LOG COLLECTION, STRUCTURING AND PROCESSING
First Claim
1. A method for distributing logs from one or more platforms of a data system to one or more receiving entities on the data system, comprising the steps of:
- establishing, on a processing platform, at least one log processing rule for selectively processing logs associated with one or more monitored platforms;
receiving, at said processing platform, logs associated with said one or more monitored platforms;
processing, at said processing platform, said received logs using said at least one log processing rule;
identifying, from the processing step, a first subset of the received logs based on one or more metadata fields of the received logs and a classification of the received logs; and
distributing, to a receiving entity from said processing platform, information related to the first subset.
3 Assignments
0 Petitions
Accused Products
Abstract
Tools for use in obtaining useful information from processed log messages generated by a variety of network platforms (e.g., Windows servers, Linux servers, UNIX servers, databases, workstations, etc.). The log messages may be processed by one or more processing platforms or “log managers” using any appropriate rule base to identify “events” (i.e., log messages of somewhat heightened importance), and one or more “event managers” may analyze the events to determine whether alarms should be generated therefrom. The tools may be accessed via any appropriate user interface of a console that is in communication with the various log managers, event managers, etc., to perform numerous tasks in relation to logs, events and alarms.
-
Citations
27 Claims
-
1. A method for distributing logs from one or more platforms of a data system to one or more receiving entities on the data system, comprising the steps of:
-
establishing, on a processing platform, at least one log processing rule for selectively processing logs associated with one or more monitored platforms; receiving, at said processing platform, logs associated with said one or more monitored platforms; processing, at said processing platform, said received logs using said at least one log processing rule; identifying, from the processing step, a first subset of the received logs based on one or more metadata fields of the received logs and a classification of the received logs; and distributing, to a receiving entity from said processing platform, information related to the first subset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for use on one or more platforms of a data system, comprising the steps of:
-
establishing, on a processing platform, a number of log processing rules for selectively processing logs associated with one or more monitored platforms; establishing, on the processing platform, an override setting in relation to at least one data management setting for logs that match at least one of the log processing rules, the at least one data management setting specifying whether or not an action is to be taken in relation to the logs matching the least one log processing rule; receiving, at the processing platform, logs from said one or more monitored platforms; operating said processing platform to identify received logs that match the at least one log processing rule; and processing, at said processing platform, the matching received logs according to said override setting. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for distributing logs from one or more platforms of a data system to one or more receiving entities on the data system, comprising:
-
a storage module including at least one log processing rule for selectively processing logs associated with one or more monitored platforms; a receiving module for receiving logs associated with said one or more monitored platforms; and a processor that is operatively interconnected to the storage module and the receiving module, wherein said processor is operable to; process said received logs using said at least one log processing rule; identify a first subset of the received logs based on one or more metadata fields of the received logs and a classification of the received logs; and distribute, to a receiving entity from said processing platform, information related to the first subset. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification