Modular framework for dynamically processing network events using action sets in a distributed computing environment
First Claim
1. A system for dynamically processing a network event using an action set in a distributed computing environment, comprising:
- an event queue within which can be queued a plurality of generated action sets which each correspond to an instance of an action set;
a manager comprising;
a sensor comprising;
a sensor thread sensing the occurrence of a network event through receipt of a message indicating a network event occurrence, the message including event data pertinent to the network event;
a generate thread launching a generate daemon responsive to a notification from the sensor process;
the generate daemon retrieving an event mapping corresponding to the network event and which identifies an action set, the generate daemon further generating a generated action set from the event mapping and enqueueing the generated action set onto the event queue; and
a process thread launching a process daemon responsive to a notification from the generate daemon; and
the process daemon removing the generated action set from the event queue and processing the generated action set by causing the execution of at least one action embedded therein.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for dynamically processing a network event using an action set in a distributed computing environment are described. The occurrence of a network event is sensed via a sensor thread through receipt of a message indicating a network event occurrence, the message including event data pertinent to the network event. A generate daemon via a generate thread is launched responsive to a notification from the sensor process. An event mapping is retrieved by the generate daemon. The event mapping corresponds to the network event and identifies an action set. A generated action set is generated from the event mapping by the generate daemon and the generated action set is enqueued onto an event queue within which can be queued a plurality of generated action sets which each correspond to an instance of an action set. A process daemon is launched via a process thread responsive to a notification from the generate daemon. The generated action set is retrieved from the event queue by the process daemon and the generated action set is processed by causing the execution of at least one action embedded therein.
123 Citations
33 Claims
-
1. A system for dynamically processing a network event using an action set in a distributed computing environment, comprising:
-
an event queue within which can be queued a plurality of generated action sets which each correspond to an instance of an action set;
a manager comprising;
a sensor comprising;
a sensor thread sensing the occurrence of a network event through receipt of a message indicating a network event occurrence, the message including event data pertinent to the network event;
a generate thread launching a generate daemon responsive to a notification from the sensor process;
the generate daemon retrieving an event mapping corresponding to the network event and which identifies an action set, the generate daemon further generating a generated action set from the event mapping and enqueueing the generated action set onto the event queue; and
a process thread launching a process daemon responsive to a notification from the generate daemon; and
the process daemon removing the generated action set from the event queue and processing the generated action set by causing the execution of at least one action embedded therein. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
at least one agent sensing the occurrence of the network event; and
the sensor thread receiving the network event occurrence message from the at least one agent.
-
-
5. A system according to claim 4, wherein the at least one agent is an authenticated sensor, further comprising
a secure connection between the authenticated sensor and the manager; - and
the corresponding sensor receiving the message over the secure connection upon authentication of the sensor and the manager.
- and
-
6. A system according to claim 5, wherein the secure connection is effected via a Transport Layer Security connection.
-
7. A system according to claim 1, further comprising:
a storage manager maintaining the event mapping within a database.
-
8. A system according to claim 7, further comprising:
the storage manager further maintaining the action set as a binary large object (BLOB) within the database.
-
9. A system according to claim 1, wherein the action set comprises an association with at least one network event.
-
10. A system according to claim 9, wherein the network event comprises one at least one of an SNMP trap and a certogram.
-
11. A system according to claim 1, wherein the action set comprises at least one event filter, the process daemon processing the at least one event filter prior to the execution of the at least one action.
-
12. A system according to claim 11, wherein the event filter comprises at least one of an executable script, frequency threshold, and adding custom values to the event data.
-
13. A system according to claim 1, wherein the embedded action comprises at least one of notifying a help desk, notifying a firewall, broadcasting a network message, sending an electronic mail message, sending an alphanumeric page, and running a script.
-
14. A method for dynamically processing a network event using an action set in a distributed computing environment, comprising:
-
sensing the occurrence of a network event via a sensor thread through receipt of a message indicating a network event occurrence, the message including event data pertinent to the network event;
launching a generate daemon via a generate thread responsive to a notification from the sensor process;
retrieving an event mapping by the generate daemon, the event mapping corresponding to the network event and identifying an action set;
generating a generated action set from the event mapping by the generate daemon and enqueueing the generated action set onto an event queue within which can be queued a plurality of generated action sets which each correspond to an instance of an action set;
launching a process daemon via a process thread responsive to a notification from the generate daemon; and
removing the generated action set from the event queue by the process daemon and processing the generated action set by causing the execution of at least one action embedded therein. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
sensing the occurrence of the network event on the at least one agent; and
receiving the network event occurrence message via the sensor thread from the at least one agent.
-
-
18. A method according to claim 17, wherein is an authenticated sensor, further comprising
forming a secure connection between the at least one agent and the sensor; - and
receiving the message over the secure connection upon authentication of the at least one agent and the sensor.
- and
-
19. A method according to claim 18, wherein the secure connection is effected via a Transport Layer Security connection.
-
20. A method according to claim 14, further comprising:
maintaining the event mapping within a database using a storage manager.
-
21. A method according to claim 20, further comprising:
maintaining the action set as a binary large object (BLOB) within the database.
-
22. A method according to claim 14, wherein the action set comprises an association with at least one network event.
-
23. A method according to claim 22, wherein the network event comprises one at least one of an SNMP trap and a certogram.
-
24. A method according to claim 14, wherein the action set comprises at least one event filter, the process daemon processing the at least one event filter prior to the execution of the at least one action.
-
25. A method according to claim 24, wherein the event filter comprises at least one of an executable script, frequency threshold, and adding custom values to the event data.
-
26. A method according to claim 14, wherein the embedded action comprises at least one of notifying a help desk, notifying a firewall, broadcasting a network message, sending an electronic mail message, sending an alphanumeric page, and running a script.
-
27. A computer-readable storage medium holding code for dynamically processing a network event using an action set in a distributed computing environment, comprising:
-
sensing the occurrence of a network event via a sensor thread through receipt of a message indicating a network event occurrence, the message including event data pertinent to the network event;
launching a generate daemon via a generate thread responsive to a notification from the sensor process;
retrieving an event mapping by the generate daemon, the event mapping corresponding to the network event and identifying an action set;
generating a generated action set from the event mapping by the generate daemon and enqueueing the generated action set onto an event queue within which can be queued a plurality of generated action sets which each correspond to an instance of an action set;
launching a process daemon via a process thread responsive to a notification from the generate daemon; and
removing the generated action set from the event queue by the process daemon and processing the generated action set by causing the execution of at least one action embedded therein. - View Dependent Claims (28, 29, 30, 31, 32, 33)
sensing the occurrence of the network event on the at least one agent; and
receiving the network event occurrence message via the sensor thread from the at least one agent.
-
-
31. A storage medium according to claim 30, wherein is an authenticated sensor, further comprising
forming a secure connection between the at least one agent and the sensor; - and
receiving the message over the secure connection upon authentication of the at least one agent and the sensor.
- and
-
32. A storage medium according to claim 31, further comprising:
maintaining the event mapping within a database using a storage manager.
-
33. A storage medium according to claim 32, further comprising:
maintaining the action set as a binary large object (BLOB) within the database.
Specification