Alarm rule automatic generation method and device and electronic equipment

An automatic generation and rule technology, applied in the field of network information security, can solve problems such as long time-consuming, insufficient effectiveness, poor accuracy of alarm rules, etc.

Pending Publication Date: 2021-09-10
华青融天(北京)软件股份有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In view of this, the object of the present invention is to provide a method, device and electronic equipment for automatically generating warning rules, so as to reli

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Alarm rule automatic generation method and device and electronic equipment
  • Alarm rule automatic generation method and device and electronic equipment
  • Alarm rule automatic generation method and device and electronic equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] According to an embodiment of the present invention, an embodiment of a method for automatically generating an alarm rule is provided. It should be noted that the steps shown in the flow chart of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, Also, although a logical order is shown in the flowcharts, in some cases the steps shown or described may be performed in an order different from that shown or described herein.

[0047] figure 1 is a flow chart of a method for automatically generating an alarm rule according to an embodiment of the present invention, such as figure 1 As shown, the method includes the following steps:

[0048]In step S102, the obtained device logs are screened to obtain target device logs with preset associated features, and the associated features contained in the target device logs are graphically displayed to obtain a graphically displayed relational link group;

[0049] The me...

Embodiment 2

[0079] The embodiment of the present invention also provides a device for automatically generating alarm rules, the device for automatically generating alarm rules is mainly used to implement the method for automatically generating alarm rules provided in Embodiment 1 of the present invention, the following provides the following The device for automatically generating alarm rules will be introduced in detail.

[0080] image 3 is a schematic diagram of an automatic generation device for an alarm rule according to an embodiment of the present invention, such as image 3 As shown, the device mainly includes: a screening and graphical display unit 10, a positioning unit 20 and a generating unit 30, wherein:

[0081] The screening and graphical display unit is used to filter the obtained device logs to obtain the target device logs with preset correlation characteristics, and graphically display the correlation characteristics contained in the target device logs to obtain the gr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an alarm rule automatic generation method and device and electronic equipment, and the method comprises the steps: carrying out the screening of obtained equipment logs, obtaining a target equipment log with preset association features, displaying the association features contained in the target equipment log in a graphical manner, and obtaining a graphical displayed relationship link group; positioning a target relation link in the graphically displayed relation link group; and automatically generating an alarm rule according to the target relation link. According to the method, the alarm rule is automatically and reversely generated according to the target relation link reflecting the association characteristics of the target equipment log, the analysis threshold of technicians is reduced, the time is saved, the obtained alarm rule is more accurate and good in effectiveness, and the technical problems that an existing alarm rule generation method is high in requirement for technicians and long in consumed time, and the obtained alarm rule is poor in accuracy and not effective enough are solved.

Description

technical field [0001] The invention relates to the technical field of network information security, in particular to a method, device and electronic equipment for automatically generating alarm rules. Background technique [0002] With the rapid development of Internet technology, the Internet has permeated all aspects of people's lives. The development of 5G and cloud technology has pushed society into an explosive information age. While we are enjoying the benefits brought by the Internet, we are also facing a series of network information security challenges. For example, Internet fraud caused by personal information leakage, rampant ransomware virus, transaction account password leakage, etc., various information technology security issues are becoming more and more prominent. Bigger and bigger, the significance of security testing is becoming more and more important. [0003] Based on this, there are many security early warning mechanisms obtained by means of rule al...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F11/30G06F11/32
CPCG06F11/3006G06F11/327
Inventor 王少宏
Owner 华青融天(北京)软件股份有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap