通信学报2024,Vol.45Issue(4):95-113,19.DOI:10.11959/j.issn.1000-436x.2024071
基于启发式规则的流式在线日志解析方法
Streaming online log parsing method based on heuristic rule
摘要
Abstract
To address the issues of inaccurate parsing and unstable performance in existing log parsing methods,a streaming online log parsing method based on heuristic rules,known as heuristic regex tree(HRTree),was proposed.Based on the drain method of parsing the structure tree,heuristic rules were introduced to split and construct the log,and some construction methods of the parse structure tree were optimized,so as to solve the problems of over fitting of log parameters and unstable parsing results of different system logs.Not only the classification of parsing results was accu-rate,but also the parameter content recognition was accurate.A large number of experimental results demonstrate that the proposed HRTree parsing method shows more than 90%parsing accuracy on different system logs.关键词
海量日志/日志解析/启发式规则/HRTree方法/准确率Key words
massive log/log parsing/heuristic rule/HRTree method/accuracy分类
信息技术与安全科学引用本文复制引用
蒋忠元,陶梅悦,赵晓庆,方晓彤,李兴华,马建峰..基于启发式规则的流式在线日志解析方法[J].通信学报,2024,45(4):95-113,19.基金项目
国家重点研发计划基金资助项目(No.2022YFB2701800) (No.2022YFB2701800)
陕西省重点研发计划基金资助项目(No.2023-YBGY-270) (No.2023-YBGY-270)
国家自然科学基金资助项目(No.62076191,No.61502375)The National Key Research and Development Program of China(No.2022YFB2701800),The Key Research and Development Program of Shaanxi Province(No.2023-YBGY-270),The National Natural Science Foundation of China(No.62076191,No.61502375) (No.62076191,No.61502375)
