Typicality filtering of event indicators for information technology resources
First Claim
Patent Images
1. A method suitable for filtering events in an information technology resource monitor, comprising the steps of:
- determining a present count of occurrences of an event for a present monitoring period;
comparing the present count with numbers of occurrences of the event in a plurality of earlier monitoring periods;
invoking a first action if the present count exceeds a predetermined proportion of the numbers of occurrences of the event in the plurality of earlier monitoring periods; and
invoking a second action if the present count does not exceed the predetermined proportion of the numbers of occurrences of the event in the plurality of earlier monitoring periods.
1 Assignment
0 Petitions
Accused Products
Abstract
A monitor for information technology resources improved by introducing typicality filters to analyze potential event indicators such as alerts. A typicality filter keeps a time-dependent history of the frequency of occurrence of an associated event, wherein time is segmented into monitoring periods. At the end of each monitoring period, a present count of occurrences of the event is determined, and compared with the numbers of occurrences of that event in a subset of monitoring periods read from the history. If the present count exceeds the number of occurrences of the event in a predetermined proportion of the subset of historical monitoring periods, a first action is invoked; otherwise, a second action is invoked.
16 Citations
6 Claims
-
1. A method suitable for filtering events in an information technology resource monitor, comprising the steps of:
-
determining a present count of occurrences of an event for a present monitoring period;
comparing the present count with numbers of occurrences of the event in a plurality of earlier monitoring periods;
invoking a first action if the present count exceeds a predetermined proportion of the numbers of occurrences of the event in the plurality of earlier monitoring periods; and
invoking a second action if the present count does not exceed the predetermined proportion of the numbers of occurrences of the event in the plurality of earlier monitoring periods. - View Dependent Claims (2, 3, 4)
-
-
5. A program storage device readable by a machine, tangibly embodying a program of instructions executable by the machine to perform method steps suitable for filtering events in an information technology resource monitor, said method steps comprising:
-
determining a present count of occurrences of an event for a present monitoring period;
comparing the present count with numbers of occurrences of the event in a plurality of earlier monitoring periods;
invoking a first action if the present count exceeds a predetermined proportion of the numbers of occurrences of the event in the plurality of earlier monitoring periods; and
invoking a second action if the present count does not exceed the predetermined proportion of the numbers of occurrences of the event in the plurality of earlier monitoring periods.
-
-
6. A typicality filter suitable for filtering events in an information technology resource monitor, said filter comprising:
-
an event counter for determining a present count of occurrences of an event for a present monitoring period;
a history table for storing numbers of occurrences of the event in earlier monitoring periods; and
logic for comparing the present count with numbers of occurrences of the event in a plurality of earlier monitoring periods selected from the history table, invoking a first action if the present count exceeds a predetermined proportion of the numbers of occurrences of the event in the plurality of earlier monitoring periods, and invoking a second action if the present count does not exceed the predetermined proportion of the numbers of occurrences of the event in the plurality of earlier monitoring periods.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsMacLellan, Scot, Lake, John Michael, Blaisdell, Russell C.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current719/318
-
CPC Class CodesH04L 41/0622 based on timeH04L 41/0627 by acting on the notificati...H04L 43/16 Threshold monitoring
