共查询到20条相似文献,搜索用时 31 毫秒
1.
随着油田信息化建设的不断发展,越来越多的IT业务系统在油田各级单位普及应用.由于油田应用数量庞大、种类复杂,如何快速评估各类系统的运行情况和安全状况成为油田关注的重要问题.在使用这些应用系统的同时,一些访问信息会以日志的形式储存下来,因此通过分析日志数据可以挖掘出用户访问喜好,发觉业务系统潜在的安全问题,进而为油田应用评估提供决策依据.然而随着IT业务访问量剧增,应用日志的数量、容量也随之增加,仅依靠单机环境对海量数据进行分析已经无法满足油田业务需求.针对这个问题本文提出了基于Spark计算框架的应用日志行为分析方法,同时设计了可视化平台完成对整个分析系统的管理. 相似文献
2.
船载中心计算机系统的系统日志和测控软件日志记录了大量的系统故障与软件异常信息,如何及时、全面地分析系统日志、软件日志,发现系统运行故障,并及时予以处理、解决,是系统运维人员的一项重要工作;针对当前船载中心计算机系统日志分析现状及存在的问题,系统日志和测控软件日志自动分析软件给出了解决的思路和方法,提出并介绍其实现的技术要点和效果;测试结果表明日志自动分析软件有效地提升了人员工作分析效率,在快速分析故障问题和批量进行系统日志维护方面具有较好应用. 相似文献
3.
可靠性研究是高性能计算领域的经典问题,随着制程技术与集成工艺的不断发展,当前全系统规模呈指数级快速增长,给可靠性研究尤其是故障分析带来巨大挑战.收集了自主高性能计算系统投产后工作故障日志信息203510247条,时间自2016年1月28日至2016年12月6日.首先使用K-M eans聚类方法对故障进行分类,并分析故障... 相似文献
4.
5.
针对离散事件系统模型难以建立的大型实际系统,无法对其进行有效故障诊断的问题,提出一种基于主动学习的故障诊断方法。首先,为获取到的系统事件日志添加正常/故障标签,并将日志集划分为训练集和测试集,提出一种基于抽象技术的迭代算法提取训练集中日志的故障特征样本。然后,通过故障特征样本构造初始故障识别器,并利用测试集中的日志检验识别器的准确性。仿真结果表明,该故障诊断算法使得模型未知下诊断精度更高。最后,实例说明系统模型未知下故障诊断算法的应用。与现有研究相比,提出的方法可以在系统模型未知下进行故障诊断且算法复杂度为多项式,诊断精度更高,应用范围更加广泛。 相似文献
6.
系统日志的安全管理方案与分析处理策略 总被引:7,自引:0,他引:7
系统中的各类日志文件作为系统和网络用户行为的记录管理者,对及早发现入侵行为、恢复系统、统计系统资源使用状况和为打击计算机犯罪提供电子物证有着极其重要的作 用。因此,保护系统日志安全,不被内部用户或外部入侵者修改或删除显得尤为重要。但是,我们在制定网络信息安全策略时往往忽视系统日志安全,基本上还没有形成一套 套比较合理的系统日志安全管理方法。本文讨论了对各类系统日志文件进行集中式统一管理的问题,提出了对日志文件处理分析和完整性加密保护的办法,最后提出了相应的日志管理策略。 相似文献
7.
8.
As software systems grow more and more complex, extensive techniques have been proposed to analyze the log data to obtain the insight of the system status. However, during log data analysis, tedious manual efforts are paid to search interesting or informative log patterns from a huge volume of log data, named pattern-based queries. Although existing log management tools and DMBS systems can also support pattern-based queries, they suffer from a low efficiency. To deal with this problem, we propose a novel approach, named PLQ (Pattern-based Log Query). First, PLQ organizes logs into disjoint chunks and builds chunk-wise bitmap indexes for log types and attribute values. Then, based on bitmap indexes, PLQ finds candidate logs with a set of efficient bit-wise operations. Finally, PLQ fetches candidate logs and validates them according to the queried pattern. Extensive experiments are conducted on real-life datasets. According to experimental results, compared with existing log management systems, PLQ is more efficient in querying log patterns and has a higher pruning rate for filtering irrelevant logs. Moreover, in PLQ, since the ratio of the index size to the data size does not exceed 2.5% for log datasets of different sizes, PLQ has a high scalability. 相似文献
9.
日志服务器建设和应用 总被引:1,自引:0,他引:1
设备日志及时、准确地记录网络运行、服务信息,是网络管理人员应该重点关注的信息源。日志服务器利用日志服务器软件,采集网络设备、安全设备、应用服务器等的日志信息,集中存储管理。这些日志信息可以在日常维护管理中人工查阅,也可以利用程序进行处理和准确分析,实现对网络的全面监管。 相似文献
10.
基于Xen虚拟机的系统日志安全研究 总被引:1,自引:0,他引:1
系统日志对于计算机系统的安全至关重要。为了确保系统日志的安全,通常的做法是通过网络将系统日志备份到远程主机上,但其在传输过程中容易被截获。提出一个运行于Xen之上的日志实时备份模型,通过系统实例之间的共享内存来传输系统日志,这样可以避免日志数据在传输过程中被暴露在网络上所带来的风险。实验表明,该方法不仅增强了系统日志的安全性,而且传输效率也非常高。 相似文献
11.
日志信息是信息系统快速发展中产生的重要信息资源,通过日志的分析,可以进行异常检测、故障诊断和性能诊断等。研究基于日志的异常检测技术,首先对主要使用的基于日志的异常检测框架进行介绍,然后对日志解析、日志异常检测等关键技术进行详细介绍。最后对当前技术进行总结,并对未来研究方向给出建议。 相似文献
12.
智能电网的通信调度系统是智能电网正常运行的保证。为保证系统正确运行,值班员需要对电网信调系统
的运行状态、突发事件、事故故障以及相应的处理方案进行记录。为帮助管理者及时了解智能电网信息调度系统的工
作情况,发现潜在安全隐患,通常需要为这些日志数据标注其日志类型,以方便管理者查询和检索,因此,要求智能电
网信息调度系统能够自动对每天记录的各种日志根据管理需要进行分类。对大量根据值班员自己理解和习惯撰写的
日志进行自动分类,需要对由信息调度专家提供类型标注的大量日志数据进行学习。然而因人工阅读标注耗时、耗
力,故在实际应用中往往仅能提供少量的标注,从而影响自动分类的性能。针对这一问题,提出了基于主动半监督学
习的日志自动分类方法,该方法一方面利用主动学习找出对学习最有帮助的日志,获得其类型标注;另一方面,通过利
用大量缺乏类型标注的日志进一步提升学习性能。在国家电网的智能电网信息调度日志数据上的应用结果表明,基
于主动半监督学习,可获得比现有方法更优的日志自动分类性能。 相似文献
13.
Distributed systems in enterprises as well astelecommunication environments strongly demand moreautomated fault management. A single fault in thesecomplex systems might cause a huge number of symptomatic error messages and side effects to occur. Thecommon root faults for these symptoms have to beidentified to start fault removal procedures as soon aspossible and to decrease system down-time. This paper presents a methodology for fault isolation inintegrated management systems. A generic model isdescribed that unifies the view of the management systemon the managed environment. It integrates the relevant aspects of network, system, and servicemanagement layers in order to perform integrated faultisolation. Our approach is based on a general dependencygraph model. It captures the information that isrequired to determine the root cause of a fault on theone hand, and the set of fault affected services andcustomers on the other hand. The layered TMNarchitecture serves as an example for an integratedmanagement environment throughout this paper. 相似文献
14.
现有的故障定位算法无法有效地应用于带有负载均衡机制的因果关系频繁变动的复杂系统。为此,本文提出一种基于因果规则的故障定位算法(CRFLA)。首先利用改进的因果关联兴趣度度量方法自适应地学习出故障和事件之间因果规则,然后根据得到的因果规则中故障原因集对已发生事件集的影响程度进行根因推断。该方法考虑了因果关系的同时无需明确具体的因果网络结构,并且能够灵活地结合先验知识。利用电力营销系统中真实生产环境产生的数据进行故障定位,实验结果表明,CRFLA优于传统的方法,能够迅速、有效地定位故障根因。 相似文献
15.
Dongping Zhu Conners R.W. Schmoldt D.L. Araman P.A. 《IEEE transactions on systems, man, and cybernetics. Part B, Cybernetics》1996,26(4):522-532
To fully optimize the value of material produced from a hardwood log requires information about type and location of internal defects in the log. This paper describes a prototype vision system that automatically locates and identifies certain classes of defects in hardwood logs. This system uses computer tomograph (CT) imagery. The system uses a number of processing steps. A set of basic features are defined to capture basic 3-D characteristics of wood defects. For 3-D object (defect) recognition, a set of hypothesis tests are employed that use this set of features. To further help cope with the above mentioned variability, the Dempster-Shafer theory of evidential reasoning is used to classify defect objects. Results of preliminary experiments employing two different types of hardwood logs are given. 相似文献
16.
业务流程管理系统存在可以改变系统行为的潜在故障, 因此研究定位系统中故障发生的最小结构变化区域是
十分必要的, 它对提高业务系统的鲁棒性具有重要意义. 本文提出了一种日志诱导下的变化挖掘方法, 即最小结构故障
域识别方法(minimal structure fault region identification, MSFRI), 该方法通过系统的行为变化来定位故障发生的结构因
果关系. 进一步, 针对合理的自由选择业务流程Petri网系统, 形式化定义了6种典型变化模式, 这些变化模式为故障的结
构因果关系变化挖掘提供理论基础. 本文所提出的故障定位方法通过识别业务流程Petri网系统的行为变化, 实现具有最
少库所和变迁数目的故障区域定位, 有助于实现系统更加复杂的变化挖掘. 本文工作的主要创新之处在于从结构因果关
系的角度出发, 借助系统行为变化挖掘实现定位业务系统中的潜在故障. 相似文献
17.
为了提高控制系统中传感器与执行器故障诊断的准确性,结合小波分析特征提取的优势和密度函数加权模糊C-均值聚类具有较好分类效果的特点,提出了一种新的控制系统故障诊断方法。该方法首先利用小波分析对故障信号进行特征提取,降低噪声的影响;然后对特征提取后的数据通过加权模糊C-均值聚类算法,对故障进行识别分类。实验表明,基于小波分析和加权模糊C-均值聚类相结合的方法,不仅可以识别不同部件的故障,而且可以对同一部件的不同类型的故障进行诊断。 相似文献
18.
E级计算机系统规模巨大,使得故障异常总量随之增多,导致诊断发现的难度增加,因此,迫切需要一套更加准确高效的实时维护故障诊断系统,对硬件系统进行全面的异常及故障信息实时检测、故障诊断及故障预测。传统故障诊断系统在面对数万节点规模的诊断时存在执行效率低、异常检测误报率高的问题,异常检测及故障诊断的覆盖率不足。对异常及故障检测、故障诊断与故障预测相关技术进行研究,分析技术原理及适用性,并结合E级高性能计算机实际工程需求,设计一套满足数E级高性能计算机需求的维护故障诊断系统。基于维护系统的结构组成设计可扩展的边缘诊断架构,将高性能计算机系统知识、专家知识与数理统计、机器学习相融合给出故障检测、诊断及预测算法,并针对专用场景建立预测模型。实验结果表明,该系统具有较好的可扩展性,能在10 s内完成对十万个节点规模系统的故障诊断,与传统故障诊断系统相比,异常检测某特定指标误报率从3.3%降低到几乎为0,硬件故障检测覆盖率从90.2%提升至96%以上,硬件故障诊断覆盖率从71%提升至约94%,能较准确地预测多个重要应用场景下的故障。 相似文献
19.
Causal correlation data over the equipment spot-inspection operation and maintenance (O&M) records and fault investigation sheets potentially reflect the state related to the causal effect of equipment failures. Various factors influence equipment failures, making it difficult to effectively analyze the main cause of the problems. Mining and leveraging these causal data from the equipment spot inspection records will undoubtedly significantly improve the root cause analysis of the fault in the O&M system. Hence, this paper introduces causal knowledge in equipment fault O&M for the first time and proposes to exploit causal knowledge for enhancing root cause analysis of equipment spot inspection failures. Specifically, an equipment fault O&M knowledge graph with causal knowledge called CausalKG is constructed to provide knowledge support for the causal analysis of faults. That is, CausalKG consists of spot-inspection knowledge graph (SIKG) and causal relationship knowledge (CRK) in equipment fault O&M. Further, a CausalKG-ALBERT knowledge reasoning model is designed. The model transforms CausalKG into network embeddings based on relational graph convolutional networks. In turn, it combines the Q&A mechanism of the language model ALBERT to mine the root cause knowledge of equipment failures. The case study confirms that incorporating the CRK is more effective than directly using the SIKG for causality reasoning; The model can fully use causal relationship knowledge to enhance the reliability of root cause analysis. This method is valuable to help engineers strengthen their causal analysis capabilities in preventive equipment maintenance. 相似文献
20.
An Automated Fault Diagnosis System Using Hierarchical Reasoning and Alarm Correlation 总被引:3,自引:0,他引:3
The increasing importance of computer networks in this information age demands a high level of network availability and reliability. As we become more dependent on networks in our so-called cyber-world, network faults and downtime become very costly. Sometimes, a slight fault may cause critical disruptions or remediless damages to the network while the network manager is lost among a large amount of alarm messages. Therefore, the development of a practical and effective system for network fault diagnosis becomes an imperative and critical task. In this paper, we develop a hierarchical domain-oriented reasoning mechanism suitable for the delegated management architecture. It is based on the causality graph of a refined network fault propagation model as a result of our empirical study. An automated fault diagnosis system called Alarm Correlation View (or ACView) for isolating network faults in a multi-domain environment is proposed according to the hierarchical reasoning mechanism. This diagnosis system not only provides the process of automated alarm collection and correlation, but also serves the function of efficient fault localization and identification. Furthermore, an alarm-to-fault mapping strategy is used to enhance the fault reasoning capability for uncertain network fault propagation. 相似文献