CN117252640A - Fuse degradation method, rule engine system and electronic equipment - Google Patents
Fuse degradation method, rule engine system and electronic equipment Download PDFInfo
- Publication number
- CN117252640A CN117252640A CN202311171244.1A CN202311171244A CN117252640A CN 117252640 A CN117252640 A CN 117252640A CN 202311171244 A CN202311171244 A CN 202311171244A CN 117252640 A CN117252640 A CN 117252640A
- Authority
- CN
- China
- Prior art keywords
- rule
- target
- risk
- fusing
- index value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000015556 catabolic process Effects 0.000 title claims abstract description 88
- 238000006731 degradation reaction Methods 0.000 title claims abstract description 88
- 238000000034 method Methods 0.000 title claims abstract description 57
- 238000001514 detection method Methods 0.000 claims abstract description 71
- 230000000593 degrading effect Effects 0.000 claims description 19
- 238000012795 verification Methods 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 7
- 238000011084 recovery Methods 0.000 claims description 6
- 238000004364 calculation method Methods 0.000 claims description 5
- 235000019580 granularity Nutrition 0.000 description 24
- 230000008569 process Effects 0.000 description 11
- 238000004891 communication Methods 0.000 description 9
- 230000009471 action Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000007781 pre-processing Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000004458 analytical method Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 238000007405 data analysis Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000008030 elimination Effects 0.000 description 1
- 238000003379 elimination reaction Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0207—Discounts or incentives, e.g. coupons or rebates
- G06Q30/0212—Chance discounts or incentives
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/06—Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
- G06Q10/063—Operations research, analysis or management
- G06Q10/0635—Risk analysis of enterprise or organisation activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0207—Discounts or incentives, e.g. coupons or rebates
- G06Q30/0211—Determining the effectiveness of discounts or incentives
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Strategic Management (AREA)
- Development Economics (AREA)
- Accounting & Taxation (AREA)
- Entrepreneurship & Innovation (AREA)
- Finance (AREA)
- Human Resources & Organizations (AREA)
- Economics (AREA)
- Physics & Mathematics (AREA)
- Marketing (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Game Theory and Decision Science (AREA)
- Educational Administration (AREA)
- Operations Research (AREA)
- Quality & Reliability (AREA)
- Tourism & Hospitality (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application provides a fusing degradation method, a rule engine system and electronic equipment, wherein one embodiment of the method comprises the following steps: calculating a target index value at the current moment; the target index value represents index data obtained by the target service under a target rule; detecting the target index value according to a risk detection rule to obtain a risk value of the target rule; if the risk value of the target rule is higher than a fusing risk threshold, executing a fusing degradation rule; the execution requirement of the fusing degradation rule is lower than the execution requirement of the target rule. The method can reduce the service loss rate.
Description
Technical Field
The present application relates to the field of data processing, and in particular, to a fuse degradation method, a rule engine system, and an electronic device.
Background
To better ensure safe operation of the business, enterprises often use rule engine systems to monitor, combat malicious behavior and assist in adjusting business rules.
In the related art, there is a scheme in which rules are artificially formulated according to related business data and then entered into a rule engine system so that the rule engine system executes the related rules. However, the scheme is easy to have the problems of misoperation, incomplete data analysis and the like, so that the service loss rate is higher.
Disclosure of Invention
The embodiment of the application aims to provide a fusing degradation method, a rule engine system and electronic equipment, which are used for reducing the service loss rate.
In a first aspect, an embodiment of the present application provides a fuse degradation method, including: calculating a target index value at the current moment; the target index value represents index data obtained by the target service under a target rule; detecting the target index value according to a risk detection rule to obtain a risk value of the target rule; if the risk value of the target rule is higher than a fusing risk threshold, executing a fusing degradation rule; the execution requirement of the fusing degradation rule is lower than the execution requirement of the target rule. The rule engine system can calculate the target index value, improves the conditions of incomplete service data, misoperation and the like of manual analysis, executes the fusing degradation rule with lower execution requirement than the target rule when the risk value of the target rule is higher than the fusing risk threshold value, can execute corresponding operation in time when the risk is higher, can adjust the rule without intervention of related personnel, and reduces the service loss rate.
Optionally, if the risk value of the target rule is higher than the fusing risk threshold, executing a fusing degradation rule, including: if the risk value of the target rule is higher than a fusing risk threshold, searching a target fusing degradation rule matched with the target rule in a risk level library; the risk level library stores a plurality of fusing and degrading rules configured according to service granularity and target rule information associated with each fusing and degrading rule; and executing the target fusing degradation rule. In this way, different fusing degradation rules can be configured for services with different granularities, so that when the risk value of the target rule is higher than the fusing risk threshold, the fusing degradation rule matched with the granularity of the target service can be executed, and the suitability between the fusing degradation rule and the target service is improved.
Optionally, the fusing degrading rule includes performing fusing operations with different fusing levels; and if the risk value of the target rule is higher than the fusing risk threshold, executing a fusing degradation rule, including: and if the risk value of the target rule is in the risk value range corresponding to any fusing level, executing the fusing operation corresponding to the fusing level. Therefore, the rules can be adjusted in a targeted manner, and the target business can be processed in time through a reasonable fusing operation.
Optionally, after executing the fusing degrading rule if the risk value of the target rule is lower than a preset risk threshold, the method further includes: calculating a fusing index value at the current moment; the fusing index value represents index data obtained by the target service under the fusing degradation rule; detecting the fusing index value according to a risk detection rule to obtain a risk value of the fusing degradation rule; if the risk value of the fusing degradation rule is lower than a recovery threshold value, executing the target rule; the restoration threshold is less than or equal to the fuse risk threshold. In this way, when the risk value of the fusing degradation rule is lower than the fusing risk threshold, the target rule having a higher execution requirement than that of the fusing degradation rule can be re-executed, thereby realizing an automatic recovery process.
Optionally, the detecting the target index value according to the risk detection rule to obtain a risk value of the target rule includes: searching a target risk detection rule matched with the target rule in a risk detection rule library; the risk detection rule library stores a plurality of risk detection rules configured according to service granularity and target rule information associated with each risk detection rule; and detecting the target index value according to the target risk detection rule. In this way, different risk detection rules can be configured for services with different granularities, so that the risk detection rules matched with the target service granularity can be executed, and the suitability between the risk detection rules and the target service is improved.
Optionally, after the calculating the target index value at the current time, the method further includes: checking the availability of the target index value according to an availability rule; checking the exemption condition of the target index value according to an exemption rule; verifying the application range of the target index value according to a range verification rule; verifying the validity of the target index value according to a time verification rule; and detecting the target index value according to a risk detection rule to obtain a risk value of the target rule, including: detecting an index value to be detected according to a risk detection rule to obtain a risk value of the target rule; the index value to be tested is a target index value checked by the availability rule, the exemption rule, the range check rule and the time check rule. In this way, whether the target index value is excluded or not is determined according to the data volume of the service log data, so that the accuracy of risk detection is improved.
Optionally, the target index value is calculated based on service log data, and the checking the exemption condition of the target index value according to the exemption rule includes: and if the data volume of the service log data is lower than a data volume threshold value, excluding the target index value. In this way, the accuracy and rationality of the risk value of the target rule is improved to some extent.
In a second aspect, embodiments of the present application provide a rule engine system comprising: the index calculation module is used for calculating a target index value at the current moment; the target index value represents index data obtained by the target service under a target rule; the rule execution module is used for detecting the target index value according to a risk detection rule to obtain a risk value of the target rule; if the risk value of the target rule is higher than a fusing risk threshold, executing a fusing degradation rule; the execution requirement of the fusing degradation rule is lower than the execution requirement of the target rule. Thus, the situations of incomplete service data, misoperation and the like in the manual analysis are improved; in addition, corresponding operation can be executed in time when the risk is high, rules can be adjusted without intervention of related personnel, and the service loss rate is reduced.
In a third aspect, embodiments of the present application provide an electronic device comprising a processor and a memory storing computer readable instructions that, when executed by the processor, perform the steps of the method as provided in the first aspect above.
In a fourth aspect, embodiments of the present application provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the method as provided in the first aspect above.
Additional features and advantages of the application will be set forth in the description which follows, and in part will be apparent from the description, or may be learned by practice of the embodiments of the application. The objectives and other advantages of the application will be realized and attained by the structure particularly pointed out in the written description and claims thereof as well as the appended drawings.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and should not be considered as limiting the scope, and other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flowchart of a fuse degradation method provided in an embodiment of the present application;
FIG. 2 is a block diagram of a rule engine system according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an electronic device for performing a fuse degradation method according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. The components of the embodiments of the present application, which are generally described and illustrated in the figures herein, may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present application, as provided in the accompanying drawings, is not intended to limit the scope of the application, as claimed, but is merely representative of selected embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present application without making any inventive effort, are intended to be within the scope of the present application.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only to distinguish the description, and are not to be construed as indicating or implying relative importance.
It should be noted that embodiments or technical features of embodiments in the present application may be combined without conflict.
In the related art, the problem of higher service loss rate exists; in order to solve the problem, the application provides a fusing degradation method, a rule engine system and electronic equipment; further, the service data is analyzed through the rule engine system, and the fusing degradation rule is added, so that the service data is analyzed more comprehensively, and related rule strategies are adjusted in time, so that the service loss rate is reduced.
The above related art solutions have drawbacks, which are results obtained by the inventor after practice and careful study, and therefore, the discovery process of the above problems and the solutions proposed by the embodiments of the present invention hereinafter for the above problems should be all contributions of the inventor to the present invention in the process of the present invention.
Referring to fig. 1, a flowchart of a fuse degradation method according to an embodiment of the present application is shown. As shown in fig. 1, the fuse degrading method includes the following steps 101 to 103.
Step 101, calculating a target index value at the current moment; the target index value represents index data obtained by the target service under a target rule;
in some application scenarios, the rule engine system may be configured with relevant business metrics. The traffic index may include, for example, an index such as a request interception rate related to traffic, the number of requests of a certain user, and the total number of requests of a certain area. Then, the rule engine system can acquire the business data to calculate the target index value at the current moment. The service data may include, for example, user request data, personal information data of the user, information data of a device used by the user, and the like. The target index value may include, for example, an interception rate calculated based on user request data, the number of requests of the user calculated based on personal information data of the user, and the like.
In some application scenarios, the target index value may be calculated, for example, by a flink (a distributed computing framework) or an Apache Storm (a distributed real-time computing system), it should be noted that a process of calculating the target index value by using the flink or the Apache Storm is a prior art and is not described herein.
Further, the target index value is calculated based on the related service data of the target service under the target rule. The target service may be regarded as a service processed at the current time, and the target rule may be regarded as a rule currently used for processing the target service. For example, if the target business is a shopping order business, the target rules may include rules that intercept user requests (e.g., intercept coupon-carrying requests, intercept A-market requests, etc.), trigger certain actions or behaviors (e.g., automatic discounts when the order amount exceeds a certain threshold), exception handling rules, and the like. If the target service is a message push service, the target rule may include a rule that a user who pushes to B city, a user who is older than (20-25), and the like is preferentially pushed to.
It should be noted that the target index value is index data obtained by the target service after the target rule is executed, and thus the target index value is changed after the target rule is changed. In addition, the rule engine system can acquire service data in real time, and the calculated target index values of the service data at different moments and different time periods can be different or the same. For example, for the same target rule for order service, the target index value of 14:00 and the target index value of 13:00 for the user request amount per day may be the same or different. Therefore, the method calculates the target index value at the current moment so as to accurately detect whether the target rule has risks or not through the target index value.
It should be noted that, the above step 101 may be performed immediately after the service data is collected, or may be performed in a short time after the service data is collected, which is not limited herein.
102, detecting the target index value according to a risk detection rule to obtain a risk value of the target rule;
in some application scenarios, a risk detection rule may be configured in the rule engine system, where the risk detection rule is used to detect a risk value of the target rule. The risk detection rule may, for example, include detecting whether each target index value is within a preset normal range, if yes, setting a risk value corresponding to the target index value to 0; if not, setting a risk value corresponding to the target index value to be 1; and then, respectively corresponding risk values of the target index values can be accumulated, so that the risk value of the target rule is obtained. In addition, the risk detection rule may further be, for example, to perform weighted summation on the multiple target index values and corresponding preset weights, and consider the summation result as a risk value of the target rule.
It should be noted that, since the target service is different, the detection process may be different or the same according to the risk detection rule, which is not limited herein.
Step 103, if the risk value of the target rule is higher than the fusing risk threshold, executing a fusing degradation rule; the execution requirement of the fusing degradation rule is lower than the execution requirement of the target rule.
The fusing risk threshold is a threshold for judging whether to execute a fusing degradation rule.
In some application scenarios, after calculating the risk value of the target rule, the rule engine system may execute a less demanding fuse degradation rule if the risk value is above the fuse risk threshold. The fusing and downgrading rule may include a corresponding fusing and downgrading operation, for example, the target rule is to intercept all user requests of province a, and the fusing and downgrading rule may intercept all user requests of province a, city B, but not intercept user requests of other urban areas of province a. For another example, if the target rule is to allow the coupon-carrying order request to access the corresponding server, the fuse downgrade rule may be to allow all order requests to access the corresponding server.
In the related art, aiming at the problems of easy misoperation, incomplete data analysis and the like, solutions of Prometheus (an open-source system monitoring and alarming system) and Skywalk (an open-source application performance monitoring system) exist, but after detecting business risks, the two solutions mainly inform related personnel to execute solution operations such as regulation rules or rule elimination and the like, so that the related personnel cannot timely receive the notification or can execute the external factors such as the execution after the approval process, the business risks cannot be timely processed, and the business loss rate is higher.
In this embodiment, the rule engine system can calculate the target index value, so as to improve situations of incomplete manual analysis of service data, misoperation and the like, execute a fusing degradation rule with lower execution requirement than the target rule when the risk value of the target rule is higher than the fusing risk threshold, execute corresponding operation in time when the risk is higher, adjust the rule without intervention of related personnel, and reduce the service loss rate.
In some optional implementations, if the risk value of the target rule is higher than the fusing risk threshold, executing a fusing degradation rule in step 103 includes: if the risk value of the target rule is higher than a fusing risk threshold, searching a target fusing degradation rule matched with the target rule in a risk level library; the risk level library stores a plurality of fusing and degrading rules configured according to service granularity and target rule information associated with each fusing and degrading rule;
in some application scenarios, a risk level library may be preconfigured in the rules engine system. The risk level library comprises a plurality of fusing degradation rules, and the fusing degradation rules are configured according to service granularity. The service granularity may be divided based on, for example, the service size, the importance of the service, the applicable population of the service, and the like. For example, a service having a user number of 3000 or more is divided into a first-class service, and a service having a user number of 5000 or more is divided into a second-class service; alternatively, people suitable for (20-40) years old are classified into one-level granularity business, people suitable for (41-61) years old are classified into two-level granularity business, and the like.
Further, when configuring the fuse degradation rule according to the service granularity, for example, the execution requirement of the fuse degradation rule corresponding to the service with the first granularity may be configured to be higher than the execution requirement of the fuse degradation rule corresponding to the service with the second granularity.
In some application scenarios, individual fuse degradation rules may be associated with target rules. In these application scenarios, for example, the identity code of the fusing degradation rule may be associated with the identity code of the target rule. The rule engine system may then find a fuse degradation rule associated with the target rule according to the association and determine the fuse degradation rule as the target fuse degradation rule.
The rule engine system may then execute the target fuse degradation rule.
In the implementation manner, different fusing degrading rules can be configured for businesses with different granularities, so that when the risk value of the target rule is higher than the fusing risk threshold, the fusing degrading rules matched with the granularity of the target business can be executed, and the suitability between the fusing degrading rules and the target business is improved.
In some alternative implementations, the fusing degrading rule includes performing fusing operations with different fusing levels, and if the risk value of the target rule is higher than the fusing risk threshold, performing the fusing degrading rule in step 103 includes: and if the risk value of the target rule is in the risk value range corresponding to any fusing level, executing the fusing operation corresponding to the fusing level.
In some application scenarios, the rule engine system may preset a plurality of fusing levels, each of which may be classified according to a risk value, and each of which may have a corresponding fusing operation.
Therefore, if the risk value of the target rule is in the risk value range corresponding to any fusing level, the fusing operation corresponding to the target rule can be executed, so that the rule can be adjusted in a targeted manner, and the target business can be processed in time through the more reasonable fusing operation.
In some optional implementations, after executing the fuse degradation rule if the risk value of the target rule is lower than the preset risk threshold in step 103, the method further includes:
104, calculating a fusing index value at the current moment; the fusing index value represents index data obtained by the target service under the fusing degradation rule;
here, the process of calculating the fuse index value may be the same as or similar to the process of calculating the target index value described above, and will not be repeated here.
Step 105, detecting the fusing index value according to a risk detection rule to obtain a risk value of the fusing degradation rule;
here, the process of obtaining the risk value of the fuse degradation rule may be the same as or similar to the process of obtaining the risk value of the target rule described above, and will not be repeated here.
Step 106, if the risk value of the fusing degradation rule is lower than a restoration threshold value, executing the target rule; the restoration threshold is less than or equal to the fuse risk threshold.
In the implementation manner, when the risk value of the fusing degradation rule is lower than the recovery threshold value, the target rule with higher execution requirement than the target rule can be re-executed, so that the automatic recovery process is realized.
It should be noted that after a certain fuse degradation rule is executed by the rule engine system, the fuse degradation rule may be regarded as a current target rule, so that it may be determined by its risk value whether the next fuse degradation rule needs to be executed continuously. Thus, the rule most reasonable for processing the target service is searched in a reciprocating cycle.
In some application scenarios, because the fusing degrading rule includes executing fusing operations with different fusing levels, if the risk value of the fusing degrading rule is lower than the risk value corresponding to any fusing level, the fusing operation with higher fusing level can be executed, so that the fusing is gradually restored.
In some optional implementations, detecting the target index value according to the risk detection rule in step 102 to obtain the risk value of the target rule includes: searching a target risk detection rule matched with the target rule in a risk detection rule library; the risk detection rule library stores a plurality of risk detection rules configured according to service granularity and target rule information associated with each risk detection rule;
in some application scenarios, a rule engine system may be preconfigured with a risk detection rule base, where the risk detection rule base includes a plurality of risk detection rules, and the risk detection rules may also be configured according to a service granularity. In these application scenarios, for example, the execution requirement of the risk detection rule corresponding to the first-class granularity service may be configured to be higher than the execution requirement of the risk detection rule corresponding to the second-class granularity service.
Further, each risk detection rule may be associated with an identification code of the target rule, for example, through the identification code, so as to find a risk detection rule for detecting a risk value of the target rule.
The rule engine system may then detect the target index value according to the target risk detection rule.
In the implementation manner, different risk detection rules can be configured for services with different granularities, so that the risk detection rules matched with the target service granularity can be executed, and the suitability between the risk detection rules and the target service is improved.
In some optional implementations, after calculating the target index value at the current time in step 101, the method further includes:
step 1, checking the availability of the target index value according to an availability rule;
the availability rule is a rule for detecting whether the target index value is available. It may for example comprise detecting whether a target indicator value is calculated from traffic data that has been suspended from use; or whether the target index value is within a normal index range, etc. If not, it can be considered that the target index value fails the verification.
Step 2, checking the exemption condition of the target index value according to an exemption rule;
the exemption rule is a rule for detecting whether the target index value is reserved or not.
In some optional implementations, the target index value is calculated based on service log data, and the checking the exemption condition of the target index value according to the exemption rule includes: and if the data volume of the service log data is lower than a data volume threshold value, excluding the target index value.
The service log data includes all data related to the service. Which may include both input data and output data. Wherein the entry parameter data includes data that substantially requires input to the rules engine system, such as user requests, user information, etc.; the output data includes data processed by the rule engine system. Which may include, for example, the fuse degradation rules used, alarm rules, risk detection rules, respective corresponding data processing results, and the like.
In the related art, there is a case where there is less traffic log data, which can be regarded as less traffic, and calculating the target index value based on this case may lead to erroneous judgment. For example, the rule engine system receives 2 user requests, 1 of which was intercepted based on the target rule, with a current interception rate of 50%. However, when 1000 user requests are received, only 1 user request is intercepted based on the target rule, and the current interception rate is 1/1000. Therefore, if risk detection is performed at a 50% interception rate, detection may be inaccurate. The rule engine system may then exclude the target index value.
In the implementation manner, whether the target index value is excluded or not is determined according to the data volume of the service log data, so that the accuracy of risk detection is improved.
In other application scenarios, exemption may be performed according to target data required for calculating the target index value. These target data may be obtained from, for example, service log data. For example, if the user request data is needed to calculate the target index value, and the user response data is not needed to be used, the rule engine system may simply count the total amount of the user request data, and if the total amount is smaller than a certain threshold value, may exclude the calculated target index value.
Step 3, verifying the application range of the target index value according to a range verification rule;
the above range check rule is a rule for checking whether the target index value is applicable to the target rule. It may include, for example, detecting whether the target index value would trigger an alarm operation included in the target rule, detecting whether the target index value is calculated based on the target rule, and the like.
Step 4, verifying the validity of the target index value according to a time verification rule;
the time check rule is a rule for checking whether the target index value is out of date. It may include, for example, checking whether the duration between the calculated time and the current time corresponding to the target index value is within a preset range.
Thus, detecting the target index value according to the risk detection rule in step 102 to obtain the risk value of the target rule includes: detecting an index value to be detected according to a risk detection rule to obtain a risk value of the target rule; the index value to be tested is a target index value checked by the availability rule, the exemption rule, the range check rule and the time check rule.
In the implementation manner, whether the target index value is suitable for evaluating the risk value of the target rule can be checked through various check rules, so that the accuracy and the rationality of the risk value of the target rule are improved to a certain extent.
In some application scenarios, if the risk value of the target rule is higher than the alarm threshold, the alarm rule is executed. The alarm threshold may be greater than, less than, or equal to the fuse risk threshold, without limitation. The alert rules described above may include, for example, performing an alert operation corresponding to a risk value. That is, if the risk value of the target rule is within the risk value range corresponding to any alarm level, the alarm operation corresponding to the alarm level is executed. The alarm operation may include, for example, a buzzer alarm, a voice alarm, and the like. Further, the alert rule may also include, for example, the duration of the alert interval, the object of the alert, and so on.
It will be appreciated by those skilled in the art that in the above-described method of the specific embodiment, the written order of steps is not meant to imply a strict order of execution but rather should be construed according to the function and possibly inherent logic of the steps.
Referring to FIG. 2, a block diagram of a rule engine system, which may be a module, program segment, or code on an electronic device, is shown. It should be understood that the apparatus corresponds to the embodiment of the method of fig. 1 described above, and is capable of performing the steps involved in the embodiment of the method of fig. 1, and specific functions of the apparatus may be referred to in the foregoing description, and detailed descriptions thereof are omitted herein as appropriate to avoid redundancy.
Optionally, the rule engine system includes an index calculation module and a rule execution module. The index calculation module is used for calculating a target index value at the current moment; the target index value represents index data obtained by the target service under a target rule; the rule execution module is used for detecting the target index value according to a risk detection rule to obtain a risk value of the target rule; if the risk value of the target rule is higher than a fusing risk threshold, executing a fusing degradation rule; the execution requirement of the fusing degradation rule is lower than the execution requirement of the target rule.
Optionally, the rule execution module is further configured to: if the risk value of the target rule is higher than a fusing risk threshold, searching a target fusing degradation rule matched with the target rule in a risk level library; the risk level library stores a plurality of fusing and degrading rules configured according to service granularity and target rule information associated with each fusing and degrading rule; and executing the target fusing degradation rule.
Optionally, the fusing degrading rule includes performing fusing operations with different fusing levels; the rule execution module is further to: and if the risk value of the target rule is in the risk value range corresponding to any fusing level, executing the fusing operation corresponding to the fusing level.
Optionally, the rule execution module is further configured to: if the risk value of the target rule is lower than a preset risk threshold, calculating a fusing index value at the current moment after executing a fusing degradation rule; the fusing index value represents index data obtained by the target service under the fusing degradation rule; detecting the fusing index value according to a risk detection rule to obtain a risk value of the fusing degradation rule; if the risk value of the fusing degradation rule is lower than a recovery threshold value, executing the target rule; the restoration threshold is less than or equal to the fuse risk threshold.
Optionally, the rule execution module is further configured to: searching a target risk detection rule matched with the target rule in a risk detection rule library; the risk detection rule library stores a plurality of risk detection rules configured according to service granularity and target rule information associated with each risk detection rule; and detecting the target index value according to the target risk detection rule.
Optionally, the system further comprises a data preprocessing module, wherein the data preprocessing module is used for: after the target index value at the current moment is calculated, checking the availability of the target index value according to an availability rule; checking the exemption condition of the target index value according to an exemption rule; verifying the application range of the target index value according to a range verification rule; verifying the validity of the target index value according to a time verification rule; the rule execution module is further to: detecting an index value to be detected according to a risk detection rule to obtain a risk value of the target rule; the index value to be tested is a target index value checked by the availability rule, the exemption rule, the range check rule and the time check rule.
Optionally, the target index value is calculated based on the service log data, and the data preprocessing module is further configured to: and if the data volume of the service log data is lower than a data volume threshold value, excluding the target index value.
In some application scenarios, the rule engine system may also check the target index value step by step through the message queue. Specifically, the index calculation module can immediately store the target index value at the current moment in the message queue after calculating the target index value at the current moment, and then the data preprocessing module acquires the target index values one by one from the message queue to perform relevant verification. In addition, the fuse degradation rules may also be communicated through a message queue. Specifically, after determining the executed fusing degradation rule, the rule execution module may store the fusing degradation rule in a message queue, and then the notification module may acquire relevant information of the fusing degradation rule from the message queue to notify the outside.
It should be noted that, for convenience and brevity, a person skilled in the art will clearly understand that, for the specific working procedure of the system described above, reference may be made to the corresponding procedure in the foregoing method embodiment, and the description will not be repeated here.
Referring to fig. 3, fig. 3 is a schematic structural diagram of an electronic device for performing a fuse degradation method according to an embodiment of the present application, where the electronic device may include: at least one processor 301, such as a CPU, at least one communication interface 302, at least one memory 303, and at least one communication bus 304. Wherein the communication bus 304 is used to enable direct connection communication of these components. The communication interface 302 of the device in the embodiment of the present application is used for performing signaling or data communication with other node devices. The memory 303 may be a high-speed RAM memory or a nonvolatile memory (non-volatile memory), such as at least one magnetic disk memory. The memory 303 may also optionally be at least one storage device located remotely from the aforementioned processor. The memory 303 has stored therein computer readable instructions which, when executed by the processor 301, may cause the electronic device to perform the method process described above with respect to fig. 1.
It will be appreciated that the configuration shown in fig. 3 is merely illustrative, and that the electronic device may also include more or fewer components than shown in fig. 3, or have a different configuration than shown in fig. 3. The components shown in fig. 3 may be implemented in hardware, software, or a combination thereof.
Embodiments of the present application provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, may perform a method process performed by an electronic device in the method embodiment shown in fig. 1.
Embodiments of the present application provide a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions which, when executed by a computer, enable the computer to perform the method provided by the method embodiments described above, for example, the method may comprise: calculating a target index value at the current moment; the target index value represents index data obtained by the target service under a target rule; detecting the target index value according to a risk detection rule to obtain a risk value of the target rule; if the risk value of the target rule is higher than a fusing risk threshold, executing a fusing degradation rule; the execution requirement of the fusing degradation rule is lower than the execution requirement of the target rule.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. The above-described apparatus embodiments are merely illustrative, for example, the division of the units is merely a logical function division, and there may be other manners of division in actual implementation, and for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be through some communication interface, device or unit indirect coupling or communication connection, which may be in electrical, mechanical or other form.
Further, the units described as separate units may or may not be physically separate, and units displayed as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
Furthermore, functional modules in various embodiments of the present application may be integrated together to form a single portion, or each module may exist alone, or two or more modules may be integrated to form a single portion.
In this document, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions.
The foregoing is merely exemplary embodiments of the present application and is not intended to limit the scope of the present application, and various modifications and variations may be suggested to one skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principles of the present application should be included in the protection scope of the present application.
Claims (10)
1. A fuse degradation method, applied to a rules engine system, the method comprising:
calculating a target index value at the current moment; the target index value represents index data obtained by the target service under a target rule;
detecting the target index value according to a risk detection rule to obtain a risk value of the target rule;
if the risk value of the target rule is higher than a fusing risk threshold, executing a fusing degradation rule; the execution requirement of the fusing degradation rule is lower than the execution requirement of the target rule.
2. The method of claim 1, wherein executing the fuse degradation rule if the risk value of the target rule is above a fuse risk threshold comprises:
if the risk value of the target rule is higher than a fusing risk threshold, searching a target fusing degradation rule matched with the target rule in a risk level library; the risk level library stores a plurality of fusing and degrading rules configured according to service granularity and target rule information associated with each fusing and degrading rule;
and executing the target fusing degradation rule.
3. The method of claim 2, wherein the fuse degradation rules include performing fuse operations of different fuse levels; and
and if the risk value of the target rule is higher than a fusing risk threshold, executing a fusing degradation rule, wherein the fusing degradation rule comprises the following steps:
and if the risk value of the target rule is in the risk value range corresponding to any fusing level, executing the fusing operation corresponding to the fusing level.
4. A method according to claim 3, wherein after executing the fuse degradation rule if the risk value of the target rule is below a preset risk threshold, the method further comprises:
calculating a fusing index value at the current moment; the fusing index value represents index data obtained by the target service under the fusing degradation rule;
detecting the fusing index value according to a risk detection rule to obtain a risk value of the fusing degradation rule;
if the risk value of the fusing degradation rule is lower than a recovery threshold value, executing the target rule; the restoration threshold is less than or equal to the fuse risk threshold.
5. The method according to any one of claims 1-4, wherein detecting the target index value according to a risk detection rule to obtain a risk value of the target rule comprises:
searching a target risk detection rule matched with the target rule in a risk detection rule library; the risk detection rule library stores a plurality of risk detection rules configured according to service granularity and target rule information associated with each risk detection rule;
and detecting the target index value according to the target risk detection rule.
6. The method according to claim 1, wherein after the calculating the target index value at the current time, the method further comprises:
checking the availability of the target index value according to an availability rule;
checking the exemption condition of the target index value according to an exemption rule;
verifying the application range of the target index value according to a range verification rule;
verifying the validity of the target index value according to a time verification rule; and
the detecting the target index value according to the risk detection rule to obtain the risk value of the target rule includes:
detecting an index value to be detected according to a risk detection rule to obtain a risk value of the target rule; the index value to be tested is a target index value checked by the availability rule, the exemption rule, the range check rule and the time check rule.
7. The method of claim 6, wherein the target indicator value is calculated based on traffic log data, and
the checking the exemption condition of the target index value according to the exemption rule comprises the following steps:
and if the data volume of the service log data is lower than a data volume threshold value, excluding the target index value.
8. A rule engine system, comprising:
the index calculation module is used for calculating a target index value at the current moment; the target index value represents index data obtained by the target service under a target rule;
the rule execution module is used for detecting the target index value according to a risk detection rule to obtain a risk value of the target rule; if the risk value of the target rule is higher than a fusing risk threshold, executing a fusing degradation rule; the execution requirement of the fusing degradation rule is lower than the execution requirement of the target rule.
9. An electronic device comprising a processor and a memory storing computer readable instructions that, when executed by the processor, perform the method of any of claims 1-7.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, performs the method according to any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311171244.1A CN117252640A (en) | 2023-09-11 | 2023-09-11 | Fuse degradation method, rule engine system and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311171244.1A CN117252640A (en) | 2023-09-11 | 2023-09-11 | Fuse degradation method, rule engine system and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117252640A true CN117252640A (en) | 2023-12-19 |
Family
ID=89130571
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311171244.1A Pending CN117252640A (en) | 2023-09-11 | 2023-09-11 | Fuse degradation method, rule engine system and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117252640A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11869268B2 (en) | 2021-01-26 | 2024-01-09 | Chengdu Boe Optoelectronics Technology Co., Ltd. | Display panel and display device |
-
2023
- 2023-09-11 CN CN202311171244.1A patent/CN117252640A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11869268B2 (en) | 2021-01-26 | 2024-01-09 | Chengdu Boe Optoelectronics Technology Co., Ltd. | Display panel and display device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9389946B2 (en) | Operation management apparatus, operation management method, and program | |
| CN110417778B (en) | Access request processing method and device | |
| RU2017118317A (en) | SYSTEM AND METHOD FOR AUTOMATIC CALCULATION OF CYBER RISK IN BUSINESS CRITICAL APPLICATIONS | |
| US10158522B2 (en) | Network monitor and method for event based prediction of radio network outages and their root cause | |
| CN113298638B (en) | Root cause positioning method, electronic equipment and storage medium | |
| CN109995555B (en) | Monitoring method, device, equipment and medium | |
| CN117252640A (en) | Fuse degradation method, rule engine system and electronic equipment | |
| WO2011155308A1 (en) | Agreement breach prediction system, agreement breach prediction method and agreement breach prediction program | |
| CN112804333B (en) | Exception handling method, device and equipment for out-of-block node and storage medium | |
| CN116389235A (en) | Fault monitoring method and system applied to industrial Internet of things | |
| CN102056200A (en) | Service processing flow monitoring method and system | |
| CN110990245A (en) | Micro-service operation state judgment method and device based on call chain data | |
| CN114598621B (en) | Power communication network reliability evaluation system | |
| CN105825130B (en) | A kind of information security method for early warning and device | |
| CN113485862B (en) | Method and device for managing service faults, electronic equipment and storage medium | |
| CN114595765A (en) | Data processing method and device, electronic equipment and storage medium | |
| CN111654405B (en) | Method, device, equipment and storage medium for fault node of communication link | |
| CN114090037A (en) | Service degradation method, device, computer equipment and storage medium | |
| CN116915463B (en) | Call chain data security analysis method, device, equipment and storage medium | |
| US11348430B2 (en) | Crisis response assessment device, crisis response assessment method, and crisis response assessment program | |
| CN115659351B (en) | Information security analysis method, system and equipment based on big data office | |
| CN115509853A (en) | Cluster data anomaly detection method and electronic equipment | |
| CN112685390B (en) | Database instance management method and device and computing equipment | |
| CN111507594B (en) | Data processing method and device | |
| CN114238069A (en) | Web application firewall testing method and device, electronic equipment, medium and product |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |