Log parsing method and device based on perfect hashing

A parsing method and log technology, applied in the computer field, can solve problems such as low processing efficiency, affecting the efficiency of firewall log parsing, etc., and achieve the effect of improving efficiency

Active Publication Date: 2018-06-29
BEIJING QIANXIN TECH
View PDF3 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] Most logs are strings, and a fixed position represents a fixed field. Take firewall logs as an example. Logs in this string format cannot meet the needs of firewall log content changing within a certain range. Therefore, key-value pairs are used on the firewall. After the monitoring device receives the log sent by the firewall, the traditional m...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Log parsing method and device based on perfect hashing
  • Log parsing method and device based on perfect hashing
  • Log parsing method and device based on perfect hashing

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0026] figure 1 A schematic flow chart of a log parsing method based on perfect hash provided by an embodiment of the present invention, as shown in figure 1 As shown, the method includes:

[0027] Step 101: Obtain the log to be parsed, and extract information from the log to be parsed according to preset rules, and obtain at least one keyword t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention provides a log parsing method and device based on perfect hashing. The method includes the steps of obtaining a to-be-parsed log, conducting information extraction on the to-be-parsed log according to a preset rule, and obtaining to-be-parsed keywords and corresponding values of the to-be-parsed log; according to a perfect hash function created in advance, calculating a first hash value corresponding to each to-be-parsed keyword; according to each first hash value, obtaining corresponding to-be-parsed keyword types, saving the corresponding value of each to-be-parsed keyword into a corresponding structure of the corresponding to-be-parsed keyword type for parsing to obtain structural data. The device is used for executing the method. According to the embodiment, by adopting a hash locating method for identifying the to-be-parsed keywords, there is no need to match characters of the to-be-parsed keywords one by one, the keywords can be obtained fast through hash locating, and therefore the efficiency of parsing the log is improved.

Description

technical field [0001] The embodiments of the present invention relate to the field of computer technology, and in particular to a perfect hash-based log parsing method and device. Background technique [0002] Any program in the computer system may output logs: the operating system kernel, various application servers, and so on. The log contains a large amount of information that is of interest to security managers, operation and maintenance personnel, and business analysts, such as the visitor's IP, access time, source address, client information used by the visitor, and analysis of user behavior characteristics, etc. . [0003] Most logs are strings, and a fixed position represents a fixed field. Take firewall logs as an example. Logs in this string format cannot meet the needs of firewall log content changing within a certain range. Therefore, key-value pairs are used on the firewall. After the monitoring device receives the log sent by the firewall, the traditional me...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F17/30
CPCG06F16/2255
Inventor 王天凤王凯峰王俏
Owner BEIJING QIANXIN TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap