Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Alarm log processing method and device, equipment and storage medium

A processing method and log technology, applied in the computer field, can solve the problems of untimely response to attack events, slow processing of alarm logs, etc., and achieve the effect of rapid response

Active Publication Date: 2021-10-19
CHINA MOBILEHANGZHOUINFORMATION TECH CO LTD +1
View PDF9 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] The main purpose of the present invention is to provide a method, device, device and storage medium for processing alarm logs, aiming to solve the technical problem of slow processing of alarm logs in the prior art, resulting in untimely response to attack events

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Alarm log processing method and device, equipment and storage medium
  • Alarm log processing method and device, equipment and storage medium
  • Alarm log processing method and device, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0050] It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0051] refer to figure 1 , figure 1 It is a schematic structural diagram of an alarm log processing device in the hardware operating environment involved in the solution of the embodiment of the present invention.

[0052] Such as figure 1As shown, the electronic device may include: a processor 1001 , such as a central processing unit (Central Processing Unit, CPU), a communication bus 1002 , a user interface 1003 , a network interface 1004 , and a memory 1005 . Wherein, the communication bus 1002 is used to realize connection and communication between these components. The user interface 1003 may include a display screen (Display), an input unit such as a keyboard (Keyboard), and the optional user interface 1003 may also include a standard wired interface and a wireless interface. The network interface 1004 may o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of computers, and discloses an alarm log processing method and device, equipment and a storage medium. The method comprises: determining threat behavior information and the alarm identification information according to the alarm log of the target device; obtaining an alarm accumulated score and an event generation threshold corresponding to the alarm identification information, and determining an alarm type and a threat level corresponding to the alarm log according to the threat behavior information; adjusting the alarm accumulated score according to the alarm type and the threat level to obtain a current alarm score; and if the current alarm score is greater than or equal to an event generation threshold, generating an alarm event according to the alarm type and the alarm identification information, and displaying the alarm event. The alarm accumulated score is accumulated according to the alarm log, and the alarm event is generated and displayed when the alarm accumulated score is greater than or equal to the event generation threshold value, so that a manager does not need to pay attention to a complex log, and can quickly respond to a network security event according to the alarm event.

Description

technical field [0001] The present invention relates to the field of computer technology, in particular to an alarm log processing method, device, equipment and storage medium. Background technique [0002] In order to cope with the increasingly severe network security situation, companies generally equip a large number and types of security equipment according to various needs, such as intrusion detection system (IDS) equipment, intrusion prevention system (Intrusion Prevention System, IPS) equipment, distributed denial of Service (Distributed Denial of Service, DDoS) equipment, website application level intrusion prevention (Web Application Firewall, WAF) equipment, traffic cleaning equipment, etc. However, there is no coordination mechanism between different security devices. When an attack event occurs, they often issue alarms separately, resulting in massive alarm logs. Network security operation and maintenance personnel need to spend time understanding alarm logs in d...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/32G06F11/30
CPCG06F11/327G06F11/3065Y04S10/50
Inventor 孟祥路徐炜峰章继虎
Owner CHINA MOBILEHANGZHOUINFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com