CN108600009B - Network alarm root positioning method based on alarm data analysis - Google Patents
Network alarm root positioning method based on alarm data analysis Download PDFInfo
- Publication number
- CN108600009B CN108600009B CN201810376453.2A CN201810376453A CN108600009B CN 108600009 B CN108600009 B CN 108600009B CN 201810376453 A CN201810376453 A CN 201810376453A CN 108600009 B CN108600009 B CN 108600009B
- Authority
- CN
- China
- Prior art keywords
- alarm
- elements
- network
- alarms
- conditional probability
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0677—Localisation of faults
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a network alarm root positioning method based on alarm data analysis, which comprises a modeling analysis step based on alarm historical data and an online alarm root positioning step; firstly, analyzing alarm historical data samples and mining the time sequence incidence relation among network alarms so as to establish network topology among alarm elements; on the basis, real-time alarms are mapped into the established network topology, and the alarm source is deduced based on the relative position of the alarm element corresponding to the current alarm in the network topology. The method does not need to use the connection relation of network hardware, the business logic dependency relation and other expert experience knowledge, and has low development and maintenance cost; meanwhile, the method can fully utilize the probability and distribution characteristics of alarm occurrence in a real system, and has higher analysis accuracy.
Description
Technical Field
The invention relates to the technical field of computer application, in particular to a network alarm root cause positioning method based on alarm data analysis.
Background
In a telecommunications network system, hardware and software components are interrelated through application calls and network connections. When certain components in the system fail or monitoring criteria become abnormal, the components or applications associated therewith may be affected to varying degrees. Therefore, when some component generates an alarm, the component associated with the component on the corresponding link may generate an alarm. In order to ensure the stable operation of the network system, the alarm source needs to be quickly positioned to eliminate the hidden trouble of network fault. Wherein, the root alarm refers to the alarm which is not caused by other alarms and causes other alarms in the alarms which have occurred at a certain moment; and the derived alarm refers to the associated alarm caused by the alarm generated by other alarm elements in the alarms which have occurred at a certain time.
The existing network fault location technology mainly includes the following three aspects. Firstly, based on the abstracted expert experience in the network operation and maintenance practice, adopting artificial intelligence technologies such as rule reasoning, neural network, decision tree and the like to carry out fault location; secondly, based on the topological structure information of the network hardware, adopting graph theory technologies such as a dependency graph and a Bayesian network to trace the source of the fault; thirdly, based on the calling relationship among the network components, a model tracing technology is adopted to carry out root cause analysis of the network fault. The related technologies all rely more or less on existing network hardware connection relationships or business logic association information.
However, in large-scale network systems, the physical connection relationship between network hardware and the logical dependency relationship between applications are extremely complex. These associations also change dynamically with service updates and system upgrades, making it difficult to establish and maintain accurate and comprehensive network topology relationships. On the other hand, even if a huge application topological relation can be established, the amount of information actually used in the alarm root cause analysis is often small. For example, when some and complex application call paths are accessed only occasionally or run very stably, the corresponding network topology information is less utilized in the alarm root cause analysis. Therefore, maintaining topological relationships such as network components or application calls for a long time also faces cost-benefit issues. In addition, from the perspective of alarm root analysis, although the alarm propagation direction is closely related to the physical topology of the network and the application invocation relationship, the prior static information cannot directly reflect the probability and distribution of the alarm in the actual system.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, provides a network alarm root positioning method based on alarm data analysis, and solves the problem that the prior alarm root positioning technology excessively depends on prior physical connection or application calling relation.
The purpose of the invention is realized by the following technical scheme: a network alarm root cause positioning method based on alarm data analysis comprises an off-line analysis step and an alarm root cause on-line analysis step; the off-line analysis step comprises the following substeps:
s11: traversing the alarm data sample, and calculating the conditional probability of causing other alarm elements to generate alarms when each alarm element generates alarms; wherein, the alarm data sample refers to a historical alarm record set stored in a database, and the alarm element: the minimum unit for generating alarm in the network system;
s12: setting a confidence threshold, and generating an adjacency matrix according to the conditional probability matrix;
s13: obtaining a network topology relation between alarm elements according to the adjacent matrix;
s14: performing loop detection and eliminating loops in the network;
the alarm source online analysis step comprises the following substeps:
s21: collecting all alarms which occur currently, and forming alarm elements corresponding to the alarms into a set M;
s22: projecting the alarm elements in the set M to the topological network established in the off-line analysis step;
s23: and (4) positioning the alarm source by analyzing the position of the alarm element corresponding to the current alarm in the network by combining the network topological structure.
Further, step S11 includes the following sub-steps:
s111: for each alarm element A, counting the number of alarm instances of the alarm element A in the alarm data sample, and simultaneously acquiring the associated alarm set of each alarm instance A.a and all associated alarm sets psi corresponding to the alarm element AA=∪ΨA.a(ii) a Wherein, the alarm example refers to an alarm data generated by an alarm element, and the associated alarm set of the alarm example A.a is the set of other alarm elements which have been alarmed during the alarm example A.a;
s112: the conditional probability P (B | A) that each alarm element A causes other arbitrary alarm elements B to generate alarms is calculated in turn, and the formula is as follows:
in the formula, SB|AThe number of the associated alarm sets of the alarm element B is contained in the associated alarm sets of all the alarm instances of the alarm element A; sAThe number of alarm instances of the alarm element A; alpha is a condition threshold; and SB|AThe calculation method of (2) is as follows:
SB|A=|ΨB|A|,
ΨB|A={ΨA.xi alarm element B ∈ ΨA.x};
S113: organizing the conditional probability of all alarm elements causing other alarm elements to generate alarms into a conditional probability matrix:
further, in step S12, for any element P (B | a) in the conditional probability matrix, if P (B | a) is greater than the confidence threshold, setting the element corresponding to P (B | a) in the adjacency matrix to 1, otherwise, setting the element to 0; in addition, for all alarm elements a, the element corresponding to P (a | a) in the adjacency matrix is set to 0.
Further, in step S13, regarding the element P (B | a) in the conditional probability matrix, if the value of its corresponding element in the adjacency matrix is 1, it is considered that the alarm element a may cause the alarm element B to generate an alarm.
Further, step S14 includes the following sub-steps:
setting a loop size threshold, marking the alarm elements in the loop when the number of the alarm elements forming the loop is less than or equal to the threshold, and combining the alarm elements into a logic alarm element; otherwise, combining the conditional probability matrix, and sequentially setting 0 on the edges forming the loop in the adjacent matrix according to the sequence of the corresponding conditional probability values from small to large until the loop is eliminated.
Further, step S23 includes the following sub-steps:
s231: and for all the alarm elements in the set M, sequentially judging as follows: for the alarm element a in the set M, if there is an edge from the alarm element a to any other alarm element in the set M in the adjacency matrix, and there is no edge from any other alarm element in the set M to the alarm element a, then S232 is further executed; otherwise, continuing to analyze the next alarm element in the set M until all the alarm elements in the set M are analyzed;
s232: if the alarm element A meeting the condition is a logic alarm element formed by merging the loops in S231, continuing to execute the step S233, otherwise, judging that the alarm corresponding to the alarm element A is the current alarm root;
s233: when the alarm element a meeting the condition is a logical alarm element formed by merging the loops in S231, if all the alarm elements on the loop have alarms, it is determined that the alarms corresponding to all the alarm elements on the loop are alarm sources, otherwise, the alarm corresponding to the alarm element X meeting the following condition is taken as the current alarm source: for alarm element X, there is no edge from any other alarm element in the set M to alarm element X.
The invention has the beneficial effects that:
(1) the method comprises the steps of firstly, analyzing alarm historical data samples and mining the time sequence incidence relation among network alarms so as to establish the network topology among alarm elements; on the basis, real-time alarms are mapped into the established network topology, and the alarm source is deduced based on the relative position of the alarm element corresponding to the current alarm in the network topology. Complex information such as a topological structure, an application calling relation, a network component dependency relation and the like of the network system does not need to be deeply understood and maintained, so that development and maintenance cost is low.
(2) The method establishes the network topology by analyzing the alarm historical data, so the method can reflect the probability and the distribution characteristics of the alarm in a real system, and has more pertinence for solving the problem of alarm source positioning.
Drawings
FIG. 1 is an overall flow chart of the present invention;
FIG. 2 is a flow chart of the steps of the off-line analysis of the present invention;
FIG. 3 is a flowchart of the alarm root cause online analysis steps of the present invention.
Detailed Description
The technical scheme of the invention is further described in detail by combining the attached drawings:
the alarm data adopted by the embodiment is real data of the telecommunication industry after data cleaning, and comprises information such as alarm element ID, alarm instance generation time, alarm instance elimination time and the like.
As shown in fig. 1, a network alarm root cause positioning method based on alarm data analysis includes an offline analysis step and an alarm root cause online analysis step;
as shown in fig. 2, the offline analysis step includes the following sub-steps:
s11: traversing the alarm data sample, and calculating the conditional probability of causing other alarm elements to generate alarms when each alarm element generates alarms; wherein, the alarm data sample refers to a historical alarm record set stored in a database, and the alarm element: the minimum unit for generating alarm in the network system;
preferably, in the present embodiment, step S11 includes the following sub-steps:
s111: for each alarm element A, counting the alarm example number S of the alarm element A in the alarm data sampleASimultaneously acquiring the associated alarm set psi of each alarm instance A.aA.aAnd all associated alarm sets Ψ corresponding to alarm element AA=∪ΨA.a(ii) a Wherein, the alarm example refers to an alarm data generated by an alarm element, and the associated alarm set of the alarm example A.a is the set of other alarm elements which have been alarmed during the alarm example A.a;
s112: the conditional probability P (B | A) that each alarm element A causes other arbitrary alarm elements B to generate alarms is calculated in turn, and the formula is as follows:
in the formula, SB|AThe number of the associated alarm sets of the alarm element B is contained in the associated alarm sets of all the alarm instances of the alarm element A; sAThe number of alarm instances of the alarm element A; alpha is a condition threshold; and SB|AThe calculation method of (2) is as follows:
SB|A=|ΨB|A|,
ΨB|A={ΨA.xi alarm element B ∈ ΨA.x};
S113: organizing the conditional probability of all alarm elements causing other alarm elements to generate alarms into a conditional probability matrix:
s12: setting a confidence threshold, and generating an adjacency matrix according to the conditional probability matrix;
preferably, in this embodiment, in step S12, the adjacency matrix is generated according to the conditional probability matrix as follows: for any element P (B | A) in the conditional probability matrix, if the P (B | A) is larger than the confidence coefficient threshold value, setting the element corresponding to the P (B | A) in the adjacent matrix as 1, otherwise, setting the element as 0; in addition, for all alarm elements a, the element corresponding to P (a | a) in the adjacency matrix is set to 0.
S13: obtaining a network topology relation between alarm elements according to the adjacent matrix;
preferably, in this embodiment, for an element P (B | a) in the conditional probability matrix, if the value of its corresponding element in the adjacency matrix is 1, it is considered that the alarm element a may cause the alarm element B to generate an alarm.
S14: performing loop detection and eliminating loops in the network;
preferably, in the present embodiment, step S14 includes the following sub-steps: setting a loop size threshold, marking the alarm elements in the loop when the number of the alarm elements forming the loop is less than or equal to the threshold, and combining the alarm elements into a logic alarm element; otherwise, combining the conditional probability matrix, and sequentially setting 0 on the edges forming the loop in the adjacent matrix according to the sequence of the corresponding conditional probability values from small to large until the loop is eliminated.
As shown in fig. 3, the alarm source online analysis step includes the following sub-steps:
s21: all alarms which occur currently are collected, and alarm elements corresponding to the alarms are combined into a set M.
S22: and projecting the alarm elements in the set M to the topological network established in the off-line analysis step.
S23: and (4) positioning the alarm source by analyzing the position of the alarm element corresponding to the current alarm in the network by combining the network topological structure.
Preferably, in the present embodiment, step S23 includes the following sub-steps:
s231: and for all the alarm elements in the set M, sequentially judging as follows: for the alarm element a in the set M, if there is an edge from the alarm element a to any other alarm element in the set M in the adjacency matrix, and there is no edge from any other alarm element in the set M to the alarm element a, then S232 is further executed; otherwise, continuing to analyze the next alarm element in the set M until all the alarm elements in the set M are analyzed;
s232: if the alarm element A meeting the condition is a logic alarm element formed by merging the loops in S231, continuing to execute the step S233, otherwise, judging that the alarm corresponding to the alarm element A is the current alarm root;
s233: when the alarm element a meeting the condition is a logical alarm element formed by merging the loops in S231, if all the alarm elements on the loop have alarms, it is determined that the alarms corresponding to all the alarm elements on the loop are alarm sources, otherwise, the alarm corresponding to the alarm element X meeting the following condition is taken as the current alarm source: for alarm element X, there is no edge from any other alarm element in the set M to alarm element X.
In the above steps S232 and S233, a plurality of alarm sources may exist at the same time.
While the present invention has been described by way of examples, and not by way of limitation, other variations of the disclosed embodiments, as would be readily apparent to one of skill in the art, are intended to be within the scope of the present invention, as defined by the claims.
Claims (5)
1. A network alarm root cause positioning method based on alarm data analysis is characterized in that: comprises an off-line analysis step and an alarm source on-line analysis step; the off-line analysis step comprises the following substeps:
s11: traversing the alarm data sample, and calculating the conditional probability of causing other alarm elements to generate alarms when each alarm element generates alarms; wherein, the alarm data sample refers to a historical alarm record set stored in a database, and the alarm element: the minimum unit for generating alarm in the network system;
s12: setting a confidence threshold, and generating an adjacency matrix according to the conditional probability matrix;
s13: obtaining a network topology relation between alarm elements according to the adjacent matrix;
s14: performing loop detection and eliminating loops in the network;
the alarm source online analysis step comprises the following substeps:
s21: collecting all alarms which occur currently, and forming alarm elements corresponding to the alarms into a set M;
s22: projecting the alarm elements in the set M to the topological network established in the off-line analysis step;
s23: combining a network topological structure, and positioning an alarm source by analyzing the position of an alarm element corresponding to the current alarm in the network;
step S11 includes the following substeps:
s111: for each alarm element A, counting the number of alarm instances of the alarm element A in the alarm data sample, and simultaneously acquiring the associated alarm set of each alarm instance A.a and all associated alarm sets psi corresponding to the alarm element AA=∪ΨA.a(ii) a Wherein, the alarm example refers to an alarm data generated by an alarm element, and the associated alarm set of the alarm example A.a is the set of other alarm elements which have been alarmed during the alarm example A.a;
s112: the conditional probability P (B | A) that each alarm element A causes other arbitrary alarm elements B to generate alarms is calculated in turn, and the formula is as follows:
in the formula, SB|AThe number of the associated alarm sets of the alarm element B is contained in the associated alarm sets of all the alarm instances of the alarm element A; sAThe number of alarm instances of the alarm element A; alpha is a condition threshold; and SB|AThe calculation method of (2) is as follows:
SB|A=|ΨB|A|,
ΨB|A={ΨA.xi alarm element B ∈ ΨA.x};
S113: organizing the conditional probability of all alarm elements causing other alarm elements to generate alarms into a conditional probability matrix:
2. the method for positioning the root cause of network alarm based on alarm data analysis according to claim 1, wherein: in step S12, for any element P (B | a) in the conditional probability matrix, if P (B | a) is greater than the confidence threshold, setting the element corresponding to P (B | a) in the adjacency matrix to 1, otherwise setting the element to 0; in addition, for all alarm elements a, the element corresponding to P (a | a) in the adjacency matrix is set to 0.
3. The method of claim 2, wherein the method comprises the following steps: in step S13, regarding the element P (B | a) in the conditional probability matrix, if the value of its corresponding element in the adjacency matrix is 1, it is considered that the alarm element a may cause the alarm element B to generate an alarm.
4. The method of claim 3, wherein the method comprises the following steps: step S14 includes the following substeps:
setting a loop size threshold, marking the alarm elements in the loop when the number of the alarm elements forming the loop is less than or equal to the threshold, and combining the alarm elements into a logic alarm element; otherwise, combining the conditional probability matrix, and sequentially setting 0 on the edges forming the loop in the adjacent matrix according to the sequence of the corresponding conditional probability values from small to large until the loop is eliminated.
5. The method for positioning the network alarm root cause based on the alarm data analysis according to any one of claims 1 to 4, characterized in that: step S23 includes the following substeps:
s231: and for all the alarm elements in the set M, sequentially judging as follows: for the alarm element a in the set M, if there is an edge from the alarm element a to any other alarm element in the set M in the adjacency matrix, and there is no edge from any other alarm element in the set M to the alarm element a, then S232 is further executed; otherwise, continuing to analyze the next alarm element in the set M until all the alarm elements in the set M are analyzed;
s232: if the alarm element A meeting the condition is a logic alarm element formed by merging the loops in S231, continuing to execute the step S233, otherwise, judging that the alarm corresponding to the alarm element A is the current alarm root;
s233: when the alarm element a meeting the condition is a logical alarm element formed by merging the loops in S231, if all the alarm elements on the loop have alarms, it is determined that the alarms corresponding to all the alarm elements on the loop are alarm sources, otherwise, the alarm corresponding to the alarm element X meeting the following condition is taken as the current alarm source: for alarm element X, there is no edge from any other alarm element in the set M to alarm element X.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810376453.2A CN108600009B (en) | 2018-04-25 | 2018-04-25 | Network alarm root positioning method based on alarm data analysis |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810376453.2A CN108600009B (en) | 2018-04-25 | 2018-04-25 | Network alarm root positioning method based on alarm data analysis |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108600009A CN108600009A (en) | 2018-09-28 |
| CN108600009B true CN108600009B (en) | 2021-03-30 |
Family
ID=63609519
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810376453.2A Active CN108600009B (en) | 2018-04-25 | 2018-04-25 | Network alarm root positioning method based on alarm data analysis |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108600009B (en) |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP7193725B2 (en) | 2019-02-13 | 2022-12-21 | 日本電信電話株式会社 | Network information collection device and method |
| CN112073208B (en) * | 2019-05-25 | 2022-01-14 | 成都华为技术有限公司 | Alarm analysis method, device, chip system and storage medium |
| CN112202584B (en) * | 2019-07-08 | 2022-07-29 | ***通信集团浙江有限公司 | Alarm correlation method, device, computing equipment and computer storage medium |
| CN110445665B (en) * | 2019-09-06 | 2022-06-14 | 国网江苏省电力有限公司信息通信分公司 | Electric power communication network alarm association mining method based on improved GSP |
| CN111342997B (en) * | 2020-02-06 | 2022-08-09 | 烽火通信科技股份有限公司 | Construction method of deep neural network model, fault diagnosis method and system |
| CN113497721B (en) * | 2020-03-20 | 2023-08-01 | ***通信集团四川有限公司 | Network fault positioning method and device |
| CN113825148B (en) * | 2020-06-18 | 2023-08-18 | ***通信集团浙江有限公司 | Method and device for determining alarm grade of network node and computing equipment |
| CN112087316B (en) * | 2020-07-30 | 2022-08-05 | 北京思特奇信息技术股份有限公司 | Network anomaly root cause positioning method based on anomaly data analysis |
| CN112118141B (en) * | 2020-09-21 | 2021-12-17 | 中山大学 | Communication network-oriented alarm event correlation compression method and device |
| CN112528448B (en) * | 2021-01-01 | 2022-05-17 | 电管家能源管理(上海)有限公司 | Topology and data management maintenance system |
| CN115174355B (en) * | 2022-07-26 | 2024-01-19 | 杭州东方通信软件技术有限公司 | Method for generating fault root positioning model, fault root positioning method and device |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010112855A1 (en) * | 2009-03-31 | 2010-10-07 | British Telecommunications | Network analysis system |
| CN101945009A (en) * | 2010-09-14 | 2011-01-12 | 国网电力科学研究院 | Positioning method and device of power communication network fault based on case and pattern matching |
| CN101997709A (en) * | 2009-08-10 | 2011-03-30 | 中兴通讯股份有限公司 | Root alarm data analysis method and system |
| CN102130783A (en) * | 2011-01-24 | 2011-07-20 | 浪潮通信信息***有限公司 | Intelligent alarm monitoring method of neural network |
| EP1279211B1 (en) * | 2000-10-19 | 2013-11-20 | TTI-Team Telecom International LTD. | Topology-based reasoning apparatus for root-cause analysis of network faults |
| CN105391579A (en) * | 2015-11-25 | 2016-03-09 | 国家电网公司 | Electric power communication network fault positioning method based on key alarm sets and supervised classification |
| CN106250288A (en) * | 2016-07-29 | 2016-12-21 | 浪潮软件集团有限公司 | Root alarm analysis and identification method based on data mining |
| CN106603317A (en) * | 2017-02-20 | 2017-04-26 | 山东浪潮商用***有限公司 | Alarm monitoring strategy analysis method based on data mining technology |
| CN106941423A (en) * | 2017-04-13 | 2017-07-11 | 腾讯科技(深圳)有限公司 | Failure cause localization method and device |
| CN107196804A (en) * | 2017-06-01 | 2017-09-22 | 国网山东省电力公司信息通信公司 | Power system terminal communication access network Centralized Alarm Monitoring system and method |
-
2018
- 2018-04-25 CN CN201810376453.2A patent/CN108600009B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1279211B1 (en) * | 2000-10-19 | 2013-11-20 | TTI-Team Telecom International LTD. | Topology-based reasoning apparatus for root-cause analysis of network faults |
| WO2010112855A1 (en) * | 2009-03-31 | 2010-10-07 | British Telecommunications | Network analysis system |
| CN101997709A (en) * | 2009-08-10 | 2011-03-30 | 中兴通讯股份有限公司 | Root alarm data analysis method and system |
| CN101945009A (en) * | 2010-09-14 | 2011-01-12 | 国网电力科学研究院 | Positioning method and device of power communication network fault based on case and pattern matching |
| CN102130783A (en) * | 2011-01-24 | 2011-07-20 | 浪潮通信信息***有限公司 | Intelligent alarm monitoring method of neural network |
| CN105391579A (en) * | 2015-11-25 | 2016-03-09 | 国家电网公司 | Electric power communication network fault positioning method based on key alarm sets and supervised classification |
| CN106250288A (en) * | 2016-07-29 | 2016-12-21 | 浪潮软件集团有限公司 | Root alarm analysis and identification method based on data mining |
| CN106603317A (en) * | 2017-02-20 | 2017-04-26 | 山东浪潮商用***有限公司 | Alarm monitoring strategy analysis method based on data mining technology |
| CN106941423A (en) * | 2017-04-13 | 2017-07-11 | 腾讯科技(深圳)有限公司 | Failure cause localization method and device |
| CN107196804A (en) * | 2017-06-01 | 2017-09-22 | 国网山东省电力公司信息通信公司 | Power system terminal communication access network Centralized Alarm Monitoring system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108600009A (en) | 2018-09-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108600009B (en) | Network alarm root positioning method based on alarm data analysis | |
| US10666525B2 (en) | Distributed multi-data source performance management | |
| Yang et al. | A time efficient approach for detecting errors in big sensor data on cloud | |
| US10963242B2 (en) | Intelligent software agent to facilitate software development and operations | |
| WO2021052394A1 (en) | Model training method, apparatus, and system | |
| US11348023B2 (en) | Identifying locations and causes of network faults | |
| CN110493025B (en) | Fault root cause diagnosis method and device based on multilayer digraphs | |
| US11409962B2 (en) | System and method for automated insight curation and alerting | |
| US11200139B2 (en) | Automatic configuration of software systems for optimal management and performance using machine learning | |
| US20210097431A1 (en) | Debugging and profiling of machine learning model training | |
| CN111143102A (en) | Abnormal data detection method and device, storage medium and electronic equipment | |
| CN114785666B (en) | Network troubleshooting method and system | |
| US9860109B2 (en) | Automatic alert generation | |
| US20200134421A1 (en) | Assurance of policy based alerting | |
| US8180716B2 (en) | Method and device for forecasting computational needs of an application | |
| CN112087316B (en) | Network anomaly root cause positioning method based on anomaly data analysis | |
| US11468365B2 (en) | GPU code injection to summarize machine learning training data | |
| Solmaz et al. | ALACA: A platform for dynamic alarm collection and alert notification in network management systems | |
| Perdices et al. | Deep-fda: Using functional data analysis and neural networks to characterize network services time series | |
| CN114443437A (en) | Alarm root cause output method, apparatus, device, medium, and program product | |
| WO2021067385A1 (en) | Debugging and profiling of machine learning model training | |
| Omori et al. | Comparing concept drift detection with process mining tools | |
| CN115293284A (en) | Transaction abnormity detection method and device | |
| CN106330544B (en) | A kind of Real-time Alarm response method based on self feed back model | |
| CN115514618A (en) | Alarm event processing method and device, electronic equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |