Check patentability & draft patents in minutes with Patsnap Eureka AI!

A key field-based switch log rapid aggregation method

A technology of key fields and aggregation methods, applied in the field of electric power information network, can solve the problems of not being able to grasp the related information of logs, time-consuming and labor-intensive, etc., and achieve the effect of reducing log output entries and facilitating analysis

Active Publication Date: 2017-03-22
STATE GRID CORP OF CHINA +1
View PDF5 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the switch log system will give a large number of similar logs for the same event or the same type of event in a short period of time. At the same time, some switch operations or events will occur frequently in a short period of time. For example, a large number of ssh login attempts in a short period of time will cause Multiple switch login failure logs; for a large number of log information, if relying on manual analysis one by one, it is time-consuming and labor-intensive, and at the same time it is impossible to grasp the correlation information between logs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A key field-based switch log rapid aggregation method
  • A key field-based switch log rapid aggregation method
  • A key field-based switch log rapid aggregation method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The technical solutions of the present invention will be described in more detail below in conjunction with embodiments:

[0026] 1. Establish a set of key fields of switch logs: According to the log specification documents of mainstream switch manufacturers such as CISCO, Huawei, H3C, DELL, Ruijie, etc., determine IP, MAC, port, VLAN and numerical operating parameters as the key fields of switch logs ; Since switches of different manufacturers and models have different expressions for key fields, the method defines regular expressions to obtain the key field values ​​in a single log. The regular expression for obtaining key field values ​​is defined as follows:

[0027]

[0028] 2. Build a first host with centos as the operating system, and use mysql data and a syslogd log server to build a syslog log server on the first host. The syslog log server is used to receive switch logs and transfer the switch logs The generated log records are submitted to the log aggregation ana...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a key field-based switch log rapid aggregation method. The method comprises the steps of: S1, establishing a switch log key field set and a key field value extracting method; S2, performing log aggregation analysis: establishing a cluster set which includes {key fields, the key field value set}, performing initialization of a log aggregation analysis module and processing single log records with switches as units to obtain a classification set; S3, performing log aggregation result output, wherein a log output module processes the classification set and outputs log records meeting output conditions. The log rapid aggregation method can aggregate log records containing identical event information or similar log information, reduce log output entries, and facilitate rapid analysis of network operation and maintenance staff.

Description

Technical field [0001] The invention belongs to the field of electric power information network, and specifically relates to a method for fast aggregation of switch logs based on key fields. Background technique [0002] The scale of power information network is expanding day by day, and the number of switch equipment in the network is increasing. A large amount of event information will be generated during the operation of the switch. The event information includes a wealth of data such as switch operation status, user operations, and potential security alarms. The timely and effective analysis of switch logs can help network operation and maintenance personnel to grasp the switch operation status and potential security risks in a timely manner, and adopt corresponding treatment measures. However, the switch log system will give a large number of similar logs for the same event or the same type of event in a short period of time. At the same time, some switch operations or event...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F17/30
CPCG06F16/35
Inventor 刘辉舟杨连营汪文杰丁晖汪胜利
Owner STATE GRID CORP OF CHINA
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com