Systems and methods for computer environment situational awareness
First Claim
1. A system for monitoring states of operation of assets in a network of computer devices, the system comprising:
- one or more servers communicatively coupled to a computer network, the one or more servers include;
a controller engine executed on one or more processors, coupled to a memory, and configured to;
detect that a specification associated with operation of the computer network is violated;
identify one or more assets of the computer network associated with the specification; and
an asset profiling engine configured to, for each asset of the one or more identified assets;
determine a first set of parameters for profiling the asset based on detected violation of the specification;
transmit a first query for the first set of parameters to a computing device associated with the asset;
receive, from the computing device, one or more first parameter values corresponding to the first set of parameters responsive to the first query;
compare the one or more first parameter values to one or more first criteria or threshold values; and
determine a state of operation of the asset based on comparing the one or more first parameter values to the one or more first criteria or threshold values, the state of operation indicative of a normal or an abnormal behavior associated with the asset,the controller engine configured to determine a cause of violating the specification based on one or more determined states of operation of the one or more identified assets.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for monitoring states of operation of a computer environment can include one or more computer servers identifying a target asset of the computer environment and establishing a communication link with a computing device associated with the target asset. The one or more computer servers can determine a first set of parameters for profiling the target asset, transmit a first query for the first set of parameters to the computing device via the communication link, and receive one or more first parameter values corresponding to the first set of parameters responsive to the query. The one or more computer servers can compare the one or more first parameter values to one or more first criteria or threshold values, an determine a state of operation of the target asset based on the comparison. The state of operation can be indicative of an abnormal behavior associated with the target asset.
-
Citations
20 Claims
-
1. A system for monitoring states of operation of assets in a network of computer devices, the system comprising:
one or more servers communicatively coupled to a computer network, the one or more servers include; a controller engine executed on one or more processors, coupled to a memory, and configured to; detect that a specification associated with operation of the computer network is violated; identify one or more assets of the computer network associated with the specification; and an asset profiling engine configured to, for each asset of the one or more identified assets; determine a first set of parameters for profiling the asset based on detected violation of the specification; transmit a first query for the first set of parameters to a computing device associated with the asset; receive, from the computing device, one or more first parameter values corresponding to the first set of parameters responsive to the first query; compare the one or more first parameter values to one or more first criteria or threshold values; and determine a state of operation of the asset based on comparing the one or more first parameter values to the one or more first criteria or threshold values, the state of operation indicative of a normal or an abnormal behavior associated with the asset, the controller engine configured to determine a cause of violating the specification based on one or more determined states of operation of the one or more identified assets. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A method of monitoring states of operation of assets in a network of computer devices, the method comprising:
-
detecting by a controller engine executed on one or more processors, coupled to a memory, that a specification associated with operation of the identifying, by the controller engine, one or more assets of the computer network associated with the specification; determining, by the asset profiling engine, for each asset of the one or more identified assets, a first set of parameters for profiling the asset based on detected violation of the specification; transmitting, by the asset profiling engine, for each asset of the one or more identified assets, a first query for the first set of parameters to a computing device associated with the asset; receiving, by the asset profiling engine, for each asset of the one or more identified assets, one or more first parameter values corresponding to the first set of parameters responsive to the first query; comparing, by the asset profiling engine, for each asset of the one or more identified assets, the one or more first parameter values to one or more first criteria or threshold values; determining, by the asset profiling engine, for each asset of the one or more identified assets, a state of operation of the asset based on comparing the one or more first parameter values to the one or more first criteria or threshold values, the state of operation indicative of an abnormal behavior associated with the asset; and determining, by the controller engine, a cause of violating the specification based on one or more determined states of operation of the one or more identified assets. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable medium with computer code instructions stored thereon, the computer code instructions when executed by one or more processors cause the one or more processors to:
-
detect that a specification associated with operation of the computer network; identify one or more assets of the computer network associated with the specification; determine, for each asset of the one or more identified assets, a first set of parameters for profiling the asset based on detected violation of the specification; transmit, for each asset of the one or more identified assets, a first query for the first set of parameters to a computing device associated with the asset; receive, for each asset of the one or more identified assets, one or more first parameter values corresponding to the first set of parameters responsive to the first query; compare, for each asset of the one or more identified assets, the one or more first parameter values to one or more first criteria or threshold values; determine, for each asset of the one or more identified assets, a state of operation of the asset based on comparing the one or more first parameter values to the one or more first criteria or threshold values, the state of operation indicative of an abnormal behavior associated with the asset, and determine a cause of violating the specification based on one or more determined states of operation of the one or more identified assets.
-
Specification