Integrated monitoring system
First Claim
Patent Images
1. A method for monitoring events generated on at least one computer system, said method comprising the steps of:
- (a) monitoring a set of event data generated on said at least one system;
(b) recording said set of event data in a database;
(c) interrogating said database to thereby select alert event data from said set of event data according to a predefined set of rules; and
(d) reading said alert event data and issuing an appropriate action due to said generated event, said action issued according to said predefined set of rules.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for monitoring events generated on at least one computer system, said method comprising the steps of:
(a) monitoring a set of event data generated on said at least one system;
(b) recording said set of event data in a database;
(c) interrogating said database to thereby select alert event data from said set of event data according to a predefined set of rules; and
(d) reading said alert event data and issuing an appropriate action due to said generated event, said action issued according to said predefined set of rules.
-
Citations
55 Claims
-
1. A method for monitoring events generated on at least one computer system, said method comprising the steps of:
-
(a) monitoring a set of event data generated on said at least one system;
(b) recording said set of event data in a database;
(c) interrogating said database to thereby select alert event data from said set of event data according to a predefined set of rules; and
(d) reading said alert event data and issuing an appropriate action due to said generated event, said action issued according to said predefined set of rules. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A computer memory storing thereon an application program for controlling the execution of a processor to monitor events generated on at least one computer system, the computer program controlling the processor to:
-
monitor a set of event data generated on at least one computer system;
record said set of event data in a database;
interrogate said database to thereby select alert event data from said set of event data according to a predefined set of rules; and
read said alert event data and issue an appropriate action due to said generated event on said computer system, said action issued according to said predefined set of rules. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. A monitoring system for monitoring events generated on at least one computer system, said monitoring system comprising
one ore more agent programs for monitoring a set of event data generated on said at least one computer system; -
a database for recording said set of event data in a database, said database adapted to be interrogated to thereby select alert event data from said set of event data according to a predefined set of rules; and
action generation means for reading said alert event data and issuing an appropriate action to said generated event on said computer system, said action being issued according to said predefined set of rules. - View Dependent Claims (44, 45, 46, 48, 50)
-
-
47. A method for monitoring events generated on a computer network, said method comprising the steps of:
-
(a) monitoring a set of event data generated by a plurality of nodes on said computer network in a plurality of data formats;
(b) parsing said monitored set of event data in a plurality of data formats;
(c) converting said parsed set of event data from said plurality of data formats into a common format;
(d) recording said set of event data in a common format into one or more databases;
(e) interrogating said database to thereby select alert event data from said set of event data according to a predefined set of rules.
-
-
49. A computer memory storing thereon an application program for controlling the execution of a processor to monitor events generated on a computer network, said processor coupled to said computer network and said computer program controlling the processor to:
-
monitor a set of event data generated by a plurality of nodes on said computer network, event data of said monitored set of event data being in a multiplicity of data formats;
parse said monitored set of event data in a multiplicity of data formats;
convert said parsed set of event data from said multiplicity of data formats into a common format;
record said set of event data in a common format into one or more databases;
interrogate said database to thereby select alert event data from said set of event data according to a predefined set of rules.
-
-
51. A method for monitoring events generated on a distributed computer network, said distributed computer network having a plurality of node clusters, said node clusters consisting of a plurality of nodes arranged to exchange data with a master node, said master node adapted to exchange data with other master nodes of said node clusters, said method comprising the steps of:
-
for each node cluster (a) monitoring event data generated by said nodes within said cluster;
(b) recording said event data in at lease one database assigned to said node cluster; and
in a local cluster (f) interrogating said database to thereby select event data which satisfies interrogation criteria; and
if no event data satisfies interrogation criteria in step (f) (g) interrogating other node clusters to thereby select event data which satisfies said interrogation criteria.
-
-
52. A method for monitoring events generated on a distributed computer network, said distributed computer network having a plurality of node clusters, said node clusters consisting of a plurality of nodes arranged to exchange data with a master node, said master node adapted to exchange data with other master nodes of other node clusters, said method comprising the steps of:
-
for each node cluster (a) monitoring event data generated by said nodes within said cluster;
(b) recording said event data in at lease one database assigned to said node cluster;
(c) assigning a unique identifier to identify an event type for said recorded event data;
in a local cluster (f) interrogating said database to thereby select event data which satisfies interrogation criteria;
(g) reading said unique identifier of selected event data in (f); and
in other clusters (h) interrogating said other node clusters to determine if a correlation exists with said read unique identifier.
-
-
53. A method for monitoring events resulting from interaction of a user with at least one computer or system generated event, substantially according to any one of the examples described herein with reference to the accompanying drawings.
-
54. A computer memory storing thereon an application program for controlling the execution of a processor to monitor events resulting from interaction of a user with at least one computer, substantially according to any one of the examples described herein with reference to the accompanying drawings.
-
55. A monitoring system for monitoring events resulting from interaction of a user with or system generated event on at least one computer, substantially as herein described with reference to the accompanying drawings.
Specification