CN1300679C - Alarm signal processing method based on information queue - Google Patents
Alarm signal processing method based on information queue Download PDFInfo
- Publication number
- CN1300679C CN1300679C CNB031312624A CN03131262A CN1300679C CN 1300679 C CN1300679 C CN 1300679C CN B031312624 A CNB031312624 A CN B031312624A CN 03131262 A CN03131262 A CN 03131262A CN 1300679 C CN1300679 C CN 1300679C
- Authority
- CN
- China
- Prior art keywords
- node
- alarm
- warning
- message
- thread
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The present invention relates to an alarm signal processing method based on message queues. The present invention at least comprises steps that after a process or a thread which has an event that has to be given an alarm, the event is defined as an alarm message node which is added to a node queue, and a node adding signal is sent to the alarm process or the alarm thread; the alarm process or the alarm thread arrays alarm message nodes so as to maintain an alarm message node queue, and nodes in the queue are synchronously controlled; the alarm process or the alarm thread takes out one node from the alarm node queue in the circulation manner, and an alarm is given in real time according to an alarm mode recorded by the node; the node is deleted after the alarm. The method maintains real time property for callers; meanwhile, the alarm events are uniformly managed, the synchronous control of the alarm modes is realized, and the processing operation of a computer CPU or a network system can not be blocked.
Description
Technical field
The present invention relates to computer network security technology, especially a kind of alerting signal disposal route based on message queue is used to realize security alarm.Belong to the Computer Applied Technology field.
Background technology
In the design and realization of fail-safe software, warning function is one of common function, when anomalous event takes place, need carry out Realtime Alerts to the user.In the prior art, the software type of alarm adopts mail to report to the police usually, and operating system windows receives warning message, technical schemes such as operating system pop-up window.Common implementation method is that every kind of type of alarm is packaged into application programming interfaces (API), calls for required user.The execution of warning API can spend the regular hour, if each caller is all directly carried out API, time of return will prolong, and influences the real-time of caller program; On the other hand, if different callers is carried out API simultaneously, may cause with a kind of mode and block in the resource of internal system.This method can realize its function in small-sized system, and can't satisfy the requirement of large-scale real-time system, and this is because on the one hand, each type of alarm may spend some times, influences the real-time of caller routine processes; On the other hand, different callers directly sends warning, may cause with a kind of mode and block in the resource of internal system, can't carry out synchro control.
Summary of the invention
For overcoming the deficiencies in the prior art, the object of the present invention is to provide a kind of alerting signal disposal route based on message queue, be used to realize general security alarm, with all the incident unified managements that need report to the police in the computer security network system.
For achieving the above object, technical scheme of the present invention is achieved in that the alerting signal disposal route based on message queue, may further comprise the steps at least:
Step 1, use process or thread are the warning message node with event definition after the incident that needs to report to the police is arranged, and are increased in the node formation and go, and send the signal that adds node to warning process or thread;
Step 2, warning process or thread are arranged warning message node, the formation of maintenance alert messages node, the node in the synchro control formation;
Step 3, warning process or thread circulate from the formation of warning node and take out a node, according to the type of alarm of node record, and Realtime Alerts, this node of back deletion of reporting to the police.
In said method, judge earlier when also comprising the operation of warning process or thread before the step 1 whether alarm queue is empty, if be empty, waits the signal of node to be added, takes out the step that node begins to handle then from formation.
Also comprising that alert event disposes after the step 3 hangs up warning process or thread, waits for that the signal that node is arranged produces, and continues to handle the step of alert event.
In said method, the pointer alignment of first in first out is adopted in the formation of the said message node of step 1; Said warning message node records time, source, the content of alert event and the type of alarm that need take at least.
When said synchro control is meant adding and takes out the warning node in the step 2 formation is locked, to realize synchro control.
Type of alarm adopts the warning of sending e-mails, sends out the warning of windows message or sends out the SMS warning.
Compare with the windows message mechanism, the present invention is more simple and reliable, do not need the participation of operating system, do not need message route and message circulation, only need message dilivery and focus on, be more suitable for this particular problem of disposal system concentrated alarm, and be applicable to the system of a plurality of processes on the machine or thread, also be applicable to the network system on many machines; Can also cross-platform realization.The present invention is defined as a warning message node with each alert event, safeguards a warning message node tabulation in alarm mechanism, increases the warning node for all callers that need report to the police in the system provide simultaneously; Alarm mechanism adopts the formation mode of first in first out to handle the tabulation of warning message node, and circulation is taken out a warning message node and handled from the bottom, according to the type of alarm of node record, carries out actual warning function and realizes.Not only safeguarded the real-time of caller,, realized synchro control, can not cause the obstruction of computer network system again type of alarm simultaneously to the alert event unified management.
Description of drawings
Fig. 1 is warning process of the present invention or thread process process flow diagram
Fig. 2 is that consumer process of the present invention or thread use process flow diagram.
Embodiment
The present invention is further detailed explanation below in conjunction with accompanying drawing and preferred embodiment of the present invention.
Fig. 1 is warning process of the present invention or thread process process flow diagram.At first create the object of alarm queue visit and warning node synchro control, judge then whether alarm queue is empty, if be empty, then wait for, up to the signal that has the warning node to add, otherwise judging whether the formation of warning node is locked, if locked, then wait for, up to the alarm queue release is arranged, otherwise the warning node is locked, take out warning node and release, report to the police the back deletion warning node of reporting to the police then by preassigned mode.Alert event disposes and hangs up warning process or thread, waits for that the signal that node is arranged produces, and continues to handle alert event.
Fig. 2 is that consumer process of the present invention or thread use process flow diagram.Consumer process or thread are obtained the pointer of warning process or thread, structure warning node when needing to report to the police, judge then whether the warning node is locked, locked and waited for that then the release of warning node is arranged, then the warning node is not locked, add the warning node, after the release, send the signal that adds the warning node more then.The present invention adopts and locks is to have other thread to revise formation simultaneously in order to prevent, causes data corruption.This be because: when user thread need be operated certain formation, must earlier judge the sign whether this formation locks, if lock is arranged, illustrating currently has other threads to insert or operation such as deletion over against this formation, so can only wait at this moment; If lock must not obtained operation power earlier with the set of lock sign, just can carry out queue operation, end of operation will be locked sign and remove.Used formation so just can for other threads.
The step that the present invention realizes is:
Step 1, use process or thread are the warning message node with event definition after the incident that needs to report to the police is arranged, and are increased in the node formation and go, and send the signal that adds node to warning process or thread;
Step 2, warning process or thread are arranged warning message node, the formation of maintenance alert messages node, the node in the synchro control formation;
Step 3, warning process or thread circulate from the formation of warning node and take out a node, according to the type of alarm of node record, and Realtime Alerts, this node of back deletion of reporting to the police.
In the computing machine warning net, at first use process or thread to judge and have or not alert event to take place, if event occurs, then each alert event is defined as the warning message node, the warning message node records time, source, the content of alert event and the type of alarm that need take.
The process of reporting to the police then or thread are arranged warning message node, the formation of maintenance alert messages node, the node in the synchro control formation.Message node pointer alignment is arranged the warning message node, and maintenance alert messages node tabulation formation.Warning message node of use process or thread constructing is inserted information and type of alarm that needs are reported to the police, joins in the formation of warning message node.Messaging list of the present invention adopts the data structure of the pointer alignment form of first in first out, realizes that the generation earlier of the incident of warning is handled earlier.
Afterwards, according to the type of alarm of node record, handle the formation of warning message node in real time.Warning process or thread take out a warning message node from warning message node formation bottom, type of alarm according to the node record, call corresponding warning function module, realize reporting to the police, the mode of realize reporting to the police send e-mails warnings, send out windows message and report to the police, perhaps send out the SMS warning.
Behind the alert event that disposes, continue from the formation of warning message node, to take out the warning message node and handle, judge again whether alert event disposes, to handle then and finish, program withdraws from, otherwise continues to handle alert event.
In the present invention, use process or thread to be warning node of each incident that need report to the police structure in the system, record warning message and type of alarm in the warning node, and call the adding method of the alarm mechanisms such as data structure of formation form, this node is added in the formation of warning node, take out a warning node from warning node formation bottom successively, the type of alarm according to the node record calls corresponding warning function module and reports to the police.
As seen from Figure 1, Figure 2, the present invention is encapsulated as warning message with alert event, comes the maintenance alert messages formation by independent alarm mechanism, and circular treatment successively.The alert event and the realization of reporting to the police are separated, for large scale system provides general warning function mechanism, can be for there being demander to call arbitrarily in the system.In addition, the present invention can also further expand the warning function module.
Under these conditions, the use process that need report to the police or thread just can be for further processing as long as the structure warning message adds message to the warning message formation, can not influence the real-time of himself.Simultaneously, the independent alarm mechanism taking-up warning message that circulates successively, the concrete action of reporting to the police successively and realizing according to the type of alarm of Message Record, can not cause the operation of carrying out a certain type of alarm in the system simultaneously and cause blocking, the generation of situation such as resource occupation, therefore be a kind of general alarm mechanism that is adapted at safety in the large-scale fail-safe software system.
It should be noted last that: above embodiment is the unrestricted technical scheme of the present invention in order to explanation only, although the present invention is had been described in detail with reference to the foregoing description, those of ordinary skill in the art is to be understood that: still can make amendment or be equal to replacement the present invention, and not breaking away from any modification or partial replacement of the spirit and scope of the present invention, it all should be encompassed in the middle of the claim scope of the present invention.
Claims (9)
1, based on the alerting signal disposal route of message queue, it is characterized in that: this method may further comprise the steps at least:
Step 1, use process or thread are the warning message node with event definition after the incident that needs to report to the police is arranged, and are increased in the node formation and go, and send the signal that adds node to warning process or thread;
Step 2, warning process or thread are arranged warning message node, the formation of maintenance alert messages node, the node in the synchro control formation;
Step 3, warning process or thread circulate from the formation of warning node and take out a node, according to the type of alarm of node record, and Realtime Alerts, this node of back deletion of reporting to the police.
2, the alerting signal disposal route based on message queue according to claim 1, it is characterized in that: judge earlier when also comprising the operation of warning process or thread before the step 1 whether alarm queue is empty, if be empty, etc. the signal of node to be added, from formation, take out the step that node begins to handle then.
3, the alerting signal disposal route based on message queue according to claim 1, it is characterized in that: also comprise after the step 3: alert event disposes and hangs up warning process or thread, wait has the signal of node to produce, and continues to handle the step of alert event.
4, the alerting signal disposal route based on message queue according to claim 1 is characterized in that: the pointer alignment of first in first out is adopted in the formation of the said message node of step 1.
5, the alerting signal disposal route based on message queue according to claim 1 is characterized in that: by locking sign set formation is locked when said synchro control is meant adding and takes out the warning node in the step 2, to realize synchro control.
6, the alerting signal disposal route based on message queue according to claim 1 is characterized in that: the said warning message node of step 1 records time, source, the content of alert event at least, and the type of alarm that need take.
7, the alerting signal disposal route based on message queue according to claim 6, it is characterized in that: type of alarm is meant the warning of sending e-mails.
8, the alerting signal disposal route based on message queue according to claim 6 is characterized in that: type of alarm is meant that sending out windows message reports to the police.
9, the alerting signal disposal route based on message queue according to claim 6 is characterized in that: type of alarm is meant that sending out SMS reports to the police.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031312624A CN1300679C (en) | 2003-05-23 | 2003-05-23 | Alarm signal processing method based on information queue |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031312624A CN1300679C (en) | 2003-05-23 | 2003-05-23 | Alarm signal processing method based on information queue |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1549116A CN1549116A (en) | 2004-11-24 |
| CN1300679C true CN1300679C (en) | 2007-02-14 |
Family
ID=34322818
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB031312624A Expired - Fee Related CN1300679C (en) | 2003-05-23 | 2003-05-23 | Alarm signal processing method based on information queue |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1300679C (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1936846B (en) * | 2005-09-21 | 2010-09-01 | 英华达(上海)电子有限公司 | Method for realtime processing system key on inlaid apparatus |
| CN100365582C (en) * | 2006-03-14 | 2008-01-30 | 上海科泰世纪科技有限公司 | Data processing method for event synchronization object extension in computer operating system |
| CN100458704C (en) * | 2006-10-18 | 2009-02-04 | 北京中星微电子有限公司 | Method and system for supporting multiple services |
| CN101106702B (en) * | 2007-08-08 | 2010-07-21 | 南京联创科技集团股份有限公司 | Configurable alert filtering method for video monitoring system |
| CN112767620A (en) * | 2020-12-24 | 2021-05-07 | 交控科技股份有限公司 | Mixed voice alarm method and system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5251302A (en) * | 1988-04-11 | 1993-10-05 | Square D Company | Network interface board having memory mapped mailbox registers including alarm registers for storing prioritized alarm messages from programmable logic controllers |
| US5388189A (en) * | 1989-12-06 | 1995-02-07 | Racal-Datacom, Inc. | Alarm filter in an expert system for communications network |
| JPH09259051A (en) * | 1996-03-22 | 1997-10-03 | Fujitsu Ltd | Alarm informing processing system |
| JP2001075838A (en) * | 1999-09-06 | 2001-03-23 | Nec Corp | Alarm monitoring system, device and method for alarm management, and recording medium |
| CN1355634A (en) * | 2000-12-01 | 2002-06-26 | 三星电子株式会社 | Alarm management system and method for network management system |
-
2003
- 2003-05-23 CN CNB031312624A patent/CN1300679C/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5251302A (en) * | 1988-04-11 | 1993-10-05 | Square D Company | Network interface board having memory mapped mailbox registers including alarm registers for storing prioritized alarm messages from programmable logic controllers |
| US5388189A (en) * | 1989-12-06 | 1995-02-07 | Racal-Datacom, Inc. | Alarm filter in an expert system for communications network |
| JPH09259051A (en) * | 1996-03-22 | 1997-10-03 | Fujitsu Ltd | Alarm informing processing system |
| JP2001075838A (en) * | 1999-09-06 | 2001-03-23 | Nec Corp | Alarm monitoring system, device and method for alarm management, and recording medium |
| CN1355634A (en) * | 2000-12-01 | 2002-06-26 | 三星电子株式会社 | Alarm management system and method for network management system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1549116A (en) | 2004-11-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101902336A (en) | Rule model-based security event correlation analysis system and method | |
| EP1616235B1 (en) | Extensible sensor monitoring, alert processing and notification system and method | |
| CN1295612C (en) | Method for realizing real time threads state monitoring in multiple thread system | |
| CN101446914B (en) | Database monitoring method and device | |
| CN1217265C (en) | Process automatic restoring method | |
| CN1639703A (en) | System for integrating java servlets with asynchronous messages | |
| CN105763395A (en) | Method and system for monitoring and managing virtual machine and container in cloud environment | |
| CN110545276A (en) | threat event warning method and device, warning equipment and machine-readable storage medium | |
| CN1300679C (en) | Alarm signal processing method based on information queue | |
| CN111756601A (en) | Microservice architecture monitoring method and device, computer equipment and readable storage medium | |
| CN102890641A (en) | Process behavior control method and device | |
| CN1175352C (en) | Automatic WINDOWS NT course protecting system | |
| CN1716212A (en) | System and method for recovery from disaster | |
| CN112055061A (en) | Distributed message processing method and device | |
| CN113535446B (en) | Bidirectional process daemon method and system for protecting business data during line access | |
| US20030009711A1 (en) | Alarm management system | |
| CN103268567B (en) | The efficient mass incident detecting of Facing to Manufacturing trade management system and processing method | |
| CN114978860A (en) | Fault monitoring method and device, electronic equipment and storage medium | |
| US20110125769A1 (en) | Targeted user notification of messages in a monitoring system | |
| CN1349167A (en) | Automatic SOLARIS process protecting system | |
| CN112035839A (en) | Detection method and device for race condition vulnerability exploitation | |
| CN109586967A (en) | A kind of active alarm formula safety monitoring system | |
| CN101051933A (en) | Interface hanging up method in net managing system | |
| CN112162897A (en) | Public intelligent equipment management method and system | |
| CN1210922C (en) | Method for processing large tasks in network apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: LEGEND WANGYU TECHNOLOGY (BEIJING) LTD. Free format text: FORMER OWNER: LIANXIANG (BEIJING) CO. LTD. Effective date: 20050218 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20050218 Address after: 100086, room 801-810, CLP information building, 6 South Avenue, Beijing, Haidian District, Zhongguancun Applicant after: Lenovo Leadsec (Beijing) Co., Ltd Address before: 100085, No. 6, Pioneer Road, Haidian District information industry base, Beijing Applicant before: Lenovo (Beijing) Co., Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee |
Owner name: BEIJING LEADSEC TECHNOLOGY CO.,LTD. Free format text: FORMER NAME: LENOVO NET DEFENSE TECHNOLOGY (BEIJING) CO., LTD. |
|
| CP01 | Change in the name or title of a patent holder |
Address after: 100086, room 801-810, CLP information building, 6 South Avenue, Beijing, Haidian District, Zhongguancun Patentee after: Beijing Leadsec Technology Co.,Ltd. Address before: 100086, room 801-810, CLP information building, 6 South Avenue, Beijing, Haidian District, Zhongguancun Patentee before: Lenovo Wangyu Technology (Beijing) Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20070214 Termination date: 20150523 |
|
| EXPY | Termination of patent right or utility model |