CN115378722B - Dynamic data reporting method, device, equipment and medium across network security domains - Google Patents
Dynamic data reporting method, device, equipment and medium across network security domains Download PDFInfo
- Publication number
- CN115378722B CN115378722B CN202211027027.0A CN202211027027A CN115378722B CN 115378722 B CN115378722 B CN 115378722B CN 202211027027 A CN202211027027 A CN 202211027027A CN 115378722 B CN115378722 B CN 115378722B
- Authority
- CN
- China
- Prior art keywords
- data
- domain
- inter
- information
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 238000007405 data analysis Methods 0.000 claims abstract description 69
- 238000004458 analytical method Methods 0.000 claims abstract description 60
- 238000012545 processing Methods 0.000 claims abstract description 38
- 230000002159 abnormal effect Effects 0.000 claims description 34
- 238000004590 computer program Methods 0.000 claims description 16
- 238000012544 monitoring process Methods 0.000 claims description 12
- 238000013480 data collection Methods 0.000 abstract description 23
- 238000005516 engineering process Methods 0.000 abstract description 2
- 238000004220 aggregation Methods 0.000 abstract 4
- 230000002776 aggregation Effects 0.000 abstract 4
- 230000004931 aggregating effect Effects 0.000 abstract 2
- 230000003993 interaction Effects 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 6
- 238000004891 communication Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 238000004364 calculation method Methods 0.000 description 4
- 238000013500 data storage Methods 0.000 description 4
- 238000013461 design Methods 0.000 description 4
- 238000012423 maintenance Methods 0.000 description 3
- 238000001514 detection method Methods 0.000 description 2
- 238000012805 post-processing Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Technology Law (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
本申请公开了一种跨网络安全域的动态数据上报方法、装置、设备及介质,涉及计算机技术领域,包括:接收应用系统发送的目标网络域内全部的数据,得到域内数据;将所述域内数据上报至域间数据汇总节点,在域间数据汇总节点汇总全部所述域内数据,得到域间数据;通过所述域间数据汇总节点将所述域间数据上报至顶级数据分析节点,在所述顶级数据分析节点汇总全部所述域间数据,得到目标数据;将所述目标数据存放至目标数据库,对所述目标数据进行数据处理分析。本申请在不同网络域间建立设计基于域内数据采集节点、域间数据汇总节点以及顶级数据分析节点构成的三层架构,实现不同网络安全域间的动态数据上报,有效的整合了数据并提高了数据的安全性。
The present application discloses a method, device, equipment and medium for reporting dynamic data across network security domains, which relates to the field of computer technology, including: receiving all data within a target network domain sent by an application system to obtain intra-domain data; reporting the intra-domain data to an inter-domain data aggregation node, aggregating all intra-domain data at the inter-domain data aggregation node to obtain inter-domain data; reporting the inter-domain data to a top-level data analysis node through the inter-domain data aggregation node, aggregating all inter-domain data at the top-level data analysis node to obtain target data; storing the target data in a target database, and performing data processing and analysis on the target data. The present application establishes a three-layer architecture based on intra-domain data collection nodes, inter-domain data aggregation nodes and top-level data analysis nodes between different network domains to realize dynamic data reporting between different network security domains, effectively integrating data and improving data security.
Description
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a method, an apparatus, a device, and a medium for reporting dynamic data across network security domains.
Background
In recent years, with the development of the internet, various business processes are changed from off-line to on-line, and various OA (Office Automation ) office systems are endlessly developed in order to facilitate the on-line office of people. Although the OA office systems are convenient for people to process business, a large amount of effective data and abnormal data generated by the background of the OA office systems are not monitored and analyzed uniformly, meanwhile, problems in operation in the systems can be examined individually, and the systems cannot be monitored and managed integrally. The key point of various OA application systems is that each system has own unique processing mode in interaction with users, and different business processes also have own data transmission formats. There is no unified data recording and analysis function. And the data interaction between different network security domains is limited, and the data cannot be well summarized.
The existing monitoring system can only monitor the OA application in the network domain, and the main implementation mode is that one-to-one data interaction is carried out through an interface and the OA application to collect data, and the other one is that a detection program is installed on an OA application server, and the main system and the detection program are used for one-to-many data interaction to collect data. And then analyzing the acquired data to perform early warning notification or data display. The first data analysis mode is simple to implement, but has poor portability and is inconvenient for service expansion. Each OA application needs to develop an interface separately to realize data collection and reporting. The second data analysis uses a detection subroutine to collect data, so that the actual deployment is complex, the maintenance is difficult, and meanwhile, the collected data is relatively large, so that the data analysis is not easy to carry out.
Disclosure of Invention
Accordingly, the present invention aims to provide a method, apparatus, device and medium for reporting dynamic data across network security domains, which can realize dynamic data reporting between different network security domains, effectively integrate data and improve data security. The specific scheme is as follows:
In a first aspect, the present application discloses a method for reporting dynamic data across network security domains, including:
Receiving all data in a target network domain sent by an application system to obtain domain data;
reporting the intra-domain data to an inter-domain data summarizing node so as to summarize all the intra-domain data at the inter-domain data summarizing node to obtain inter-domain data;
reporting the inter-domain data to a top-level data analysis node through the inter-domain data summarization node so as to summarize all the inter-domain data at the top-level data analysis node to obtain target data;
and storing the target data into a target database so as to perform data processing analysis on the target data.
Optionally, the receiving all data in the target network domain sent by the application system to obtain intra-domain data includes:
And receiving all data which are sent by an application system and are packaged into a target format in a target network domain through a preset interface of a domain data acquisition node so as to obtain domain data, wherein the data comprise running state information, abnormal data information, receiving and transmitting text quantity statistical information, receiving and transmitting text data analysis information and class numbers corresponding to each information.
Optionally, before receiving all the data in the target network domain sent by the application system to obtain the intra-domain data, the method further includes:
judging whether the data sent by the application system meets a first preset condition or not in the intra-domain data acquisition node;
if the data sent by the application system does not meet the first preset condition, returning error information from the intra-domain data acquisition node to the corresponding application system;
And if the data sent by the application system meets the first preset condition, executing the step of receiving all the data in the target network domain sent by the application system.
Optionally, the reporting the intra-domain data to an inter-domain data summarizing node so as to summarize all the intra-domain data at the inter-domain data summarizing node to obtain inter-domain data, including:
Storing the intra-domain data into a first database corresponding to the intra-domain data acquisition node based on the class number;
When a first timing task in the intra-domain data acquisition node starts to be executed, acquiring current address information of the intra-domain data acquisition node;
Calculating the access address of the inter-domain data summarizing node based on the current address information and a preset upper-lower relationship between nodes;
And reporting the intra-domain data acquired from the first database to the inter-domain data summarizing node corresponding to the access address so as to summarize all the intra-domain data at the inter-domain data summarizing node to obtain the inter-domain data.
Optionally, before the inter-domain data is reported to the top-level data analysis node by the inter-domain data summarization node, the method further includes:
Storing the inter-domain data to a second database corresponding to the inter-domain data summarization node based on the class number;
processing the inter-domain data according to a preset data processing rule to obtain inter-domain data to be uploaded;
Correspondingly, the reporting the inter-domain data to a top-level data analysis node through the inter-domain data summarization node includes:
And when the second timing task in the inter-domain data summarizing node starts to be executed, reporting the inter-domain data to be uploaded, which is acquired from the second database, to the top-level data analysis node.
Optionally, after receiving all the data in the target network domain sent by the application system to obtain the intra-domain data, the method further includes:
When the running state information and the abnormal data information reported in a full report form are received, the latest running state information and the latest abnormal data information are utilized to cover the historical running state information and the historical abnormal data information;
when receiving the statistical information of the number of the received and transmitted messages and the analysis information of the received and transmitted message data, which are reported in an incremental reporting mode, adding the statistical information of the number of the received and transmitted messages and the analysis information of the received and transmitted message data into a corresponding database according to the date of the information and according to a preset information adding rule;
Each node generates corresponding task information when receiving the statistic information of the number of the received and transmitted text and the analysis information of the received and transmitted text data;
storing the task information into a task table in the database corresponding to each node;
and deleting the task information from the task list after the statistic information of the number of the received and sent messages and the analysis information of the received and sent message data are successfully reported.
Optionally, the storing the target data in a target database, so as to perform data processing analysis on the target data, further includes:
acquiring processed and analyzed data;
And storing the processed and analyzed data into a data display table or sending the processed and analyzed data to a target monitoring system at fixed time.
In a second aspect, the present application discloses a device for reporting dynamic data across network security domains, including:
the intra-domain data acquisition module is used for receiving all data in a target network domain sent by the application system so as to obtain intra-domain data;
the intra-domain data reporting module is used for reporting the intra-domain data to an inter-domain data summarizing node so as to summarize all the intra-domain data at the inter-domain data summarizing node to obtain inter-domain data;
The inter-domain data reporting module is used for reporting the inter-domain data to a top-level data analysis node through the inter-domain data summarizing node so as to summarize all the inter-domain data at the top-level data analysis node to obtain target data;
and the data processing module is used for storing the target data into a target database so as to perform data processing analysis on the target data.
In a third aspect, the present application discloses an electronic device, comprising:
A memory for storing a computer program;
a processor for executing the computer program to implement the steps of the method for reporting dynamic data across network security domains as previously disclosed.
In a fourth aspect, the present application discloses a computer readable medium storing a computer program, wherein the computer program when executed by a processor implements a method of dynamic data reporting across a network security domain as previously disclosed.
The application provides a method for reporting dynamic data of a cross-network security domain, which comprises the steps of receiving all data in a target network domain sent by an application system to obtain domain data, reporting the domain data to an inter-domain data summarizing node so as to summarize all the domain data at the inter-domain data summarizing node to obtain inter-domain data, reporting the inter-domain data to a top-level data analysis node through the inter-domain data summarizing node so as to summarize all the inter-domain data at the top-level data analysis node to obtain target data, and storing the target data in a target database so as to perform data processing analysis on the target data. Therefore, the application establishes and designs a three-layer architecture based on the intra-domain data acquisition nodes, the inter-domain data summarization nodes and the top-level data analysis nodes among different network domains, realizes the dynamic data reporting among different network security domains, facilitates the acquisition of system data, performs summarization, unified display and analysis on the data, effectively integrates the data and improves the security of the data.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for reporting dynamic data across network security domains disclosed in the present application;
FIG. 2 is a diagram of a three-layer frame type reporting channel structure disclosed by the application;
FIG. 3 is a flowchart of a method for reporting dynamic data across a network security domain in accordance with the present application;
FIG. 4 is a flow chart of the dynamic data reporting disclosed in the present application;
FIG. 5 is a flow chart of a method for reporting data across a network security domain in detail;
FIG. 6 is a schematic diagram of a structure of a dynamic data reporting device of a cross-network security domain according to the present application;
fig. 7 is a block diagram of an electronic device according to the present application.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
At present, the existing monitoring system can only monitor the OA application in the network domain, and the main implementation mode is that one-to-one data interaction is carried out through an interface and the OA application to collect data, and the other one is that a detection program is installed on an OA application server, and the main system and the detection program are used for carrying out one-to-many interaction to collect data. And then analyzing the acquired data to perform early warning notification or data display. The first data analysis mode is simple to implement, but has poor portability and is inconvenient for service expansion. Each OA application needs to develop an interface separately to realize data collection and reporting. The second data analysis uses a detection subroutine to collect data, so that the actual deployment is complex, the maintenance is difficult, and meanwhile, the collected data is relatively large, so that the data analysis is not easy to carry out. Therefore, the application provides a method for reporting dynamic data across network security domains, which can realize the reporting of dynamic data among different network security domains, effectively integrate data and improve the security of the data.
The embodiment of the invention discloses a method for reporting dynamic data of a cross-network security domain, which is shown in fig. 1, and comprises the following steps:
and S11, receiving all data in a target network domain sent by an application system to obtain the domain data.
In this embodiment, all data in the target network domain sent by the application system is received, so as to obtain the intra-domain data. Specifically, through a preset interface of a data acquisition node in a domain, receiving data which is sent by an application system and is packaged into a target format in a target network domain, so as to obtain data in the domain, wherein the data comprises running state information, abnormal data information, statistic information of the number of received and transmitted messages, analysis information of the received and transmitted messages and class numbers corresponding to each information. It should be noted that the intra-domain data collection node issues an interface through which the OA application encapsulates the respective data into a unified format, and reports all the data encapsulated into the target format to the data collection node within the network domain.
It should be noted that, the data is reported in a unified data format, so that the data can be effectively integrated, and the data comparison between different OA applications can be realized.
It can be understood that by building three-stage frame type reporting channels among different network domains, a unified system monitoring class specification is defined, so that dynamic data reporting among different network security domains is realized. The three-level architecture is respectively an intra-domain data acquisition node, an inter-domain data summarization node and a top-level data analysis node. As shown in fig. 2, the top level data analysis node includes a plurality of inter-domain data summarizing nodes, and each inter-domain data summarizing node includes a plurality of intra-domain data collecting nodes. The intra-domain data acquisition node is responsible for providing a data acquisition interface for a third party OA application system and is used for receiving user data and abnormal data generated by a third party, and at least one intra-domain data acquisition node exists in one safety domain.
And step S12, reporting the intra-domain data to an inter-domain data summarizing node so as to summarize all the intra-domain data at the inter-domain data summarizing node to obtain inter-domain data.
In this embodiment, after receiving all data in a target network domain sent by an application system to obtain domain data, reporting the domain data to an inter-domain data summarizing node so as to summarize all the domain data at the inter-domain data summarizing node to obtain inter-domain data. It can be understood that the inter-domain data summarizing node is responsible for receiving the data reported by the intra-domain collecting node in the whole safety domain, and performing simple processing analysis on the data according to actual conditions, so as to reduce redundant data.
And step S13, reporting the inter-domain data to a top-level data analysis node through the inter-domain data summarization node so as to summarize all the inter-domain data at the top-level data analysis node to obtain target data.
In this embodiment, the intra-domain data is reported to an inter-domain data summarizing node, and after the inter-domain data is obtained by summarizing all the intra-domain data at the inter-domain data summarizing node, the inter-domain data is reported to a top-level data analysis node through the inter-domain data summarizing node, so that all the inter-domain data is summarized at the top-level data analysis node, and target data is obtained. It can be understood that the top level data analysis node is responsible for summarizing the data of all network domains, performing unified presentation or transmitting the data to a special monitoring platform.
And step S14, storing the target data into a target database so as to perform data processing analysis on the target data.
In this embodiment, after the top level data analysis node gathers all the inter-domain data to obtain target data, the target data is stored in a target database, so as to perform data processing analysis on the target data. It is understood that the target database is a database corresponding to the top level data analysis node. And after receiving the data reported by the lower stage, the top-stage data analysis node stores the original data in a target database, processes and analyzes the data, and stores the processed and analyzed data in a display table or periodically transmits the processed and analyzed data to a third-party monitoring system.
It can be understood that a three-layer architecture is designed, and the minimum pressure and the safest data protection of the OA application are utilized in a bottom-up hierarchical reporting mode, so that comprehensive data reporting and summarizing are carried out on the working states, load conditions, traffic, faults and warnings of all OA application systems. Compared with the prior art, the three-layer architecture provides a unified data format, is convenient for data integration analysis, can provide related data according to different OA applications, performs data analysis and comparison among different applications, establishes a cross-domain safety channel among different domains, and unifies and gathers the data. Meanwhile, the OA application provides relevant data according to the needs, so that the safety of OA system data can be guaranteed to the greatest extent, data transmission among different network security domains can be solved, the normal operation of the OA application cannot be influenced by an independent dynamic transmission channel, system analysis of the data is facilitated, and abnormal problems generated in a system can be conveniently processed by operation and maintenance management personnel.
The application provides a method for reporting dynamic data of a cross-network security domain, which comprises the steps of receiving all data in a target network domain sent by an application system to obtain domain data, reporting the domain data to an inter-domain data summarizing node so as to summarize all the domain data at the inter-domain data summarizing node to obtain inter-domain data, reporting the inter-domain data to a top-level data analysis node through the inter-domain data summarizing node so as to summarize all the inter-domain data at the top-level data analysis node to obtain target data, and storing the target data in a target database so as to perform data processing analysis on the target data. Therefore, the application establishes and designs a three-layer architecture based on the intra-domain data acquisition nodes, the inter-domain data summarization nodes and the top-level data analysis nodes among different network domains, realizes the dynamic data reporting among different network security domains, facilitates the acquisition of system data, performs summarization, unified display and analysis on the data, effectively integrates the data and improves the security of the data.
Referring to fig. 3, an embodiment of the present invention discloses a method for reporting dynamic data across network security domains, and compared with the previous embodiment, the present embodiment further describes and optimizes a technical solution.
And S21, judging whether the data sent by the application system meets a first preset condition or not in the intra-domain data acquisition node.
In this embodiment, it is determined in the intra-domain data collection node whether the data sent by the application system meets a first preset condition. As shown in fig. 4, when the OA application packages respective data into data with a uniform format through an interface published by a data collection node in a domain, and reports the data to the data collection node in the network domain, it is required to determine whether the data sent by the application system satisfies a first preset condition in the data collection node in the domain. For example, whether the data is valid is determined, if the data sent by the application system does not meet the first preset condition, that is, if the data is not available, the error information is returned from the intra-domain data acquisition node to the corresponding application system, and no processing is performed on the reported data.
And S22, if the data sent by the application system meets the first preset condition, receiving all the data in the target network domain sent by the application system to obtain the domain data.
In this embodiment, after determining, in the intra-domain data collection node, whether the data sent by the application system meets a first preset condition, if the data sent by the application system meets the first preset condition, that is, when the data is valid, all the data in the target network domain sent by the application system is received, so as to obtain intra-domain data. And for the data meeting the requirements, the data acquisition node stores the data into the corresponding first database according to the data type, and waits for the execution of the timing task.
And S23, reporting the intra-domain data to an inter-domain data summarizing node so as to summarize all the intra-domain data at the inter-domain data summarizing node to obtain inter-domain data.
In this embodiment, if the data sent by the application system meets the first preset condition, all the data in the target network domain sent by the application system is received, after the intra-domain data is obtained, the intra-domain data is reported to an inter-domain data summarizing node, so that all the intra-domain data is summarized at the inter-domain data summarizing node, and the inter-domain data is obtained. It can be understood that, for data meeting requirements, the intra-domain data is stored into a first database corresponding to the intra-domain data collection node based on the class number, when a first timing task in the intra-domain data collection node starts to be executed, current address information of the intra-domain data collection node is obtained, an access address of the inter-domain data collection node is calculated based on the current address information and a preset upper-lower relationship between the nodes, and the intra-domain data obtained from the first database is reported to the inter-domain data collection node corresponding to the access address so as to collect all the intra-domain data at the inter-domain data collection node to obtain the inter-domain data. It should be noted that when the timing task starts to be executed, route calculation is first performed to obtain the access address and node information of the upper node, and then the data is reported to the inter-domain data summarizing node.
Specifically, when the three-layer architecture channel is established, the upper and lower level relation among the nodes needs to be configured, and the upper and lower level relation among the nodes is determined by using the CC.BB.AA form. Wherein the top level data analysis node can be set as AA, then the lower level inter-domain data summarization node can be set as BB.AA, and the lowest level intra-domain data collection node is set as CC.BB.AA. The design can provide different reporting interval configurations for different reporting data, can perform reporting interval configuration according to the actual condition of the site, and simultaneously provides configuration of timing tasks, and the generated data are reported uniformly so as to prevent data omission.
And step S24, storing the inter-domain data to a second database corresponding to the inter-domain data summarization node based on the class number.
In this embodiment, after the inter-domain data summarizing node summarizes all the intra-domain data to obtain inter-domain data, the inter-domain data is stored in a second database corresponding to the inter-domain data summarizing node based on the class number. It can be understood that the inter-domain data summarizing node is responsible for receiving the data reported by the lower node and simply analyzing and summarizing the data while storing the data in the second database, and waits for the execution of the timing task.
And S25, processing the inter-domain data according to a preset data processing rule to obtain the inter-domain data to be uploaded.
In this embodiment, after the inter-domain data is stored in the second database corresponding to the inter-domain data summarizing node based on the class number, the inter-domain data is processed according to a preset data processing rule, so as to obtain inter-domain data to be uploaded. It can be appreciated that after the inter-domain data is stored in the second database, simple analysis and summarization may be performed on the inter-domain data, for example, when the data volume of the inter-domain data is too large, processing such as deduplication, calculation, etc. is performed on the data, so as to obtain inter-domain data to be uploaded.
And S26, when the second timing task in the inter-domain data summarizing node starts to be executed, reporting the inter-domain data to be uploaded obtained from the second database to the top-level data analysis node so as to summarize all the inter-domain data to be uploaded at the top-level data analysis node to obtain target data.
In this embodiment, when the second timing task in the inter-domain data summarizing node starts to execute, the inter-domain data to be uploaded obtained from the second database is reported to the top-level data analysis node, so that all the inter-domain data to be uploaded are summarized at the top-level data analysis node, and target data is obtained. It can be understood that when only one top-level data analysis node exists in the whole architecture, the inter-domain data to be uploaded obtained from the second database is directly reported to the top-level data analysis node, and if a plurality of top-level data analysis nodes exist in the whole architecture, route calculation is performed to obtain the access address and node information of the target top-level data analysis node, and then the data is reported to the target top-level data analysis node.
And step S27, storing the target data into a target database so as to perform data processing analysis on the target data.
For the specific content of the above step S27, reference may be made to the corresponding content disclosed in the foregoing embodiment, and no detailed description is given here.
It can be seen that the method and the device for processing the inter-domain data in the data storage system comprise the steps of judging whether data sent by an application system meet a first preset condition in a data collection node in the domain, receiving all data in a target network domain sent by the application system to obtain intra-domain data if the data sent by the application system meet the first preset condition, reporting the intra-domain data to an inter-domain data collection node so as to collect all the intra-domain data in the inter-domain data collection node to obtain inter-domain data, storing the inter-domain data to a second database corresponding to the inter-domain data collection node based on the class number, processing the inter-domain data according to a preset data processing rule to obtain the inter-domain data to be uploaded, reporting the inter-domain data to be uploaded obtained from the second database to a top-level data analysis node when a second timing task in the inter-domain data collection node starts to be executed, collecting all the inter-domain data to be uploaded at the top-level data analysis node to obtain target data, storing the target data to the target data so as to effectively analyze the target data, and improving the safety of the target data.
Referring to fig. 5, an embodiment of the present invention discloses a method for reporting dynamic data across network security domains, and compared with the previous embodiment, the present embodiment further describes and optimizes a technical solution.
And S31, receiving all data in the target network domain sent by the application system to obtain the domain data.
In this embodiment, all data in the target network domain sent by the application system is received, so as to obtain the intra-domain data. It can be understood that the data types reported by the application system monitoring include running state information (i.e. reporting running state information of the OA application system), abnormal data information (i.e. reporting abnormal data of OA application service), statistical information of the number of received and sent messages (i.e. statistical reporting of the number of received and sent messages of the OA application), analytical information of the data of the received and sent messages (i.e. analytical reporting of the data of the sent message of the OA application), and a type number corresponding to each information. The correspondence between specific data class numbers and data classification indexes is shown in table 1 below:
TABLE 1
| Category type number | Meaning of representation |
| 0 | OA application system running state information reporting |
| 1 | OA application business anomaly data reporting |
| 2 | OA application transceiver quantity statistics reporting |
| 3 | OA application messaging data analysis reporting |
The class (type) number corresponding to each data class is determined prior to data upload. It can be understood that the system running state reporting is responsible for summarizing and displaying the indexes of the CPU (central processing unit), the memory indexes and the disk indexes of each OA application system, the abnormal data reporting is responsible for monitoring various abnormal data generated by the application, such as failed data, overtime data and the like, the receiving and transmitting text quantity statistics reporting is responsible for summarizing the whole service interaction quantity of each OA application, and the receiving and transmitting text data analysis reporting is responsible for summarizing the data which needs to be particularly displayed by each OA system, such as state statistics, emergency statistics and the like. It can be understood that the working state, load condition, traffic, faults and warnings of each OA application system are monitored in a unified way, and monitoring data is submitted to the upper node system. A special transmission channel which only allows the upward transmission of messages is opened up among different network domains, and meanwhile, the reliability and the effectiveness of data are confirmed by carrying out hierarchical verification through a three-layer architecture. And integrating data among different OA applications according to the unified interface to form a unified data format.
And step S32, reporting the intra-domain data to an inter-domain data summarizing node so as to summarize all the intra-domain data at the inter-domain data summarizing node to obtain inter-domain data.
And step S33, reporting the inter-domain data to a top-level data analysis node through the inter-domain data summarization node so as to summarize all the inter-domain data at the top-level data analysis node to obtain target data.
And step S34, when the running state information and the abnormal data information reported in a full report form are received, the historical information is covered.
In this embodiment, when the running state information and the abnormal data information reported in the full report form are received, the history information is covered. It can be understood that when the running state information and the abnormal data information reported in the full reporting form are received, the latest running state information and the latest abnormal data information are used for covering the historical running state information and the historical abnormal data information, namely, the running state information of the OA application system and the abnormal data system of the OA application service are in the full reporting form, and the previous data can be directly covered according to the reporting node when the data are received. It should be noted that, when any node in the intra-domain data collection node, the inter-domain data summarization node, and the top-level data analysis node receives the running state information and the abnormal data information reported in the full report form, the latest running state information, the latest abnormal data information are used to cover the historical running state information and the historical abnormal data information.
And step S35, adding corresponding information when receiving the statistic information of the number of the received and transmitted messages and the analysis information of the received and transmitted message data, wherein the statistic information and the analysis information of the received and transmitted message data are reported in an increment reporting mode.
In this embodiment, when the statistics information of the number of the transmitted/received messages and the analysis information of the data of the transmitted/received messages reported in the incremental reporting form are received, corresponding information is added. It can be understood that when the statistical information of the number of the transmitted and received messages and the analysis information of the transmitted and received messages are received, the statistical information of the number of the transmitted and received messages and the analysis information of the transmitted and received messages are added to the corresponding database according to the date of the information and according to the preset information adding rule. I.e. the statistics of the number of the transceiver of the OA application and the analysis of the data of the transmitted data of the OA application are in the form of incremental reporting, and adding data according to different dates after receiving the data each time.
And step S36, when each node receives the statistic information of the number of the received and transmitted text and the analysis information of the received and transmitted text data, corresponding task information is generated, and the task information is stored in a task table in the database corresponding to each node.
In this embodiment, when each node receives the statistic information of the number of the transmitted and received text and the analysis information of the data of the transmitted and received text, the corresponding task information is generated, and the task information is stored in a task table in the database corresponding to each node. It can be understood that after any node in the system receives the statistic information of the number of the transmitted and received messages and the data of the analysis information of the transmitted and received messages, a task is generated and written into a preset task table in a database corresponding to the node, so as to prevent reporting failure of incremental data.
And S37, deleting the task information from the task list after the statistic information of the number of the received and transmitted messages and the analysis information of the received and transmitted message data are successfully reported.
In this embodiment, after the task information is stored in the task table in the database corresponding to each node, a data reporting operation is performed, and after the report of the statistic information of the number of the transmitted and received messages and the analysis information of the data of the transmitted and received messages is successful, the task information is deleted from the task table. When the statistic information of the number of the transmitted and received messages and the analysis information of the data of the transmitted and received messages are not reported successfully, the task information still exists in the task list, and whether the uploading of the increment data fails can be judged according to the task information in the task list.
And step S38, storing the target data into a target database so as to perform data processing analysis on the target data.
In this embodiment, the target data is stored in a target database, so that after data processing analysis is performed on the target data, processed and analyzed data is obtained, and the processed and analyzed data is stored in a data display table or is sent to a target monitoring system at regular time.
For the specific content of the steps S32 and S33, reference may be made to the corresponding content disclosed in the foregoing embodiment, and no detailed description is given here.
It can be seen that the embodiment of the application obtains intra-domain data by receiving all data in a target network domain sent by an application system, reports the intra-domain data to an inter-domain data summarizing node so as to summarize all the intra-domain data at the inter-domain data summarizing node to obtain inter-domain data, reports the inter-domain data to a top data analyzing node through the inter-domain data summarizing node so as to summarize all the inter-domain data at the top data analyzing node to obtain target data, covers historical information when the running state information and the abnormal data information reported in a full reporting mode are received, adds corresponding information when the statistic information of the number of the sending messages and the analysis information of the sending and receiving message data reported in an increment reporting mode are received, generates corresponding task information when each node receives the statistic information of the number of the sending and receiving the analysis information of the sending and receiving message data, stores the task information into a task table in a database corresponding to each node, successfully analyzes the task information from the sending and receiving the statistic information of the sending and receiving the analysis information of the sending and receiving the task information, and the target data is effectively processed and the target data is improved.
Referring to fig. 6, the embodiment of the present application further correspondingly discloses a device for reporting dynamic data across network security domains, including:
The intra-domain data acquisition module 11 is configured to receive all data in a target network domain sent by an application system, so as to obtain intra-domain data;
a domain data reporting module 12, configured to report the domain data to an inter-domain data summarizing node, so that all the domain data is summarized at the inter-domain data summarizing node to obtain inter-domain data;
The inter-domain data reporting module 13 is configured to report the inter-domain data to a top-level data analysis node through the inter-domain data summarizing node, so that all the inter-domain data is summarized at the top-level data analysis node to obtain target data;
And the data processing module 14 is used for storing the target data into a target database so as to perform data processing analysis on the target data.
The method comprises the steps of receiving all data in a target network domain sent by an application system to obtain domain data, reporting the domain data to an inter-domain data summarizing node so as to summarize all the domain data at the inter-domain data summarizing node to obtain inter-domain data, reporting the inter-domain data to a top-level data analysis node through the inter-domain data summarizing node so as to summarize all the inter-domain data at the top-level data analysis node to obtain target data, and storing the target data in a target database so as to perform data processing analysis on the target data. Therefore, the application establishes and designs a three-layer architecture based on the intra-domain data acquisition nodes, the inter-domain data summarization nodes and the top-level data analysis nodes among different network domains, realizes the dynamic data reporting among different network security domains, facilitates the acquisition of system data, performs summarization, unified display and analysis on the data, effectively integrates the data and improves the security of the data.
In some embodiments, the intra-domain data acquisition module 11 specifically includes:
the intra-domain data judging unit is used for judging whether the data sent by the application system meets a first preset condition or not in the intra-domain data acquisition node;
an error information return unit, configured to return error information from the intra-domain data acquisition node to the corresponding application system if the data sent by the application system does not meet the first preset condition;
The intra-domain data acquisition unit is used for receiving all data which are sent by the application system and are packaged into a target format in a target network domain through a preset interface of the intra-domain data acquisition node if the data sent by the application system meet the first preset condition so as to obtain intra-domain data, wherein the data comprise running state information, abnormal data information, statistic information of the number of received and sent messages, analysis information of the received and sent messages and class numbers corresponding to each information.
In some embodiments, the intra-domain data reporting module 12 specifically includes:
the intra-domain data storage unit is used for storing the intra-domain data into a first database corresponding to the intra-domain data acquisition node based on the class number;
The current address information acquisition unit is used for acquiring the current address information of the intra-domain data acquisition node when a first timing task in the intra-domain data acquisition node starts to be executed;
An access address calculation unit, configured to calculate an access address of the inter-domain data summarizing node based on the current address information and a preset upper-lower relationship between nodes;
And the inter-domain data acquisition unit is used for reporting the intra-domain data acquired from the first database to the inter-domain data summarization node corresponding to the access address so as to summarize all the intra-domain data at the inter-domain data summarization node to acquire the inter-domain data.
In some embodiments, the inter-domain data reporting module 13 specifically includes:
the inter-domain data storage unit is used for storing the inter-domain data to a second database corresponding to the inter-domain data summarization node based on the class number;
The inter-domain data to be uploaded is used for processing the inter-domain data according to a preset data processing rule to obtain the inter-domain data to be uploaded;
The target data acquisition unit is used for reporting the inter-domain data to be uploaded, which is acquired from the second database, to the top-level data analysis node when the second timing task in the inter-domain data summarization node starts to be executed, so that all the inter-domain data are summarized at the top-level data analysis node to obtain target data;
The data coverage unit is used for utilizing the latest running state information and the latest abnormal data information to cover the historical running state information and the historical abnormal data information when the running state information and the abnormal data information reported in a full reporting form are received;
The data adding unit is used for adding the statistic information of the number of the received and transmitted messages and the analysis information of the received and transmitted messages to a corresponding database according to the date of the information and according to a preset information adding rule when the statistic information of the number of the received and transmitted messages and the analysis information of the received and transmitted messages and reported in an increment reporting mode are received;
The task information generating unit is used for generating corresponding task information when each node receives the statistic information of the number of the received and transmitted text and the analysis information of the received and transmitted text data;
The task information storage unit is used for storing the task information into a task table in the database corresponding to each node;
and the task information deleting unit is used for deleting the task information from the task table after the report of the statistic information of the number of the received and transmitted messages and the analysis information of the received and transmitted message data is successful.
In some embodiments, the data processing module 14 specifically includes:
the target data storage unit is used for storing the target data into a target database so as to perform data processing analysis on the target data;
The post-processing analysis data acquisition unit is used for acquiring post-processing analysis data;
and the processed and analyzed data transmitting unit is used for storing the processed and analyzed data into a data display table or transmitting the processed and analyzed data to a target monitoring system at regular time.
Further, the embodiment of the application also provides electronic equipment. Fig. 7 is a block diagram of an electronic device 20, according to an exemplary embodiment, and is not intended to limit the scope of use of the present application in any way.
Fig. 7 is a schematic structural diagram of an electronic device 20 according to an embodiment of the present application. The electronic device 20 may include, in particular, at least one processor 21, at least one memory 22, a power supply 23, a communication interface 24, an input-output interface 25, and a communication bus 26. The memory 22 is configured to store a computer program, which is loaded and executed by the processor 21 to implement relevant steps in the method for reporting dynamic data across network security domains disclosed in any of the foregoing embodiments. In addition, the electronic device 20 in the present embodiment may be specifically an electronic computer.
In this embodiment, the power supply 23 is configured to provide working voltages for each hardware device on the electronic device 20, the communication interface 24 is capable of creating a data transmission channel with an external device for the electronic device 20, and the communication protocol to be followed is any communication protocol applicable to the technical solution of the present application, which is not specifically limited herein, and the input/output interface 25 is configured to obtain external input data or output data to the external device, and the specific interface type of the input/output interface may be selected according to the specific application needs and is not specifically limited herein.
The memory 22 may be a carrier for storing resources, such as a read-only memory, a random access memory, a magnetic disk, or an optical disk, and the resources stored thereon may include an operating system 221, a computer program 222, and the like, and the storage may be temporary storage or permanent storage.
The operating system 221 is used for managing and controlling various hardware devices on the electronic device 20 and the computer program 222, which may be Windows Server, netware, unix, linux, etc. The computer program 222 may further comprise a computer program that can be used to perform other specific tasks in addition to the computer program that can be used to perform the method of dynamic data reporting across a network security domain performed by the electronic device 20 disclosed in any of the previous embodiments.
Further, the embodiment of the application also discloses a medium, wherein the medium stores a computer program, and when the computer program is loaded and executed by a processor, the steps of the method for reporting the dynamic data across the network security domain disclosed in any embodiment are realized.
In this specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, so that the same or similar parts between the embodiments are referred to each other. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.
Finally, it is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises an element.
The foregoing describes the principles and embodiments of the present invention in detail using specific examples to illustrate the principles and embodiments of the present invention, and the foregoing examples are only for aiding in understanding the methods and core ideas of the present invention, and meanwhile, to those skilled in the art, according to the ideas of the present invention, there are variations in the specific embodiments and application ranges, so the disclosure should not be construed as limiting the present invention.
Claims (8)
1. A method for reporting dynamic data of a cross-network security domain is characterized by comprising the following steps:
Receiving all data in a target network domain sent by an application system through a domain data acquisition node so as to obtain domain data;
Reporting the intra-domain data to an inter-domain data summarizing node through the intra-domain data collecting node so as to summarize all the intra-domain data at the inter-domain data summarizing node to obtain inter-domain data, wherein the inter-domain data summarizing node comprises a plurality of intra-domain data collecting nodes;
reporting the inter-domain data to a top-level data analysis node through the inter-domain data summarization node so as to summarize all the inter-domain data at the top-level data analysis node to obtain target data, wherein the top-level data analysis node comprises a plurality of inter-domain data summarization nodes;
Storing the target data into a target database so as to perform data processing analysis on the target data;
Receiving all data in a target network domain sent by an application system to obtain intra-domain data, wherein the data comprises running state information, abnormal data information, receiving text quantity statistical information, receiving text data analysis information and class numbers corresponding to each information, wherein the data is sent by the application system and packaged into a target format in the target network domain through a preset interface of a data acquisition node in the domain;
When the running state information and the abnormal data information reported in a full report form are received, the latest running state information and the latest abnormal data information are utilized to cover the historical running state information and the historical abnormal data information;
when receiving the statistical information of the number of the received and transmitted messages and the analysis information of the received and transmitted message data, which are reported in an incremental reporting mode, adding the statistical information of the number of the received and transmitted messages and the analysis information of the received and transmitted message data into a corresponding database according to the date of the information and according to a preset information adding rule;
Each node generates corresponding task information when receiving the statistic information of the number of the received and transmitted text and the analysis information of the received and transmitted text data;
storing the task information into a task table in the database corresponding to each node;
and deleting the task information from the task list after the statistic information of the number of the received and sent messages and the analysis information of the received and sent message data are successfully reported.
2. The method for reporting dynamic data across network security domains according to claim 1, wherein before receiving all data in a target network domain sent by an application system to obtain intra-domain data, further comprising:
judging whether the data sent by the application system meets a first preset condition or not in the intra-domain data acquisition node;
if the data sent by the application system does not meet the first preset condition, returning error information from the intra-domain data acquisition node to the corresponding application system;
And if the data sent by the application system meets the first preset condition, executing the step of receiving all the data in the target network domain sent by the application system.
3. The method for reporting dynamic data across a network security domain according to claim 1, wherein reporting the intra-domain data to an inter-domain data summary node so that all the intra-domain data is summarized at the inter-domain data summary node to obtain inter-domain data comprises:
Storing the intra-domain data into a first database corresponding to the intra-domain data acquisition node based on the class number;
When a first timing task in the intra-domain data acquisition node starts to be executed, acquiring current address information of the intra-domain data acquisition node;
Calculating the access address of the inter-domain data summarizing node based on the current address information and a preset upper-lower relationship between nodes;
And reporting the intra-domain data acquired from the first database to the inter-domain data summarizing node corresponding to the access address so as to summarize all the intra-domain data at the inter-domain data summarizing node to obtain the inter-domain data.
4. The method for reporting dynamic data across a network security domain according to claim 1, wherein before the inter-domain data is reported to a top-level data analysis node by the inter-domain data summary node, further comprising:
Storing the inter-domain data to a second database corresponding to the inter-domain data summarization node based on the class number;
processing the inter-domain data according to a preset data processing rule to obtain inter-domain data to be uploaded;
Correspondingly, the reporting the inter-domain data to a top-level data analysis node through the inter-domain data summarization node includes:
And when the second timing task in the inter-domain data summarizing node starts to be executed, reporting the inter-domain data to be uploaded, which is acquired from the second database, to the top-level data analysis node.
5. A method of reporting dynamic data across a network security domain as claimed in any one of claims 1 to 4, wherein the storing the target data in a target database for data processing analysis of the target data further comprises:
acquiring processed and analyzed data;
And storing the processed and analyzed data into a data display table or sending the processed and analyzed data to a target monitoring system at fixed time.
6. A dynamic data reporting device across a network security domain, comprising:
The intra-domain data acquisition module is used for receiving all data in a target network domain sent by the application system through the intra-domain data acquisition node so as to obtain intra-domain data;
the intra-domain data reporting module is used for reporting the intra-domain data to an inter-domain data summarizing node through the intra-domain data collecting node so as to summarize all the intra-domain data at the inter-domain data summarizing node to obtain inter-domain data, wherein the inter-domain data summarizing node comprises a plurality of intra-domain data collecting nodes;
The inter-domain data reporting module is used for reporting the inter-domain data to a top-level data analysis node through the inter-domain data summarizing node so as to summarize all the inter-domain data at the top-level data analysis node to obtain target data, wherein the top-level data analysis node comprises a plurality of inter-domain data summarizing nodes;
The data processing module is used for storing the target data into a target database so as to perform data processing analysis on the target data;
Receiving all data in a target network domain sent by an application system to obtain intra-domain data, wherein the data comprises running state information, abnormal data information, receiving text quantity statistical information, receiving text data analysis information and class numbers corresponding to each information, wherein the data is sent by the application system and packaged into a target format in the target network domain through a preset interface of a data acquisition node in the domain;
The data coverage unit is used for utilizing the latest running state information and the latest abnormal data information to cover the historical running state information and the historical abnormal data information when the running state information and the abnormal data information reported in a full reporting form are received;
The data adding unit is used for adding the statistic information of the number of the received and transmitted messages and the analysis information of the received and transmitted messages to a corresponding database according to the date of the information and according to a preset information adding rule when the statistic information of the number of the received and transmitted messages and the analysis information of the received and transmitted messages and reported in an increment reporting mode are received;
The task information generating unit is used for generating corresponding task information when each node receives the statistic information of the number of the received and transmitted text and the analysis information of the received and transmitted text data;
The task information storage unit is used for storing the task information into a task table in the database corresponding to each node;
and the task information deleting unit is used for deleting the task information from the task table after the report of the statistic information of the number of the received and transmitted messages and the analysis information of the received and transmitted message data is successful.
7. An electronic device, comprising:
A memory for storing a computer program;
A processor for executing the computer program to implement the steps of the method for dynamic data reporting across a network security domain as claimed in any one of claims 1 to 5.
8. A computer readable medium for storing a computer program, wherein the computer program when executed by a processor implements a method of dynamic data reporting across a network security domain as claimed in any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211027027.0A CN115378722B (en) | 2022-08-25 | 2022-08-25 | Dynamic data reporting method, device, equipment and medium across network security domains |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211027027.0A CN115378722B (en) | 2022-08-25 | 2022-08-25 | Dynamic data reporting method, device, equipment and medium across network security domains |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115378722A CN115378722A (en) | 2022-11-22 |
| CN115378722B true CN115378722B (en) | 2025-02-11 |
Family
ID=84067410
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211027027.0A Active CN115378722B (en) | 2022-08-25 | 2022-08-25 | Dynamic data reporting method, device, equipment and medium across network security domains |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115378722B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105553769A (en) * | 2015-12-15 | 2016-05-04 | 北京奇虎科技有限公司 | Data collecting-analyzing system and method |
| CN114490579A (en) * | 2022-01-24 | 2022-05-13 | 深圳壹账通智能科技有限公司 | Cross-network-area database detection method, device, equipment and storage medium |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113722301A (en) * | 2021-07-28 | 2021-11-30 | 浙江省公众信息产业有限公司 | Big data processing method, device and system based on education information and storage medium |
| CN114066691A (en) * | 2021-11-16 | 2022-02-18 | 中国人民武装警察部队工程大学 | Education data analysis method based on federal learning |
-
2022
- 2022-08-25 CN CN202211027027.0A patent/CN115378722B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105553769A (en) * | 2015-12-15 | 2016-05-04 | 北京奇虎科技有限公司 | Data collecting-analyzing system and method |
| CN114490579A (en) * | 2022-01-24 | 2022-05-13 | 深圳壹账通智能科技有限公司 | Cross-network-area database detection method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115378722A (en) | 2022-11-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102083766B1 (en) | Providing per-application resource usage information | |
| US8370479B2 (en) | System and method for dynamically grouping devices based on present device conditions | |
| US7091846B2 (en) | Methods and apparatus for handling information regarding an alarm for a communication network | |
| CN111339175B (en) | Data processing method, device, electronic equipment and readable storage medium | |
| CN107294764A (en) | Intelligent supervision method and intelligent monitoring system | |
| US20160358106A1 (en) | Electrical transformer failure prediction | |
| CN106487574A (en) | Automatic operating safeguards monitoring system | |
| US20060026467A1 (en) | Method and apparatus for automatically discovering of application errors as a predictive metric for the functional health of enterprise applications | |
| CN111190794A (en) | Operation and maintenance monitoring and management system | |
| EP1361761A1 (en) | Telecommunications network management system and method for service monitoring | |
| CN113242153B (en) | Application-oriented monitoring analysis method based on network traffic monitoring | |
| US20050097517A1 (en) | Method and system for adjusting the relative value of system configuration recommendations | |
| CN111585840B (en) | Service resource monitoring method, device and equipment | |
| CN105282772A (en) | Wireless network data communication equipment monitoring system and equipment monitoring method | |
| CA3059738A1 (en) | Behaviour data processing method, device, electronic device and computer readable medium | |
| CN114244676A (en) | Intelligent IT integrated gateway system | |
| CN110888786A (en) | Operation and maintenance monitoring system | |
| CN114726708A (en) | Network element equipment fault prediction method and system based on artificial intelligence | |
| CN107463490B (en) | Cluster log centralized collection method applied to platform development | |
| CN112141832A (en) | Visual operation platform of elevator thing networking | |
| US7120633B1 (en) | Method and system for automated handling of alarms from a fault management system for a telecommunications network | |
| CN113794719B (en) | Network abnormal traffic analysis method and device based on elastic search technology and electronic equipment | |
| WO2023093394A1 (en) | Log-based anomaly monitoring method, system, and apparatus, and storage medium | |
| CN114598622A (en) | Data monitoring method and device, storage medium and computer equipment | |
| CN115378722B (en) | Dynamic data reporting method, device, equipment and medium across network security domains |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |