| 摘 要: 在互联网大规模应用的环境下,如何有效分析用户喜欢访问什么网站、在互联网上喜欢做什么、浏览什 么是针对用户行为分析的重要内容。DNS作为一种域名解析服务,是互联网业务通信的重要保障,几乎所有互联网业务 访问运行均离不开DNS的支持,所以本文通过对DNS海量日志进行收集、清洗、存储全流程处理过程,并结合以ELK为 平台、以业务分析模型为基础,从而使DNS日志分析结果可视化清晰呈现,让用户了解互联网业务访问运行趋势,也直 观表现出用户实际的访问情况,最终实现用户行为的态势感知。 |
| 关键词: ELK;BIND;日志分析;态势感知 |
|
中图分类号: TP31
文献标识码: A
|
|
| ELK-based BIND Massive Log Analysis and User Behavior Situation Awareness Research |
|
RUAN Xiaolong,LU Jingxin1,2
|
1.( 1.School of Information Technology, Henan University of Traditional Chinese Medicine, Zhengzhou 450046, China;2.
2.Zhengzhou Tailai Information Technology Co., Ltd., Zhengzhou 450000, China)
|
| Abstract: In the environment of large-scale application of Internet,how to effectively analyze what websites users like to visit,what they like to do on the Internet,and what websites users like to brows is an important content of user behavior analysis.DNS,as a domain name resolution service,is an important guarantee for Internet business communication.Almost all Internet business access and operation can not be separated from DNS support.Therefore,through the whole process of collection,cleaning and storage of DNS massive logs,combined with elk platform and business analysis model,this paper makes DNS log analysis results visible and clear.Let users understand the operational trend of Internet business access,and also intuitively show the actual access situation of users,and finally achieve the situation awareness of user behavior. |
| Keywords: ELK;BIND;log analysis;situational awareness |
