Automated Anomaly Detection Service on Heterogeneous Log Streams
First Claim
1. A method for handling log data from one or more applications, sensors or instruments, comprising:
- receiving heterogeneous logs from arbitrary/unknown systems or applications;
generating regular expression patterns from the heterogeneous log sources using machine learning and extracting a log pattern therefrom;
generating models and profiles from training logs based on different conditions and updating a global model database storing all models generated over time;
tokenizing raw log messages from one or more applications, sensors or instruments running a production system;
transforming incoming tokenized streams are into data-objects for anomaly detection and forwarding of log messages to various anomaly detectors; and
generating an anomaly alert from the one or more applications, sensors or instruments running a production system.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are disclosed for handling log data from one or more applications, sensors or instruments by receiving heterogeneous logs from arbitrary/unknown systems or applications; generating regular expression patterns from the heterogeneous log sources using machine learning and extracting a log pattern therefrom; generating models and profiles from training logs based on different conditions and updating a global model database storing all models generated over time; tokenizing raw log messages from one or more applications, sensors or instruments running a production system; transforming incoming tokenized streams are into data-objects for anomaly detection and forwarding of log messages to various anomaly detectors; and generating an anomaly alert from the one or more applications, sensors or instruments running a production system.
-
Citations
20 Claims
-
1. A method for handling log data from one or more applications, sensors or instruments, comprising:
-
receiving heterogeneous logs from arbitrary/unknown systems or applications; generating regular expression patterns from the heterogeneous log sources using machine learning and extracting a log pattern therefrom; generating models and profiles from training logs based on different conditions and updating a global model database storing all models generated over time; tokenizing raw log messages from one or more applications, sensors or instruments running a production system; transforming incoming tokenized streams are into data-objects for anomaly detection and forwarding of log messages to various anomaly detectors; and generating an anomaly alert from the one or more applications, sensors or instruments running a production system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system, comprising
a processor; -
an Internet-of-Thing (IoT) sensor providing data to the processor; and computer readable code executed by the processor to; receiving heterogeneous logs from arbitrary/unknown systems or applications; generating regular expression patterns from the heterogeneous log sources using machine learning and extracting a log pattern therefrom; generating models and profiles from training logs based on different conditions and updating a global model database storing all models generated over time; tokenizing raw log messages from one or more applications, sensors or instruments running a production system; transforming incoming tokenized streams are into data-objects for anomaly detection and forwarding of log messages to various anomaly detectors; and generating an anomaly alert from one or more applications, sensors or instruments running a production system.
-
Specification