EVENT LOG ANALYSIS
First Claim
Patent Images
1. A method for analyzing an event log, comprising;
- accessing an event log element from an electronic event log file;
calculating a similarity index between the event log element and a text element;
calculating a threshold of similarity;
comparing the similarity index to the threshold; and
if the similarity index is greater than the threshold, adding the event log element to an electronic file of cluster assignments, the cluster assignments representing a grouping of the event log element into a cluster with the text element.
8 Assignments
0 Petitions
Accused Products
Abstract
Method and systems for analyzing event log elements are provided. In one example, a method includes receiving an event log element in a computer. A similarity index is calculated between the event log element and a text element. A threshold of similarity is calculated. The similarity index is compared to the threshold. If the similarity index is greater than the threshold, the event log element is grouped into a cluster with the text element to create a file of cluster assignments.
18 Citations
15 Claims
-
1. A method for analyzing an event log, comprising;
-
accessing an event log element from an electronic event log file; calculating a similarity index between the event log element and a text element; calculating a threshold of similarity; comparing the similarity index to the threshold; and if the similarity index is greater than the threshold, adding the event log element to an electronic file of cluster assignments, the cluster assignments representing a grouping of the event log element into a cluster with the text element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for analyzing event log elements, comprising:
-
a processor; and a storage, wherein the storage comprises code configured to direct the processor to; access electronic event logs from a network of systems; store the electronic event logs in the storage; and analyze the stored event logs by; calculating a similarity index between an event log element and a text element; calculating a threshold of similarity; comparing the similarity index to the threshold and if the similarity index is greater than the threshold, writing an entry to a cluster assignment file to indicate that the event log element is part of a cluster with the text element; and diagnosing problems in a network by automatically identifying patterns in the cluster assignment file. - View Dependent Claims (12, 13, 14)
-
-
15. A non-transitory, computer-readable medium, comprising instructions configured to direct a processor to:
-
access an event log element from an electronic event log file; calculate a similarity index between the event log element and a text element; calculate a threshold of similarity; and write an entry into an electronic cluster assignment file indicating that the event log element is part of a cluster represented by the text element if the similarity index is greater than the threshold of similarity.
-
Specification