Log analysis method and device, terminal equipment and storage medium

• Main Authors: YING YUEFEI, HE XIAOMING, XU LIANG, WU PEIYAO, LIN HAO, JIANG RONGXIA
• Format: Patent
• Language: Chinese; English
• Published: 05.01.2024
• Subjects: ELECTRIC COMMUNICATION TECHNIQUE; ELECTRICITY; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

The invention discloses a log analysis method and device, terminal equipment and a storage medium. The log analysis method comprises the steps of obtaining an abnormal log of a target system; generating a first exception topological graph according to the exception log; cutting the first abnormal topological graph according to a preset attack behavior framework to obtain a second abnormal topological graph; and analyzing the second abnormal topological graph to determine a final attack chain for the target system. According to the method, the visual abnormal topological graph is generated according to the abnormal log, the abnormal topological graph is cut to remove the noise information, and then the final attack chain is obtained by analyzing the abnormal topological graph, so that the analysis accuracy is improved while the analysis data volume is reduced, and the problem that the analysis efficiency and quality are reduced when the noise information is too much is solved. 本发明公开了一种日志分析方法、装置、终端设备及存储介质，其日志分析