CN106254137A - The alarm root-cause analysis system and method for supervisory systems - Google Patents
The alarm root-cause analysis system and method for supervisory systems Download PDFInfo
- Publication number
- CN106254137A CN106254137A CN201610772896.4A CN201610772896A CN106254137A CN 106254137 A CN106254137 A CN 106254137A CN 201610772896 A CN201610772896 A CN 201610772896A CN 106254137 A CN106254137 A CN 106254137A
- Authority
- CN
- China
- Prior art keywords
- alarm
- elements
- information
- link
- sub
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0604—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0604—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
- H04L41/0618—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time based on the physical or logical position
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0604—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
- H04L41/0622—Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time based on time
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
技术领域technical field
本发明涉及IT监管系统技术领域,特别是指一种监管系统的告警根源分析系统及方法。The invention relates to the technical field of IT supervision systems, in particular to a system and method for analyzing root causes of alarms in a supervision system.
背景技术Background technique
随着IT技术发展,在IT环境中会出现各种各样的设备、应用等,对于IT监管系统的要求,也逐步涵盖到硬件、网络报文、集群、虚拟化、操作系统、应用软件、数据库、中间件网元监控、代码组件和浏览器等各IT层面,但当某个IT元素节点出现事件时,网管系统往往由于缺少联动分析,导致该IT元素横向与纵向关联节点均会出现故障提示信息,造成运维人员只能通过经验,采用网管工具、手工脚本进行逐条排查,根据经验在海量告警信息中分析定位事件发生的根源,由于定位的不及时,从而延误抢修时机,造成不必要的业务损失与运维成本浪费。除了依赖运维人员的经验,IT监管系统还可通过设置各IT元素相关指标的告警阀值信息,当各IT元素的指标信息被归集后,系统判断具体指标的数值是否符合告警阀值设置条件,如符合,则直接对该IT元素指标进行告警提醒。由于是通过各IT元素相关指标的阀值进行定义后,只要该IT元素指标符合告警阀值设置条件,则该告警信息会直接显示出来;但由于IT系统中,每个IT元素基本不会独立存在,而是与周边形成一定的物理访问关系、逻辑访问关系,所以该技术存在的缺点包含如下:With the development of IT technology, various devices and applications will appear in the IT environment, and the requirements for the IT supervision system will gradually cover hardware, network messages, clusters, virtualization, operating systems, application software, Databases, middleware network element monitoring, code components, browsers, and other IT levels, but when an event occurs on an IT element node, the network management system often fails due to the lack of linkage analysis, resulting in failures in both the horizontal and vertical associated nodes of the IT element Due to the prompt information, the operation and maintenance personnel can only use network management tools and manual scripts to check one by one through experience, and analyze and locate the root cause of the event in the massive alarm information based on experience. loss of business and waste of operation and maintenance costs. In addition to relying on the experience of operation and maintenance personnel, the IT monitoring system can also set the alarm threshold information of related indicators of each IT element. After the indicator information of each IT element is collected, the system judges whether the value of the specific indicator meets the alarm threshold setting. If the condition is met, the IT element indicator will be directly alerted. Since it is defined through the threshold value of each IT element-related index, as long as the IT element index meets the alarm threshold setting conditions, the alarm information will be displayed directly; however, in the IT system, each IT element is basically not independent. It exists, but forms a certain physical access relationship and logical access relationship with the surrounding area, so the disadvantages of this technology include the following:
1当某IT元素的指标存在告警时,在它基础之上构建的其他IT元素、与它形成访问关系的IT元素均会形成对应的事件信息,当这些事件信息也超出自身定义的告警阀值时,则由原来的单一IT元素单一指标的根源告警信息,会形成多个IT元素多个指标的告警提醒,会对运维处理人员造成信息干扰,无法及时查找定位出根源告警内容。1 When an indicator of an IT element has an alarm, other IT elements built on it and IT elements that form an access relationship with it will form corresponding event information. When these event information also exceed the alarm threshold defined by itself In this case, the original root cause alarm information of a single IT element and single indicator will form an alarm reminder for multiple IT elements and multiple indicators, which will cause information interference to the operation and maintenance personnel, making it impossible to find and locate the root cause alarm content in time.
2当告警根源被处理后,原来被联动关联并告警且没被处理的指标,可能随着该指标新数据的正常,该指标的告警信息会被下沉;但以后对历史信息进行回顾后,很难查找出当时该指标为何会出现告警、为何又恢复正常、当时事件的影响范围如何。2 When the root cause of the alarm is dealt with, the indicator that was originally linked and alarmed but not processed may be lowered as the new data of the indicator is normal; but after reviewing the historical information in the future, It was difficult to find out why the indicator had an alarm at that time, why it returned to normal, and the scope of the incident at that time.
发明内容Contents of the invention
本发明提出一种监管系统的告警根源分析系统及方法,能够在处理IT元素的海量告警信息时告警根源的定位、影响范围关联存在的弱点,提出采用各元素指标告警根源分析技术,最终实现告警根源定位、影响范围相关指标的结果关联,方便运维人员进行告警快速定位查阅,并在此基础上进行故障解决。The present invention proposes a system and method for analyzing the root cause of an alarm in a supervision system, which can locate the root cause of the alarm and the weakness associated with the scope of influence when dealing with massive alarm information of IT elements. The root cause location and the correlation of the results of related indicators in the scope of influence are convenient for operation and maintenance personnel to quickly locate and review alarms, and based on this, troubleshoot.
本发明的技术方案是这样实现的:Technical scheme of the present invention is realized like this:
一种监管系统的告警根源分析系统,包括IT元素归集模块、告警根源分析定位模块和告警根源处理模块;所述IT元素归集模块用于通过信息归集手段将被监控的IT元素进行信息归集,将归集后的IT元素写入数据库;所述告警根源分析定位模块用于根据各IT元素的物理、逻辑访问关系进行链路梳理和分析,根据链路匹配、事件链路叠加、权重面积计算与噪点过滤,定位告警根源;所述告警根源处理模块用于处理告警根源。An alarm root cause analysis system for a monitoring system, comprising an IT element collection module, an alarm root cause analysis and positioning module, and an alarm root cause processing module; the IT element collection module is used to collect information from monitored IT elements Collecting, writing the collected IT elements into the database; the alarm root cause analysis and positioning module is used to sort out and analyze links according to the physical and logical access relationships of each IT element, according to link matching, event link superposition, Weighted area calculation and noise filtering are used to locate the root cause of the alarm; the root cause processing module of the alarm is used to process the root cause of the alarm.
进一步的,所述IT元素包括硬件、网络报文、软件系统、应用软件、代码和浏览器。Further, the IT elements include hardware, network messages, software systems, application software, codes and browsers.
进一步的,所述数据库还包含各IT元素的指标信息。Further, the database also includes index information of each IT element.
一种监管系统的告警根源分析方法,具体包括以下步骤:A method for root cause analysis of an alarm in a supervisory system, specifically comprising the following steps:
(1)信息采集:将被监控的IT元素,通过各类信息归集方法对各IT元素进行信息归集,将归集后的各IT元素写入数据库;(1) Information collection: collect the information of the monitored IT elements through various information collection methods, and write the collected IT elements into the database;
(2)物理、逻辑访问关系链路梳理、降维:分析各IT元素内部和外部之间的业务范围关系、逻辑访问关系和配置管理信息,对各IT元素的关系链路进行降维处理,形成各IT元素的单一链路;(2) Physical and logical access relationship link combing and dimensionality reduction: analyze the business scope relationship, logical access relationship and configuration management information between the internal and external IT elements, and perform dimensionality reduction processing on the relationship links of each IT element, Form a single link for each IT element;
(3)链路匹配:按照各IT元素的单一链路关系对归集后的各IT元素进行匹配,得到每个单一链路间各IT元素的链路总览;(3) Link matching: match the collected IT elements according to the single link relationship of each IT element, and obtain the link overview of each IT element between each single link;
(4)时间匹配与事件链路叠加:根据告警事件信息的时间有效性、持续性和时延,将告警事件信息储存到每个单一链路中,进行各单一链路的事件总览;(4) Time matching and event link superposition: according to the time validity, continuity and delay of the alarm event information, the alarm event information is stored in each single link, and the event overview of each single link is performed;
(5)权重面积计算:根据各单一链路的告警IT子元素的指标信息和其他IT子元素的指标信息,计算告警前后各IT子元素的数据波动率,若其他IT子元素的数据波动率大于告警IT子元素的数据波动率,则将该告警IT子元素纳入告警的整体权重面积中;(5) Weight area calculation: According to the index information of the warning IT sub-element of each single link and the index information of other IT sub-elements, calculate the data fluctuation rate of each IT sub-element before and after the alarm, if the data fluctuation rate of other IT sub-elements is greater than the data volatility of the warning IT sub-element, then the warning IT sub-element is included in the overall weight area of the warning;
(6)噪点过滤:根据告警IT子元素以往的数据波动性和关联IT子元素的数据波动性,对整体权重面积中的告警IT子元素进行过滤,得出告警根源。(6) Noise filtering: According to the previous data volatility of the alarm IT sub-element and the data volatility of the associated IT sub-element, filter the alarm IT sub-element in the overall weight area to obtain the alarm source.
进一步的,所述IT元素包括硬件、网络报文、软件系统、应用软件、代码和浏览器。Further, the IT elements include hardware, network messages, software systems, application software, codes and browsers.
进一步的,在步骤(1)中,通过代理或非代理接入方式对各IT元素进行信息归集。Further, in step (1), collect information on each IT element through proxy or non-proxy access.
进一步的,在步骤(5)中,各IT元素的数据波动率的计算公式为:数据波动率=告警后的数据/告警前的数据-1。Further, in step (5), the calculation formula of the data fluctuation rate of each IT element is: data fluctuation rate=data after the alarm/data before the alarm-1.
本发明的有益效果在于:通过自动梳理IT元素周边的物理、逻辑关系,并通过关系拓扑降维操作,时间与链路关系的事件叠加,通过权重面积计算,最终根据持续性、波动性算法进行过滤筛选,实现告警根源定位、影响范围相关指标的结果关联,方便运维人员进行告警快速定位查阅,并在此基础上进行故障解决。The beneficial effects of the present invention are: by automatically sorting out the physical and logical relationships around IT elements, and through the relationship topology reduction operation, the event superposition of time and link relationship is calculated by the weight area, and finally according to the persistence and volatility algorithm Filtering and screening realizes the location of the root cause of the alarm and the correlation of the results of the relevant indicators of the scope of influence, which is convenient for the operation and maintenance personnel to quickly locate and check the alarm, and solve the fault on this basis.
附图说明Description of drawings
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention. For those skilled in the art, other drawings can also be obtained according to these drawings without any creative effort.
图1为本发明监管系统的告警根源分析系统的原理框图;Fig. 1 is the functional block diagram of the alarm source analysis system of the monitoring system of the present invention;
图2为本发明监管系统的告警根源分析方法的流程图;Fig. 2 is the flowchart of the alarm source analysis method of the monitoring system of the present invention;
图3为图2中物理、逻辑访问关系链路梳理、降维实施例的原理框图。FIG. 3 is a functional block diagram of an embodiment of link sorting and dimensionality reduction of physical and logical access relationships in FIG. 2 .
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.
如图1所示,本发明提出了一种监管系统的告警根源分析系统,包括IT元素归集模块、告警根源分析定位模块和告警根源处理模块;IT元素归集模块用于通过信息归集手段将被监控的IT元素进行信息归集,将归集后的IT元素写入数据库;告警根源分析定位模块用于根据各IT元素的物理、逻辑访问关系进行链路梳理和分析,根据链路匹配、事件链路叠加、权重面积计算与噪点过滤,定位告警根源;告警根源处理模块用于处理告警根源。本发明通过自动梳理IT元素周边的物理、逻辑关系,并通过关系拓扑降维操作,时间与链路关系的事件叠加,通过权重面积计算,最终根据持续性、波动性算法进行过滤筛选,实现告警根源定位、影响范围相关指标的结果关联,方便运维人员进行告警快速定位查阅,并在此基础上进行故障解决。As shown in Figure 1, the present invention proposes an alarm root analysis system for a supervision system, including an IT element collection module, an alarm root analysis and location module, and an alarm root processing module; the IT element collection module is used to Collect the information of the monitored IT elements, and write the collected IT elements into the database; the alarm source analysis and positioning module is used to sort out and analyze the links according to the physical and logical access relationships of each IT element, and based on the link matching , event link superposition, weight area calculation and noise filtering to locate the root cause of the alarm; the alarm root processing module is used to process the root cause of the alarm. The present invention automatically sorts out the physical and logical relationships around IT elements, and through relational topology dimensionality reduction operations, the time and link relationship events are superimposed, calculated by weight area, and finally filtered and screened according to the persistence and volatility algorithms to realize alarms The root cause location and the correlation of the results of related indicators in the scope of influence are convenient for operation and maintenance personnel to quickly locate and review alarms, and based on this, troubleshoot.
IT元素包括硬件、网络报文、软件系统、应用软件、代码和浏览器。具体的,各IT元素还包括若干IT子元素。IT elements include hardware, network messages, software systems, application software, code, and browsers. Specifically, each IT element also includes several IT sub-elements.
数据库还包含各IT元素的指标信息。IT元素归集模块对被监控的IT元素进行数据采集和归集,采集与归集的内容包括各IT元素和IT元素的指标信息,比如硬件的的型号、CPU使用量、内存使用量、网络流量、进程名称、代码各方法响应时间、浏览器返回码等。The database also contains indicator information for each IT element. The IT element collection module collects and collects data on the monitored IT elements. The content of collection and collection includes each IT element and its index information, such as hardware model, CPU usage, memory usage, network Traffic, process name, response time of each code method, browser return code, etc.
如图2所示,本发明还提出了一种监管系统的告警根源分析方法,具体包括以下步骤:As shown in Figure 2, the present invention also proposes a method for analyzing the root cause of an alarm in a supervisory system, which specifically includes the following steps:
(1)信息采集:将被监控的IT元素,通过各类信息归集方法对各IT元素进行信息归集,将归集后的各IT元素写入数据库;(1) Information collection: Collect the information of the monitored IT elements through various information collection methods, and write the collected IT elements into the database;
具体的,在步骤(1)中,通过代理或非代理接入方式对各IT元素进行信息归集。IT元素包括硬件、网络报文、软件系统、应用软件、代码和浏览器。IT元素的指标信息,比如硬件的的型号、CPU使用量、内存使用量、网络流量、进程名称、代码各方法响应时间、浏览器返回码等。Specifically, in step (1), collect information on each IT element through proxy or non-proxy access. IT elements include hardware, network messages, software systems, application software, code, and browsers. Indicator information of IT elements, such as hardware model, CPU usage, memory usage, network traffic, process name, code response time of each method, browser return code, etc.
(2)物理、逻辑访问关系链路梳理、降维:分析各IT元素内部和外部之间的业务范围关系、逻辑访问关系和配置管理信息,对各IT元素的关系链路进行降维处理,形成各IT元素的单一链路;具体的,将原本单一IT元素与周边元素间的网状关系,梳理为从发起端元素到末端元素的单一链路关系。如图3所示,对A-E五个IT元素举例分析,降维前A-E为网状关系,梳理、降维后为单一链路关系。(2) Physical and logical access relationship link combing and dimensionality reduction: analyze the business scope relationship, logical access relationship and configuration management information between the internal and external IT elements, and perform dimensionality reduction processing on the relationship links of each IT element, Form a single link of each IT element; specifically, sort out the network relationship between the original single IT element and surrounding elements into a single link relationship from the initiator element to the end element. As shown in Figure 3, the five IT elements A-E are analyzed as examples. Before dimensionality reduction, A-E is a network relationship, and after combing and dimensionality reduction, it is a single link relationship.
1)IT元素的内部关系,表示各IT元素与其中的子元素的关系:比如物理服务器元素,装载着虚拟化平台,每个虚拟主机安装了各自的操作系统,操作系统运行了多个进程,不同进程提供着不同的服务,如信息系统服务上面还有不同的页面代码。1) The internal relationship of IT elements indicates the relationship between each IT element and its sub-elements: for example, the physical server element is loaded with a virtualization platform, each virtual host is installed with its own operating system, and the operating system runs multiple processes. Different processes provide different services, such as information system services and different page codes.
2)IT元素的外部关系,表示各IT元素与其它IT元素间的关系:比如物理服务器与物理服务器之间通过交换机、路由器、负载均衡器进行关联。2) The external relationship of IT elements, which indicates the relationship between each IT element and other IT elements: for example, physical servers are associated with each other through switches, routers, and load balancers.
(3)链路匹配:按照各IT元素的单一链路关系对归集后的各IT元素进行匹配,得到每个单一链路间各IT元素的链路总览;(3) Link matching: match the collected IT elements according to the single link relationship of each IT element, and obtain the link overview of each IT element between each single link;
(4)时间匹配与事件链路叠加:根据告警事件信息的时间有效性、持续性和时延,将告警事件信息储存到每个单一链路中,进行各单一链路的事件总览;(4) Time matching and event link superposition: according to the time validity, continuity and delay of the alarm event information, the alarm event information is stored in each single link, and the event overview of each single link is performed;
(5)权重面积计算:根据各单一链路的告警IT子元素的指标信息和其他IT子元素的指标信息,计算告警前后各IT子元素的数据波动率,若其他IT子元素的数据波动率大于告警IT子元素的数据波动率,则将该告警IT子元素纳入告警的整体权重面积中;(5) Weight area calculation: According to the index information of the warning IT sub-element of each single link and the index information of other IT sub-elements, calculate the data fluctuation rate of each IT sub-element before and after the alarm, if the data fluctuation rate of other IT sub-elements is greater than the data volatility of the warning IT sub-element, then the warning IT sub-element is included in the overall weight area of the warning;
在步骤(5)中,各IT元素的数据波动率的计算公式为:数据波动率=告警后的数据/告警前的数据-1。In step (5), the calculation formula of the data fluctuation rate of each IT element is: data fluctuation rate=data after the alarm/data before the alarm-1.
(6)噪点过滤:根据告警IT子元素以往的数据波动性和关联IT子元素的数据波动性,对整体权重面积中的告警IT子元素进行过滤,得出告警根源。(6) Noise filtering: According to the previous data volatility of the alarm IT sub-element and the data volatility of the associated IT sub-element, filter the alarm IT sub-element in the overall weight area to obtain the alarm source.
具体的,IT子元素也包含若干指标信息。Specifically, the IT sub-element also includes several index information.
如指标A,在本次告警指标的历史状态为非告警时,它的历史数据波动性达到现有数据的波动性,但它关联的指标B、C的波动性比当前值还大,则指标A可过滤掉。For example, indicator A, when the historical state of the alarm indicator is non-alert, its historical data volatility reaches the volatility of the existing data, but the volatility of its associated indicators B and C is greater than the current value, then the indicator A can be filtered out.
如指标A,在本次告警指标的历史状态为非告警时,它的历史数据波动性达到现有数据的波动性,但它关联的指标B、C的波动性等于或者小于当前值,则指标A列为告警根源项。For example, when the historical status of indicator A is non-alert, its historical data volatility reaches the current data volatility, but the volatility of its associated indicators B and C is equal to or less than the current value, then the indicator A column is the root cause of the alarm.
以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included in the scope of the present invention. within the scope of protection.
Claims (7)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610772896.4A CN106254137B (en) | 2016-08-30 | 2016-08-30 | Alarm root cause analysis system and method for supervisory system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610772896.4A CN106254137B (en) | 2016-08-30 | 2016-08-30 | Alarm root cause analysis system and method for supervisory system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106254137A true CN106254137A (en) | 2016-12-21 |
CN106254137B CN106254137B (en) | 2019-05-10 |
Family
ID=58079648
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610772896.4A Active CN106254137B (en) | 2016-08-30 | 2016-08-30 | Alarm root cause analysis system and method for supervisory system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106254137B (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106951465A (en) * | 2017-02-28 | 2017-07-14 | 深圳市华傲数据技术有限公司 | System failure positioning data analysing method and device |
CN108111342A (en) * | 2017-12-15 | 2018-06-01 | 北京华创网安科技股份有限公司 | Based on visual threat warning methods of exhibiting |
CN108234189A (en) * | 2016-12-22 | 2018-06-29 | 北京神州泰岳软件股份有限公司 | A kind of alarm data treating method and apparatus |
CN109634808A (en) * | 2018-12-05 | 2019-04-16 | 中信百信银行股份有限公司 | A kind of chain type monitor event root cause analysis method based on association analysis |
CN110351150A (en) * | 2019-07-26 | 2019-10-18 | 中国工商银行股份有限公司 | Fault rootstock determines method and device, electronic equipment and readable storage medium storing program for executing |
CN110633165A (en) * | 2019-08-15 | 2019-12-31 | 平安普惠企业管理有限公司 | Fault processing method, device, system server and computer readable storage medium |
CN112686773A (en) * | 2020-12-17 | 2021-04-20 | 贵州电网有限责任公司 | Method for constructing power metering full-link key service abnormity positioning model based on fusion service topology |
CN114143171A (en) * | 2021-11-30 | 2022-03-04 | 中国电信集团系统集成有限责任公司 | Alarm root cause positioning method and system based on TR069 protocol |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102136949A (en) * | 2011-03-24 | 2011-07-27 | 国网电力科学研究院 | Method and system for analyzing alarm correlation based on network and time |
CN102195826A (en) * | 2010-03-10 | 2011-09-21 | 杭州华三通信技术有限公司 | Method and device for detecting root alarm |
CN104636989A (en) * | 2015-02-11 | 2015-05-20 | 广东电网有限责任公司中山供电局 | Power system monitoring alarm information processing method and system |
CN105656699A (en) * | 2016-03-29 | 2016-06-08 | 网宿科技股份有限公司 | Alarm management method and system for content distribution network |
-
2016
- 2016-08-30 CN CN201610772896.4A patent/CN106254137B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102195826A (en) * | 2010-03-10 | 2011-09-21 | 杭州华三通信技术有限公司 | Method and device for detecting root alarm |
CN102136949A (en) * | 2011-03-24 | 2011-07-27 | 国网电力科学研究院 | Method and system for analyzing alarm correlation based on network and time |
CN104636989A (en) * | 2015-02-11 | 2015-05-20 | 广东电网有限责任公司中山供电局 | Power system monitoring alarm information processing method and system |
CN105656699A (en) * | 2016-03-29 | 2016-06-08 | 网宿科技股份有限公司 | Alarm management method and system for content distribution network |
Non-Patent Citations (1)
Title |
---|
李彤岩: "《基于数据挖掘的通信网告警相关性分析研究》", 《中国博士学位论文数据库(信息科技辑)》 * |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108234189A (en) * | 2016-12-22 | 2018-06-29 | 北京神州泰岳软件股份有限公司 | A kind of alarm data treating method and apparatus |
CN106951465A (en) * | 2017-02-28 | 2017-07-14 | 深圳市华傲数据技术有限公司 | System failure positioning data analysing method and device |
CN108111342B (en) * | 2017-12-15 | 2021-08-27 | 北京华创网安科技股份有限公司 | Visualization-based threat alarm display method |
CN108111342A (en) * | 2017-12-15 | 2018-06-01 | 北京华创网安科技股份有限公司 | Based on visual threat warning methods of exhibiting |
CN109634808B (en) * | 2018-12-05 | 2022-05-10 | 中信百信银行股份有限公司 | Chain monitoring event root cause analysis method based on correlation analysis |
CN109634808A (en) * | 2018-12-05 | 2019-04-16 | 中信百信银行股份有限公司 | A kind of chain type monitor event root cause analysis method based on association analysis |
CN110351150A (en) * | 2019-07-26 | 2019-10-18 | 中国工商银行股份有限公司 | Fault rootstock determines method and device, electronic equipment and readable storage medium storing program for executing |
CN110351150B (en) * | 2019-07-26 | 2022-08-16 | 中国工商银行股份有限公司 | Fault source determination method and device, electronic equipment and readable storage medium |
CN110633165A (en) * | 2019-08-15 | 2019-12-31 | 平安普惠企业管理有限公司 | Fault processing method, device, system server and computer readable storage medium |
CN110633165B (en) * | 2019-08-15 | 2022-08-23 | 平安普惠企业管理有限公司 | Fault processing method, device, system server and computer readable storage medium |
CN112686773A (en) * | 2020-12-17 | 2021-04-20 | 贵州电网有限责任公司 | Method for constructing power metering full-link key service abnormity positioning model based on fusion service topology |
CN112686773B (en) * | 2020-12-17 | 2024-05-14 | 贵州电网有限责任公司 | Electric power metering all-link key business anomaly positioning model construction method based on fusion business topology |
CN114143171A (en) * | 2021-11-30 | 2022-03-04 | 中国电信集团系统集成有限责任公司 | Alarm root cause positioning method and system based on TR069 protocol |
CN114143171B (en) * | 2021-11-30 | 2022-11-29 | 中电信数智科技有限公司 | Alarm root cause positioning method and system based on TR069 protocol |
Also Published As
Publication number | Publication date |
---|---|
CN106254137B (en) | 2019-05-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106254137A (en) | The alarm root-cause analysis system and method for supervisory systems | |
CN111885012B (en) | Network situation perception method and system based on information acquisition of various network devices | |
KR102118670B1 (en) | System and method for management of ict infra | |
US8051028B2 (en) | Method and apparatus for generating configuration rules for computing entities within a computing environment using association rule mining | |
CN110134566A (en) | A method for monitoring information system performance in cloud environment based on tag technology | |
CN108197261A (en) | A kind of wisdom traffic operating system | |
CN112596975A (en) | Method, system, equipment and storage medium for monitoring network equipment | |
EP3329640B1 (en) | Network operation | |
Tang et al. | Optimizing system monitoring configurations for non-actionable alerts | |
CN101668012B (en) | Method and device for detecting security event | |
CN111259073A (en) | An intelligent judgment system for business system running status based on logs, traffic and business access | |
CN108986418A (en) | intelligent alarm method, device, equipment and storage medium | |
CN112559237B (en) | Operation and maintenance system troubleshooting method and device, server and storage medium | |
CN101136799A (en) | A method for realizing centralized alarm processing of communication equipment failure | |
CN112988509A (en) | Alarm message filtering method and device, electronic equipment and storage medium | |
CN114531338A (en) | Monitoring alarm and tracing method and system based on call chain data | |
CN103208049B (en) | Abnormal alarm rapid accident analysis method and system | |
CN113505044B (en) | Database warning method, device, equipment and storage medium | |
CN117827608A (en) | Intelligent early warning and disposal method based on historical monitoring data | |
CN112817827A (en) | Operation and maintenance method, device, server, equipment, system and medium | |
CN106951360A (en) | Data statistics integrity degree computational methods and system | |
CN110677271B (en) | Big data alarm method, device, equipment and storage medium based on ELK | |
CN116074215A (en) | Network quality detection method, device, equipment and storage medium | |
CN108248641A (en) | A kind of urban track traffic data processing method and device | |
CN118550709B (en) | A method and system for efficiently processing and analyzing intelligent inspection data |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP03 | Change of name, title or address | ||
CP03 | Change of name, title or address |
Address after: Building B9, No. 11, Kaiyuan Avenue Road, Dongqu street, Huangpu District, Guangzhou, Guangdong Province 510000 Patentee after: Guangzhou Huitong Guoxin Technology Co.,Ltd. Address before: 510000, one of the 111 rooms, No. 139, West Zhongshan Road, Tianhe District, Guangdong, Guangzhou Patentee before: GUANGZHOU HUITONE GUOXIN INFORMATION TECHNOLOGY Co.,Ltd. |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Alarm source analysis system and method of supervision system Effective date of registration: 20200904 Granted publication date: 20190510 Pledgee: Guangzhou Caold financing Company limited by guarantee Pledgor: Guangzhou Huitong Guoxin Technology Co.,Ltd. Registration number: Y2020980005749 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20221027 Granted publication date: 20190510 Pledgee: Guangzhou Caold financing Company limited by guarantee Pledgor: Guangzhou Huitong Guoxin Technology Co.,Ltd. Registration number: Y2020980005749 |
|
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Alarm root cause analysis system and method of supervision system Effective date of registration: 20221031 Granted publication date: 20190510 Pledgee: Guangzhou Caold financing Company limited by guarantee Pledgor: Guangzhou Huitong Guoxin Technology Co.,Ltd. Registration number: Y2022980020291 |
|
PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
PC01 | Cancellation of the registration of the contract for pledge of patent right |
Granted publication date: 20190510 Pledgee: Guangzhou Caold financing Company limited by guarantee Pledgor: Guangzhou Huitong Guoxin Technology Co.,Ltd. Registration number: Y2022980020291 |