ALERT MANAGEMENT SYSTEM FOR ENTERPRISES

US 20160164714A1
Filed: 02/13/2015
Published: 06/09/2016
Est. Priority Date: 12/08/2014
Status: Active Grant

First Claim

Patent Images

1. A method for managing alerts generated in an enterprise environment, the method comprising:

discarding, by a processor, one or more duplicate alerts corresponding to an alert based on one or more predetermined rules, wherein a duplicate alert is an instance of the alert occurring within a duplicate alert arrival time associated with the alert;

obtaining an alert correlation signature associated with the alert from a database, wherein the alert correlation signature comprises information associated with one or more alerts, triggered in the enterprise environment, correlated to the alert;

obtaining, from the database, a temporal signature associated with the alert, wherein the temporal signature indicates a probable time of occurrence of the alert; and

transmitting the alert, the alert correlation signature, and the temporal signature to a computing device of a user of the enterprise environment.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for managing alerts generated in an enterprise environment is described. The method comprises discarding, by a processor, one or more duplicate alerts based on one or more predetermined rules, wherein a duplicate alert is an instance of an alert occurring within a duplicate alert arrival time associated with the alert. The method further comprises obtaining an alert correlation signature associated with the alert from a database, wherein the alert correlation signature comprises information associated with one or more alerts correlated to the alert. The method further comprises, obtaining, from the database, a temporal signature associated with the alert, wherein the temporal signature indicates a probable time of occurrence of the alert. Further, the alert, the alert correlation signature, and the temporal signature are transmitted to a computing device of a user of the enterprise environment.

Citations

14 Claims

1. A method for managing alerts generated in an enterprise environment, the method comprising:
- discarding, by a processor, one or more duplicate alerts corresponding to an alert based on one or more predetermined rules, wherein a duplicate alert is an instance of the alert occurring within a duplicate alert arrival time associated with the alert;
  
  obtaining an alert correlation signature associated with the alert from a database, wherein the alert correlation signature comprises information associated with one or more alerts, triggered in the enterprise environment, correlated to the alert;
  
  obtaining, from the database, a temporal signature associated with the alert, wherein the temporal signature indicates a probable time of occurrence of the alert; and
  
  transmitting the alert, the alert correlation signature, and the temporal signature to a computing device of a user of the enterprise environment.
- View Dependent Claims (2, 3, 4)
- - 2. The method as claimed in claim 1, wherein, for each of one or more duplicate alerts, the duplicate alert arrival time is measured from an instance of the alert immediately preceding the duplicate alert.
  - 3. The method as claimed in claim 1, wherein each of the one or more alerts correlated to the alert is determined based on a correlation technique.
  - 4. The method as claimed in claim 1, wherein the temporal signature is determined based on a time series associated with the alert.

5. A method for managing alerts generated in an enterprise environment, the method comprising:
- determining a time series associated with an alert based on past alert data, wherein the time series indicates a plurality of occurrences of the alert;
  
  determining a duplicate alert arrival time associated with the alert based on the time series;
  
  generating an alert correlation signature associated with the alert based on a correlation technique and the past alert data, wherein the alert correlation signature comprises information associated with one or more alerts correlated to the alert;
  
  generating a temporal signature associated with the alert based on the time series, wherein the temporal signature indicates a probable time of occurrence of the alert; and
  
  transmitting, upon generation of the alert in real time, the duplicate alert arrival time, the alert correlation signature, and the temporal signature to a computing device of a user associated with the enterprise environment.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The method as claimed in claim 5, wherein the determining the duplicate arrival time comprises:
    - determining a plurality of inter arrival times based on the time series, wherein an inter arrival time indicates a time period between two consecutive occurrences of the alert;
      
      clustering the plurality of inter arrival times into one or more clusters based on a clustering technique;
      
      identifying a cluster from amongst the one or more clusters having highest instances of corresponding inter arrival time;
      
      computing a mean value of the cluster; and
      
      identifying the mean value of the cluster to be the duplicate alert arrival time.
  - 7. The method as claimed in claim 5, wherein the generating the temporal signature comprises:
    - determining a plurality of probability of occurrences of the alert for each of a plurality of temporal dimensions based on the time series, wherein a temporal dimension indicates a time period;
      
      computing an entropy value associated with each temporal dimension from amongst the plurality of temporal dimensions based on the plurality of occurrences of the alert associated with the temporal dimension;
      
      selecting at least one temporal dimensions from amongst the plurality of temporal dimensions based on corresponding entropy value; and
      
      determining the probable time of occurrence of the alert based on the plurality of probability of occurrences associated with the at least one temporal dimension.
  - 8. The method as claimed in claim 5, wherein the method further comprises obtaining the past alert data comprising information pertaining to a plurality of alerts from a database.
  - 9. The method, as claimed in claim 5, wherein the past alert data comprises information associated with the plurality of occurrences of the alert.

10. An alert management system comprising;
- a processor;
  
  an alert management module coupled to the processor to,discard one or more duplicate alerts based on one or more predetermined rules, wherein a duplicate alert is an instance of an alert occurring within a duplicate alert arrival time associated with the alert;
  
  obtain an alert correlation signature associated with the alert from a database, wherein the alert correlation signature comprises information associated with one or more alerts correlated to the alert;
  
  obtain, from the database, a temporal signature associated with the alert, wherein the temporal signature indicates a probable time of occurrence of the alert; and
  
  transmit the alert, the alert correlation signature, and the temporal signature to a computing device of a user of the enterprise environment.
- View Dependent Claims (11, 12, 13)
- - 11. The alert management system as claimed in claim 10, wherein the alert management system further comprises:
    - a data analysis module coupled to the processor to,determine a time series associated with the alert based on past alert data, wherein the time series indicates a plurality of occurrences of the alert;
      
      determine the duplicate alert arrival time associated with the alert based on the time series;
      
      generate the alert correlation signature associated with the alert based on a correlation technique and the past alert data, wherein the alert correlation signature comprises information associated with one or more alerts correlated to the alert; and
      
      generate the temporal signature associated with the alert based on the time series, wherein the temporal signature indicates a probable time of occurrence of the alert.
  - 12. The alert management system as claimed in claim 10, wherein the data analysis module further is to,determine a plurality of inter arrival times based on the time series, wherein an inter arrival time indicates a time period between two consecutive occurrences of the alert;
    - cluster the plurality of inter arrival times into one or more clusters based on a clustering technique;
      
      identify a cluster from amongst the one or more clusters having highest instances of corresponding inter arrival time;
      
      compute a mean value of the cluster; and
      
      identify the mean value of the cluster to be the duplicate alert arrival time.
  - 13. The alert management system as claimed in claim 10, wherein the data analysis module further is to,determine a plurality of probability of occurrences of the alert for each of a plurality of temporal dimensions based on the time series, wherein a temporal dimension indicates a time period;
    - compute an entropy value associated with each temporal dimension from amongst the plurality of temporal dimensions based on the plurality of occurrences of the alert associated with the temporal dimension;
      
      select at least one temporal dimensions from amongst the plurality of temporal dimensions based on corresponding entropy value; and
      
      determine the probable time of occurrence of the alert based on the plurality of probability of occurrences associated with the at least one temporal dimension.

14. A non-transitory computer-readable medium having embodied thereon a computer program for executing a method comprising:
- discarding, by a processor, one or more duplicate alerts based on one or more predetermined rules, wherein a duplicate alert is an instance of an alert occurring within a duplicate alert arrival time associated with the alert;
  
  obtaining an alert correlation signature associated with the alert from a database, wherein the alert correlation signature comprises information associated with one or more alerts correlated to the alert;
  
  obtaining, from the database, a temporal signature associated with the alert, wherein the temporal signature indicates a probable time of occurrence of the alert; and
  
  transmitting the alert, the alert correlation signature, and the temporal signature to a computing device of a user of the enterprise environment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
TATA Consultancy Services Limited (Tata Sons Pvt Ltd.)
Original Assignee
TATA Consultancy Services Limited (Tata Sons Pvt Ltd.)
Inventors
Sadaphal, Vaishali Paithankar, NATU, Maitreya

Granted Patent

US 10,623,236 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 41/064   involving time analysis

H04L 43/0817   by checking functioning

H04L 43/16   Threshold monitoring

ALERT MANAGEMENT SYSTEM FOR ENTERPRISES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

ALERT MANAGEMENT SYSTEM FOR ENTERPRISES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links