System and method for consolidating and sorting event data

US 6,597,957 B1
Filed: 12/20/1999
Issued: 07/22/2003
Est. Priority Date: 12/20/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A system for consolidating and sorting event data, the system comprising:

a computer readable medium storing an application;

the application including a node mapped into a tree; and

the node having a row indicator node count, a data element reference, a least child reference, a greatest child reference, a lesser sibling reference, a greater sibling reference, a parent reference, and a status manager reference.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for consolidating and sorting event data include a computing platform communicatively coupled to a computer readable medium and a network. The computer readable medium may store an application that includes at least one node mapped into a tree. The at least one node may have a data element reference including a pointer to a data element that includes event data received via the network. In addition, the node may have a row indicator node count, a least child reference, a greatest child reference, a lesser sibling reference, a greatest sibling reference, a parent reference, and a status manager reference.

Citations

29 Claims

1. A system for consolidating and sorting event data, the system comprising:
- a computer readable medium storing an application;
  
  the application including a node mapped into a tree; and
  
  the node having a row indicator node count, a data element reference, a least child reference, a greatest child reference, a lesser sibling reference, a greater sibling reference, a parent reference, and a status manager reference.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, further comprising:
3. The system of claim 1, wherein the application comprises an object-oriented program and the at least one node comprises an instantiation of a node class within the object-oriented program.
4. The system of claim 3, further comprising a plurality of nodes having respective row indicator node counts, data element references, least child references, greatest child references, lesser sibling references, greatest sibling references, parent references, and status manager references.
5. The system of claim 3, wherein the least child reference comprises a first pointer to a second instantiation of a node class within the object-oriented program, the greatest child reference comprises a second pointer to a third instantiation of the node class within the object-oriented program, the lesser sibling reference comprises a third pointer to a fourth instantiation of the node class within the object-oriented program, the greatest sibling reference comprises a fourth pointer to a fifth instantiation of the node class within the object-oriented program, and the parent reference comprises a fifth pointer to a sixth instantiation of the node class within the object-oriented program.
6. The system of claim 5, wherein the data element reference comprises a sixth pointer to a data element object and the status manager reference comprises a seventh pointer to a status manager object.

7. A computer system for consolidating and sorting event data, comprising:
- a computing platform communicatively coupled to a computer readable medium and a network;
  
  an application stored on the computer readable medium, the application including at least one node mapped into a tree;
  
  the at least one node having a data element reference comprising a pointer to a data element comprising event data received via the network; and
  
  wherein the at least one node comprises a lesser sibling reference and a greater sibling reference.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 8. The computer system of claim 7, wherein the application comprises an object-oriented program and the at least one node comprises an instantiation of a node class within the object-oriented program.
  - 9. The computer system of claim 7, wherein the tree comprises an n-ary tree.
  - 10. The computer system of claim 7, wherein the application comprises an object-oriented program and the at least one node comprises an instantiation of a node class within the object-oriented program, further wherein the tree comprises an n-ary tree of depth m.
  - 11. The computer system of claim 10, further comprising an executable operable to generate a spreadsheet having a number of columns.
  - 12. The computer system of claim 11, wherein the number of columns equals m.
  - 13. The computer system of claim 11, wherein the spreadsheet has an expandable number of rows.
  - 14. The computer system of claim 11, further comprising a plurality of nodes that each comprise a distinct instantiation of the node class.
  - 15. The computer system of claim 14, wherein the spreadsheet has a maximum number of rows equal to a total number of distinct root to leaf branches in the n-ary tree.
  - 16. The computer system of claim 11, wherein the spreadsheet comprises a number of cells, further wherein the spreadsheet is operable to indicate a severity level of at least one event represented in a given cell.
  - 17. The computer system of claim 16, wherein the spreadsheet uses a color scheme to indicate the severity level.

18. A method for consolidating and sorting event data, comprising:
- providing event data via a network to an event sorter comprising a tree with a plurality of nodes representing earlier received event data;
  
  creating a node having a data element reference comprising a pointer to a data element representing the provided event data;
  
  identifying a location within the tree in which to place the created node;
  
  placing the node at the location;
  
  identifying a signature in network data, the signature associated with an attack on the network;
  
  generating event data in response to the identifying of the signature; and
  
  sending the event data to the event sorter.
- View Dependent Claims (19, 20, 21)
- - 19. The method of claim 18, further comprising:
20. The method of claim 19, further comprising:
- determining a cell of the spreadsheet that requires modification when the event sorter receives new event data; and
  
  modifying the cell to indicate receipt of the new event data.
21. The method of claim 19, further comprising:
- identifying an event severity for the provided event data; and
  
  indicating the event severity on the spreadsheet.

22. A computer system for consolidating and sorting event data, comprising:
- an event sorter means for storing event data in a tree having a plurality of nodes; and
  
  a means for identifying a signature in network data, generating event data in response, and transmitting the event data to the event sorter means for storing the event data in a tree.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29)
- - 23. The computer system of claim 22, wherein the tree comprises an n-ary tree.
  - 24. The computer system of claim 22, further comprising an executable operable to generate a spreadsheet having a number of column based on the event data stored in a tree.
  - 25. The computer system of claim 24, wherein the spreadsheet has an expandable number of rows.
  - 26. The computer system of claim 24, wherein the plurality of nodes each comprise a distinct instantiation of the node class.
  - 27. The computer system of claim 26, wherein the spreadsheet has a maximum number of rows equal to a total number of distinct root to leaf branches in the n-ary tree.
  - 28. The computer system of claim 24, wherein the spreadsheet comprises a number of cells, further wherein the spreadsheet is operable to indicate a severity level of at least one event represented in a given cell.
  - 29. The computer system of claim 24, wherein the spreadsheet uses a color scheme to indicate the severity level.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Beakley, Jonathan G.
Primary Examiner(s)
PATEL, RAMESH B

Application Number

US09/465,878
Time in Patent Office

1,310 Days
Field of Search

700/2, 700/5-7, 700/11, 700/12, 700/23, 700/48, 700/49, 700/51-53, 700/73, 700/74, 706/2, 706/8, 706/10, 706/18-19, 706/20-21, 706/45, 706/60-61
US Class Current

700/7
CPC Class Codes

H04L 41/065   involving logical or physic...

H04L 41/28   Restricting access to netwo...

H04L 43/0817   by checking functioning

H04L 63/1408   by monitoring network traff...

System and method for consolidating and sorting event data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for consolidating and sorting event data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links