Advanced Intelligence Engine
First Claim
1. A method for use in monitoring one or more platforms of one or more data systems, comprising:
- receiving, at a processing engine, structured data generated by one or more platforms over at least one communications network;
first evaluating, at the processing engine using a first rule block, at least some of the data;
first determining, from the first evaluating, whether a result is one of at least first and second outcomes; and
depending upon the determining, second evaluating, at the processing engine using a second rule block, at least some of the data; and
second determining, from the second evaluating, whether a result is one of at least first and second outcomes, wherein the results are analyzed to determine an event of interest.
6 Assignments
0 Petitions
Accused Products
Abstract
An advanced intelligence engine (AIE) for use in identifying what may be complex events or developments on one or more data platforms or networks from various types of structured or normalized data generated by one or more disparate data sources. The AIE may conduct one or more types of quantitative, correlative, behavioral and corroborative analyses to detect events from what may otherwise be considered unimportant or non-relevant information spanning one or more time periods. Events generated by the AIE may be passed to an event manager to determine whether further action is required such as reporting, remediation, and the like.
76 Citations
24 Claims
-
1. A method for use in monitoring one or more platforms of one or more data systems, comprising:
-
receiving, at a processing engine, structured data generated by one or more platforms over at least one communications network; first evaluating, at the processing engine using a first rule block, at least some of the data; first determining, from the first evaluating, whether a result is one of at least first and second outcomes; and depending upon the determining, second evaluating, at the processing engine using a second rule block, at least some of the data; and second determining, from the second evaluating, whether a result is one of at least first and second outcomes, wherein the results are analyzed to determine an event of interest. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for use in monitoring one or more platforms of one or more data systems, comprising:
-
a processing module; and a memory module logically connected to the processing module and comprising a set of computer readable instructions that are executable by the processing module to; receive structured data generated by one or more platforms over at least one communications network; first evaluate, using a first rule block, at least some of the data; first determine, from the first evaluating, whether a result is one of at least first and second outcomes; and depending upon the determining, second evaluate, using a second rule block, at least some of the data; and second determine, from the second evaluating, whether a result is one of at least first and second outcomes, wherein the results are analyzed to determine an event of interest.
-
-
17. An event generating system, comprising:
-
an event module adapted to be operatively interposed between a user console for manipulating the event module and at least one source of structured data, the structured data being generated by one or more platforms of one or more data systems, the event module comprising; a user rule module including a plurality of objects for use in allowing a user to define a user version of at least one data processing rule; and an event table for storing generated events; and a event processing engine, logically connected between the at least one source of structured data and the event module, for generating events from the at least one source of structured data, the event processing engine comprising; a receiving module for receiving data related to the at least one source of structured data; a compiling module for obtaining the plurality of objects from the user rule module and generating a processing version of the at least one data processing rule; and a processing module for; evaluating the received data using the processing version of the at least one data processing rule; and in response to the received data matching the processing version of the at least one data processing rule, writing at least one event to the event table. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification