Method and apparatus for monitoring events in a system

US 5,867,659 A
Filed: 06/28/1996
Issued: 02/02/1999
Est. Priority Date: 06/28/1996
Status: Expired due to Term

First Claim

Patent Images

1. A computer-implemented method of monitoring events in a computer system, the method comprising the steps of:

(a) accessing a set of one or more filters;

(b) checking whether a new event in one or more event logs updated as a function of an operating system executing on the computer system satisfies the set of one or more filters;

(c) providing an indication if there is a new event which satisfies the set of one or more filters; and

(d) automatically repeating the checking step (b) and the providing step (c) at periodic intervals.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An event log forwarder accesses a set of one or more filters and checks whether a new event in one or more event logs satisfies the set of one or more filters. The event log forwarder also provides an indication if there is a new event which satisfies the set of one or more filters. Additionally, the event log forwarder automatically repeats, at periodic intervals, checking whether a new event in one or more event logs satisfies the set of one or more filters and providing an indication if there is a new event which satisfied the set of one or more filters.

Citations

21 Claims

1. A computer-implemented method of monitoring events in a computer system, the method comprising the steps of:
- (a) accessing a set of one or more filters;
  
  (b) checking whether a new event in one or more event logs updated as a function of an operating system executing on the computer system satisfies the set of one or more filters;
  
  (c) providing an indication if there is a new event which satisfies the set of one or more filters; and
  
  (d) automatically repeating the checking step (b) and the providing step (c) at periodic intervals.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the set of one or more filters includes one or more inclusive filters.
  - 3. The method of claim 1, wherein the set of one or more filters includes one or more exclusive filters.
  - 4. The method of claim 1, wherein the providing step (c) comprises providing the indication to a simple network management protocol (SNMP) console.
  - 5. The method of claim 1, wherein the system includes a plurality of computer systems and wherein the set of one or more filters indicates a particular one of the plurality of computer systems.
  - 6. The method of claim 1, wherein the set of one or more filters indicates a particular one of multiple applications executing on the system.
  - 7. The method of claim 1, further comprising the steps of:
    - receiving an indication of the set of one or more filters; and
      
      storing the set of one or more filters.

8. A computer-implemented method of identifying events to be monitored in a computer system, the method comprising the steps of:
- (a) receiving an indication of an event log updated as a function of an operating system executing on the computer system;
  
  (b) receiving an indication of an application;
  
  (c) receiving an indication of an event; and
  
  (d) storing the event log, the application, and the event as a filter in the system.
- View Dependent Claims (9)
- - 9. The method of claim 8, further comprising the step of repeating steps (a)-(c) for subsequent filters.

10. A computer-readable medium having stored thereon a plurality of instructions, the plurality of instructions including instructions which, when executed by a processor, result in:
- (a) accessing a set of one or more filters;
  
  (b) checking whether a new event in one or more event logs updated as a function of an operating system executing on a computer system satisfies the set of one or more filters;
  
  (c) providing an indication if there is a new event which satisfies the set of one or more filters; and
  
  (d) automatically repeating the checking step (b) and the providing step (c) at periodic intervals.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The computer-readable medium of claim 10, wherein the providing step (c) comprises providing the indication to a simple network management protocol (SNMP) console.
  - 12. The computer-readable medium of claim 10, wherein the computer-readable medium is coupled to a plurality of computer systems, and wherein the set of one or more filters indicates a particular one of the plurality of computer systems.
  - 13. The computer-readable medium of claim 10, wherein the set of one or more filters indicates a particular one of multiple applications executing on a computer system coupled to the computer-readable medium.
  - 14. The computer-readable medium of claim 10, further comprising instructions which, when executed, result in:
    - receiving an indication of the set of one or more filters; and
      
      storing the set of one or more filters.

15. An apparatus comprising:
- a storage device which stores a set of one or more filters; and
  
  a processor, coupled to the storage device, to access the set of one or more filters, to check whether a new event in one or more event logs updated as a function of the apparatus satisfies the set of one or more filters, to provide an indication if there is a new event which satisfies the set of one or more filters, and to automatically re-check the one or more event logs for the new event at periodic intervals.
- View Dependent Claims (16, 17, 18)
- - 16. The apparatus of claim 15, wherein the processor is also to provide the indication to a simple network management protocol (SNMP) console.
  - 17. The apparatus of claim 15, wherein the apparatus is coupled to a plurality of computer systems and wherein the set of one or more filters indicates a particular one of the plurality of computer systems.
  - 18. The apparatus of claim 15, wherein the processor is also to receive an indication of the set of one or more filters and to store the set of one or more filters in the storage device.

19. An apparatus comprising:
- means for accessing a set of one or more filters;
  
  means for checking whether a new event in one or more event logs updated as a normal function of the apparatus satisfies the set of one or more filters;
  
  means for providing an indication if there is a new event in the one or more event logs which satisfies the set of one or more filters; and
  
  means for automatically re-checking the one or more event logs for the new event at periodic intervals.
- View Dependent Claims (20, 21)
- - 20. The apparatus of claim 19, wherein the apparatus is coupled to a plurality of computer systems and wherein the set of one or more filters indicates a particular one of the plurality of computer systems.
  - 21. The apparatus of claim 19, further comprising:
    - means for receiving an indication of the set of one or more filters; and
      
      means for storing the set of one or more filters.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Otteson, Steven D.
Primary Examiner(s)
Asta, Frank J.
Assistant Examiner(s)
PIERCE, IVAN

Application Number

US08/671,572
Time in Patent Office

949 Days
Field of Search

395/200.53, 395/200.54, 395/183.13, 395/183.14, 395/183.15
US Class Current

709/224
CPC Class Codes

G06F 11/327   Alarm or error message display

G06F 11/3466   Performance evaluation by t...

G06F 11/3495   for systems

G06F 2201/86   Event-based monitoring

Method and apparatus for monitoring events in a system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for monitoring events in a system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links