[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN115484188A - TAP device monitoring method and system, electronic device and readable storage medium - Google Patents

TAP device monitoring method and system, electronic device and readable storage medium Download PDF

Info

Publication number
CN115484188A
CN115484188A CN202110666402.5A CN202110666402A CN115484188A CN 115484188 A CN115484188 A CN 115484188A CN 202110666402 A CN202110666402 A CN 202110666402A CN 115484188 A CN115484188 A CN 115484188A
Authority
CN
China
Prior art keywords
data
state information
link
tap
tap device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110666402.5A
Other languages
Chinese (zh)
Inventor
任姣姣
孙剑骏
戴传智
蒋立翀
苏娟
李天�
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Group Guangdong Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Group Guangdong Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Group Guangdong Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN202110666402.5A priority Critical patent/CN115484188A/en
Publication of CN115484188A publication Critical patent/CN115484188A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2462Approximate or statistical queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2474Sequence data queries, e.g. querying versioned data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/50Testing arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Signal Processing (AREA)
  • Mathematical Physics (AREA)
  • Computational Linguistics (AREA)
  • Fuzzy Systems (AREA)
  • Environmental & Geological Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a TAP device monitoring method and system, an electronic device and a readable storage medium, wherein the method comprises the following steps: acquiring state information data and link state data of TAP equipment in real time; storing the state information data and the link state data of the TAP equipment into a network management monitoring platform database; and performing statistical analysis on the state information data and the link state data of the TAP equipment to determine abnormal state information of the equipment and/or abnormal state information of the link. The invention can determine the abnormal state information of the equipment and/or the abnormal state information of the link by collecting and storing the state information data of the TAP equipment and the link state data and analyzing the state information of the TAP equipment and the link state data by adopting an automatic intelligent analysis method, thereby realizing the automatic monitoring of the TAP equipment and the unified monitoring management of the TAP equipment and the link state.

Description

TAP设备监控方法和系统、电子设备及可读存储介质TAP device monitoring method and system, electronic device and readable storage medium

技术领域technical field

本发明涉及网管监控平台技术领域,尤其涉及一种TAP设备监控方法和系统、电子设备及可读存储介质。The invention relates to the technical field of a network management monitoring platform, in particular to a TAP device monitoring method and system, electronic equipment and a readable storage medium.

背景技术Background technique

现有技术中,TAP设备已经使用得非常广泛,TAP设备可呈现全部网络数据,在任何双工状态下,实现全线速100%数据捕获(包含错误包在内),方便故障排查。In the prior art, the TAP device has been widely used. The TAP device can display all network data, and realize full wire speed 100% data capture (including error packets) in any duplex state, which is convenient for troubleshooting.

现有的TAP设备方案,通常是串接在运营商信令网中的CS域或PS域网络中实现信令码流数据复制和汇聚。对于TAP设备的监管,需要运维人员到设备现场检查分析,人力消耗较大且效率低下,同时,对于TAP设备数量多的情况下,人工监控TAP设备还存在周期性问题,TAP设备运行状态、链路中断、链路接收数据错误、链路使用率过高、链路溢出等监控历史记录无法控制。The existing TAP device solution is usually serially connected in the CS domain or PS domain network in the operator's signaling network to realize the replication and aggregation of signaling stream data. For the supervision of TAP equipment, operation and maintenance personnel need to go to the equipment site to check and analyze, which consumes a lot of manpower and is inefficient. At the same time, in the case of a large number of TAP equipment, manual monitoring of TAP equipment still has periodic problems. Monitoring history records such as link interruption, link receiving data error, high link usage, and link overflow cannot be controlled.

发明内容Contents of the invention

本发明提供一种TAP设备监控方法和系统、电子设备及可读存储介质,用以解决现有技术中存在的技术缺陷。The invention provides a TAP equipment monitoring method and system, electronic equipment and a readable storage medium to solve the technical defects in the prior art.

本发明提供一种TAP设备监控方法,包括:The present invention provides a TAP equipment monitoring method, comprising:

对TAP设备的状态信息数据以及链路状态数据进行实时采集;Real-time collection of status information data and link status data of TAP equipment;

将所述TAP设备的状态信息数据以及链路状态数据存入网管监控平台数据库中;Store the state information data and link state data of the TAP device in the network management monitoring platform database;

对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息。Statistical analysis is performed on the state information data and link state data of the TAP device to determine device abnormal state information and/or link abnormal state information.

根据本发明所述的TAP设备监控方法,所述对TAP设备的状态信息数据以及链路状态数据进行实时采集,包括:According to the TAP device monitoring method of the present invention, the real-time collection of state information data and link state data of the TAP device includes:

对所述TAP设备配置监控项,所述监控项包括所述TAP设备的状态以及链路状态;Configuring monitoring items for the TAP device, the monitoring items including the status of the TAP device and the link status;

与TAP设备进行通信,实现对所述TAP设备的监控项数据采集以及网络状态的监视;所述监控项数据包括状态信息数据以及链路状态数据。Communicate with the TAP device to realize monitoring item data collection and network status monitoring of the TAP device; the monitoring item data includes status information data and link status data.

根据本发明所述的TAP设备监控方法,所述将所述TAP设备的状态信息数据以及链路状态数据存入网管监控平台数据库中包括:According to the TAP device monitoring method of the present invention, storing the state information data and link state data of the TAP device in the network management monitoring platform database includes:

将所述TAP设备的状态信息数据以及链路状态数据以轮循方式存入网管监控平台数据库中,所述网管监控平台数据库中设置有预设时间长度的存储数据空间。The state information data and link state data of the TAP device are stored in the database of the network management monitoring platform in a round-robin manner, and the storage data space of a preset time length is set in the network management monitoring platform database.

根据本发明所述的TAP设备监控方法,所述对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,包括:According to the TAP device monitoring method of the present invention, the statistical analysis of the state information data and link state data of the TAP device includes:

对所述TAP设备的状态信息数据以及链路状态数据的数据合规性进行校验;Verifying the data compliance of the state information data of the TAP device and the link state data;

对于校验出的数据中的缺失值,采用均值、线性函数或预测算法进行预测的方式进行缺失值插补,得到在时序上具有连续性的数据;For the missing values in the verified data, use the mean value, linear function or prediction algorithm to predict the missing value interpolation to obtain continuous data in time series;

对所述在时序上具有连续性的数据进行分析预测。Analyzing and predicting the continuous data in time series.

根据本发明所述的TAP设备监控方法,所述对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息,包括:According to the TAP device monitoring method of the present invention, the statistical analysis of the state information data and link state data of the TAP device is performed to determine the abnormal state information of the device and/or the abnormal state information of the link, including:

基于所述在时序上具有连续性的数据中的业务流量数据,构造时间和业务流量大小数值和/或流量包个数的连续型数据集合;Constructing a continuous data set of time and business flow size value and/or the number of traffic packets based on the business flow data in the time series continuous data;

采用Prophet算法,使用Prophet.fit方法对所述连续型数据集合进行模型拟合,通过使用辅助的方法Prophet.make future dataframe将未来的日期扩展指定的数据个数,使用Prophet.predict方法进行预测,获得forecast对象,其中,包含一列预测值,以及成分的分析和置信区间;Use the Prophet algorithm, use the Prophet.fit method to perform model fitting on the continuous data set, use the auxiliary method Prophet.make future dataframe to expand the future date by the specified number of data, and use the Prophet.predict method to predict, Obtain the forecast object, which contains a list of predicted values, as well as the analysis and confidence interval of the components;

计算流量大小和/或流量包个数偏离置信区间的数据点,对偏离程度进行分析严重程度,确定出链路异常状态信息。Calculate the data points where the traffic size and/or the number of traffic packets deviate from the confidence interval, analyze the severity of the deviation, and determine the abnormal state information of the link.

根据本发明所述的TAP设备监控方法,所述对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息之后,包括:According to the TAP device monitoring method of the present invention, after performing statistical analysis on the state information data and link state data of the TAP device, after determining the abnormal state information of the device and/or the abnormal state information of the link, it includes:

基于所述链路异常状态信息,进行告警并展示;Alarming and displaying based on the abnormal state information of the link;

当链路恢复正常后,解除告警。When the link returns to normal, clear the alarm.

根据本发明所述的TAP设备监控方法,所述对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息,包括:According to the TAP device monitoring method of the present invention, the statistical analysis of the state information data and link state data of the TAP device is performed to determine the abnormal state information of the device and/or the abnormal state information of the link, including:

对所述TAP设备的状态配置告警触发条件、关联到所述TAP设备的监控项;Configuring an alarm trigger condition for the state of the TAP device and monitoring items associated with the TAP device;

采用指数加权移动算法配置触发告警动态阀值,指数加权移动算法的模型公式如下:The exponential weighted moving algorithm is used to configure the dynamic threshold for triggering an alarm. The model formula of the exponentially weighted moving algorithm is as follows:

vt=βvt-1+(1-β)θt v t =βv t-1 +(1-β)θ t

其中,β取值在0到1之间,β值是根据时间序列的变化特性来选取的;历史数据做为指数加权移动算法的训练集,进行多次训练获得预测误差最小的β,保存指数加权移动算法模型;vt-1表示t-1时刻的指数移动平均值,θt表示t时刻的实际温度,vt表示作为告警动态阀值的t时刻的指数移动平均值。Among them, the value of β is between 0 and 1, and the value of β is selected according to the changing characteristics of the time series; the historical data is used as the training set of the exponential weighted moving algorithm, and multiple trainings are performed to obtain the β with the smallest prediction error, and the index is saved Weighted moving algorithm model; v t-1 represents the exponential moving average at time t-1, θ t represents the actual temperature at time t, and v t represents the exponential moving average at time t as the alarm dynamic threshold.

本发明还提供一种TAP设备监控系统,包括:The present invention also provides a TAP equipment monitoring system, comprising:

实时采集模块,用于对TAP设备的状态信息数据以及链路状态数据进行实时采集;The real-time acquisition module is used for real-time acquisition of the state information data and link state data of the TAP device;

数据存储模块,用于将所述TAP设备的状态信息数据以及链路状态数据存入网管监控平台数据库中;A data storage module, configured to store the state information data and link state data of the TAP device in the network management monitoring platform database;

统计分析模块,用于对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息。The statistical analysis module is used to perform statistical analysis on the state information data and link state data of the TAP device, and determine the abnormal state information of the device and/or the abnormal state information of the link.

本发明还提供一种电子设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现如上述任一种所述TAP设备监控方法的步骤。The present invention also provides an electronic device, including a memory, a processor, and a computer program stored on the memory and operable on the processor. When the processor executes the program, it realizes monitoring of the TAP device as described above. method steps.

本发明还提供一种非暂态计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现如上述任一种所述TAP设备监控方法的步骤。The present invention also provides a non-transitory computer-readable storage medium, on which a computer program is stored. When the computer program is executed by a processor, the steps of any one of the TAP device monitoring methods described above are realized.

本发明通过对TAP设备的状态信息数据以及链路状态数据进行采集和存储,采用自动化智能分析方法对TAP设备状态信息以及链路状态数据进行分析,能够确定出设备异常状态信息和/或链路异常状态信息,可以实现对TAP设备的自动监控,并实现对TAP设备以及链路状态进行统一监控管理。The present invention collects and stores the state information data and link state data of the TAP device, and analyzes the TAP device state information and link state data by an automatic intelligent analysis method, so as to determine the abnormal state information and/or link state information of the device. Abnormal status information can realize automatic monitoring of TAP equipment, and realize unified monitoring and management of TAP equipment and link status.

附图说明Description of drawings

为了更清楚地说明本发明或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作一简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the present invention or the technical solutions in the prior art, the accompanying drawings that need to be used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the accompanying drawings in the following description are the present invention. For some embodiments of the invention, those skilled in the art can also obtain other drawings based on these drawings without creative effort.

图1是本发明提供的TAP设备监控方法的流程示意图;Fig. 1 is a schematic flow chart of the TAP device monitoring method provided by the present invention;

图2是本发明提供的TAP设备监控系统的结构示意图;Fig. 2 is the structural representation of the TAP equipment monitoring system provided by the present invention;

图3是本发明提供的电子设备的结构示意图。Fig. 3 is a schematic structural diagram of an electronic device provided by the present invention.

具体实施方式detailed description

为使本发明的目的、技术方案和优点更加清楚,下面将结合本发明中的附图,对本发明中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the purpose, technical solutions and advantages of the present invention clearer, the technical solutions in the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the present invention. Obviously, the described embodiments are part of the embodiments of the present invention , but not all examples. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

下面结合图1描述本发明的一种TAP设备监控方法,该方法等执行主体是网管监控平台,该方法包括:A kind of TAP equipment monitoring method of the present invention is described below in conjunction with Fig. 1, and execution subject such as this method is network management monitoring platform, and this method comprises:

S1、对TAP设备的状态信息数据以及链路状态数据进行实时采集;S1. Real-time collection of state information data and link state data of the TAP device;

网管监控平台接入交换机网络,用于实现TAP设备的接入访问,其状态信息用于判断是否出现以下异常:接收数据错误、端口使用率过高、电源,内存使用,CPU使用率等,链路状态数据用于判断是否出现以下异常:监控链路中断、链路溢出等。The network management monitoring platform is connected to the switch network to realize the access of the TAP device. Its status information is used to judge whether the following abnormalities occur: received data error, high port usage, power supply, memory usage, CPU usage, etc., link The link status data is used to judge whether the following abnormalities occur: monitor link interruption, link overflow, etc.

S2、将所述TAP设备的状态信息数据以及链路状态数据存入网管监控平台数据库中;S2, storing the state information data and link state data of the TAP device in the database of the network management monitoring platform;

以轮循方式进行存储,固定一个大小的存储数据空间,当存满后,新数据将最旧的数据覆盖掉,一直循环,这样就可以只保存固定时间长度的采集数据。The storage is carried out in a round-robin manner, with a fixed size of storage data space. When the storage is full, the new data will overwrite the oldest data, and the cycle continues, so that only the collected data of a fixed length of time can be saved.

S3、对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息。S3. Statistically analyze the state information data and link state data of the TAP device, and determine device abnormal state information and/or link abnormal state information.

配置网管监控平台TAP设备告警触发条件、关联到TAP设备监控项,配置触发告警阀值,如果状态信息数据达到触发告警阀值,则说明设备状态异常,链路异常状态可以针对流量大小,流量包个数等数据进行统计分析,确定出链路异常状态信息。Configure the TAP device alarm trigger condition on the network management monitoring platform, associate with the TAP device monitoring item, and configure the trigger alarm threshold. If the status information data reaches the trigger alarm threshold, it indicates that the device status is abnormal. Link abnormal status can be based on traffic size, traffic packet Statistical analysis is performed on data such as the number of links to determine link abnormal state information.

本发明通过对TAP设备的状态信息数据以及链路状态数据进行采集和存储,采用自动化智能分析方法对TAP设备状态信息以及链路状态数据进行分析,能够确定出设备异常状态信息和/或链路异常状态信息,可以实现对TAP设备的自动监控,并实现对TAP设备以及链路状态进行统一监控管理。The present invention collects and stores the state information data and link state data of the TAP device, and analyzes the TAP device state information and link state data by an automatic intelligent analysis method, so as to determine the abnormal state information and/or link state information of the device. Abnormal status information can realize automatic monitoring of TAP equipment, and realize unified monitoring and management of TAP equipment and link status.

根据本发明所述的TAP设备监控方法,所述对TAP设备的状态信息数据以及链路状态数据进行实时采集,包括:According to the TAP device monitoring method of the present invention, the real-time collection of state information data and link state data of the TAP device includes:

对所述TAP设备配置监控项,所述监控项包括所述TAP设备的状态以及链路状态;监控项主要是监控链路中断、接收数据错误、端口使用率过高、链路溢出、电源,内存使用,CPU使用率等。Configure monitoring items for the TAP device, the monitoring items include the status of the TAP device and the link status; the monitoring items mainly monitor link interruption, received data error, high port usage, link overflow, power supply, Memory usage, CPU usage, etc.

与TAP设备进行通信,实现对所述TAP设备的监控项数据采集以及网络状态的监视;所述监控项数据包括状态信息数据以及链路状态数据。Communicate with the TAP device to realize monitoring item data collection and network status monitoring of the TAP device; the monitoring item data includes status information data and link status data.

网管监控平台通过SNMP,代理,ping端口等方法与TAP设备进行通信,实现对TAP设备监控项数据采集以及网络状态的监视。The network management monitoring platform communicates with the TAP device through SNMP, proxy, ping port and other methods to realize the data collection of the monitoring items of the TAP device and the monitoring of the network status.

根据本发明所述的TAP设备监控方法,所述将所述TAP设备的状态信息数据以及链路状态数据存入网管监控平台数据库中包括:According to the TAP device monitoring method of the present invention, storing the state information data and link state data of the TAP device in the network management monitoring platform database includes:

将所述TAP设备的状态信息数据以及链路状态数据以轮循方式存入网管监控平台数据库中,所述网管监控平台数据库中设置有预设时间长度的存储数据空间。网管监控平台对于TAP设备关键指标数据采集,以轮循方式进行存储,固定一个大小的存储数据空间,当存满后,新数据将最旧的数据覆盖掉,一直循环,这样就可以只保存固定时间长度的采集数据。The state information data and link state data of the TAP device are stored in the database of the network management monitoring platform in a round-robin manner, and the storage data space of a preset time length is set in the network management monitoring platform database. The network management monitoring platform stores the data collection of key indicators of TAP equipment in a round-robin manner, and fixes a size of storage data space. When the storage is full, the new data will overwrite the oldest data and keep circulating, so that only the fixed data can be saved. The length of time to collect data.

根据本发明所述的TAP设备监控方法,所述对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,包括:According to the TAP device monitoring method of the present invention, the statistical analysis of the state information data and link state data of the TAP device includes:

对所述TAP设备的状态信息数据以及链路状态数据的数据合规性进行校验;Verifying the data compliance of the state information data of the TAP device and the link state data;

对于校验出的数据中的缺失值,采用均值、线性函数或预测算法进行预测的方式进行缺失值插补,得到在时序上具有连续性的数据;For the missing values in the verified data, use the mean value, linear function or prediction algorithm to predict the missing value interpolation to obtain continuous data in time series;

对所述在时序上具有连续性的数据进行分析预测。Analyzing and predicting the continuous data in time series.

首先校验数据合规性,确保数据完整性,对于数据中的缺失值,采用均值、线性函数或预测算法进行的预测值等方式进行缺失值插补。确保经过预处理后数据在时序上具有连续性。First, verify the data compliance to ensure data integrity. For the missing values in the data, use the mean value, linear function or the predicted value of the prediction algorithm to interpolate the missing value. Ensure that the data has continuity in time series after preprocessing.

根据本发明所述的TAP设备监控方法,所述对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息,包括:According to the TAP device monitoring method of the present invention, the statistical analysis of the state information data and link state data of the TAP device is performed to determine the abnormal state information of the device and/or the abnormal state information of the link, including:

基于所述在时序上具有连续性的数据中的业务流量数据,构造时间和业务流量大小数值和/或流量包个数的连续型数据集合;Constructing a continuous data set of time and business flow size value and/or the number of traffic packets based on the business flow data in the time series continuous data;

网管监控平台采集到业务流量数据,针对流量大小,流量包个数等数据进行统计分析。The network management monitoring platform collects business traffic data, and performs statistical analysis on data such as traffic size and traffic packets.

对流量大小进行分析预测,统计计和每五分钟流量大小,构造时间和流量大小数值的连续型数据集合。采用Prophet算法,使用Prophet.fit方法对所述连续型数据集合进行模型拟合,通过使用辅助的方法Prophet.make future dataframe将未来的日期扩展指定的数据个数,使用Prophet.predict方法进行预测,获得forecast对象,其中,包含一列预测值,以及成分的分析和置信区间;Analyze and predict the flow size, count and measure the flow size every five minutes, construct a continuous data collection of time and flow size values. Use the Prophet algorithm, use the Prophet.fit method to perform model fitting on the continuous data set, use the auxiliary method Prophet.make future dataframe to expand the future date by the specified number of data, and use the Prophet.predict method to predict, Obtain the forecast object, which contains a list of predicted values, as well as the analysis and confidence interval of the components;

计算流量大小和/或流量包个数偏离置信区间的数据点,对偏离程度进行分析严重程度,确定出链路异常状态信息。计算流量大小偏离置信区间的数据点,对偏离程度进行分析严重程度,对于偏离度非常严重和严重的数据点进行告警,从而监控到大小异常的流量。采用相同方法对流量包个数进行分析预测,从而监控到异常流量包。并针对异常流量进行告警。Calculate the data points where the traffic size and/or the number of traffic packets deviate from the confidence interval, analyze the severity of the deviation, and determine the abnormal state information of the link. Calculate the data points where the flow size deviates from the confidence interval, analyze the severity of the deviation, and give an alarm for the very serious and serious data points, so as to monitor the traffic with abnormal size. Use the same method to analyze and predict the number of traffic packets, so as to monitor abnormal traffic packets. And give an alarm for abnormal traffic.

根据本发明所述的TAP设备监控方法,所述对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息之后,包括:According to the TAP device monitoring method of the present invention, after performing statistical analysis on the state information data and link state data of the TAP device, after determining the abnormal state information of the device and/or the abnormal state information of the link, it includes:

基于所述链路异常状态信息,进行告警并展示;Alarming and displaying based on the abnormal state information of the link;

通过网管监控平台TAP设备模型,增加TAP设备网络拓扑,可在当前视图和其它视图中,查找指定的TAP设备,TAP设备及其交换机之间的连接关系,包括连接的数量,TAP设备监控指示等信息,也可以查看TAP设备相关的故障、性能信息以及相关的告警详情和告警历史信息,对于TAP设备模型设计查询统计的入口,提供历史记录查询;Through the TAP device model of the network management monitoring platform, the network topology of the TAP device can be added, and the specified TAP device can be found in the current view and other views, and the connection relationship between the TAP device and its switch, including the number of connections, and the monitoring indication of the TAP device, etc. Information, you can also view TAP device-related faults, performance information, and related alarm details and alarm history information. For the entry of TAP device model design query statistics, historical record query is provided;

增加自动发现(可以根据配置文件),包括按照网段自动发现TAP设备,单点TAP设备的发现及多种自动发现手段;Add automatic discovery (according to the configuration file), including automatic discovery of TAP devices according to network segments, discovery of single-point TAP devices and various automatic discovery methods;

网管监控平台配置TAP设备展示,主要以以点、线、面的形式呈现,为突出显示存在问题的TAP设备或连接关系,拓扑连线在正常情况下淡化(如淡绿色),发生设备告警或达到性能预警值时,对相关网元进行着色渲染,告警清除或低于性能预警值时,着色恢复正常,页面自动刷新时间小于60秒。The display of TAP devices configured on the network management monitoring platform is mainly presented in the form of points, lines, and planes. In order to highlight the problematic TAP devices or connection relationships, the topological connections are lightened under normal conditions (such as light green), and device alarms or When the performance warning value is reached, the relevant network elements are rendered with coloring. When the alarm is cleared or is lower than the performance warning value, the coloring returns to normal, and the automatic page refresh time is less than 60 seconds.

当链路恢复正常后,解除告警。When the link returns to normal, clear the alarm.

告警类型:包含所有的告警类型,可按照告警类型、告警级别、告警状态做过滤;网管监控平台监控TAP设备告警展示页面。当触发报警器链路连接断开,发生警报,当链路恢复后,报警会自动解除。Alarm type: including all alarm types, which can be filtered according to alarm type, alarm level, and alarm state; the network management monitoring platform monitors the TAP device alarm display page. When the link connection of the trigger alarm is disconnected, an alarm occurs, and when the link is restored, the alarm will be automatically released.

配置网管监控平台TAP设备告警触发条件、关联到TAP设备监控项,配置触发告警阀值,阀值的不同所产生告警级别也不同;阈值的设定不再是依赖经验设置恒定阈值,而是采用机器学习算法动态计算设定。因此,根据本发明所述的TAP设备监控方法,所述对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息,包括:Configure the TAP device alarm trigger conditions on the network management monitoring platform, associate with the TAP device monitoring items, and configure the trigger alarm threshold. Different thresholds will generate different alarm levels; the threshold setting is no longer based on experience. Machine learning algorithms dynamically calculate settings. Therefore, according to the TAP device monitoring method of the present invention, the statistical analysis of the state information data and link state data of the TAP device is performed to determine the abnormal state information of the device and/or the abnormal state information of the link, including:

对所述TAP设备的状态配置告警触发条件、关联到所述TAP设备的监控项;Configuring an alarm trigger condition for the state of the TAP device and monitoring items associated with the TAP device;

采用指数加权移动算法配置触发告警动态阀值,指数加权移动算法的模型公式如下:The exponential weighted moving algorithm is used to configure the dynamic threshold for triggering an alarm. The model formula of the exponentially weighted moving algorithm is as follows:

vt=βvt-1+(1β)θt v t =βv t-1 +(1β)θ t

其中,β取值在0到1之间,β值是根据时间序列的变化特性来选取的;历史数据做为指数加权移动算法的训练集,进行多次训练获得预测误差最小的β,保存指数加权移动算法模型;vt-1表示t-1时刻的指数移动平均值,θt表示t时刻的实际温度,vt表示作为告警动态阀值的t时刻的指数移动平均值,也就是EWMA的值,即告警动态阀值,也叫EXPMA指标,它也是一种趋向类指标,指数移动平均值是以指数式递减加权的移动平均。β值是根据时间序列的变化特性来选取的。系数β表示加权下降的快慢,值越小权重下降的越快;若时间序列的波动不大,比较平稳,则β应取小一些,如0.1~0.3;若时间序列具有迅速且明显的变动倾向,则β应取大一些,如0.7~0.9。β通过多个值进行试算比较而定,哪个β值引起的预测误差小,就采用哪个。Among them, the value of β is between 0 and 1, and the value of β is selected according to the changing characteristics of the time series; the historical data is used as the training set of the exponential weighted moving algorithm, and multiple trainings are performed to obtain the β with the smallest prediction error, and the index is saved Weighted moving algorithm model; v t-1 represents the exponential moving average at time t-1, θ t represents the actual temperature at time t, and v t represents the exponential moving average at time t as the alarm dynamic threshold, which is EWMA Value, that is, the alarm dynamic threshold, also known as EXPMA indicator, it is also a trend indicator, the exponential moving average is an exponentially decreasing weighted moving average. The value of β is selected according to the changing characteristics of the time series. The coefficient β indicates the speed of weighted decline, and the smaller the value, the faster the weight decreases; if the fluctuation of the time series is not large and relatively stable, then β should be smaller, such as 0.1 to 0.3; if the time series has a rapid and obvious tendency to change , then β should be larger, such as 0.7~0.9. β is determined by trial calculation and comparison of multiple values, and whichever β value causes the smallest prediction error will be used.

复杂动态阈值采用算法有加权移动平均法(EWMA)学习而定,EWMA算法的特点是近期观察值对阈值设置有较大影响,更能反映数据的近期变化趋势。历史数据做为EWMA算法的训练集,进行多次训练获得预测误差最小的β,保存EWMA模型,然后对未来数据进行预测,将预测值做为告警阈值。The complex dynamic threshold is determined by the weighted moving average method (EWMA) learning algorithm. The characteristic of the EWMA algorithm is that the recent observation value has a greater impact on the threshold setting, and it can better reflect the recent change trend of the data. The historical data is used as the training set of the EWMA algorithm, multiple trainings are performed to obtain the β with the smallest prediction error, the EWMA model is saved, and then the future data is predicted, and the predicted value is used as the alarm threshold.

参见图2,下面对本发明提供的TAP设备监控系统进行描述,下文描述的TAP设备监控系统与上文描述的TAP设备监控方法可相互对应参照。Referring to FIG. 2 , the TAP device monitoring system provided by the present invention will be described below. The TAP device monitoring system described below and the TAP device monitoring method described above can be referred to in correspondence.

实时采集模块10,用于对TAP设备的状态信息数据以及链路状态数据进行实时采集;The real-time collection module 10 is used for real-time collection of state information data and link state data of the TAP device;

网管监控平台接入交换机网络,用于实现TAP设备的接入访问,其状态信息用于判断是否出现以下异常:接收数据错误、端口使用率过高、电源,内存使用,CPU使用率等,链路状态数据用于判断是否出现以下异常:监控链路中断、链路溢出等。The network management monitoring platform is connected to the switch network to realize the access of the TAP device. Its status information is used to judge whether the following abnormalities occur: received data error, high port usage, power supply, memory usage, CPU usage, etc., link The link status data is used to judge whether the following abnormalities occur: monitor link interruption, link overflow, etc.

数据存储模块20,用于将所述TAP设备的状态信息数据以及链路状态数据存入网管监控平台数据库中;Data storage module 20, for storing the state information data and link state data of the TAP equipment in the network management monitoring platform database;

以轮循方式进行存储,固定一个大小的存储数据空间,当存满后,新数据将最旧的数据覆盖掉,一直循环,这样就可以只保存固定时间长度的采集数据。The storage is carried out in a round-robin manner, with a fixed size of storage data space. When the storage is full, the new data will overwrite the oldest data, and the cycle continues, so that only the collected data of a fixed length of time can be saved.

统计分析模块30,用于对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息。The statistical analysis module 30 is configured to perform statistical analysis on the state information data and link state data of the TAP device, and determine device abnormal state information and/or link abnormal state information.

配置网管监控平台TAP设备告警触发条件、关联到TAP设备监控项,配置触发告警阀值,如果状态信息数据达到触发告警阀值,则说明设备状态异常,链路异常状态可以针对流量大小,流量包个数等数据进行统计分析,确定出链路异常状态信息。Configure the TAP device alarm trigger condition on the network management monitoring platform, associate with the TAP device monitoring item, and configure the trigger alarm threshold. If the status information data reaches the trigger alarm threshold, it indicates that the device status is abnormal. Link abnormal status can be based on traffic size, traffic packet Statistical analysis is performed on data such as the number of links to determine link abnormal state information.

根据本发明所述的TAP设备监控系统,所述实时采集模块10用于:According to the TAP equipment monitoring system of the present invention, the real-time acquisition module 10 is used for:

对所述TAP设备配置监控项,所述监控项包括所述TAP设备的状态以及链路状态;监控项主要是监控链路中断、接收数据错误、端口使用率过高、链路溢出、电源,内存使用,CPU使用率等。Configure monitoring items for the TAP device, the monitoring items include the status of the TAP device and the link status; the monitoring items mainly monitor link interruption, received data error, high port usage, link overflow, power supply, Memory usage, CPU usage, etc.

与TAP设备进行通信,实现对所述TAP设备的监控项数据采集以及网络状态的监视;所述监控项数据包括状态信息数据以及链路状态数据。Communicate with the TAP device to realize monitoring item data collection and network status monitoring of the TAP device; the monitoring item data includes status information data and link status data.

网管监控平台通过SNMP,代理,ping端口等方法与TAP设备进行通信,实现对TAP设备监控项数据采集以及网络状态的监视。The network management monitoring platform communicates with the TAP device through SNMP, proxy, ping port and other methods to realize the data collection of the monitoring items of the TAP device and the monitoring of the network status.

根据本发明所述的TAP设备监控系统,所述数据存储模块20用于:According to the TAP equipment monitoring system of the present invention, the data storage module 20 is used for:

将所述TAP设备的状态信息数据以及链路状态数据以轮循方式存入网管监控平台数据库中,所述网管监控平台数据库中设置有预设时间长度的存储数据空间。网管监控平台对于TAP设备关键指标数据采集,以轮循方式进行存储,固定一个大小的存储数据空间,当存满后,新数据将最旧的数据覆盖掉,一直循环,这样就可以只保存固定时间长度的采集数据。The state information data and link state data of the TAP device are stored in the database of the network management monitoring platform in a round-robin manner, and the storage data space of a preset time length is set in the network management monitoring platform database. The network management monitoring platform stores the data collection of key indicators of TAP equipment in a round-robin manner, and fixes a size of storage data space. When the storage is full, the new data will overwrite the oldest data and keep circulating, so that only the fixed data can be saved. The length of time to collect data.

根据本发明所述的TAP设备监控系统,所述统计分析模块30用于:According to the TAP equipment monitoring system of the present invention, the statistical analysis module 30 is used for:

对所述TAP设备的状态信息数据以及链路状态数据的数据合规性进行校验;Verifying the data compliance of the state information data of the TAP device and the link state data;

对于校验出的数据中的缺失值,采用均值、线性函数或预测算法进行预测的方式进行缺失值插补,得到在时序上具有连续性的数据;For the missing values in the verified data, use the mean value, linear function or prediction algorithm to predict the missing value interpolation to obtain continuous data in time series;

对所述在时序上具有连续性的数据进行分析预测。Analyzing and predicting the continuous data in time series.

首先校验数据合规性,确保数据完整性,对于数据中的缺失值,采用均值、线性函数或预测算法进行的预测值等方式进行缺失值插补。确保经过预处理后数据在时序上具有连续性。First, verify the data compliance to ensure data integrity. For the missing values in the data, use the mean value, linear function or the predicted value of the prediction algorithm to interpolate the missing value. Ensure that the data has continuity in time series after preprocessing.

根据本发明所述的TAP设备监控系统,所述统计分析模块30用于:According to the TAP equipment monitoring system of the present invention, the statistical analysis module 30 is used for:

基于所述在时序上具有连续性的数据中的业务流量数据,构造时间和业务流量大小数值和/或流量包个数的连续型数据集合;Constructing a continuous data set of time and business flow size value and/or the number of traffic packets based on the business flow data in the time series continuous data;

网管监控平台采集到业务流量数据,针对流量大小,流量包个数等数据进行统计分析。The network management monitoring platform collects business traffic data, and performs statistical analysis on data such as traffic size and traffic packets.

对流量大小进行分析预测,统计计和每五分钟流量大小,构造时间和流量大小数值的连续型数据集合。采用Prophet算法,使用Prophet.fit方法对所述连续型数据集合进行模型拟合,通过使用辅助的方法Prophet.make future dataframe将未来的日期扩展指定的数据个数,使用Prophet.predict方法进行预测,获得forecast对象,其中,包含一列预测值,以及成分的分析和置信区间;Analyze and predict the flow size, count and measure the flow size every five minutes, construct a continuous data collection of time and flow size values. Use the Prophet algorithm, use the Prophet.fit method to perform model fitting on the continuous data set, use the auxiliary method Prophet.make future dataframe to expand the future date by the specified number of data, and use the Prophet.predict method to predict, Obtain the forecast object, which contains a list of predicted values, as well as the analysis and confidence interval of the components;

计算流量大小和/或流量包个数偏离置信区间的数据点,对偏离程度进行分析严重程度,确定出链路异常状态信息。计算流量大小偏离置信区间的数据点,对偏离程度进行分析严重程度,对于偏离度非常严重和严重的数据点进行告警,从而监控到大小异常的流量。采用相同方法对流量包个数进行分析预测,从而监控到异常流量包。并针对异常流量进行告警。Calculate the data points where the traffic size and/or the number of traffic packets deviate from the confidence interval, analyze the severity of the deviation, and determine the abnormal state information of the link. Calculate the data points where the flow size deviates from the confidence interval, analyze the severity of the deviation, and give an alarm for the very serious and serious data points, so as to monitor the traffic with abnormal size. Use the same method to analyze and predict the number of traffic packets, so as to monitor abnormal traffic packets. And give an alarm for abnormal traffic.

根据本发明所述的TAP设备监控系统,所述系统还包括告警模块,所述告警模块用于:According to the TAP equipment monitoring system of the present invention, the system also includes an alarm module, and the alarm module is used for:

基于所述链路异常状态信息,进行告警并展示;Alarming and displaying based on the abnormal state information of the link;

通过网管监控平台TAP设备模型,增加TAP设备网络拓扑,可在当前视图和其它视图中,查找指定的TAP设备,TAP设备及其交换机之间的连接关系,包括连接的数量,TAP设备监控指示等信息,也可以查看TAP设备相关的故障、性能信息以及相关的告警详情和告警历史信息,对于TAP设备模型设计查询统计的入口,提供历史记录查询;Through the TAP device model of the network management monitoring platform, the network topology of the TAP device can be added, and the specified TAP device can be found in the current view and other views, and the connection relationship between the TAP device and its switch, including the number of connections, and the monitoring indication of the TAP device, etc. Information, you can also view TAP device-related faults, performance information, and related alarm details and alarm history information. For the entry of TAP device model design query statistics, historical record query is provided;

增加自动发现(可以根据配置文件),包括按照网段自动发现TAP设备,单点TAP设备的发现及多种自动发现手段;Add automatic discovery (according to the configuration file), including automatic discovery of TAP devices according to network segments, discovery of single-point TAP devices and various automatic discovery methods;

网管监控平台配置TAP设备展示,主要以以点、线、面的形式呈现,为突出显示存在问题的TAP设备或连接关系,拓扑连线在正常情况下淡化(如淡绿色),发生设备告警或达到性能预警值时,对相关网元进行着色渲染,告警清除或低于性能预警值时,着色恢复正常,页面自动刷新时间小于60秒。The display of TAP devices configured on the network management monitoring platform is mainly presented in the form of points, lines, and planes. In order to highlight the problematic TAP devices or connection relationships, the topological connections are lightened under normal conditions (such as light green), and device alarms or When the performance warning value is reached, the relevant network elements are rendered with coloring. When the alarm is cleared or is lower than the performance warning value, the coloring returns to normal, and the automatic page refresh time is less than 60 seconds.

当链路恢复正常后,解除告警。When the link returns to normal, clear the alarm.

告警类型:包含所有的告警类型,可按照告警类型、告警级别、告警状态做过滤;网管监控平台监控TAP设备告警展示页面。当触发报警器链路连接断开,发生警报,当链路恢复后,报警会自动解除。Alarm type: including all alarm types, which can be filtered according to alarm type, alarm level, and alarm state; the network management monitoring platform monitors the TAP device alarm display page. When the link connection of the trigger alarm is disconnected, an alarm occurs, and when the link is restored, the alarm will be automatically released.

配置网管监控平台TAP设备告警触发条件、关联到TAP设备监控项,配置触发告警阀值,阀值的不同所产生告警级别也不同;阈值的设定不再是依赖经验设置恒定阈值,而是采用机器学习算法动态计算设定。因此,根据本发明所述的TAP设备监控系统,所述统计分析模块30用于:Configure the TAP device alarm trigger conditions on the network management monitoring platform, associate with the TAP device monitoring items, and configure the trigger alarm threshold. Different thresholds will generate different alarm levels; the threshold setting is no longer based on experience. Machine learning algorithms dynamically calculate settings. Therefore, according to the TAP equipment monitoring system of the present invention, the statistical analysis module 30 is used for:

对所述TAP设备的状态配置告警触发条件、关联到所述TAP设备的监控项;Configuring an alarm trigger condition for the state of the TAP device and monitoring items associated with the TAP device;

采用指数加权移动算法配置触发告警动态阀值,指数加权移动算法的模型公式如下:The exponential weighted moving algorithm is used to configure the dynamic threshold for triggering an alarm. The model formula of the exponentially weighted moving algorithm is as follows:

vt=βvt-1+(1-β)θt v t =βv t-1 +(1-β)θ t

其中,β取值在0到1之间,β值是根据时间序列的变化特性来选取的;历史数据做为指数加权移动算法的训练集,进行多次训练获得预测误差最小的β,保存指数加权移动算法模型;vt-1表示t-1时刻的指数移动平均值,θt表示t时刻的实际温度,vt表示作为告警动态阀值的t时刻的指数移动平均值,也就是EWMA的值,即告警动态阀值,也叫EXPMA指标,它也是一种趋向类指标,指数移动平均值是以指数式递减加权的移动平均。β值是根据时间序列的变化特性来选取的。系数β表示加权下降的快慢,值越小权重下降的越快;若时间序列的波动不大,比较平稳,则β应取小一些,如0.1~0.3;若时间序列具有迅速且明显的变动倾向,则β应取大一些,如0.7~0.9。β通过多个值进行试算比较而定,哪个β值引起的预测误差小,就采用哪个。Among them, the value of β is between 0 and 1, and the value of β is selected according to the changing characteristics of the time series; the historical data is used as the training set of the exponential weighted moving algorithm, and multiple trainings are performed to obtain the β with the smallest prediction error, and the index is saved Weighted moving algorithm model; v t-1 represents the exponential moving average at time t-1, θ t represents the actual temperature at time t, and v t represents the exponential moving average at time t as the alarm dynamic threshold, which is EWMA Value, that is, the alarm dynamic threshold, also known as EXPMA indicator, it is also a trend indicator, the exponential moving average is an exponentially decreasing weighted moving average. The value of β is selected according to the changing characteristics of the time series. The coefficient β indicates the speed of weighted decline, and the smaller the value, the faster the weight decreases; if the fluctuation of the time series is not large and relatively stable, then β should be smaller, such as 0.1 to 0.3; if the time series has a rapid and obvious tendency to change , then β should be larger, such as 0.7~0.9. β is determined by trial calculation and comparison of multiple values, and whichever β value causes the smallest prediction error will be used.

复杂动态阈值采用算法有加权移动平均法(EWMA)学习而定,EWMA算法的特点是近期观察值对阈值设置有较大影响,更能反映数据的近期变化趋势。历史数据做为EWMA算法的训练集,进行多次训练获得预测误差最小的β,保存EWMA模型,然后对未来数据进行预测,将预测值做为告警阈值。The complex dynamic threshold is determined by the weighted moving average method (EWMA) learning algorithm. The characteristic of the EWMA algorithm is that the recent observation value has a greater impact on the threshold setting, and it can better reflect the recent change trend of the data. The historical data is used as the training set of the EWMA algorithm, multiple trainings are performed to obtain the β with the smallest prediction error, the EWMA model is saved, and then the future data is predicted, and the predicted value is used as the alarm threshold.

图3示例了一种电子设备的实体结构示意图,该电子设备可以包括:处理器(processor)310、通信接口(Communications Interface)320、存储器(memory)330和通信总线340,其中,处理器310,通信接口320,存储器330通过通信总线340完成相互间的通信。处理器310可以调用存储器330中的逻辑指令,以执行TAP设备监控方法,该方法包括:FIG. 3 illustrates a schematic diagram of the physical structure of an electronic device, which may include: a processor (processor) 310, a communication interface (Communications Interface) 320, a memory (memory) 330, and a communication bus 340, wherein the processor 310, The communication interface 320 and the memory 330 communicate with each other through the communication bus 340 . The processor 310 can call the logic instructions in the memory 330 to execute the TAP device monitoring method, and the method includes:

S1、对TAP设备的状态信息数据以及链路状态数据进行实时采集;S1. Real-time collection of state information data and link state data of the TAP device;

S2、将所述TAP设备的状态信息数据以及链路状态数据存入网管监控平台数据库中;S2, storing the state information data and link state data of the TAP device in the database of the network management monitoring platform;

S3、对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息。S3. Statistically analyze the state information data and link state data of the TAP device, and determine device abnormal state information and/or link abnormal state information.

此外,上述的存储器430中的逻辑指令可以通过软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。In addition, the above logic instructions in the memory 430 may be implemented in the form of software function units and be stored in a computer-readable storage medium when sold or used as an independent product. Based on this understanding, the essence of the technical solution of the present invention or the part that contributes to the prior art or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including Several instructions are used to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the method described in each embodiment of the present invention. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program codes. .

另一方面,本发明还提供一种计算机程序产品,所述计算机程序产品包括存储在非暂态计算机可读存储介质上的计算机程序,所述计算机程序包括程序指令,当所述程序指令被计算机执行时,计算机能够执行上述各方法所提供的TAP设备监控方法,该方法包括:On the other hand, the present invention also provides a computer program product, the computer program product includes a computer program stored on a non-transitory computer-readable storage medium, the computer program includes program instructions, and when the program instructions are executed by a computer During execution, the computer can perform the TAP device monitoring method provided by each of the above methods, the method comprising:

S1、对TAP设备的状态信息数据以及链路状态数据进行实时采集;S1. Real-time collection of state information data and link state data of the TAP device;

S2、将所述TAP设备的状态信息数据以及链路状态数据存入网管监控平台数据库中;S2, storing the state information data and link state data of the TAP device in the database of the network management monitoring platform;

S3、对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息。S3. Statistically analyze the state information data and link state data of the TAP device, and determine device abnormal state information and/or link abnormal state information.

又一方面,本发明还提供一种非暂态计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现以执行上述各提供的TAP设备监控方法,该方法包括:In another aspect, the present invention also provides a non-transitory computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, it is implemented to perform the TAP device monitoring methods provided above, the method comprising:

S1、对TAP设备的状态信息数据以及链路状态数据进行实时采集;S1. Real-time collection of state information data and link state data of the TAP device;

S2、将所述TAP设备的状态信息数据以及链路状态数据存入网管监控平台数据库中;S2, storing the state information data and link state data of the TAP device in the database of the network management monitoring platform;

S3、对所述TAP设备的状态信息数据以及链路状态数据进行统计分析,确定出设备异常状态信息和/或链路异常状态信息。S3. Statistically analyze the state information data and link state data of the TAP device, and determine device abnormal state information and/or link abnormal state information.

以上所描述的装置实施例仅仅是示意性的,其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。本领域普通技术人员在不付出创造性的劳动的情况下,即可以理解并实施。The device embodiments described above are only illustrative, and the units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in One place, or it can be distributed to multiple network elements. Part or all of the modules can be selected according to actual needs to achieve the purpose of the solution of this embodiment. It can be understood and implemented by those skilled in the art without any creative effort.

通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到各实施方式可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件。基于这样的理解,上述技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品可以存储在计算机可读存储介质中,如ROM/RAM、磁碟、光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行各个实施例或者实施例的某些部分所述的方法。Through the above description of the implementations, those skilled in the art can clearly understand that each implementation can be implemented by means of software plus a necessary general-purpose hardware platform, and of course also by hardware. Based on this understanding, the essence of the above technical solution or the part that contributes to the prior art can be embodied in the form of software products, and the computer software products can be stored in computer-readable storage media, such as ROM/RAM, magnetic discs, optical discs, etc., including several instructions to make a computer device (which may be a personal computer, server, or network device, etc.) execute the methods described in various embodiments or some parts of the embodiments.

最后应说明的是:以上实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present invention, rather than to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: it can still be Modifications are made to the technical solutions described in the foregoing embodiments, or equivalent replacements are made to some of the technical features; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the spirit and scope of the technical solutions of the various embodiments of the present invention.

Claims (10)

1. A TAP device monitoring method, comprising:
acquiring state information data and link state data of TAP equipment in real time;
storing the state information data and the link state data of the TAP equipment into a network management monitoring platform database;
and performing statistical analysis on the state information data of the TAP equipment and the link state data to determine equipment abnormal state information and/or link abnormal state information.
2. The TAP device monitoring method of claim 1, wherein the collecting of the state information data and the link state data of the TAP device in real time comprises:
configuring a monitoring item for the TAP device, wherein the monitoring item comprises the state of the TAP device and the link state;
the monitoring system is communicated with TAP equipment to realize data acquisition of monitoring items of the TAP equipment and monitoring of network states; the monitoring item data includes status information data and link status data.
3. The TAP device monitoring method of claim 1, wherein the storing the state information data and the link state data of the TAP device into a network management monitoring platform database comprises:
and storing the state information data and the link state data of the TAP equipment into a network management monitoring platform database in a round-robin manner, wherein the network management monitoring platform database is provided with a storage data space with a preset time length.
4. The TAP device monitoring method of any one of claims 1 through 3, wherein said statistically analyzing the state information data and the link state data of the TAP device comprises:
verifying the data compliance of the state information data and the link state data of the TAP equipment;
performing missing value interpolation on the checked missing values in the data in a prediction mode by adopting a mean value, a linear function or a prediction algorithm to obtain data with continuity in time sequence;
and analyzing and predicting the data with continuity in time sequence.
5. The TAP device monitoring method according to claim 4, wherein the determining of device abnormal state information and/or link abnormal state information by performing statistical analysis on the state information data and the link state data of the TAP device comprises:
constructing a continuous data set of time, a service flow size value and/or a flow packet number based on service flow data in the data with continuity in time sequence;
performing model fitting on the continuous data set by a Prophet algorithm and a Prophet.fit method, expanding the future date by a specified data number by using an auxiliary method, namely a Prophet.make future dataframe, and predicting by a Prophet.predict method to obtain a forecast object, wherein the forecast object comprises a column of predicted values, and analysis and confidence intervals of components;
and calculating the data point of the deviation of the flow size and/or the flow packet number from the confidence interval, analyzing the deviation degree and severity to determine the abnormal state information of the link.
6. The TAP device monitoring method according to claim 2, wherein after performing statistical analysis on the state information data and the link state data of the TAP device to determine device abnormal state information and/or link abnormal state information, the method comprises:
based on the link abnormal state information, alarming and displaying;
and when the link is recovered to be normal, the alarm is released.
7. The TAP device monitoring method according to claim 4, wherein the determining of device abnormal state information and/or link abnormal state information by performing statistical analysis on the state information data and the link state data of the TAP device comprises:
configuring an alarm triggering condition, a monitoring item associated to the TAP device, for a state of the TAP device;
an exponential weighting mobile algorithm is adopted to configure a dynamic threshold value for triggering alarm, and the model formula of the exponential weighting mobile algorithm is as follows:
ν t =βν t-1 +(1-β)θ t
wherein, the value of beta is between 0 and 1, and the value of beta is selected according to the variation characteristic of the time sequence; taking historical data as a training set of the exponential weighted moving algorithm, carrying out multiple times of training to obtain beta with the minimum prediction error, and storing an exponential weighted moving algorithm model; v is t-1 Denotes the exponential moving average, theta, at time t-1 t Representing the actual temperature at time t, v t Represents an exponential moving average at time t as the dynamic threshold for the alarm.
8. A TAP device monitoring system, comprising:
the real-time acquisition module is used for acquiring the state information data and the link state data of the TAP equipment in real time;
the data storage module is used for storing the state information data and the link state data of the TAP equipment into a network management monitoring platform database;
and the statistical analysis module is used for performing statistical analysis on the state information data and the link state data of the TAP equipment to determine the abnormal state information of the equipment and/or the abnormal state information of the link.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the steps of the TAP device monitoring method of any one of claims 1 to 7 are implemented when the program is executed by the processor.
10. A non-transitory computer-readable storage medium, having stored thereon a computer program, which, when being executed by a processor, carries out the steps of the TAP device monitoring method according to any one of claims 1 to 7.
CN202110666402.5A 2021-06-16 2021-06-16 TAP device monitoring method and system, electronic device and readable storage medium Pending CN115484188A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110666402.5A CN115484188A (en) 2021-06-16 2021-06-16 TAP device monitoring method and system, electronic device and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110666402.5A CN115484188A (en) 2021-06-16 2021-06-16 TAP device monitoring method and system, electronic device and readable storage medium

Publications (1)

Publication Number Publication Date
CN115484188A true CN115484188A (en) 2022-12-16

Family

ID=84420434

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110666402.5A Pending CN115484188A (en) 2021-06-16 2021-06-16 TAP device monitoring method and system, electronic device and readable storage medium

Country Status (1)

Country Link
CN (1) CN115484188A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118428532A (en) * 2024-04-26 2024-08-02 深圳市金地物业管理有限公司 Prophet model cleaning defect occurrence rate time sequence prediction method based on Python

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070271014A1 (en) * 1995-06-07 2007-11-22 Automotive Technologies International, Inc. Vehicle Diagnostic and Prognostic Methods and Systems
WO2019056499A1 (en) * 2017-09-20 2019-03-28 平安科技(深圳)有限公司 Prediction model training method, data monitoring method, apparatuses, device and medium
CN109672583A (en) * 2018-09-25 2019-04-23 平安科技(深圳)有限公司 Method for monitoring network, equipment, storage medium and device
CN110278102A (en) * 2018-03-15 2019-09-24 勤智数码科技股份有限公司 A kind of IT automation operational system and method
CN111563776A (en) * 2020-05-08 2020-08-21 国网江苏省电力有限公司扬州供电分公司 Electric quantity decomposition and prediction method based on K neighbor anomaly detection and Prophet model
CN112187514A (en) * 2020-09-02 2021-01-05 上海御威通信科技有限公司 Intelligent operation and maintenance system, method and terminal for data center network equipment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070271014A1 (en) * 1995-06-07 2007-11-22 Automotive Technologies International, Inc. Vehicle Diagnostic and Prognostic Methods and Systems
WO2019056499A1 (en) * 2017-09-20 2019-03-28 平安科技(深圳)有限公司 Prediction model training method, data monitoring method, apparatuses, device and medium
CN110278102A (en) * 2018-03-15 2019-09-24 勤智数码科技股份有限公司 A kind of IT automation operational system and method
CN109672583A (en) * 2018-09-25 2019-04-23 平安科技(深圳)有限公司 Method for monitoring network, equipment, storage medium and device
CN111563776A (en) * 2020-05-08 2020-08-21 国网江苏省电力有限公司扬州供电分公司 Electric quantity decomposition and prediction method based on K neighbor anomaly detection and Prophet model
CN112187514A (en) * 2020-09-02 2021-01-05 上海御威通信科技有限公司 Intelligent operation and maintenance system, method and terminal for data center network equipment

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN118428532A (en) * 2024-04-26 2024-08-02 深圳市金地物业管理有限公司 Prophet model cleaning defect occurrence rate time sequence prediction method based on Python

Similar Documents

Publication Publication Date Title
CN106209432A (en) Network equipment subhealth state method for early warning based on dynamic threshold and device
EP3058679B1 (en) Alarm prediction in a telecommunication network
CN105721184B (en) A kind of monitoring method and device of network link quality
CN111290913A (en) Fault location visualization system and method based on operation and maintenance data prediction
CN109948808A (en) Database construction method, fault diagnosis method and system for substation equipment fault case database
CN112953738B (en) Root cause alarm positioning system, method, device and computer equipment
CN110502398B (en) Switch fault prediction system and method based on artificial intelligence
CN114630352B (en) Fault monitoring method and device for access equipment
CN114095965A (en) Index detection model obtaining and fault positioning method, device, equipment and storage medium
US10708155B2 (en) Systems and methods for managing network operations
CN106100884A (en) The alarm method of supervisory control of substation equipment operation exception
CN109412902A (en) A kind of intelligent monitoring method of power dispatch data network system, storage equipment, terminal and system
CN113271224A (en) Node positioning method and device, storage medium and electronic device
CN110808864A (en) Communication early warning method, device and system
CN116611953A (en) Electric energy meter production and manufacturing real-time data management method and system based on Internet of things
CN118740678A (en) Fault detection method and device for network equipment and electronic equipment
CN101345656B (en) global fault rate measuring method
CN115484188A (en) TAP device monitoring method and system, electronic device and readable storage medium
CN115038088B (en) Intelligent network security detection early warning system and method
CN112187680A (en) Intelligent monitoring and early warning method and system for big data of optical fiber storage network
CN111078503B (en) Abnormality monitoring method and system
CN114726708A (en) Network element equipment fault prediction method and system based on artificial intelligence
KR100323747B1 (en) Method for intelligent observation of exchange network service
CN117336158A (en) Fault positioning method and related device
CN202798762U (en) Alarm device for power communication failure information analysis

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20221216