RISK MONITORING SYSTEM
First Claim
1. A computer-implemented method, comprising:
- creating one or more risk objects, wherein each risk object of the one or more risk objects has a corresponding stored risk definition, the stored risk definition associating the risk object with raw machine data pertaining to the risk object, the raw machine data reflecting activity in an information technology (IT) environment;
receiving a selection of a first risk object included in the one or more risk objects;
receiving a first risk definition that corresponds to the first risk object;
performing a search of the raw machine data according to the first risk definition, wherein a risk is identified based on the search of the raw machine data; and
performing an action based on identifying the risk.
1 Assignment
0 Petitions
Accused Products
Abstract
Various embodiments of the present invention set forth techniques for monitoring risk in a computing system. The technique includes creating one or more risk objects, where each risk object of the one or more risk objects has a corresponding stored risk definition, the stored risk definition associating the risk object with raw machine data pertaining to the risk object, the raw machine data reflecting activity in an information technology (IT) environment. The technique further includes receiving a selection of a first risk object included in the one or more risk objects and receiving a first risk definition that corresponds to the first risk object. The technique further includes performing a search of the raw machine data according to the first risk definition, wherein a risk is identified based on the search of the raw machine data and performing an action based on identifying the risk.
-
Citations
30 Claims
-
1. A computer-implemented method, comprising:
-
creating one or more risk objects, wherein each risk object of the one or more risk objects has a corresponding stored risk definition, the stored risk definition associating the risk object with raw machine data pertaining to the risk object, the raw machine data reflecting activity in an information technology (IT) environment; receiving a selection of a first risk object included in the one or more risk objects; receiving a first risk definition that corresponds to the first risk object; performing a search of the raw machine data according to the first risk definition, wherein a risk is identified based on the search of the raw machine data; and performing an action based on identifying the risk. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. A non-transitory computer-readable storage medium including instructions that, when executed by a processor, cause the processor to perform the steps of:
-
creating one or more risk objects, wherein each risk object of the one or more risk objects has a corresponding stored risk definition, the stored risk definition associating the risk object with raw machine data pertaining to the risk object, the raw machine data reflecting activity in an information technology (IT) environment; receiving a selection of a first risk object included in the one or more risk objects; receiving a first risk definition that corresponds to the first risk object; performing a search of the raw machine data according to the first risk definition, wherein a risk is identified based on the search of the raw machine data; and performing an action based on identifying the risk. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. A computing device, comprising:
-
a memory that includes instructions; and a processor that is coupled to the memory and, when executing the instructions, is configured to; create one or more risk objects, wherein each risk object of the one or more risk objects has a corresponding stored risk definition, the stored risk definition associating the risk object with raw machine data pertaining to the risk object, the raw machine data reflecting activity in an information technology (IT) environment; receive a selection of a first risk object included in the one or more risk objects; receive a first risk definition that corresponds to the first risk object; perform a search of the raw machine data according to the first risk definition, wherein a risk is identified based on the search of the raw machine data; and perform an action based on identifying the risk. - View Dependent Claims (26, 27, 28, 29, 30)
-
Specification