Log correlation analysis method and device, storage medium and equipment
A correlation analysis and log technology, which is applied in the field of log event correlation analysis, can solve the problems of reduced event correlation analysis accuracy, lack of flexibility, and reduced accuracy of analysis results, and achieves the effect of eliminating adverse effects and improving flexibility.
Pending Publication Date: 2021-11-02
CHINA CONSTRUCTION BANK
View PDF0 Cites 0 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
However, event correlation analysis contains two problems: the first is that the item set segmentation method selected by event correlation analysis is to extract all the feature data of each log as an item set, resulting in a dense number of item sets and a decrease in the accuracy of event correlation analysis The second is that there is no classification and integration of similar feature data in the log information, and there is a lack of methods and devices for uniformly classifying similar events in the log into the same item
Therefore, the current log correlation analysis lacks flexibility, and can only conduct correlation analysis for specific situations, and cannot dynamically correct log event correlation, reducing the accuracy of analysis results
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0059] The following will clearly and completely describe the technical solutions in the embodiments of the application with reference to the drawings in the embodiments of the application. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.
[0060] like figure 1 As shown, it is a schematic diagram of a log correlation analysis method provided in the embodiment of the present application, including the following steps:
[0061] S101: Obtain multiple logs collected by a log source, and build a log collection based on each log and the generation time of each log.
[0062] where each log contains one or more events.
[0063] Optionally, after obtaining multiple logs collected by the log source, you can also set log source...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses a log correlation analysis method and device, a storage medium and equipment, and the method comprises the steps: obtaining a plurality of logs collected by a log source, and constructing a log set based on each log and the generation time of each log; according to the generation time of each log, dividing each log in the log set to obtain a plurality of item sets; eliminating redundant events in each item set to obtain each effective item set; inquiring events contained in each effective item set, obtaining all the occurred events, and constructing a first item set based on all the occurred events; performing frequent item set mining on the first item set to obtain a frequent item set; analyzing the frequent item set to obtain a plurality of subsets; for the confidence coefficient between any two subsets, if the confidence coefficient between any two subsets is greater than a preset confidence coefficient threshold value, determining that the events respectively contained in any two subsets have strong correlation. According to the scheme, the accuracy of log correlation analysis can be effectively improved.
Description
technical field [0001] The present application relates to the field of log event correlation analysis, and in particular to a log correlation analysis method, device, storage medium and equipment. Background technique [0002] With the development of modern Internet technology, enterprises may deploy various IT systems internally or externally. These systems generate a large number of logs every day. These logs include operating system logs, network behavior logs, application logs, and network infrastructure. Logs, security host logs, etc. The log data always records the activities of various IT devices, contains rich operation and maintenance and security knowledge, and is an important basis for fault root analysis and security event tracing in information security. [0003] Due to the huge amount of log data and its rapid growth over time, it will be very difficult to rely on manual analysis. With the development of big data technology, data storage capabilities are becomi...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F16/17G06F16/18
CPCG06F16/1734G06F16/1815
Inventor 周鹏葛思江
Owner CHINA CONSTRUCTION BANK