Log monitoring method based on abnormal behavior detection

An anomaly detection and logging technology, applied in hardware monitoring, error detection/correction, instruments, etc., to solve problems such as inconvenient automated processing, various log systems, and unfixed log structure.

Active Publication Date: 2016-06-08
江阴逐日信息科技有限公司
View PDF10 Cites 51 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Considering the rate of log generation, the time required to process each log, and hardware overhead, it is difficult for existing analysis technologies to achieve real-time and effective analysis of log content
[0008] 2) The log structure is not fixed
[0009] Logs do not follow a specific format, t...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Log monitoring method based on abnormal behavior detection
  • Log monitoring method based on abnormal behavior detection
  • Log monitoring method based on abnormal behavior detection

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] The present invention will be described in detail below in conjunction with specific embodiments. The following examples will help those skilled in the art to further understand the present invention, but do not limit the present invention in any form. It should be noted that those skilled in the art can make several changes and improvements without departing from the concept of the present invention. These all belong to the protection scope of the present invention.

[0055] According to the log monitoring method based on behavior anomaly detection provided by the present invention, it is roughly divided into two steps: log data preprocessing and log anomaly detection.

[0056] The preprocessing technique includes two steps of log normalization and log information clustering. First, the log format is unified through log normalization and the log is deparameterized. After deparameterization, the number of log types with different contents is greatly reduced; then, the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a log monitoring method based on abnormal behavior detection. The log monitoring method includes the steps of log preprocessing and log anomaly detection. According to the log preprocessing step, log structures are unified, and logs are processed in a clustered mode; according to the anomaly detection step, log flow is converted into a behavior sequence according to the log clustering result, a behavior mode is generated, and anomaly indexes of the real-time log flow are obtained; anomaly indexes and an anomaly threshold value are compared, and whether to give out anomaly early warning or not is determined according to the comparison result. According to the method, starting from the log type characteristics, a generating rule of the logs of different types is analyzed, the problem that the data size is too large is solved in a log information clustering mode, log content is effectively analyzed in real time, the data can be automatically processed conveniently, and the method is in high universality and anomaly detection success rate.

Description

technical field [0001] The invention relates to the technical field of software monitoring, in particular to a log monitoring method based on abnormal behavior detection. Background technique [0002] Today's software systems are getting bigger and bigger, and the structure is getting more and more complex, and the occurrence of exceptions and errors becomes unavoidable. At present, there are generally two ways to avoid software exceptions: one is to prevent software exceptions during the development process, including good programming habits, structured and scientific software development processes, and a large number of essential unit tests, end-to-end Testing, etc.; the second is to use the monitoring system to monitor the software status in real time during the system operation, to detect abnormal behaviors that have occurred or are about to occur in time, and leave valuable time for taking corresponding measures. [0003] Log monitoring is a series of processes of coll...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F11/30
CPCG06F11/3082G06F2201/865
Inventor 曹健杜思忠
Owner 江阴逐日信息科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap