[go: up one dir, main page]

CN114281541B - Device analysis system and method - Google Patents

Device analysis system and method Download PDF

Info

Publication number
CN114281541B
CN114281541B CN202111611832.3A CN202111611832A CN114281541B CN 114281541 B CN114281541 B CN 114281541B CN 202111611832 A CN202111611832 A CN 202111611832A CN 114281541 B CN114281541 B CN 114281541B
Authority
CN
China
Prior art keywords
network device
source data
data
network
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111611832.3A
Other languages
Chinese (zh)
Other versions
CN114281541A (en
Inventor
秦京
张瑞涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN202111611832.3A priority Critical patent/CN114281541B/en
Publication of CN114281541A publication Critical patent/CN114281541A/en
Application granted granted Critical
Publication of CN114281541B publication Critical patent/CN114281541B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The system comprises a data acquisition unit, a service center unit, a data warehouse and a data warehouse, wherein the data acquisition unit is used for acquiring source data of all connected network devices, the service center unit is used for establishing N labels according to the source data of all the network devices, screening out labels belonging to each network device from the N labels, constructing a label set corresponding to each network device, and sending each network device and the corresponding label set to the data warehouse, and the data warehouse is used for storing the source data and the label set. When the equipment is analyzed, not only the inherent attribute source data of the network equipment are acquired, but also at least one of the flow, risk monitoring and operation management source data of the network equipment are acquired, and the data related to the operation and maintenance of the network equipment are increased, so that the maintenance of the network equipment is more comprehensive and accurate.

Description

Equipment analysis system and method
Technical Field
The present application relates to the field of computer technologies, and in particular, to a system and a method for device analysis.
Background
With the development of the internet industry, the network scale is continuously enlarged, and the number of network devices is rapidly increased. In the conventional operation and maintenance of network equipment, the operation and maintenance personnel of the network equipment are mainly relied on to check various parameters of the network equipment according to own experience. However, the network device operation and maintenance personnel cannot be familiar with all the devices and the services carried by the devices, and when the operation and maintenance are performed, a great amount of time is required to be spent for learning the devices to be operated and maintained, so that the time cost and the labor cost of the operation and maintenance of the network device are high.
In the prior art, the operation analysis is mainly performed on the network equipment by depending on a network management system, namely, the management of the network equipment connected with the network management system is realized by utilizing a network management station and a network management protocol. However, these network management stations and network management protocols mainly monitor inherent attribute information such as port traffic of the network device, occupation of a central processing unit (central processing unit, CPU), memory occupation, and the like, and lack critical data for operation and maintenance of the device, so that it is difficult to comprehensively maintain the network device.
Based on this, there is a need for an equipment analysis system to improve the comprehensiveness of equipment analysis and maintenance.
Disclosure of Invention
The application provides a device analysis system which comprises a data acquisition unit, a data warehouse and a service center unit, wherein one end of the data warehouse is connected with the service center unit, the other end of the data warehouse is connected with the data acquisition unit, the data acquisition unit is used for acquiring source data of all connected network devices, the source data of each network device comprises at least one of inherent attribute source data, flow source data, risk monitoring source data and operation management source data, the service center unit is used for establishing N labels according to the source data of all the network devices, screening the labels belonging to each network device from the N labels, constructing a label set corresponding to the network device, sending each network device and the corresponding label set to the data warehouse, N is a positive integer, and the data warehouse is used for storing the corresponding relation between each network device and each label set.
By the method, when the equipment is analyzed, not only the inherent attribute source data of the network equipment are acquired, but also at least one of the flow, risk monitoring and operation management source data of the network equipment are acquired, and the data related to the operation and maintenance of the network equipment are added, so that the maintenance of the network equipment can be more comprehensive and accurate. And the labels are established by referring to the comprehensive source data, and the label set corresponding to the network equipment is constructed, so that the label distribution management of the network equipment is facilitated, and the flexibility of the operation and maintenance of the equipment is further improved.
The data acquisition unit comprises a network device management module, a flow analysis module, a security management module and an operation management module, wherein the network device module is used for acquiring inherent attribute source data of network devices, the inherent attribute source data comprise at least one of device names, device IP addresses, device types, device operation or device positions, the flow analysis module is used for acquiring flow source data of the network devices, the flow source data comprise service flow sizes and/or service flow classifications, the security management module is used for acquiring risk monitoring source data of the network devices, the risk monitoring source data comprise at least one of device security scan records, device vulnerability repair records or device version evaluation records, and the operation management module is used for acquiring operation management source data of the network devices, and the operation management source data comprise at least one of device history fault reports, device emergency manuals, device maintenance manuals or device operation manuals.
By the method, the running condition of the network equipment can be monitored more comprehensively by collecting the inherent attribute source data of the network equipment, the service processing condition of the equipment can be accurately detected by collecting the flow source data, the risk existing in the equipment can be known by collecting the risk monitoring source data, the fault can be timely detected, and the operation management source data can be used for operating and maintaining the equipment.
The service center unit comprises a customizing module, a search engine module and a customizing module, wherein the customizing module is used for establishing K sub-labels according to source data of all network devices, dividing the K sub-labels into N labels, N is a positive integer less than or equal to K in label classification, and the search engine module is used for screening out labels belonging to each network device from the N labels, constructing a label set corresponding to the network device, establishing a corresponding relation between the label set and a unique identifier of the network device, and sending the corresponding relation between the label set and the unique identifier of the network device to a data warehouse.
By the method, the sub-labels are established according to the source data of all the network devices, and the sub-labels are divided into large label classifications, so that maintenance and management of the sub-labels are facilitated. And the labels belonging to each network device are screened from the large label classification, so that a label set corresponding to the network device is constructed, management of the network device according to the labels is facilitated, and the efficiency of operation and maintenance of the network device is improved.
The service center unit further comprises a service center module and a data engine module, wherein the service center module is further used for receiving a search instruction of a user, the search instruction comprises a first label set or a first network device set, the search instruction is sent to the service center module according to the search instruction, the search instruction comprises the first label set or the first network device set, the service center module is used for receiving the search instruction, searching a second network device set corresponding to the first label set in a data warehouse through the data engine module or searching a second label set corresponding to the first network device set in the data warehouse through the data engine module, and returning the searched second label set or the second network device set to the search engine module, and the search engine module is further used for informing the user of the second label set or the second network device set.
Through the method, the user can find the corresponding label set according to the known equipment set, and can find the corresponding equipment set according to the label set, so that forward or reverse management of the network equipment is realized, and the convenience of operation and maintenance of the network equipment is improved.
In one possible implementation manner, the N labels include a network device operation label, a network device attribute label, a network device bearing service label, a network device risk control label and a network device operation management label.
Through the mode, the labels of the network equipment are divided into five major categories, and the labels required by the operation management of most of the network equipment can be covered, so that the operation and maintenance of the network equipment are more convenient.
One possible implementation way is that the search instruction comprises a first network device set, the search engine module is further used for determining repeated tags according to the tags contained in each tag set before informing the user of the second tag set, determining the number of the repeated tags and the proportion of the repeated tags in all the tags contained in each tag set, and informing the user of the second tag set, the number of the repeated tags and the proportion of each repeated tag.
By the method, the user can obtain the repeated label information of the network equipment, and the network equipment is analyzed according to the repeated label, so that analysis resources are saved, and the equipment analysis efficiency is improved.
One possible implementation manner is that the search engine module is further configured to receive an attribute definition sent by the user and send the attribute definition to the data engine module after informing the user of the second network device set, where the attribute definition includes a name of the second network device set, a creation time of the second network device set, and a creator of the second network device set.
Through the mode, the user can define and store the attribute of the equipment set, so that the user can conveniently and directly call the equipment set when using the set next time, and the operation and maintenance efficiency of the network equipment is improved.
The application further provides a network equipment analysis method, which comprises the steps of collecting source data of all connected network equipment, wherein the source data of each network equipment comprises inherent attribute source data and at least one of flow source data, risk monitoring source data and operation management source data, establishing N labels according to the source data of all the network equipment, screening out labels belonging to each network equipment from the N labels, constructing a label set corresponding to the network equipment, sending each network equipment and the corresponding label set to a data warehouse, and storing the label set and the network equipment set.
The data acquisition unit comprises a network device management module, a flow analysis module, a security management module and an operation management module, wherein the network device module acquires inherent attribute source data of the network device, the inherent attribute source data comprises at least one of a device name, a device IP address, a device type, a device operation or a device position, the flow analysis module acquires flow source data of the network device, the flow source data comprises a service flow size and/or a service flow classification, the security management module acquires risk monitoring source data of the network device, the risk monitoring source data comprises at least one of a device security scanning record, a device vulnerability restoration record or a device version evaluation record, and the operation management module acquires operation management source data of the network device, and the operation management source data comprises at least one of a device history fault report, a device emergency manual, a device maintenance manual or a device operation manual.
The service center unit comprises a customizing module and a search engine module, wherein the customizing module establishes K sub-labels according to source data of all network devices, the K sub-labels are divided into N labels, N is a positive integer which is smaller than or equal to K in label classification, the search engine module screens out labels belonging to each network device from the N labels, a label set corresponding to the network device is constructed, a corresponding relation between the label set and a unique identifier of the network device is established, and the corresponding relation between the label set and the unique identifier of the network device is sent to a data warehouse.
The service center unit further comprises a service center module and a data engine module, the search engine module receives a search instruction of a user, the search instruction comprises a first label set or a first network device set, the search instruction is sent to the service center module according to the search instruction, the search instruction comprises the first label set or the first network device set, the service center module receives the search instruction, searches a second network device set corresponding to the first label set in a data warehouse through the data engine module or searches a second label set corresponding to the first network device set in the data warehouse through the data engine module, and returns the searched second label set or the second network device set to the search engine module, and the search engine module informs the user of the second label set or the second network device set.
One possible implementation way, the search instruction comprises a first network device set, the search engine module informs the user of the second tag set, and further comprises determining repeated tags according to tags contained in each tag set, determining the number of the repeated tags and the proportion of the repeated tags in all tags contained in each tag set, and the search engine module informs the user of the second tag set, the number of the repeated tags and the proportion of each repeated tag.
One possible implementation manner, after informing the user of the second network device set, the search engine module further comprises receiving an attribute definition sent by the user and sending the attribute definition to the data engine module, wherein the attribute definition comprises a name of the second network device set, creation time of the second network device set and creator of the second network device set.
In a third aspect, the present application provides a computer readable storage medium storing a computer program which, when executed, performs any of the methods of the first aspect described above.
In a fourth aspect, the application provides a computing device comprising a memory for storing program instructions and a processor for invoking the program instructions stored in the memory to perform the method of any of the designs of the first aspect as per the program obtained.
In a fifth aspect, the application provides a computer program product for implementing a method as in any of the designs of the first aspect above, when the computer program product is run on a processor.
The advantages of the second to fifth aspects may be specifically referred to the advantages achieved by any of the designs of the first aspect, and will not be described in detail herein.
Drawings
Fig. 1 schematically illustrates a scene architecture according to an embodiment of the present application;
FIG. 2 schematically illustrates a device analysis system provided by an embodiment of the present application;
Fig. 3 is a schematic diagram schematically illustrating a data unit structure according to an embodiment of the present application;
fig. 4 schematically illustrates a service center unit according to an embodiment of the present application;
FIG. 5 schematically illustrates a flow chart for performing equipment analysis maintenance using the equipment analysis system according to an embodiment of the present application;
FIG. 6 schematically illustrates a user front end provided by an embodiment of the present application;
Fig. 7 schematically illustrates a device analysis method according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail below with reference to the accompanying drawings, and it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Fig. 1 schematically illustrates a scene architecture provided by an embodiment of the present application, where, as shown in fig. 1, the scene includes a user, a user front end, a device analysis system, and M network devices connected to the device analysis system, where M is a positive integer.
The user may be, for example, an operation maintainer of the network device, and the operation maintainer may control the device analysis system to implement maintenance on each network device through an operation page of the front end of the user. The device analysis system may provide network device operation maintenance services to users. The network devices may be all network devices in one machine room, and the types may be servers, computers, routers, gateways, and the like, and the types of different network devices may be the same or different, which is not limited in particular.
Fig. 2 schematically illustrates a device analysis system according to an embodiment of the present application, where, as shown in fig. 2, the device analysis system includes a data acquisition unit 203, a data warehouse 202, and a service center unit 201. One end of the data warehouse 202 is connected to the service center unit 201, and the other end of the data warehouse 202 is connected to the data acquisition unit 203, where the data acquisition unit 203 is further connected to a plurality of network devices, such as a first network device, a second network device, and a third network device. The connection may be a wired connection or a wireless connection, and is not particularly limited.
Each unit is described in detail below.
Data acquisition unit 203
The data collection unit 203 is configured to collect source data of all connected network devices, for example, collect source data of a first network device, source data of a second network device, and source data of a third network device illustrated in fig. 1, and store the collected source data in the data repository 202. Wherein the source data of each network device comprises inherent attribute source data and at least one of traffic source data, risk monitoring source data and operation management source data, and preferably comprises inherent attribute source data, traffic source data, risk monitoring source data, operation management source data and the like.
Fig. 3 illustrates a schematic structural diagram of a data unit according to an embodiment of the present application, and as shown in fig. 3, the data acquisition unit 203 may include a network device management module 2031, a traffic analysis module 2032, a security management module 2033, and an operation management module 2034, where the network device management module 2031, the traffic analysis module 2032, the security management module 2033, and the operation management module 2034 are respectively connected to each network device. Wherein:
The network device management module 2031 is configured to collect intrinsic attribute source data of a network device, where the intrinsic attribute source data may include a device name, a device internet protocol (Internet Protocol, IP) address, a device type, device operation information, or a device location, and may further include some other information, such as brand information of the network device, a serial number of the network device, and so on. Wherein the device name is used to uniquely identify a network device. An IP address is an address used by a device to communicate with other devices. The device location refers to a geographic location where the device is located, for example, where a certain server is located in beijing, another server connected to the server is located in the open sea, and then the device location of the server is located in beijing, and the device location of the other server is located in the open sea. The device type refers to a type to which the device belongs and may be one of a server, a computer, a firewall, a router, a gateway, and the like. The device operation refers to information related to the device operation, such as the starting time of the device, the alarm number of the device for one week, and the like.
The traffic analysis module 2032 is configured to collect traffic source data of a network device, where the traffic source data may include a traffic size and/or a traffic classification, etc. The traffic flow refers to the flow flowing through a certain interface when the network device processes a certain service. For example, traffic classification may be divided into north-south traffic, which is traffic communicated between a plurality of terminals and servers, and east-west traffic, which is traffic communicated between a plurality of servers.
The security management and control module 2033 is configured to collect risk monitoring source data of a network device, where the risk monitoring source data may include a network device security scan record, a device vulnerability repair record, or a device version evaluation record. The device security scan record refers to a record of performing security scan on the network device, and may include at least one of whether to perform security scan on the device, a scan item of each security scan, a time of each security scan, a result of each security scan, and the like. Taking a virus scan of the network device as an example, the network device security scan record may include the time of each virus scan, the type of virus present for each scan, and so on. The device vulnerability restoration record refers to a record of restoring the vulnerability of the network device, for example, the content of the vulnerability restoration of the network device, the time when the vulnerability of the network device appears, and the like. The network device version evaluation record refers to a record of evaluating the version of the device, such as the time of evaluating the device version each time, the result of the evaluation, and the like.
The operation management module 2034 is configured to collect operation management source data of the network device, where the operation management source data may include a device history fault report, a device emergency manual, a device maintenance manual, or a device operation manual. The device history fault report is used for recording a report generated by the device when the device fails, and comprises, but is not limited to, specific fault reasons, fault positions, fault records and the like. The equipment emergency manual is used to record the way in which network equipment emergency situations are handled. The equipment maintenance manual is used to record the way equipment is routinely maintained. The device operation manual records the operation method of the device.
It should be noted that the above example is merely provided as an example of the data acquisition unit 203, and each module type included in the data acquisition unit 203 and source data acquired by each module may be determined according to a type of a network device connected to the device analysis system. For example, in other examples, when the network device is a service-class network device, the data acquisition unit 203 may further include a configuration management database (Configuration Management Database, CMDB) for acquiring configuration information of the service-class network device and information of connection between the network device and other network devices.
Service center unit 201
The service center unit 201 is configured to establish N labels according to source data of all network devices from the data acquisition unit 203, screen labels belonging to each network device from the N labels, construct a label set corresponding to each network device, and then send each network device and the corresponding label set to the data warehouse. Wherein N is a positive integer.
Fig. 4 schematically illustrates a structural schematic diagram of a service center unit provided by an embodiment of the present application, and as shown in fig. 4, the service center unit 201 may include a customization module 2011 and a search engine module 2012, and may also include a data engine module 2013 and a job center module 2014. The job center module 2014 is connected to the customization module 2011, the search engine module 2012, and the data engine module 2013, respectively. Each module is described below:
In one possible implementation manner, the customization module 2011 may establish K sub-labels according to source data of all network devices, and divide the K sub-labels into N labels respectively, where N is a positive integer less than or equal to K. And, the customization center 201 may, in addition to creating new tags, manage and maintain the created tags, including but not limited to editing or deleting a tag. In addition, the label to be created may also be determined by the user, for example, after the user completes the script for label development, the script for the label is submitted to the customization center module, the customization center module defines and configures the script, generates a new label, and stores the newly generated label in the data repository 202.
The N labels may include, for example, a network device operation label, a network device attribute label, a network device bearer service label, a network device risk control label, and a network device operation management label, and may also include other labels, which are not limited in particular. The source data of the sub-label in the running label of the network equipment is mainly inherent attribute source data and traffic source data, such as traffic of each port of the network equipment, routing configuration of the network equipment and the like. The source data of the sub-label of the network device attribute label is mainly intrinsic attribute source data, such as network device name, network device IP address, network device brand, network device location, etc. The source data of the sub-label of the service label carried by the network device is mainly traffic source data, for example, the traffic size, the traffic classification, the traffic composition and the like of the service system carried by the network device. The source data of the sub-label of the network device risk control label is mainly risk monitoring source data, such as a network device security scan record, a device vulnerability repair record, a device version evaluation record, and the like. The source data of the sub-label of the network device operation management label is mainly operation management source data, such as a device history fault report, a device emergency manual, a device maintenance manual, a device operation manual, and the like.
Further exemplary, the contents of the sub-tag may include information of sub-tag identification (Identity document, ID), sub-tag name, tag into which the sub-tag is divided, primary classification of the sub-tag, sub-tag creation time, sub-tag creator, and the like. The first class classification of the sub-labels is used for further dividing labels to which the sub-labels belong, for example, the operation labels of the network equipment can be further divided into starting information and operation information.
Table one exemplary schematic diagram showing a sub-tag structure established in a specific application scenario, and the structure of the sub-tag is described below by taking a sub-tag as an example:
As shown in table one, a "router" sub-label may be established according to the DEVICE name information in the DEVICE's inherent attribute source data, an ID is assigned to the label, device_type_002, and the label is divided into DEVICE attribute labels, the first class of the label is classified as a DEVICE TYPE, the creation time is 11/1/2020, and the creator is Zhang three.
List one
The search engine module 2012 is configured to screen out the labels belonging to each network device from the N labels, construct a label set corresponding to each network device, establish a correspondence between the label set and the unique identifier of the network device, and send the correspondence to the data repository 202. For example, assuming that the network device is a router, the label belonging to the router has a network device running label, a network device attribute label, and a network device bearer service label, the search engine module 2012 may screen out the five labels of the network device running label, the network device attribute label, the network device bearer service label, the network device risk control label, and the network device operation management label, aggregate the labels belonging to the router, establish a label set, establish a correspondence with the unique identifier of the router, and send the router and the corresponding label set to the data repository 202 for storage. Wherein the unique identification of the router may be the IP address of the router.
Data warehouse 202
The data repository 202 is used to store the correspondence of source data, respective sets of tags, respective network devices, and respective sets of tags. The invocation of data warehouse 202 is effected by data engine module 2013.
For example, table two shows a possible schematic structure of a data warehouse, and as shown in table two, the contents stored in the database include source data, device group, running tag table, bearer service table, device attribute table, risk control table, running management table, and add description information of the contents and a module that will call the contents. For example, the description of the source data is "tag itself attribute source data," and what can call the source data is a customization module.
Watch II
Content Description of the invention For calling objects
Source data Tag itself attribute source data Custom module
Device group Device set corresponding to tag set Search engine module
Running tag table Running topic class label convergence table Search engine module and customization module
Bearing service table Bearing service type label gathering table Search engine module and customization module
Device attribute table Set attribute class label convergence table Search engine module and customization module
Risk control table Risk control class label aggregation table Search engine module and customization module
Operation management table Operation management type label convergence table Search engine module and customization module
The specific flow of each module in the device analysis system when performing device analysis is described below based on the device analysis system illustrated in fig. 2 and the service center unit illustrated in fig. 4.
Fig. 5 schematically illustrates a flow chart of performing device analysis maintenance using the device analysis system according to an embodiment of the present application, where the flow chart includes:
in step 501, the search engine module 2012 receives a search instruction from a user and sends the search instruction to the job center module 2014 according to the search instruction.
At step 502, the job center module 2014 receives instructions from the search engine module 2012.
In step 503, the data engine module 2013 receives instructions from the job center module 2014.
In step 504, the data engine module 2013 searches the data repository 202 for a second set of network devices corresponding to the first set of tags, or searches the data repository 202 for a second set of tags corresponding to the first set of network devices through the data engine module 2013.
The second set of tags or the second set of network devices found in step 505 is returned to the search engine module 2012 and notified to the user.
Illustratively, the search engine module 2012 receives, via the user front end, a search instruction sent by the user, which may be two cases:
In the first case, the search instruction includes a first tag set, the search engine module 2012 generates a search instruction according to the first tag set in the search instruction, and sends the search instruction to the job center module 2014, the job center module 2014 receives the search instruction, searches the data warehouse 202 for a second network device set corresponding to the first tag set according to the correspondence between the first tag set and the network device identifier through the data engine module 2013, returns the second network device set to the search engine module 2012, and then the search engine module 2012 informs the user of the second network device set.
For example, after receiving the second network device set, the user may further perform attribute definition on the second network device set, establish information such as a name, creation time, and creator information of the second network device set, and send the attribute definition including the information to the search engine module 2012. The search engine module 2012 receives the attribute definitions sent by the user and sends the attribute definitions to the data engine module 2013, which in turn is stored by the data engine module 2013 in the data repository 202. Thus, the following users can call the attribute definition in the data warehouse through the interaction among the modules to obtain the related information of the previous query when needed.
Further exemplary, fig. 6 shows a schematic diagram of a user front end provided by an embodiment of the present application, as shown in fig. 6 (a), where the user front end may include a tag name and a first class classification button of the tag. When inquiring according to the first situation, the user can select the device operation label from the labels, select the button with the operation time longer than 100 days, continue to select the device attribute button, and select the firewall in the device type, thereby generating the search instruction. Thus, the tag set of the search instruction comprises the network device operation tag and the network device attribute tag, and the search instruction is used for searching all firewall devices with the operation time longer than 100 days. After receiving the search instruction, the search engine module 2012 sends the search instruction to the job center module 2014, and the job center module 2014 searches all firewall devices meeting the tag set in the database 203 through the data engine module 2013 to form a firewall device set, and informs the firewall device set to the user. Then, the user performs attribute definition on the firewall device set, for example, setting a name of the firewall device set, recording creator information and the like, and sends the attribute definition to the search engine module 2012, and then the search engine module 2012 stores the attribute definition into the data warehouse 202, so that the firewall device set is conveniently and directly called for maintenance and management next time.
In the second case, the search instruction includes a first network device set, and the search engine module 2012 generates a search instruction according to the first network device set in the search instruction, and sends the search instruction to the job center module 2014, where the search instruction includes the first network device set. After the job center module receives the search instruction, the data engine module 2013 searches the data warehouse 202 for a second label set corresponding to the first network device set according to the corresponding relation between the first label set and the network device identifier, determines the repeated labels, the number of the repeated labels and the duty ratio of the repeated labels according to the labels contained in each label set, and informs the search engine module 2012 of the second label set, the number of the repeated labels and the duty ratio of each repeated label to the user so as to facilitate the maintenance of the network device by the user according to the labels.
Further exemplary, another user front-end schematic provided by the embodiment of the present application is shown in fig. 6 (b), where the front-end page of the user may include network device buttons including a firewall button, a router button, a computer button, a server button, and a gateway button, as shown in fig. 6 (b). When the query is performed according to the second case, the user may select the firewall button and the router button to form a known device set, send a search instruction corresponding to the device set to the search engine module 2012, and the search engine module 2012 then sends the search instruction to the job center module 2014, where the job center module 2014 searches the data warehouse 202 for the labels of all firewall devices and the labels of all router devices through the data engine module 2013. The labels of the router equipment comprise a network equipment attribute label, a network equipment operation label and a network equipment operation management label. The operation center module forms the searched labels into a label set, and analyzes repeated labels and sub-labels in the label set. For example, there are 80 firewall devices in this device set, 40 router devices, 30 of which have network device running tags and 10 of which have start-up duration tags. The repeatedly-appearing labels and the sub-labels are ranked according to the occurrence frequency, the duty ratio of the repeatedly-appearing labels in all the labels is calculated, and the result is informed to the user, so that the user can manage the network equipment according to the labels.
In the embodiment, the data acquisition unit is used for acquiring source data of all connected network devices, the service center unit is used for establishing N labels according to the source data of all the network devices, selecting labels belonging to each network device from the N labels, constructing a label set corresponding to the network device, and sending each network device and the corresponding label set to the data warehouse, and the data warehouse is used for storing the source data and the label set. When the equipment is analyzed, not only the inherent attribute source data of the network equipment are acquired, but also the flow of the network equipment, the risk monitoring and the operation management source data are acquired, and the data related to the operation and maintenance of the network equipment are increased, so that the maintenance of the network equipment is more comprehensive and accurate. In addition, labels are established according to the source data, and a label set corresponding to the network equipment is constructed, so that the label division management of the network equipment is facilitated, and the efficiency of equipment operation and maintenance is improved.
Based on the same technical conception, the embodiment of the application also provides a device analysis method. Fig. 7 schematically illustrates a device analysis method according to an embodiment of the present application, where the method may be performed by the device analysis system as described above, and as shown in fig. 7, the method includes:
Step 701, collecting source data of all connected network devices, wherein the source data of each network device comprises inherent attribute source data and at least one of traffic source data, risk monitoring source data and operation management source data;
Step 702, establishing N labels according to source data of all network devices, screening labels belonging to each network device from the N labels, constructing a label set corresponding to each network device, and sending each network device and the corresponding label set to the data warehouse 202, wherein N is a positive integer;
Step 703, storing the tag set and the network device set.
The data acquisition unit comprises a network device management module, a flow analysis module, a security management module and an operation management module, wherein the network device module acquires inherent attribute source data of the network device, the inherent attribute source data comprises at least one of a device name, a device IP address, a device type, a device operation or a device position, the flow analysis module acquires flow source data of the network device, the flow source data comprises a service flow size and/or a service flow classification, the security management module acquires risk monitoring source data of the network device, the risk monitoring source data comprises at least one of a device security scanning record, a device vulnerability restoration record or a device version evaluation record, and the operation management module acquires operation management source data of the network device, and the operation management source data comprises at least one of a device history fault report, a device emergency manual, a device maintenance manual or a device operation manual.
The service center unit comprises a customizing module and a search engine module, wherein the customizing module establishes K sub-labels according to source data of all network devices, the K sub-labels are divided into N labels, N is a positive integer which is smaller than or equal to K in label classification, the search engine module screens out labels belonging to each network device from the N labels, a label set corresponding to the network device is constructed, a corresponding relation between the label set and a unique identifier of the network device is established, and the corresponding relation between the label set and the unique identifier of the network device is sent to a data warehouse.
The service center unit further comprises a service center module and a data engine module, the search engine module receives a search instruction of a user, the search instruction comprises a first label set or a first network device set, the search instruction is sent to the service center module according to the search instruction, the search instruction comprises the first label set or the first network device set, the service center module receives the search instruction, searches a second network device set corresponding to the first label set in a data warehouse through the data engine module or searches a second label set corresponding to the first network device set in the data warehouse through the data engine module, and returns the searched second label set or the second network device set to the search engine module, and the search engine module informs the user of the second label set or the second network device set.
One possible implementation way, the search instruction comprises a first network device set, the search engine module informs the user of the second tag set, and further comprises determining repeated tags according to tags contained in each tag set, determining the number of the repeated tags and the proportion of the repeated tags in all tags contained in each tag set, and the search engine module informs the user of the second tag set, the number of the repeated tags and the proportion of each repeated tag.
One possible implementation manner, after informing the user of the second network device set, the search engine module further comprises receiving an attribute definition sent by the user and sending the attribute definition to the data engine module, wherein the attribute definition comprises a name of the second network device set, creation time of the second network device set and creator of the second network device set.
Based on the same technical concept, the embodiment of the invention also provides a computing device, which comprises a memory, a first memory and a second memory, wherein the memory is used for storing program instructions;
and a processor for calling program instructions stored in said memory, and executing the method as illustrated in fig. 7 according to the obtained program.
Based on the same technical idea, an embodiment of the invention also provides a computer-readable storage medium, which when run on a processor implements a method as illustrated in fig. 7.
Based on the same technical idea, an embodiment of the invention also provides a computer program product for implementing the method as illustrated in fig. 7 when said computer program product is run on a processor.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present application without departing from the spirit or scope of the application. Thus, it is intended that the present application also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims (10)

1.一种设备分析系统,其特征在于,包括:数据采集单元、数据仓库和业务中心单元;所述数据仓库的一端与所述业务中心单元连接,所述数据仓库的另一端与所述数据采集单元连接;1. A device analysis system, characterized in that it comprises: a data acquisition unit, a data warehouse and a business center unit; one end of the data warehouse is connected to the business center unit, and the other end of the data warehouse is connected to the data acquisition unit; 所述数据采集单元,用于采集所连接的全部网络设备的源数据,每个网络设备的源数据包括固有属性源数据,还包含流量源数据、风险监测源数据和运营管理源数据中的至少一项;其中,所述固有属性源数据包括设备名称、设备IP地址、设备类型、设备运行或设备位置中的至少一项,所述流量源数据包括业务流量大小和/或业务流量分类,所述风险监测源数据包括设备安全扫描记录、设备漏洞修复记录或设备版本评估记录中的至少一项,所述运营管理源数据包括设备历史故障报告、设备应急手册、设备维护手册或设备操作手册中的至少一项;The data collection unit is used to collect source data of all connected network devices, and the source data of each network device includes inherent attribute source data, and also includes at least one of traffic source data, risk monitoring source data and operation management source data; wherein the inherent attribute source data includes at least one of device name, device IP address, device type, device operation or device location, the traffic source data includes business traffic size and/or business traffic classification, the risk monitoring source data includes at least one of device security scanning record, device vulnerability repair record or device version evaluation record, and the operation management source data includes at least one of device historical fault report, device emergency manual, device maintenance manual or device operation manual; 所述业务中心单元,用于根据所述全部网络设备的源数据建立N个标签,从所述N个标签中筛选出属于每个网络设备的标签,构建得到所述每个网络设备对应的标签集合,并将各个网络设备和对应的标签集合发送给所述数据仓库;N为正整数;The business center unit is used to establish N tags according to the source data of all the network devices, filter out the tags belonging to each network device from the N tags, construct a tag set corresponding to each network device, and send each network device and the corresponding tag set to the data warehouse; N is a positive integer; 所述数据仓库,用于存储所述各个网络设备和各个标签集合的对应关系。The data warehouse is used to store the corresponding relationship between each network device and each label set. 2.如权利要求1所述的设备分析系统,其特征在于,所述数据采集单元包括:网络设备管理模块、流量分析模块、安全管控模块和运营管理模块;2. The device analysis system according to claim 1, characterized in that the data acquisition unit comprises: a network device management module, a traffic analysis module, a security control module and an operation management module; 所述网络设备管理模块,用于采集所述网络设备的固有属性源数据;The network device management module is used to collect the inherent attribute source data of the network device; 所述流量分析模块,用于采集所述网络设备的流量源数据;The traffic analysis module is used to collect traffic source data of the network device; 所述安全管控模块,用于采集所述网络设备的风险监测源数据;The security management and control module is used to collect risk monitoring source data of the network device; 所述运营管理模块用于采集所述网络设备的运营管理源数据。The operation management module is used to collect operation management source data of the network equipment. 3.如权利要求2所述的设备分析系统,其特征在于,所述业务中心单元包括定制模块和检索引擎模块;3. The device analysis system according to claim 2, characterized in that the business center unit includes a customization module and a search engine module; 所述定制模块,用于根据所述全部网络设备的源数据建立K个子标签,将所述K个子标签划分到N个所述标签中,N为小于或等于K的正整数;The customization module is used to establish K sub-labels according to the source data of all the network devices, and divide the K sub-labels into N labels, where N is a positive integer less than or equal to K; 所述检索引擎模块,用于从所述N个标签中筛选出属于任一网络设备的标签,构建得到所述网络设备对应的标签集合,并建立所述标签集合与所述网络设备的唯一标识的对应关系,并将所述标签集合与所述网络设备的唯一标识的对应关系发送给所述数据仓库。The retrieval engine module is used to filter out tags belonging to any network device from the N tags, construct a tag set corresponding to the network device, establish a corresponding relationship between the tag set and the unique identifier of the network device, and send the corresponding relationship between the tag set and the unique identifier of the network device to the data warehouse. 4.如权利要求3所述的设备分析系统,其特征在于,所述业务中心单元还包括作业中心模块和数据引擎模块;4. The equipment analysis system according to claim 3, characterized in that the business center unit further comprises an operation center module and a data engine module; 所述检索引擎模块,还用于接收用户的查找指令,所述查找指令包含第一标签集合或第一网络设备集合,根据所述查找指令向作业中心模块发送检索指令,所述检索指令中包含所述第一标签集合或所述第一网络设备集合;The search engine module is further used to receive a search instruction from a user, the search instruction including a first tag set or a first network device set, and send a search instruction to the operation center module according to the search instruction, the search instruction including the first tag set or the first network device set; 所述作业中心模块,用于接收所述检索指令,通过所述数据引擎模块在所述数据仓库中查找所述第一标签集合对应的第二网络设备集合,或者,通过所述数据引擎模块在所述数据仓库中查找所述第一网络设备集合对应的第二标签集合,并将查找到的第二标签集合或第二网络设备集合返回给所述检索引擎模块;The operation center module is used to receive the search instruction, search the data warehouse for the second network device set corresponding to the first tag set through the data engine module, or search the data warehouse for the second tag set corresponding to the first network device set through the data engine module, and return the found second tag set or second network device set to the search engine module; 所述检索引擎模块,还用于将所述第二标签集合或所述第二网络设备集合告知给用户。The search engine module is further used to inform the user of the second tag set or the second network device set. 5.如权利要求3所述的设备分析系统,其特征在于,所述N个标签包括:5. The device analysis system according to claim 3, wherein the N tags include: 网络设备运行标签、网络设备属性标签、网络设备承载业务标签、网络设备风险控制标签、网络设备运营管理标签。Network equipment operation label, network equipment attribute label, network equipment service carrying label, network equipment risk control label, network equipment operation management label. 6.如权利要求4所述的设备分析系统,其特征在于,所述查找指令包含第一网络设备集合;6. The device analysis system according to claim 4, wherein the search instruction comprises a first network device set; 所述检索引擎模块将所述第二标签集合告知给用户之前,还用于:Before the search engine module notifies the user of the second tag set, the search engine module is further configured to: 根据各个标签集合中包含的标签,确定重复标签;Determine duplicate tags based on tags included in each tag set; 确定重复标签个数和重复标签在各个标签集合所包含的所有标签中的占比;Determine the number of duplicate tags and the proportion of duplicate tags in all tags contained in each tag set; 所述检索引擎模块将所述第二标签集合告知给用户,包括:The search engine module notifies the user of the second tag set, including: 将所述第二标签集合、所述重复标签的个数和每个重复标签的占比告知给用户。The second tag set, the number of the repeated tags, and the proportion of each repeated tag are informed to the user. 7.如权利要求4所述的设备分析系统,其特征在于,所述检索引擎模块将所述第二网络设备集合告知给用户之后,还用于:7. The device analysis system according to claim 4, wherein after the search engine module informs the user of the second network device set, it is further used to: 接收所述用户发送的属性定义,并将所述属性定义发送给所述数据引擎模块;所述属性定义包括所述第二网络设备集合的名称、所述第二网络设备集合的创建时间及所述第二网络设备集合的创建人;receiving the attribute definition sent by the user, and sending the attribute definition to the data engine module; the attribute definition includes the name of the second network device set, the creation time of the second network device set, and the creator of the second network device set; 所述数据引擎模块接收所述属性定义,并将所述属性定义存储到所述数据仓库中。The data engine module receives the attribute definition and stores the attribute definition in the data warehouse. 8.一种设备分析方法,其特征在于,所述方法包括:8. A device analysis method, characterized in that the method comprises: 采集所连接的全部网络设备的源数据,每个网络设备的源数据包括固有属性源数据、以及流量源数据、风险监测源数据和运营管理源数据中的至少一项;其中,所述固有属性源数据包括设备名称、设备IP地址、设备类型、设备运行或设备位置中的至少一项,所述流量源数据包括业务流量大小和/或业务流量分类,所述风险监测源数据包括设备安全扫描记录、设备漏洞修复记录或设备版本评估记录中的至少一项,所述运营管理源数据包括设备历史故障报告、设备应急手册、设备维护手册或设备操作手册中的至少一项;Collect source data of all connected network devices, where the source data of each network device includes inherent attribute source data, and at least one of traffic source data, risk monitoring source data, and operation management source data; wherein the inherent attribute source data includes at least one of device name, device IP address, device type, device operation, or device location; the traffic source data includes business traffic size and/or business traffic classification; the risk monitoring source data includes at least one of device security scan records, device vulnerability repair records, or device version evaluation records; and the operation management source data includes at least one of device historical fault reports, device emergency manuals, device maintenance manuals, or device operation manuals; 根据所述全部网络设备的源数据建立N个标签,从所述N个标签中筛选出属于每个网络设备的标签,构建得到所述每个网络设备对应的标签集合,将各个网络设备和对应的标签集合发送给数据仓库;N为正整数;Establish N tags according to the source data of all the network devices, filter out the tag belonging to each network device from the N tags, construct a tag set corresponding to each network device, and send each network device and the corresponding tag set to the data warehouse; N is a positive integer; 存储所述标签集合以及网络设备集合,所述网络设备集合包括各个网络设备。The tag set and the network device set are stored, wherein the network device set includes each network device. 9.一种计算机可读存储介质,其特征在于,所述计算机可读存储介质存储有计算机程序,当所述计算机程序被运行时,执行如权利要求8所述的方法。9. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program, and when the computer program is executed, the method according to claim 8 is executed. 10.一种计算设备,其特征在于,包括:10. A computing device, comprising: 存储器,用于存储程序指令;A memory for storing program instructions; 处理器,用于调用所述存储器中存储的程序指令,按照获得的程序执行如权利要求8所述的方法。The processor is used to call the program instructions stored in the memory and execute the method according to claim 8 according to the obtained program.
CN202111611832.3A 2021-12-27 2021-12-27 Device analysis system and method Active CN114281541B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111611832.3A CN114281541B (en) 2021-12-27 2021-12-27 Device analysis system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111611832.3A CN114281541B (en) 2021-12-27 2021-12-27 Device analysis system and method

Publications (2)

Publication Number Publication Date
CN114281541A CN114281541A (en) 2022-04-05
CN114281541B true CN114281541B (en) 2025-01-28

Family

ID=80876261

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111611832.3A Active CN114281541B (en) 2021-12-27 2021-12-27 Device analysis system and method

Country Status (1)

Country Link
CN (1) CN114281541B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117312932A (en) * 2022-06-16 2023-12-29 杭州小电科技股份有限公司 Distribution method, device, electronic equipment and system for equipment prediction behaviors

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103701641A (en) * 2013-12-19 2014-04-02 迈普通信技术股份有限公司 Method and system of automatic operation and maintenance
CN105099742A (en) * 2014-05-20 2015-11-25 中兴通讯股份有限公司 Method, device, system and terminal for collecting data

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3604898B2 (en) * 1998-03-31 2004-12-22 キヤノン株式会社 Network device management apparatus and method, recording medium
CN105207834A (en) * 2014-06-25 2015-12-30 中兴通讯股份有限公司 Message acquisition method, system, network apparatus and network management center
CN106651188A (en) * 2016-12-27 2017-05-10 贵州电网有限责任公司贵阳供电局 Electric transmission and transformation device multi-source state assessment data processing method and application thereof
CN111464995A (en) * 2019-01-18 2020-07-28 华为技术有限公司 Label management method and device for terminal equipment
CN113259299B (en) * 2020-02-10 2022-07-22 华为技术有限公司 Label management method, reporting method, data analysis method and device
CN113761353A (en) * 2021-03-26 2021-12-07 北京京东拓先科技有限公司 Method and system for constructing label system and computer storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103701641A (en) * 2013-12-19 2014-04-02 迈普通信技术股份有限公司 Method and system of automatic operation and maintenance
CN105099742A (en) * 2014-05-20 2015-11-25 中兴通讯股份有限公司 Method, device, system and terminal for collecting data

Also Published As

Publication number Publication date
CN114281541A (en) 2022-04-05

Similar Documents

Publication Publication Date Title
US10977256B2 (en) System for aggregation and prioritization of IT asset field values from real-time event logs and method thereof
CN112769605B (en) Heterogeneous multi-cloud operation and maintenance management method and hybrid cloud platform
CN111082960B (en) Data processing method and device
WO2019223062A1 (en) Method and system for processing system exceptions
CN112711496A (en) Log information full link tracking method and device, computer equipment and storage medium
CN110807085A (en) Fault information query method and device, storage medium and electronic device
US8073938B2 (en) Information processing apparatus and method of operating the same
CN108390782A (en) A kind of centralization application system performance question synthesis analysis method
CN114281541B (en) Device analysis system and method
CN112258054A (en) Network asset compliance analysis method based on flow perception
CN102882910A (en) Distributed operation system applied to image monitoring platform
CN112765010A (en) Method, device, equipment and storage medium for centralized management of service parameters
CN112449013A (en) Data cooperation method based on identification analysis in industrial Internet of things
CN108021696B (en) Data association analysis method and system
CN112491596B (en) Cloud-based fault processing method and device
CN114610689B (en) Recording and analyzing method for request log in distributed environment
CN115941446A (en) Alarm root cause location method, apparatus, electronic device and computer readable medium
CN117692310B (en) Topology aggregation method and device based on zipkin link data, electronic equipment and medium
CN111783125A (en) Cloud platform data dynamic configuration method for big data
US7890584B2 (en) System for information capture
WO2024114228A1 (en) Virtual network event aggregation method and apparatus
CN115599657A (en) Software facility abnormity judgment method
CN112990323A (en) User portrait mining method based on big data online mode and machine learning system
CN119512875A (en) A method, device, equipment and medium for real-time monitoring of IT asset information
CN114238303A (en) Data cleaning method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant