CN113839799A - A method and device for mining alarm association rules - Google Patents
A method and device for mining alarm association rules Download PDFInfo
- Publication number
- CN113839799A CN113839799A CN202010590291.XA CN202010590291A CN113839799A CN 113839799 A CN113839799 A CN 113839799A CN 202010590291 A CN202010590291 A CN 202010590291A CN 113839799 A CN113839799 A CN 113839799A
- Authority
- CN
- China
- Prior art keywords
- alarm
- preset
- item
- association
- time window
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 79
- 238000005065 mining Methods 0.000 title claims abstract description 62
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 67
- 239000013598 vector Substances 0.000 claims abstract description 51
- 238000012098 association analyses Methods 0.000 claims description 22
- 238000007781 pre-processing Methods 0.000 claims description 7
- 230000001502 supplementing effect Effects 0.000 claims description 7
- 230000006835 compression Effects 0.000 claims description 6
- 238000007906 compression Methods 0.000 claims description 6
- 238000009795 derivation Methods 0.000 claims description 4
- 238000010219 correlation analysis Methods 0.000 abstract description 3
- 230000000875 corresponding effect Effects 0.000 description 40
- 238000003860 storage Methods 0.000 description 14
- 238000004590 computer program Methods 0.000 description 12
- 238000010586 diagram Methods 0.000 description 12
- 238000012545 processing Methods 0.000 description 12
- 238000004458 analytical method Methods 0.000 description 9
- 230000008569 process Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 238000007418 data mining Methods 0.000 description 3
- 238000009826 distribution Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000004519 manufacturing process Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000004140 cleaning Methods 0.000 description 2
- 230000002596 correlated effect Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000018109 developmental process Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000013138 pruning Methods 0.000 description 2
- 230000011218 segmentation Effects 0.000 description 2
- 238000000638 solvent extraction Methods 0.000 description 2
- 239000013589 supplement Substances 0.000 description 2
- 238000012097 association analysis method Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000008030 elimination Effects 0.000 description 1
- 238000003379 elimination reaction Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0631—Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2458—Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
- G06F16/2465—Query processing support for facilitating data mining operations in structured databases
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F18/00—Pattern recognition
- G06F18/20—Analysing
- G06F18/23—Clustering techniques
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0677—Localisation of faults
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2216/00—Indexing scheme relating to additional aspects of information retrieval not explicitly covered by G06F16/00 and subgroups
- G06F2216/03—Data mining
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Data Mining & Analysis (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Physics & Mathematics (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Fuzzy Systems (AREA)
- Evolutionary Computation (AREA)
- Artificial Intelligence (AREA)
- Evolutionary Biology (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Life Sciences & Earth Sciences (AREA)
- Bioinformatics & Computational Biology (AREA)
- Mathematical Physics (AREA)
- Probability & Statistics with Applications (AREA)
- Software Systems (AREA)
- Computational Linguistics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
本发明实施例提供了一种告警关联规则挖掘方法及装置,该方法包括:根据预设的时间窗口划分方法,获取产生于各时间窗口内的告警项,组成告警集;在所述告警集中,根据各告警项的第一词向量,通过预设的聚类算法进行分簇,将各告警项划归到与各簇对应的告警事务;根据预设各告警项的属性权重,通过预设的关联分析算法进行告警规则挖掘,得到各告警事务内的告警关联规则。通过本发明实施例,实现了高效给出各告警项间准确的关联规则。
Embodiments of the present invention provide a method and device for mining alarm association rules. The method includes: acquiring alarm items generated in each time window according to a preset time window division method to form an alarm set; in the alarm set, According to the first word vector of each alarm item, clustering is performed by a preset clustering algorithm, and each alarm item is classified into an alarm transaction corresponding to each cluster; according to the preset attribute weight of each alarm item, through the preset The correlation analysis algorithm mines the alarm rules, and obtains the alarm correlation rules in each alarm transaction. Through the embodiments of the present invention, accurate association rules between various alarm items can be efficiently given.
Description
Technical Field
The invention relates to the technical field of communication networks, in particular to a method and a device for mining alarm association rules.
Background
With the development of mobile communication, in order to adapt to various terminals and different access modes, a service system and a network architecture become more and more complex, with the comprehensive commercial use of a 5G network, the changes of technologies such as cloud computing, virtualization, edge computing and the like and network interaction bring the advantages of flexibility and elasticity, and meanwhile, higher challenges are brought to operation and maintenance personnel. Conventionally, a unified acquisition platform is used for collecting various alarm data, and then monitoring personnel collectively give a list to experts of different specialties to check the alarm data, confirm the fault reason and influence and take measures. In the 5G era, because of the large number of devices, complex structure and large data volume, the efficiency is low by depending on a manual mode.
Therefore, the prior art adopts an alarm correlation analysis method, which mainly includes: the method is based on rule reasoning, case reasoning and model reasoning, and has the common characteristics of mainly depending on statistics and expert experience, and the method depends on the professional knowledge and experience of experts, is low in efficiency and cannot adapt to the rapid development requirement brought by the network and business change in the 5G era. Another popular method is a data mining-based method, for example, a traditional data mining algorithm based on Apriori or FP-growth, which may cause problems due to unclear transaction partitioning when used, and if the transaction contains too much alarm data, the rules mined are too few, some weakly related rules are mined, and if the transaction contains too little alarm data, the rules are too many and the rules tend to be simplified, on the other hand, because the mining algorithm has a certain requirement for distribution of alarm data, only frequently occurring items can be mined, however, alarm distribution of each specialty in the communication network is uneven, the alarm quantity of some specialties such as wireless specialties is obviously higher than that of the core network, but the frequent alarm of the core network is a cause of wireless alarm, and when mining is performed, because the support degree of professional alarm of the core network is low, the method can be filtered out, so that real possible root alarms are omitted, the mined frequent item sets are usually only secondary alarms, if the support degree is set to be too low, a plurality of invalid rules are mined, and the accuracy is reduced.
The alarm correlation analysis method in the prior art cannot efficiently obtain accurate correlation rules among alarm data, and cannot adapt to a real production environment.
Disclosure of Invention
The embodiment of the invention aims to provide an alarm association rule mining method and device, and solves the problems that an alarm association analysis method cannot efficiently obtain accurate association rules among alarm data and cannot adapt to a real production environment.
In order to solve the above technical problem, the embodiment of the present invention is implemented as follows:
in a first aspect, an embodiment of the present invention provides an alarm association rule mining method, including:
acquiring alarm items generated in each time window according to a preset time window dividing method to form an alarm set;
clustering is carried out on the alarm set through a preset clustering algorithm according to the first word vector of each alarm item, and each alarm item is classified into an alarm transaction corresponding to each cluster;
and according to the attribute weight of each preset alarm item, carrying out alarm rule mining through a preset association analysis algorithm to obtain alarm association rules in each alarm transaction.
In a second aspect, an embodiment of the present invention provides an alarm association rule mining device, including:
the data preprocessing module is used for acquiring alarm items generated in each time window according to a preset time window dividing method to form an alarm set;
the transaction dividing module is used for clustering the alarm items in the alarm set according to the first word vector of each alarm item through a preset clustering algorithm and classifying each alarm item into the alarm transaction corresponding to each cluster;
and the association analysis module is used for mining alarm rules through a preset association analysis algorithm according to the preset attribute weight of each alarm item to obtain the alarm association rules in each alarm transaction.
It can be seen from the above technical solutions provided by the embodiments of the present invention that, in the embodiments of the present invention, an alarm set corresponding to each time window is obtained according to a preset time window division method, then, in the alarm set, clustering is performed according to a preset clustering algorithm according to a first word vector of each alarm item to obtain an alarm transaction corresponding to each cluster, and alarm rule mining is performed according to an attribute weight of each preset alarm item through a preset association analysis algorithm to obtain an alarm association rule in each alarm transaction. By the embodiment of the invention, the accurate association rule among the alarm items can be efficiently given.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only some embodiments described in the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a first flowchart of an alarm association rule mining method according to an embodiment of the present invention;
fig. 2 is a second flowchart of the method for mining the alarm association rule according to the embodiment of the present invention;
fig. 3 is a third flowchart illustrating an alarm association rule mining method according to an embodiment of the present invention;
fig. 4 is a fourth flowchart illustrating an alarm association rule mining method according to an embodiment of the present invention;
fig. 5 is a fifth flowchart of the method for mining the alarm association rule according to the embodiment of the present invention;
FIG. 6 is a schematic diagram illustrating a module composition of an alarm association rule mining device according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The embodiment of the invention provides a method and a device for mining alarm association rules.
In order to make those skilled in the art better understand the technical solution of the present invention, the technical solution in the embodiment of the present invention will be clearly and completely described below with reference to the drawings in the embodiment of the present invention, and it is obvious that the described embodiment is only a part of the embodiment of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, an execution main body of the method may be a server, where the server may be an independent server or a server cluster composed of a plurality of servers, and the server may be a server capable of performing network operation processing, such as a server configured by a network resource. The method may specifically comprise the steps of:
and step S01, acquiring alarm items generated in each time window according to a preset time window division method to form an alarm set.
In the implementation, the server collects alarm items generated by various services in the system and stores the alarm items in a historical alarm library. The alarm item may include a plurality of preset fields according to actual needs, for example: alarm number, alarm title, generation time, elimination time, alarm level, machine room attribute, network element object, etc.
In order to solve the problem that the transaction division in the traditional data mining algorithm is difficult, all the collected alarm items need to be time sliced according to the generation time of each alarm item. According to a preset time window dividing method, acquiring alarm items corresponding to each time window from a historical alarm library, namely acquiring alarm items with time in the time windows. And combining the alarm items belonging to the same time window to obtain an alarm set corresponding to each time window.
Before time slicing is performed on each alarm item, preprocessing may also be performed on each alarm item in the historical alarm library, where the preprocessing may include: cleaning, value supplementing, weight removing and the like. The cleaning and the complementing value are selected according to preset fields of original alarm items acquired from the historical alarm library, and corresponding operations are executed according to whether the preset fields have missing or wrong states: if there is a missing or error in the key field of the default field, for example: and if the non-key field has a missing or error, the supplementary value operation can be executed by looking up a dictionary and the like. The duplication removal is used for merging or eliminating the alarm items which are judged to be the same in a preset time period, and the preset time period can be a corresponding time window.
And step S02, clustering the alarm items in the alarm set according to the first word vector of each alarm item through a preset clustering algorithm, and classifying each alarm item into an alarm transaction corresponding to each cluster.
According to a preset word segmentation algorithm, for example: and jieba word segmentation and the like, and weighting the word vectors of all keywords in the same alarm item through keyword extraction and word vector conversion to obtain a first word vector of each alarm item.
Clustering is carried out according to the first word vector of each alarm item through a preset clustering algorithm, and all alarm items in the alarm set are divided into a plurality of clusters.
Further, the preset clustering algorithm is a DBSCAN clustering algorithm.
The preset clustering algorithm is multiple, and the embodiment of the invention only gives the DBSCAN clustering algorithm as an example. And clustering operation is carried out according to the distance between the first word vectors by using a DBSCAN clustering algorithm. And dividing the alarm items contained in each cluster obtained by the DBSCAN clustering algorithm into alarm affairs corresponding to the cluster.
The DBSCAN is a density-based clustering algorithm, and can be clustered by the closeness of the first word vector distribution. The alarm items in the same cluster are closely connected with each other through the first word vectors, that is, the first word vectors of any alarm item in the cluster are not far away from the first word vector of other alarm items in the same cluster.
And step S03, according to the preset attribute weight of each alarm item, carrying out alarm rule mining through a preset association analysis algorithm to obtain alarm association rules in each alarm transaction.
Obtaining the attribute weight of each alarm item, wherein the attribute weight is the preset weight value of each alarm attribute contained in the alarm item.
And according to the attribute weight of each alarm item, utilizing a preset association analysis algorithm to carry out alarm rule mining on the alarm items contained in each alarm transaction. And obtaining alarm association rules in each alarm transaction according to the result of alarm rule mining.
And summarizing the alarm association rules in all the alarm transactions to obtain all the alarm association rules. The root alarm as a key factor and the secondary alarms as corresponding secondary factors can be determined from all alarm items through the alarm association rule, wherein the root alarm and the corresponding secondary alarms have strong association relationship, namely the root alarm causes the secondary alarms with high probability. Therefore, the fault or problem corresponding to the alarm item can be more quickly and accurately positioned according to the root alarm.
It can be seen from the above technical solutions provided by the embodiments of the present invention that, in the embodiments of the present invention, an alarm set corresponding to each time window is obtained according to a preset time window division method, then, in the alarm set, clustering is performed according to a preset clustering algorithm according to a first word vector of each alarm item to obtain an alarm transaction corresponding to each cluster, and alarm rule mining is performed according to an attribute weight of each preset alarm item through a preset association analysis algorithm to obtain an alarm association rule in each alarm transaction. By the embodiment of the invention, the accurate association rule among the alarm items can be efficiently given.
Based on the above embodiment, further, as shown in fig. 2, the specific processing manner of the step S01 may be varied, and only one alternative processing manner is provided below, and the processing of the steps S011 to S012 can be referred to specifically.
Step S011, obtaining each time window according to the duration and the sliding step length of the preset time window;
and step S012, acquiring alarm items generated in each time window according to the generation time of each alarm item, and forming an alarm set.
The embodiment of the invention adopts a sliding window mode to carry out time slicing, and according to the duration and the sliding step length of the preset time window, after the initial time of the first time window is determined, each time window is obtained in sequence. Specific examples are as follows:
if the time length of the set time window is T and the sliding step length is lambda, obtaining each time window:
first time window t1,tm1],tm1=t1+T;
Second time window [ t ]2,tm2],t2=t1+λ,tm2=tm1+λ=t2+T;
……;
Ith time window ti,tmi],ti=ti-1+λ,tmi=tmi-1+λ=ti-1+T;
……
Nth time window tn,tmn],tn=tn-1+λ,tmn=tmn-1+λ=tn-1+T。
And then, according to each divided time window, acquiring alarm items of the generated time in each time window from a historical alarm library, and combining to obtain an alarm set corresponding to each time window.
In practice, to ensure that all alarm items can be covered, the sliding step length λ is often smaller than the time length T, for example, the set time length is 5 minutes and the sliding step length is 3 minutes. At this time, the adjacent two time windows have partial time overlap, and the corresponding alarm sets also have partially identical alarm items.
According to the technical scheme provided by the embodiment of the invention, the time windows are obtained by adopting the sliding window division method, so that the reasonable and flexible division of the alarm sets is realized, and the accurate association rule among the alarm items can be provided efficiently in the follow-up process.
Based on the above embodiment, as shown in fig. 3, further, the specific processing manner of step S03 may be varied, and only one alternative processing manner is provided below, which may specifically refer to the processing of steps S031-S032 below.
And step S031, obtaining the attribute weight of each alarm item through a weighted average algorithm according to the preset weight of the alarm attribute of the alarm item.
The fields of the alarm items comprise a plurality of alarm attributes, such as alarm levels, alarm types, machine room attributes, alarm network classifications, alarm interpretation assistance and the like, and the weighted values of the alarm attributes are set according to the attribute information of the alarm attributes. And then carrying out weighted average on the weighted values of the alarm attributes so as to obtain the attribute weight of each alarm item.
And S032, mining alarm rules through a preset Apriori algorithm according to the attribute weight of each alarm item in each alarm transaction to obtain alarm association rules in each alarm transaction.
There are many algorithms that can be used for mining alarm rules, and the embodiment of the present invention is illustrated by taking Apriori algorithm as an example. And acquiring the alarm association relation of all alarm items in each alarm transaction according to the attribute weight of each alarm item through an Apriori algorithm.
Further, the specific steps of performing the Apriori algorithm in step S032 can be referred to as steps S0321-S0322.
Step S0321, calculating the weighted support of each alarm item set according to the attribute weight of each alarm item, and obtaining a frequent item set according to a preset minimum support threshold.
And calculating the weighting support degree of each alarm item set according to the attribute weight of each alarm item contained in the alarm transaction and the preset classification, wherein the weighting support degree is a factor of the attribute weight introduced on the basis of the existing support counting method. For example, if the alarm item set X ═ { i ═ i1,i2…ikIn which ijThe alarm item contained in the alarm item set has a corresponding attribute weight of wj,0≤wjAnd if the weight support degree of the alarm item set is less than or equal to 1, the weighting support degree of the alarm item set is as follows: supw(X)=max{w1,w2…wkAnda (x), where sup (x) is a preset conventional support degree, and a higher conventional support degree indicates that the frequency of simultaneous occurrence of each alarm item included in the alarm item set is higher.
According to a preset minimum support threshold value minsup, obtaining a weighted support by the weighted support of each alarm item set, and taking each alarm item set with the weighted support greater than or equal to the minimum support threshold value as a frequency sensitive item set, which is equivalent to a ifw(X) is more than or equal to min, the alarm item set X is a frequent k item set and is marked as Lk。
In implementation, the obtained alarm frequent item set L can be further processedkObtaining a new frequent item set C after carrying out preset splicing and pruning operationsk. The splicing and pruning operation is specifically composed of two parts, one part passing through Lk-1To be connected with itself to obtain Ck1The other part needs to be at Lk-1Is extended to obtain Ck2,Ck=Ck1∪Ck2Through this step, a new alarm frequency set is obtainedCk。
Step S0322, calculating to obtain a weighted confidence coefficient and a weighted lifting degree of the frequent item set, and obtaining an alarm association rule in each alarm transaction according to a preset minimum confidence coefficient threshold value and a preset minimum lifting degree threshold value.
Calculating the weighting confidence coefficient and the weighting promotion degree of the obtained alarm frequency set, wherein the specific calculation process is as follows:
weighted confidence
Weighted lifting degree
The weighted confidence is used for representing the possibility that an alarm item y appears simultaneously under the condition that the alarm item x appears, and the weighted promotion is used for representing the incidence relation between the alarm items x and y: if the weighted lifting degree is 1, x and y are independent; if the weighted lifting degree is greater than 1, x is strongly correlated with y; if the weighted boost is <1, then x is weakly correlated with y.
Setting a minimum confidence threshold value minconf and a minimum lifting degree threshold value minlift to satisfy Wconf(x=>y) is not less than minconf, and lift (x ═ y>y) is more than or equal to minlift, and all the association relation records are stored to obtain the alarm association rule of the alarm transaction. In the alarm association rule, each alarm item with association relation is divided, and the levels are divided according to the importance degree of the alarm item in the association relation, in the embodiment of the invention, the alarm item is divided into two levels: a root alarm as a key factor and a secondary alarm as a secondary factor.
According to the technical scheme provided by the embodiment of the invention, the embodiment of the invention obtains the weighting support degree of each alarm item set and the weighting confidence degree and the weighting promotion degree of each frequent item set through the obtained attribute weight of each alarm item, and performs screening according to the preset minimum confidence degree threshold value and the minimum promotion degree threshold value to obtain the alarm association rule in each alarm transaction, so that the accurate association rule among the alarm items is efficiently given.
Based on the foregoing embodiment, as shown in fig. 4, after the foregoing S03, the method for mining alarm association rules further includes:
and step S04, according to the generation time of each alarm item, splicing the feature words of the alarm items in each time window to obtain feature sentences corresponding to each alarm set, splicing the sentences to obtain feature articles, and inputting the feature articles into a preset natural language word vector model to obtain second word vectors of each alarm item.
It can be known from the above embodiments that the alarm association rule obtained by the preset association analysis algorithm only includes the alarm item with a higher occurrence frequency, and in order to obtain the alarm association rule more comprehensively, the embodiments of the present invention utilize a natural language vector model.
And obtaining a second word vector of each alarm item through a preset natural language vector model according to the generation time of each alarm item.
Extracting corresponding feature words from each alarm item, splicing the feature words of the alarm items in each alarm set according to the time sequence of the generation time of each alarm item to obtain feature sentences corresponding to each alarm set, and splicing the feature sentences according to the time sequence of a time window corresponding to each alarm set to obtain feature articles.
And inputting the obtained feature words of the alarm items, the feature sentences of the alarm sets and the spliced feature articles into a pre-trained natural language vector model to obtain second word vectors of the alarm items.
Further, the natural language word vector model is constructed based on a word2vec algorithm.
The natural language vector model has a plurality of construction methods, and the embodiment of the invention takes a word2vec algorithm as an example for illustration.
The word2vec algorithm uses two models to define input and output: a connective Bag model (CBOW) and a Skip-Gram. The input of the CBOW model is a second word vector corresponding to a context-related feature word of a certain feature word, and the output is the second word vector of the certain feature word; the thinking of the Skip-Gram model and the CBOW model is just opposite, the input is a second word vector of a certain characteristic word, and the output is a second word vector of the characteristic word of the context corresponding to the certain characteristic word. Wherein the Skip-Gram model is more accurate when processing results of large-scale datasets.
Step S05, according to the similarity of the second word vector of each alarm item, supplementing the alarm item with the similarity higher than the preset similarity threshold value with the alarm item in the alarm association rule
And supplementing the alarm items which are greater than a preset similarity threshold value into an alarm association rule obtained through a preset association analysis algorithm by calculating the distance and the similarity between the second word vectors of the alarm items. Specifically, the method comprises the following steps: if the similarity between the alarm item and any one alarm is greater than a preset similarity threshold, judging that the alarm item is also a root alarm; and if the similarity of any alarm is greater than a preset similarity threshold, judging that the alarm item is the secondary alarm.
According to the technical scheme provided by the embodiment of the invention, the embodiment of the invention obtains the second word vector of each alarm item through the preset natural language word vector model, and supplements the alarm association rule according to the similarity of each second word vector, so that the accurate and comprehensive association rule among the alarm items is efficiently given.
Based on the above embodiment, as shown in fig. 5, further after step S05, the method further includes:
and step S06, acquiring new alarm items under the current time window, matching each new alarm item with the alarm association rule, and obtaining the root alarm corresponding to the new alarm item according to the matching result.
When a newly generated alarm item is obtained, all new alarm items in the current time window are obtained by taking the time window as a unit, then each new alarm item is compared with each alarm item in the obtained alarm association rule, whether a matched root alarm or secondary alarm exists or not is judged according to a preset matching rule, and if the alarm is the secondary alarm, the root alarm corresponding to the secondary alarm is further determined.
Further, the method further comprises:
and according to the matching result, performing alarm compression on the multiple secondary alarms, and performing alarm derivation on the multiple root alarms.
If a plurality of secondary alarms are obtained by matching in the current time window, alarm compression is performed on the plurality of secondary alarms, for example, merging or de-duplicating is performed on the plurality of secondary alarms corresponding to the same root alarm, and if a plurality of root alarms are obtained by matching, alarm derivation can be performed, for example, a new alarm item is derived from the plurality of root alarms, so that alarm information is further compressed, and unnecessary information transmission and display are reduced.
In addition, the processed new alarm items are stored in a historical alarm library and used for updating and iterating various models and algorithms in the implementation periodically so as to update the alarm association rule.
According to the technical scheme provided by the embodiment of the invention, the embodiment of the invention can match each new alarm item with the alarm association rule by acquiring the new alarm item under the current time window, and obtain the root alarm corresponding to the new alarm item according to the matching result, so that the accurate and comprehensive association rule among the alarm items can be efficiently given.
Corresponding to the alarm association rule mining method provided in the above embodiment, based on the same technical concept, an alarm association rule mining device is further provided in the embodiment of the present invention, fig. 6 is a schematic diagram of modules of the alarm association rule mining device provided in the embodiment of the present invention, the alarm association rule mining device is configured to execute the alarm association rule mining method described in fig. 1 to fig. 5, and as shown in fig. 6, the alarm association rule mining device includes: a data preprocessing module 10, a transaction partitioning module 11 and an association analysis module 12.
The data preprocessing module 10 is configured to obtain alarm items generated in each time window according to a preset time window division method, and form an alarm set; the transaction dividing module 11 is configured to perform clustering in the alarm set according to the first word vector of each alarm item by using a preset clustering algorithm, and classify each alarm item into an alarm transaction corresponding to each cluster; the association analysis module 12 is configured to perform alarm rule mining according to preset attribute weights of the alarm items through a preset association analysis algorithm, so as to obtain alarm association rules in the alarm transactions.
It can be seen from the above technical solutions provided by the embodiments of the present invention that, in the embodiments of the present invention, an alarm set corresponding to each time window is obtained according to a preset time window division method, then, in the alarm set, clustering is performed according to a preset clustering algorithm according to a first word vector of each alarm item to obtain an alarm transaction corresponding to each cluster, and alarm rule mining is performed according to an attribute weight of each preset alarm item through a preset association analysis algorithm to obtain an alarm association rule in each alarm transaction. By the embodiment of the invention, the accurate association rule among the alarm items can be efficiently given.
Further, the data preprocessing module includes: a window dividing unit and a data combining unit.
The window dividing unit is used for obtaining each time window according to the duration and the sliding step length of the preset time window; and the data combination unit is used for acquiring the alarm items generated in each time window according to the generation time of each alarm item to form an alarm set.
Further, the preset clustering algorithm is a DBSCAN clustering algorithm.
Further, the association analysis module includes: a weight analysis unit and an algorithm analysis unit.
The weight analysis unit is used for obtaining the attribute weight of each alarm item through a weighted average algorithm according to the preset weight of the alarm attribute of the alarm item; and the algorithm analysis unit is used for mining alarm rules through a preset Apriori algorithm according to the attribute weight of each alarm item in each alarm transaction to obtain the alarm association rules in each alarm transaction.
Further, the algorithm analysis unit includes: a first analysis unit and a second analysis unit.
The first analysis unit is used for calculating the weighted support of each alarm item set according to the attribute weight of each alarm item and obtaining a frequent item set according to a preset minimum support threshold; and the second analysis unit is used for calculating to obtain the weighted confidence coefficient and the weighted promotion degree of the frequent item set and obtaining the alarm association rule in each alarm transaction according to a preset minimum confidence coefficient threshold value and a preset minimum promotion degree threshold value.
Further, the alarm association rule mining device further includes: the device comprises a vector acquisition module and a rule supplement module.
The vector acquisition module is used for splicing the feature words of the alarm items in each time window to obtain feature sentences corresponding to each alarm set according to the generation time of each alarm item, splicing each sentence to obtain a feature article, and inputting the feature article into a preset natural language word vector model to obtain a second word vector of each alarm item; and the rule supplementing module is used for supplementing the alarm items with the similarity higher than a preset similarity threshold value with the alarm item in the alarm association rule according to the similarity of the second word vector of each alarm item.
Further, the alarm association rule mining device further includes: and a rule matching module.
The rule matching module is used for acquiring new alarm items in the current time window, matching each new alarm item with the alarm association rule, and obtaining a root alarm corresponding to the new alarm item according to the matching result.
Further, the alarm association rule mining device further includes: and an information compression module.
And the information compression module is used for carrying out alarm compression on a plurality of secondary alarms and carrying out alarm derivation on a plurality of root alarms according to the matching result.
Further, the natural language word vector model is constructed based on a word2vec algorithm.
It can be seen from the above technical solutions provided by the embodiments of the present invention that, in the embodiments of the present invention, an alarm set corresponding to each time window is obtained according to a preset time window division method, then, in the alarm set, clustering is performed according to a preset clustering algorithm according to a first word vector of each alarm item to obtain an alarm transaction corresponding to each cluster, and alarm rule mining is performed according to an attribute weight of each preset alarm item through a preset association analysis algorithm to obtain an alarm association rule in each alarm transaction. By the embodiment of the invention, the accurate association rule among the alarm items can be efficiently given.
The alarm association rule mining device provided by the embodiment of the invention can realize each process in the embodiment corresponding to the alarm association rule mining method, and is not repeated here for avoiding repetition.
It should be noted that the alarm association rule mining device provided in the embodiment of the present invention and the alarm association rule mining method provided in the embodiment of the present invention are based on the same inventive concept, and therefore specific implementation of the embodiment may refer to implementation of the alarm association rule mining method, and repeated details are not described again.
Corresponding to the alarm association rule mining method provided in the foregoing embodiment, based on the same technical concept, an embodiment of the present invention further provides an electronic device, where the electronic device is configured to execute the alarm association rule mining method, and fig. 7 is a schematic structural diagram of an electronic device implementing various embodiments of the present invention, as shown in fig. 7. Electronic devices may vary widely in configuration or performance and may include one or more processors 701 and memory 702, where one or more stored applications or data may be stored in memory 702. Memory 702 may be, among other things, transient storage or persistent storage. The application program stored in memory 702 may include one or more modules (not shown), each of which may include a series of computer-executable instructions for the electronic device. Still further, the processor 701 may be configured to communicate with the memory 702 to execute a series of computer-executable instructions in the memory 702 on the electronic device. The electronic device may also include one or more power supplies 703, one or more wired or wireless network interfaces 704, one or more input-output interfaces 705, one or more keyboards 706.
Specifically, in this embodiment, the electronic device includes a processor, a communication interface, a memory, and a communication bus; the processor, the communication interface and the memory complete mutual communication through a bus; the memory is used for storing a computer program; the processor is used for executing the program stored in the memory and realizing the following method steps:
acquiring alarm items generated in each time window according to a preset time window dividing method to form an alarm set;
clustering is carried out on the alarm set through a preset clustering algorithm according to the first word vector of each alarm item, and each alarm item is classified into an alarm transaction corresponding to each cluster;
and according to the attribute weight of each preset alarm item, carrying out alarm rule mining through a preset association analysis algorithm to obtain alarm association rules in each alarm transaction.
An embodiment of the present application further provides a computer-readable storage medium, in which a computer program is stored, and when executed by a processor, the computer program implements the following method steps:
acquiring alarm items generated in each time window according to a preset time window dividing method to form an alarm set;
clustering is carried out on the alarm set through a preset clustering algorithm according to the first word vector of each alarm item, and each alarm item is classified into an alarm transaction corresponding to each cluster;
and according to the attribute weight of each preset alarm item, carrying out alarm rule mining through a preset association analysis algorithm to obtain alarm association rules in each alarm transaction.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, an electronic device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, apparatus or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. An alarm association rule mining method is characterized by comprising the following steps:
acquiring alarm items generated in each time window according to a preset time window dividing method to form an alarm set;
clustering is carried out on the alarm set through a preset clustering algorithm according to the first word vector of each alarm item, and each alarm item is classified into an alarm transaction corresponding to each cluster;
and according to the attribute weight of each preset alarm item, carrying out alarm rule mining through a preset association analysis algorithm to obtain alarm association rules in each alarm transaction.
2. The method for mining alarm association rules according to claim 1, wherein the step of obtaining alarm items generated in each time window according to a preset time window division method to form an alarm set comprises:
obtaining each time window according to the duration and the sliding step length of the preset time window;
and acquiring the alarm items generated in each time window according to the generation time of each alarm item to form an alarm set.
3. The method for mining alarm association rules according to claim 1, wherein the preset clustering algorithm is a DBSCAN clustering algorithm.
4. The method for mining alarm association rules according to claim 1, wherein the step of mining alarm association rules through a preset association analysis algorithm according to preset attribute weights of alarm items to obtain alarm association rules in alarm transactions comprises:
obtaining the attribute weight of each alarm item through a weighted average algorithm according to the preset weight of the alarm attribute of the alarm item;
and according to the attribute weight of each alarm item in each alarm transaction, mining alarm rules through a preset Apriori algorithm to obtain alarm association rules in each alarm transaction.
5. The method according to claim 4, wherein the alarm association rule mining is performed by a preset Apriori algorithm according to the attribute weight of each alarm item in each alarm transaction to obtain the alarm association rule in each alarm transaction, and the method comprises:
calculating the weighted support of each alarm item set according to the attribute weight of each alarm item, and obtaining a frequent item set according to a preset minimum support threshold;
and calculating to obtain the weighted confidence coefficient and the weighted promotion degree of the frequent item set, and obtaining the alarm association rule in each alarm transaction according to a preset minimum confidence coefficient threshold value and a preset minimum promotion degree threshold value.
6. The alarm association rule mining method according to any one of claims 1 to 5, wherein after the step of performing alarm rule mining by a preset association analysis algorithm according to the preset attribute weight of each alarm item to obtain the alarm association rule in each alarm transaction, the method further comprises:
according to the generation time of each alarm item, splicing the feature words of the alarm items in each time window to obtain feature sentences corresponding to each alarm set, splicing the sentences to obtain feature articles, and inputting the feature articles into a preset natural language word vector model to obtain second word vectors of each alarm item;
and supplementing the alarm items with the similarity higher than a preset similarity threshold value with the alarm item in the alarm association rule according to the similarity of the second word vector of each alarm item.
7. The method of claim 6, wherein after the step of supplementing the alarm association rule with alarm items having a similarity higher than a preset similarity threshold with the alarm item in the alarm association rule according to the similarity of the second word vector of each alarm item, the method further comprises:
and acquiring new alarm items under the current time window, matching each new alarm item with the alarm association rule, and acquiring a root alarm corresponding to the new alarm item according to the matching result.
8. The method for mining alarm association rules according to claim 7, wherein after the steps of obtaining new alarm items in the current time window, matching each new alarm item with the alarm association rules, and obtaining root alarms corresponding to the new alarm items according to matching results, the method further comprises:
and according to the matching result, performing alarm compression on the multiple secondary alarms, and performing alarm derivation on the multiple root alarms.
9. The alarm association rule mining method of claim 8, wherein the natural-language word vector model is constructed based on word2vec algorithm.
10. An alarm association rule mining device, the device comprising:
the data preprocessing module is used for acquiring alarm items generated in each time window according to a preset time window dividing method to form an alarm set;
the transaction dividing module is used for clustering the alarm items in the alarm set according to the first word vector of each alarm item through a preset clustering algorithm and classifying each alarm item into the alarm transaction corresponding to each cluster;
and the association analysis module is used for mining alarm rules through a preset association analysis algorithm according to the preset attribute weight of each alarm item to obtain the alarm association rules in each alarm transaction.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010590291.XA CN113839799B (en) | 2020-06-24 | 2020-06-24 | Alarm association rule mining method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010590291.XA CN113839799B (en) | 2020-06-24 | 2020-06-24 | Alarm association rule mining method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113839799A true CN113839799A (en) | 2021-12-24 |
| CN113839799B CN113839799B (en) | 2023-05-05 |
Family
ID=78964650
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010590291.XA Active CN113839799B (en) | 2020-06-24 | 2020-06-24 | Alarm association rule mining method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113839799B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114297037A (en) * | 2021-12-27 | 2022-04-08 | 中国联合网络通信集团有限公司 | An alarm clustering method and device |
| CN116055287A (en) * | 2022-11-17 | 2023-05-02 | 烽火通信科技股份有限公司 | A method and device for automatically locating the root cause of a transmission equipment failure |
| CN117079462A (en) * | 2023-08-24 | 2023-11-17 | 云南省交通投资建设集团有限公司 | Road section emergency traffic event prediction system and method based on Apriori algorithm |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105677759A (en) * | 2015-12-30 | 2016-06-15 | 国家电网公司 | Alarm correlation analysis method in communication network |
| CN109412867A (en) * | 2018-12-06 | 2019-03-01 | 国家电网有限公司信息通信分公司 | A kind of alarm association merging method, device, system, equipment and storage medium |
| CN109992484A (en) * | 2018-01-02 | 2019-07-09 | 中国移动通信有限公司研究院 | A kind of network alarm correlation analysis method, device and medium |
| CN110391936A (en) * | 2019-07-25 | 2019-10-29 | 长沙学院 | A Novel Clustering Algorithm Based on Time Series Alarms |
-
2020
- 2020-06-24 CN CN202010590291.XA patent/CN113839799B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105677759A (en) * | 2015-12-30 | 2016-06-15 | 国家电网公司 | Alarm correlation analysis method in communication network |
| CN109992484A (en) * | 2018-01-02 | 2019-07-09 | 中国移动通信有限公司研究院 | A kind of network alarm correlation analysis method, device and medium |
| CN109412867A (en) * | 2018-12-06 | 2019-03-01 | 国家电网有限公司信息通信分公司 | A kind of alarm association merging method, device, system, equipment and storage medium |
| CN110391936A (en) * | 2019-07-25 | 2019-10-29 | 长沙学院 | A Novel Clustering Algorithm Based on Time Series Alarms |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114297037A (en) * | 2021-12-27 | 2022-04-08 | 中国联合网络通信集团有限公司 | An alarm clustering method and device |
| CN114297037B (en) * | 2021-12-27 | 2025-04-29 | 中国联合网络通信集团有限公司 | A method and device for clustering alarms |
| CN116055287A (en) * | 2022-11-17 | 2023-05-02 | 烽火通信科技股份有限公司 | A method and device for automatically locating the root cause of a transmission equipment failure |
| CN117079462A (en) * | 2023-08-24 | 2023-11-17 | 云南省交通投资建设集团有限公司 | Road section emergency traffic event prediction system and method based on Apriori algorithm |
| CN117079462B (en) * | 2023-08-24 | 2024-05-07 | 云南省交通投资建设集团有限公司 | Road section emergency traffic event prediction system and method based on Apriori algorithm |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113839799B (en) | 2023-05-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10311368B2 (en) | Analytic system for graphical interpretability of and improvement of machine learning models | |
| CN110995459B (en) | Abnormal object identification method, device, medium and electronic equipment | |
| US10042912B2 (en) | Distributed clustering with outlier detection | |
| US9460236B2 (en) | Adaptive variable selection for data clustering | |
| JP7076483B2 (en) | How to build a data model, equipment, devices and media | |
| US20220138504A1 (en) | Separation maximization technique for anomaly scores to compare anomaly detection models | |
| US11715487B2 (en) | Utilizing machine learning models to provide cognitive speaker fractionalization with empathy recognition | |
| CN113839799A (en) | A method and device for mining alarm association rules | |
| CN109934301B (en) | Power load cluster analysis method, device and equipment | |
| CN115225516B (en) | LSSVM network flow prediction method based on improved ABC-VMD | |
| CN109933667A (en) | Text classification model training method, text classification method and equipment | |
| CN114332500A (en) | Image processing model training method and device, computer equipment and storage medium | |
| CN119404195A (en) | Normalization of anomaly scores based on extreme value theory | |
| CN114037059A (en) | Pre-training model, model generation method, data processing method and data processing device | |
| CN110378543A (en) | Leaving office Risk Forecast Method, device, computer equipment and storage medium | |
| CN119720001A (en) | Data monitoring method and device | |
| CN113590774A (en) | Event query method, device and storage medium | |
| CN114021650A (en) | Data processing method, apparatus, electronic device and medium | |
| CN112632990A (en) | Label obtaining method, device, equipment and readable storage medium | |
| CN117851600A (en) | Text data classification method, apparatus, computer device, storage medium and product | |
| CN115422000A (en) | Abnormal log processing method and device | |
| CN113627514A (en) | Data processing method and device of knowledge graph, electronic equipment and storage medium | |
| CN114021631A (en) | Bank customer classification method and device | |
| CN113919542A (en) | Distribution network edge side load identification method and device and terminal equipment | |
| US20240231678A9 (en) | Automated data archival framework using artificial intelligence techniques |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |