计算机工程与应用 ›› 2019, Vol. 55 ›› Issue (23): 248-256.DOI: 10.3778/j.issn.1002-8331.1808-0390

• 工程与应用 • 上一篇    下一篇

企业日志数据的交互式可视分析方法研究

樊晓博,张慧军,张小龙   

  1. 太原理工大学 信息与计算机学院,山西 晋中 030600
  • 出版日期:2019-12-01 发布日期:2019-12-11

Research on Interactive Visual Analysis Method of Enterprise Log Data

FAN Xiaobo, ZHANG Huijun, ZHANG Xiaolong   

  1. School of Information and Computer, Taiyuan University of Technology, Jinzhong, Shanxi 030600, China
  • Online:2019-12-01 Published:2019-12-11

摘要: 企业日志数据,即员工在企业内部使用网络服务时系统保存的记录,包括员工网页访问日志、邮件日志等。在一定程度上反映了企业内部的组织结构、员工的日常工作模式和各种异常情况等。对日志数据进行分析有助于企业高层及时把控企业的运行状况,发现企业潜在威胁,进而帮助更好地进行决策。现有的企业日志分析方法大多是在单一数据基础上使用数据挖掘和机器学习等算法来进行分析。将以数据为中心的分析算法和以人为中心的交互式可视化结合起来能够同时发挥算法和人的分析优势;可视分析方法可以更有效地将多源异构、时变、多维的日志数据分析结合起来,提供多角度分析。为此,设计并实现了面向企业日志数据的员工工作行为可视分析系统EWB-VIS。在ChinaVis2018挑战赛所提供的公开数据集上进行实验,证明了系统的可用性和相关可视化方法的有效性。

关键词: 聚类算法, 可视分析, 交互设计, 企业日志数据

Abstract: Enterprise log data, includes employee web access logs, mail logs, which is the record kept by the system when employees use the network service inside the enterprise. To a certain extent, these logs reflect the internal organizational structure, the daily working patterns of employees, and various abnormal situations. The analysis of the log data helps the company’s senior management to control the operation of the enterprise in a timely manner, and discover potential threats of the enterprise, thereby helping to make better decisions. Most of the existing enterprise log analysis methods use algorithms such as data mining and machine learning to analyze on a single data basis. This paper argues that: combining data-centric analysis algorithms with human-centered interactive visualizations can simultaneously exploit the advantages of algorithms and humans, visual analysis method can more effectively combine multi-source heterogeneous, time-varying, multi-dimensional log data analysis to provide multi-angle analysis. To this end, this paper proposes a visualization method which designs and implements a visual analysis system for employee work behavior for enterprise log data EWB-VIS. Experiments are conducted on the public dataset provided by the ChinaVis2018 Challenge to demonstrate the availability of the system and the effectiveness of the relevant visualization methods.

Key words: clustering algorithm, visual analysis, interaction design, enterprise log data