Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Log analysis method and system based on template and flow state

A technology of traffic status and analysis method, which is applied in the field of data processing, can solve problems such as information restrictions, and achieve the effect of improving security and improving automatic analysis capabilities

Active Publication Date: 2021-03-26
STATE GRID JIANGSU ELECTRIC POWER CO LTD MAINTENANCE BRANCH
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, in actual stock substations or power plants, a large number of logs of network equipment or security equipment are not sent in the format defined by the specification, which limits the information that can be collected by network security monitoring devices.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Log analysis method and system based on template and flow state

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0031] The present invention will be further described below in conjunction with the accompanying drawings. The following examples are only used to illustrate the technical solution of the present invention more clearly, but not to limit the protection scope of the present invention.

[0032] A log parsing method based on templates and traffic status, such as figure 1 shown, including the following steps:

[0033] Step 1. Obtain network logs by setting syslog server or network traffic;

[0034] Among them, network logs can be obtained by setting the machine as a syslog (system log) server to receive logs. The specific method is to open the UDP (User Datagram Protocol) port 514 of the machine, and specify the log server address of the corresponding device as the machine ; Or obtain logs by capturing network traffic on the switch and obtaining UDP packets on port 514.

[0035] Step 2. Match the log through the template library. If the match is successful, output the parsing l...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a log analysis method and system based on a template and a flow state. The log analysis method comprises the steps of obtaining a weblog; performing matching judgment on the weblog through a predetermined log template library, if matching succeeds, outputting an analysis log, if matching fails, continuing to perform matching judgment on the weblog through a traffic state real-time library, and if matching succeeds,outputting the analysis log, automatically forming a template for the successfully matched logs in the traffic state real-time library, adding the template tothe log template library, and outputting the original logs if the matching fails. The method has the advantages that the problem that an existing network security monitoring device is limited in loganalysis capacity can be solved, the automatic analysis capacity of the weblog is further improved, and then the security of the whole system is improved.

Description

technical field [0001] The invention relates to a log parsing method, system and system based on a template and flow status, and belongs to the technical field of data processing. Background technique [0002] Network security monitoring devices are deployed in substations or power plants to collect information in the stations and send important logs. During the implementation of the specification, the log format of the connected equipment has been regulated. However, in the actual stock substations or power plants, a large number of logs of network equipment or security equipment are not sent in the format defined by the specification, which limits the information that can be collected by network security monitoring devices. Contents of the invention [0003] The technical problem to be solved by the present invention is to overcome the defects of the prior art, and provide a log parsing method, system and system based on templates and traffic status. [0004] In order ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1425
Inventor 张云飞勇明侯永春徐行之华德峰苏和马益峰陈昊张兆君
Owner STATE GRID JIANGSU ELECTRIC POWER CO LTD MAINTENANCE BRANCH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com