读时隔最大值的时间内需要将网路调整完善。该阅读时刻最大值可根据警示通知的内容自行设置,对于警示通知等级较高的则阅读时刻最大值的较小,反之阅读时刻最大值则越大。在该阅读时刻最大值范围内尚未完成维修,则下一个警示通知也会再次发送。故可以将未读的警示通知的状态做修改。另外在警示通知的阅读时刻最大值的时间内,没有警示通知被阅读,则再次发送该警示通知。In this way, the aim is to allow users to receive warning notifications in the most accustomed way. In addition, when the reading interval reaches the maximum value, the reading status of the warning notification is automatically adjusted to the read status. Because network communication has high real-time requirements, the network needs to be adjusted and perfected within the maximum reading interval. The maximum reading time can be set according to the content of the warning notification. For higher warning notification levels, the maximum reading time will be smaller, and conversely, the maximum reading time will be larger. If the repair has not been completed within the maximum reading time range, the next warning notification will be sent again. Therefore, the status of unread warning notifications can be modified. In addition, if no warning notification is read within the maximum reading time of the warning notification, the warning notification will be sent again.
实施例二Embodiment 2
如图2所示,另一方面,本发明再提供一种基于Zabbix监控平台的管理系统,其中,包括:监控管理平台、通过API接口连接所述监控管理平台的所述Zabbix监控平台,所述Zabbix监控平台连接有至少一个DPI服务器;As shown in Figure 2, on the other hand, the present invention further provides a management system based on the Zabbix monitoring platform, which includes: a monitoring management platform, the Zabbix monitoring platform connected to the monitoring management platform through an API interface, and the The Zabbix monitoring platform is connected to at least one DPI server;
所述Zabbix监控平台至少包括连接于Zabbix服务端的Zabbix客户端、设备端、程序端、Zabbix数据存储单元;The Zabbix monitoring platform at least includes a Zabbix client, a device, a program, and a Zabbix data storage unit connected to the Zabbix server;
所述监控管理平台至少包括连接于一监控服务端的监控显示单元、第三方接口单元、监控数据存储单元,所述Zabbix服务端连接所述监控服务端,该系统用于实现任一项基于Zabbix监控平台的管理方法。The monitoring management platform at least includes a monitoring display unit, a third-party interface unit, and a monitoring data storage unit connected to a monitoring server. The Zabbix server is connected to the monitoring server. The system is used to implement any Zabbix-based monitoring. Platform management methods.
其中第三方接口单元用以连接第三方接口,例如短信连接通讯接口、微信连接通讯接口、邮箱连接通讯接口等。The third-party interface unit is used to connect third-party interfaces, such as SMS connection communication interface, WeChat connection communication interface, email connection communication interface, etc.
上述的一种基于Zabbix监控平台的管理系统的工作原理与上述的基于Zabbix监控平台的管理方法的工作原理相同,此处不做赘述。The working principle of the above-mentioned management system based on Zabbix monitoring platform is the same as the working principle of the above-mentioned management method based on Zabbix monitoring platform, and will not be described again here.
实施例三Embodiment 3
本申请实施例提供了一种电子设备,图3是本申请实施例提供的一种电子设备的结构示意图。如图3所示,本实施例提供了一种电子设备400,其包括:一个或多个处理器420;存储装置410,用于存储一个或多个程序,当所述一个或多个程序被所述一个或多个处理器420运行,使得所述一个或多个处理器420实现:An embodiment of the present application provides an electronic device. FIG. 3 is a schematic structural diagram of an electronic device provided by an embodiment of the present application. As shown in Figure 3, this embodiment provides an electronic device 400, which includes: one or more processors 420; a storage device 410, used to store one or more programs. When the one or more programs are The one or more processors 420 operate such that the one or more processors 420 implement:
于监控管理平台获取到查询命令的状态下输出所述查询命令,并根据所述查询命令获取与所述查询命令匹配的至少一个查询指令;Output the query command when the monitoring and management platform obtains the query command, and obtain at least one query command matching the query command according to the query command;
于所述Zabbix监控平台获取到所述查询指令的状态下,所述Zabbix监控平台根据所述查询指令于Zabbix客户端中获取于所述查 询指令匹配的查询数据,并将所述查询数据返回至所述监控管理平台。In the state where the Zabbix monitoring platform obtains the query instruction, the Zabbix monitoring platform obtains the query data matching the query instruction from the Zabbix client according to the query instruction, and returns the query data to The monitoring and management platform.
如图3所示,该电子设备400包括处理器420、存储装置410、输入装置430和输出装置440;电子设备中处理器420的数量可以是一个或多个,图3中以一个处理器420为例;电子设备中的处理器420、存储装置410、输入装置430和输出装置440可以通过总线或其他方式连接,图2中以通过总线450连接为例。As shown in Figure 3, the electronic device 400 includes a processor 420, a storage device 410, an input device 430, and an output device 440; the number of processors 420 in the electronic device may be one or more. In Figure 3, one processor 420 is used. For example, the processor 420, the storage device 410, the input device 430 and the output device 440 in the electronic device can be connected through a bus or other means. In Figure 2, the connection through the bus 450 is taken as an example.
存储装置410作为一种计算机可读存储介质,可用于存储软件程序、计算机可运行程序以及模块单元,如本申请实施例中的基于环境属性影响NPC行为表现方法对应的程序指令。As a computer-readable storage medium, the storage device 410 can be used to store software programs, computer-executable programs, and module units, such as program instructions corresponding to the method of influencing NPC behavior based on environmental attributes in the embodiments of the present application.
存储装置410可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序;存储数据区可存储根据终端的使用所创建的数据等。此外,存储装置410可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他非易失性固态存储器件。在一些实例中,存储装置410可进一步包括相对于处理器420远程设置的存储器,这些远程存储器可以通过网络连接。上述网络的实例包括但不限于互联网、企业内部网、局域网、移动通信网及其组合。The storage device 410 may mainly include a stored program area and a stored data area, where the stored program area may store an operating system and at least one application program required for a function; the stored data area may store data created based on the use of the terminal, etc. In addition, the storage device 410 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some examples, the storage device 410 may further include memory located remotely relative to the processor 420, and these remote memories may be connected through a network. Examples of the above-mentioned networks include but are not limited to the Internet, intranets, local area networks, mobile communication networks and combinations thereof.
输入装置430可用于接收输入的数字、字符信息或语音信息,以及产生与电子设备的用户设置以及功能控制有关的键信号输入。输出装置440可包括显示屏、扬声器等设备。The input device 430 may be used to receive inputted numbers, character information, or voice information, and to generate key signal input related to user settings and function control of the electronic device. The output device 440 may include a display screen, a speaker, and other devices.
实施例四Embodiment 4
在一些实施例中,以上所描述的方法可以被实现为计算机程序产品。计算机程序产品可以包括计算机可读存储介质,其上载有用于执行本公开的各个方面的计算机可读程序指令。具体地:In some embodiments, the methods described above may be implemented as a computer program product. A computer program product may include a computer-readable storage medium having thereon computer-readable program instructions for performing various aspects of the present disclosure. specifically:
于监控管理平台获取到查询命令的状态下输出所述查询命令,并根据所述查询命令获取与所述查询命令匹配的至少一个查询指令;Output the query command when the monitoring and management platform obtains the query command, and obtain at least one query command matching the query command according to the query command;
于所述Zabbix监控平台获取到所述查询指令的状态下,所述Zabbix监控平台根据所述查询指令于Zabbix客户端中获取于所述查询指令匹配的查询数据,并将所述查询数据返回至所述监控管理平台。In the state where the Zabbix monitoring platform obtains the query instruction, the Zabbix monitoring platform obtains the query data matching the query instruction from the Zabbix client according to the query instruction, and returns the query data to The monitoring and management platform.
上述的计算机可读存储介质可以是可以保持和存储由指令执行设备使用的指令的有形设备。计算机可读存储介质例如可以是――但不限于――电存储设备、磁存储设备、光存储设备、电磁存储设备、半导体存储设备或者上述的任意合适的组合。计算机可读存储介质的更具体的例子(非穷举的列表)包括:便携式计算机盘、硬盘、随机存取存储器(RAM)、只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、静态随机存取存储器(SRAM)、便携式压缩盘只读存储器(CD-ROM)、数字多功能盘(DVD)、记忆棒、软盘、机械编码设备、例如其上存储有指令的打孔卡或凹槽内凸起结构、以及上述的任意合适的组合。这里所使用的计算机可读存储介质不被解释为瞬时信号本身,诸如无线电波或者其他自由传播的电磁波、通过波导或其他传输媒介传播的电磁波(例如,通过光纤电缆的光脉冲)、或者通过电线传输的电信号。The computer-readable storage medium described above may be a tangible device that can hold and store instructions for use by an instruction execution device. The computer-readable storage medium may be, for example, but not limited to, an electrical storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the above. More specific examples (non-exhaustive list) of computer-readable storage media include: portable computer disks, hard disks, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM) or Flash memory), Static Random Access Memory (SRAM), Compact Disk Read Only Memory (CD-ROM), Digital Versatile Disk (DVD), Memory Stick, Floppy Disk, Mechanical Coding Device, such as a printer with instructions stored on it. Protruding structures in hole cards or grooves, and any suitable combination of the above. As used herein, computer-readable storage media are not to be construed as transient signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through waveguides or other transmission media (e.g., light pulses through fiber optic cables), or through electrical wires. transmitted electrical signals.
本文所描述的计算机可读程序指令可以从计算机可读存储介质下载到各个计算/处理设备,或者通过网络、例如因特网、局域网、广域网和/或无线网下载到外部计算机或外部存储设备。网络可以包括铜传输电缆、光纤传输、无线传输、路由器、防火墙、交换机、网关计算机和/或边缘服务器。每个计算/处理设备中的网络适配卡或者网络接口从网络接收计算机可读程序指令,并转发该计算机可读程序指令,以供存储在各个计算/处理设备中的计算机可读存储介质中。Computer-readable program instructions described herein may be downloaded from a computer-readable storage medium to various computing/processing devices, or to an external computer or external storage device over a network, such as the Internet, a local area network, a wide area network, and/or a wireless network. The network may include copper transmission cables, fiber optic transmission, wireless transmission, routers, firewalls, switches, gateway computers, and/or edge servers. A network adapter card or network interface in each computing/processing device receives computer-readable program instructions from the network and forwards the computer-readable program instructions for storage on a computer-readable storage medium in the respective computing/processing device .
用于执行本公开操作的计算机程序指令可以是汇编指令、指令集架构(ISA)指令、机器指令、机器相关指令、微代码、固件指令、状态设置数据、或者以一种或多种编程语言的任意组合编写的源代码或目标代码,所述编程语言包括面向对象的编程语言,以及常规的过程式编程语言。计算机可读程序指令可以完全地在用户计算机上执行、部分地在用户计算机上执行、作为一个独立的软件包执行、部分在用户计算机上部分在远程计算机上执行、或者完全在远程计算机或服务器上执行。在涉及远程计算机的情形中,远程计算机可以通过任意种类的网络—包括局域网(LAN)或广域网(WAN)—连接到用户计算机,或者,可以连接到外部计算机(例如利用因特网服务提供商来通过因特网连接)。在一些实施例中,通过利用计算机可读程序指令的状态信息来个性化定制电子电路,例如可编程逻辑电路、现场可编程门阵列(FPGA)或可编程逻辑阵列(PLA),该电子电路可以执行计算机可读程序指令,从而实现本公开的各个方面。Computer program instructions for performing operations of the present disclosure may be assembly instructions, instruction set architecture (ISA) instructions, machine instructions, machine-related instructions, microcode, firmware instructions, state setting data, or instructions in one or more programming languages. Source code or object code written in any combination, the programming language includes object-oriented programming language, and conventional procedural programming language. The computer-readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server implement. In situations involving remote computers, the remote computer can be connected to the user's computer through any kind of network, including a local area network (LAN) or a wide area network (WAN), or it can be connected to an external computer (such as an Internet service provider through the Internet). connect). In some embodiments, by utilizing state information of computer-readable program instructions to personalize an electronic circuit, such as a programmable logic circuit, a field programmable gate array (FPGA), or a programmable logic array (PLA), the electronic circuit can Computer readable program instructions are executed to implement various aspects of the disclosure.
这些计算机可读程序指令可以提供给通用计算机、专用计算机或其它可编程数据处理装置的处理单元,从而生产出一种机器,使得这些指令在通过计算机或其它可编程数据处理装置的处理单元执行时,产生了实现流程图和/或框图中的一个或多个方框中规定的功能/动作的装置。也可以把这些计算机可读程序指令存储在计算机可读存储介质中,这些指令使得计算机、可编程数据处理装置和/或其他设备以特定方式工作,从而,存储有指令的计算机可读介质则包括一个制造品,其包括实现流程图和/或框图中的一个或多个方框中规定的功能/动作的各个方面的指令。These computer-readable program instructions may be provided to a processing unit of a general-purpose computer, a special-purpose computer, or other programmable data processing apparatus, thereby producing a machine such that the instructions, when executed by a processing unit of the computer or other programmable data processing apparatus, , resulting in an apparatus that implements the functions/actions specified in one or more blocks in the flowchart and/or block diagram. These computer-readable program instructions can also be stored in a computer-readable storage medium. These instructions cause the computer, programmable data processing device and/or other equipment to work in a specific manner. Therefore, the computer-readable medium storing the instructions includes An article of manufacture that includes instructions that implement aspects of the functions/acts specified in one or more blocks of the flowcharts and/or block diagrams.
也可以把计算机可读程序指令加载到计算机、其它可编程数据处理装置、或其它设备上,使得在计算机、其它可编程数据处理装置或 其它设备上执行一系列操作步骤,以产生计算机实现的过程,从而使得在计算机、其它可编程数据处理装置、或其它设备上执行的指令实现流程图和/或框图中的一个或多个方框中规定的功能/动作。Computer-readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other equipment, causing a series of operating steps to be performed on the computer, other programmable data processing apparatus, or other equipment to produce a computer-implemented process , thereby causing instructions executed on a computer, other programmable data processing apparatus, or other equipment to implement the functions/actions specified in one or more blocks in the flowcharts and/or block diagrams.
附图中的流程图和框图显示了根据本公开的多个实施例的设备、方法和计算机程序产品的可能实现的体系架构、功能和操作。在这点上,流程图或框图中的每个方框可以代表一个模块、程序段或指令的一部分,所述模块、程序段或指令的一部分包含一个或多个用于实现规定的逻辑功能的可执行指令。在有些作为替换的实现中,方框中所标注的功能也可以以不同于附图中所标注的顺序发生。例如,两个连续的方框实际上可以基本并行地执行,它们有时也可以按相反的顺序执行,这依所涉及的功能而定。也要注意的是,框图和/或流程图中的每个方框、以及框图和/或流程图中的方框的组合,可以用执行规定的功能或动作的专用的基于硬件的系统来实现,或者可以用专用硬件与计算机指令的组合来实现。The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods, and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions that embody one or more elements for implementing the specified logical function(s). Executable instructions. In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two consecutive blocks may actually execute substantially in parallel, or they may sometimes execute in the reverse order, depending on the functionality involved. It will also be noted that each block of the block diagram and/or flowchart illustration, and combinations of blocks in the block diagram and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts. , or can be implemented using a combination of specialized hardware and computer instructions.
以上已经描述了本公开的各实施例,上述说明是示例性的,并非穷尽性的,并且也不限于所披露的各实施例。在不偏离所说明的各实施例的范围和精神的情况下,对于本技术领域的普通技术人员来说许多修改和变更都是显而易见的。本文中所用术语的选择,旨在最好地解释各实施例的原理、实际应用或对市场中技术的技术改进,或者使本技术领域的其它普通技术人员能理解本文披露的各实施例。The embodiments of the present disclosure have been described above. The above description is illustrative, not exhaustive, and is not limited to the disclosed embodiments. Many modifications and variations will be apparent to those skilled in the art without departing from the scope and spirit of the described embodiments. The terminology used herein is chosen to best explain the principles of the embodiments, practical applications, or technical improvements to the technology in the market, or to enable other persons of ordinary skill in the art to understand the embodiments disclosed herein.

Claims (8)

  1. 一种基于Zabbix监控平台的管理方法,其特征在于,包括:监控管理平台、通过API接口连接所述监控管理平台的所述Zabbix监控平台,还包括:A management method based on the Zabbix monitoring platform, which is characterized in that it includes: a monitoring management platform, the Zabbix monitoring platform connected to the monitoring management platform through an API interface, and also includes:
    于监控管理平台获取到查询命令的状态下输出所述查询命令,并根据所述查询命令获取与所述查询命令匹配的至少一个查询指令;Output the query command when the monitoring and management platform obtains the query command, and obtain at least one query command matching the query command according to the query command;
    于所述Zabbix监控平台获取到所述查询指令的状态下,所述Zabbix监控平台根据所述查询指令于Zabbix客户端中获取于所述查询指令匹配的查询数据,并将所述查询数据返回至所述监控管理平台。In the state where the Zabbix monitoring platform obtains the query instruction, the Zabbix monitoring platform obtains the query data matching the query instruction from the Zabbix client according to the query instruction, and returns the query data to The monitoring and management platform.
  2. 根据权利要求1所述的一种基于Zabbix监控平台的管理方法,其特征在于,包括:A management method based on Zabbix monitoring platform according to claim 1, characterized in that it includes:
    所述监控管理平台根据所述查询数据判定是否形成警示通知;The monitoring and management platform determines whether to form a warning notification based on the query data;
    于警示通知形成的状态下,根据所述警示通知读取与所述警示通知匹配的目标账户,并根据所述目标账户发送所述警示通知。In the state where the warning notification is formed, the target account matching the warning notification is read according to the warning notification, and the warning notification is sent according to the target account.
  3. 根据权利要求1所述的一种基于Zabbix监控平台的管理方法,其特征在于,于监控管理平台获取到查询命令的状态下输出所述查询命令,并根据所述查询命令获取与所述查询命令匹配的至少一个查询指令;A management method based on Zabbix monitoring platform according to claim 1, characterized in that the query command is output when the monitoring management platform obtains the query command, and the query command is obtained according to the query command. Match at least one query instruction;
    监控管理平台获取到查询命令的状态下先输出所述查询命令,并根据所述查询命令获取与所述查询命令匹配的查询目标;When the monitoring and management platform obtains the query command, it first outputs the query command, and obtains the query target matching the query command according to the query command;
    根据所述查询目标形成一查询目标流信息;Form a query target flow information according to the query target;
    根据所述查询目标流信息形成匹配所述查询目标信息的至少一个查询指令。At least one query instruction matching the query target information is formed according to the query target flow information.
  4. 根据权利要求2所述的一种基于Zabbix监控平台的管理方法,其特征在于,所述监控管理平台根据所述查询数据判定是否形成警示通知具体包括:A management method based on Zabbix monitoring platform according to claim 2, characterized in that the monitoring and management platform determines whether to form a warning notification based on the query data specifically includes:
    于所述监控管理平台获取到查询数据的状态下,所述查询数据读取进程监控数据、监控状态数据、文件状态数据、信安日志监控数据;When the monitoring and management platform obtains query data, the query data reads process monitoring data, monitoring status data, file status data, and Principal log monitoring data;
    于所述进程监控数据、监控状态数据、文件状态数据、信安日志监控数据中任意数据匹配预定的监控数据时则形成所述警示通知。The warning notification is generated when any data among the process monitoring data, monitoring status data, file status data, and Security log monitoring data matches predetermined monitoring data.
  5. 根据权利要求2所述的一种基于Zabbix监控平台的管理方法,其特征在于,警示通知形成的状态下,根据所述警示通知读取与所述警示通知匹配的目标账户,并根据所述目标账户发送所述警示通知具体包括:A management method based on the Zabbix monitoring platform according to claim 2, characterized in that when a warning notification is formed, the target account matching the warning notification is read according to the warning notification, and the target account is read according to the warning notification. The warning notifications sent by the account specifically include:
    于警示通知形成的状态下,根据所述警示通知读取与所述警示通知匹配的目标账户;In a state where an alert notification is formed, read the target account matching the alert notification according to the alert notification;
    获取目标账户中上一个警示通知的读取顺序;Get the reading order of the previous alert notification in the target account;
    根据所述读取顺序发送所述警示通知。The alert notification is sent according to the reading sequence.
  6. 一种基于Zabbix监控平台的管理系统,其特征在于,包括:监控管理平台、通过API接口连接所述监控管理平台的所述Zabbix监控平台,所述Zabbix监控平台连接有至少一个DPI服务器;A management system based on Zabbix monitoring platform, characterized by comprising: a monitoring management platform, the Zabbix monitoring platform connected to the monitoring management platform through an API interface, and the Zabbix monitoring platform is connected to at least one DPI server;
    所述Zabbix监控平台至少包括连接于Zabbix服务端的Zabbix客户端、设备端、程序端、Zabbix数据存储单元;The Zabbix monitoring platform at least includes a Zabbix client, a device, a program, and a Zabbix data storage unit connected to the Zabbix server;
    所述监控管理平台至少包括连接于一监控服务端的监控显示单元、第三方接口单元、监控数据存储单元,所述Zabbix服务端连接所述监控服务端,该系统用于实现如权利要求1~5中任一项基于Zabbix监控平台的管理方法。The monitoring management platform at least includes a monitoring display unit, a third-party interface unit, and a monitoring data storage unit connected to a monitoring server. The Zabbix server is connected to the monitoring server. The system is used to implement claims 1 to 5 Any one of the management methods based on Zabbix monitoring platform.
  7. 一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时实现如权利要求1~5中任一项基于Zabbix监控平台的管理方法。An electronic device, including a memory, a processor, and a computer program stored in the memory and executable by the processor, characterized in that when the processor executes the computer program, the processor implements any one of claims 1 to 5 Management method based on Zabbix monitoring platform.
  8. 一种计算机程序产品,其特征在于,包括计算机可读代码,或者承载有计算机可读代码的可读存储介质,当计算机可读代码在电子设备的处理器中运行时,所述电子设备中的处理器执行用于实现权利要求1~5中任一项基于Zabbix监控平台的管理方法。A computer program product, characterized in that it includes computer readable code, or a readable storage medium carrying the computer readable code. When the computer readable code is run in a processor of an electronic device, the processor in the electronic device The processor executes the management method based on the Zabbix monitoring platform in any one of claims 1 to 5.
PCT/CN2022/128007 2022-05-06 2022-10-27 Management method and system based on zabbix monitoring platform WO2023213060A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202210486596.5 2022-05-06
CN202210486596.5A CN114844772A (en) 2022-05-06 2022-05-06 Management method and system based on Zabbix monitoring platform

Publications (1)

Publication Number Publication Date
WO2023213060A1 true WO2023213060A1 (en) 2023-11-09

Family

ID=82567893

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/128007 WO2023213060A1 (en) 2022-05-06 2022-10-27 Management method and system based on zabbix monitoring platform

Country Status (2)

Country Link
CN (1) CN114844772A (en)
WO (1) WO2023213060A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114844772A (en) * 2022-05-06 2022-08-02 上海欣诺通信技术股份有限公司 Management method and system based on Zabbix monitoring platform

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110071951A (en) * 2018-01-24 2019-07-30 江苏迪纳数字科技股份有限公司 Data query display systems and method under the conditions of a kind of big data
US20200250019A1 (en) * 2019-02-01 2020-08-06 EMC IP Holding Company LLC Method, device and computer program product for monitoring access request
CN112738212A (en) * 2020-12-23 2021-04-30 高新兴智联科技有限公司 Method and system for operation and maintenance of motor vehicle electronic identification read-write equipment
CN114844772A (en) * 2022-05-06 2022-08-02 上海欣诺通信技术股份有限公司 Management method and system based on Zabbix monitoring platform

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8484243B2 (en) * 2010-05-05 2013-07-09 Cisco Technology, Inc. Order-independent stream query processing
US20120330924A1 (en) * 2011-06-21 2012-12-27 Salesforce.Com, Inc. Method and system for querying an on demand database service
WO2016045708A1 (en) * 2014-09-23 2016-03-31 Nokia Solutions And Networks Oy Control of communication using service function chaining
CN109165024A (en) * 2018-07-26 2019-01-08 天讯瑞达通信技术有限公司 A kind of method of operation platform automatic deployment and monitoring server system
CN111814029A (en) * 2020-05-25 2020-10-23 车智互联(北京)科技有限公司 Data query method, system and computing device
CN111934936B (en) * 2020-09-10 2023-07-18 广州虎牙科技有限公司 Network state detection method and device, electronic equipment and storage medium
CN112860738B (en) * 2021-04-23 2021-08-06 支付宝(杭州)信息技术有限公司 Query optimization method, device and system for multi-party security database
CN113568813A (en) * 2021-07-30 2021-10-29 中国工商银行股份有限公司 Mass network performance data acquisition method, device and system
CN114157554B (en) * 2021-12-21 2024-02-23 唯品会(广州)软件有限公司 Fault checking method and device, storage medium and computer equipment
CN114416470A (en) * 2021-12-28 2022-04-29 航天科工网络信息发展有限公司 Cloud monitoring method, system, equipment and computer storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110071951A (en) * 2018-01-24 2019-07-30 江苏迪纳数字科技股份有限公司 Data query display systems and method under the conditions of a kind of big data
US20200250019A1 (en) * 2019-02-01 2020-08-06 EMC IP Holding Company LLC Method, device and computer program product for monitoring access request
CN112738212A (en) * 2020-12-23 2021-04-30 高新兴智联科技有限公司 Method and system for operation and maintenance of motor vehicle electronic identification read-write equipment
CN114844772A (en) * 2022-05-06 2022-08-02 上海欣诺通信技术股份有限公司 Management method and system based on Zabbix monitoring platform

Also Published As

Publication number Publication date
CN114844772A (en) 2022-08-02

Similar Documents

Publication Publication Date Title
US9716613B2 (en) Automated alert management
US11411871B2 (en) Augmenting functionality in distributed systems with payload headers
CN111343009B (en) Service alarm notification method and device, storage medium and electronic equipment
WO2023213060A1 (en) Management method and system based on zabbix monitoring platform
CN110289997B (en) Log message checking method, device and system
CN114020735A (en) Method, device and equipment for reducing noise of safety alarm log and storage medium
US8786458B1 (en) Browser-based alerting system
CN111262731B (en) Alarm method, alarm device, server equipment and storage medium
US9973410B2 (en) Notifying original state listeners of events in a domain model
US9594622B2 (en) Contacting remote support (call home) and reporting a catastrophic event with supporting documentation
CN114679295B (en) Firewall security configuration method and device
CN109474478B (en) Method, device and system for monitoring transmission data abnormity
CN113504969A (en) Container event alarm method and device and electronic equipment
US10586283B2 (en) Elektron pulse methods, apparatuses and media
CN114091909A (en) Collaborative development method, system, device and electronic equipment
CN114567536B (en) Abnormal data processing method, device, electronic equipment and storage medium
CN115150172B (en) Data processing method, device, equipment and medium
CN112596922B (en) Communication management method, device, equipment and medium
CN115190000B (en) Alarm data processing method and device, electronic equipment and storage medium
CN115643091A (en) System log monitoring method, device, equipment and medium
CN117270730A (en) Power grid line configuration method and device, electronic equipment and storage medium
CN113673945A (en) Temporary change monitoring method and device for nuclear power plant
CN117170978A (en) Interface call monitoring method and device, electronic equipment and storage medium
CN115603990A (en) Industrial control system safety state evaluation method and system
CN116228248A (en) Risk control method and device for financial business

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22940754

Country of ref document: EP

Kind code of ref document: A1