Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Log template rapid extraction method and system based on association analysis and time window

A technology of correlation analysis and extraction method, which is applied in special data processing applications, instruments, unstructured text data retrieval, etc., can solve the problem of high real-time requirements of system health management, complex log content, and identification of log events that cannot accurately indicate events type etc.

Inactive Publication Date: 2019-08-06
XIDIAN UNIV
View PDF5 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] (2) The level used to identify log events cannot accurately indicate the type of event, nor can it be directly used for anomaly detection
[0009] (3) The content of the log is complex, and various devices in the system and the network will also generate logs. Prior knowledge is required to find the accurate meaning in the log
[0011] The real-time requirements for system health management are high, and the existing technology is difficult to extract and analyze log network events in the scenario of massive logs
For real-time changes in the log, if the model parameters are updated in full, it will consume a lot of memory and CPU
Therefore, it is very difficult to analyze a large number of dynamically changing logs.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Log template rapid extraction method and system based on association analysis and time window
  • Log template rapid extraction method and system based on association analysis and time window
  • Log template rapid extraction method and system based on association analysis and time window

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] In order to make the object, technical solution and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0036] Logs are massive and unstructured. In a distributed IoT environment, the total volume of log messages may exceed tens of millions per day. The log formats provided by different suppliers are different. The diversification of the Internet of Things makes it contain a wide variety of logs, and when different events occur, the generated logs are different. The rating used to identify log events does not accurately indicate the type of event, nor is it directly useful for anomaly detection. The content of the log is complex, and various devices in the system and the network will also generate logs. Prior knowledge is r...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of system log analysis, and discloses a log template rapid extraction method and system based on correlation analysis and a time window. The method comprises the steps of log hierarchical relationship extraction of extracting a plurality of seed types from a system log with correlation, wherein the seed types serve as all log models of events of the type; and constructing a template tree, wherein the processed field logs with the same field are used as father nodes in the tree structure. By respectively extracting the data set templates from a manual clustering result and three template extraction methods by using a Rand _ index method, and respectively comparing the similarities of the data set templates, in the three compared template extraction methods, an online template extraction model has the lowest data set template extraction efficiency, and the correction rate is about 50%, a template extraction model has the highest efficiency, and the correction rate is about 90%, so that the template extraction model based on the association relationship provided by the invention is more reliable.

Description

technical field [0001] The invention belongs to the technical field of system log analysis, in particular to a method and system for quickly extracting log templates based on correlation analysis and time windows. Background technique [0002] Currently, the closest prior art: [0003] The distributed characteristics of the Internet of Things system and the complexity of its services make the logs related to system interaction an important basis for system managers to monitor the system status. System logs can be used to discover system security problems and trace the root cause of problems based on system logs, but it is difficult to directly extract network events from logs. Usually, a network management system (NMS) can be used to monitor the network, and a network management protocol (SNMP) can be used with triggers to detect the network and list relevant log information. [0004] However, different events may have the same impact on the network load, and specific even...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/30G06F16/31
CPCG06F11/3006G06F11/3065G06F16/322
Inventor 沈玉龙胡晓康常二慧郝飞扬张立潘超杰祝幸辉郑佳伟陈俊峰张欢于子勇何明扬绳金涛张维尊贺梦帅彭环杨凌霄
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com