System and method for providing a global real-time advanced correlation environment architecture
First Claim
1. A data processing apparatus for correlating network events among a number of client services comprising:
- at least one computer comprising;
a memory having program instructions; and
a processor configured to use said program instructions to provide;
a network management service;
an event notification service;
a network mediation service adapted to;
receive a raw event from an external computer network; and
transmit said raw event to said event notification service;
a message parsing service adapted to;
receive a raw event from said event notification service;
parse said raw event; and
transmit said parsed event to said event notification service; and
an event correlation service coupled to a knowledge database comprising correlation knowledge, said event correlation service adapted to;
receive said parsed event from said event notification service;
utilize data stored in said knowledge database to derive an event from said parsed event; and
transmit said derived event to one of a plurality of operator workstations via said event notification service, regardless of a significance of said derived event;
wherein said network mediation, message parsing, event notification and network management services are coupled together via a plurality of interfaces.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system are disclosed for efficiently correlating network events within a data processing system and then transmitting messages to various network entities in response to an occurrence of a particular network event. According to the present invention, a network mediation service receives raw message streams from one or more external networks and passes the streams in real-time to the event notification service. The event notification service then passes the message to the message parsing service for processing. After the message has been parsed by the message parsing service, it is passed back to the event notification service which passes the message along an event channel to the network management service. The message is also passed to the event correlation service for event correlation. A knowledge-based database of message classes that define how to interpret the message text are used by the event correlation service to match correlation rule conditions to the observed events. After event correlation service processes the parsed event, it is passed to the network management service for resolution.
-
Citations
15 Claims
-
1. A data processing apparatus for correlating network events among a number of client services comprising:
at least one computer comprising; a memory having program instructions; and a processor configured to use said program instructions to provide; a network management service; an event notification service; a network mediation service adapted to; receive a raw event from an external computer network; and transmit said raw event to said event notification service; a message parsing service adapted to; receive a raw event from said event notification service; parse said raw event; and transmit said parsed event to said event notification service; and an event correlation service coupled to a knowledge database comprising correlation knowledge, said event correlation service adapted to; receive said parsed event from said event notification service; utilize data stored in said knowledge database to derive an event from said parsed event; and transmit said derived event to one of a plurality of operator workstations via said event notification service, regardless of a significance of said derived event; wherein said network mediation, message parsing, event notification and network management services are coupled together via a plurality of interfaces. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
Specification
-
- Resources
-
Current AssigneeVerizon Laboratories Incorporated (Verizon Communications Inc.)
-
Original AssigneeVerizon Laboratories Incorporated (Verizon Communications Inc.)
-
InventorsJakobson, Gabriel, Brenner, Leonhard, Weissman, Mark, Lafond, Carol
-
Primary Examiner(s)An, Meng-Al T.
-
Assistant Examiner(s)ZHEN, LI B
-
Application NumberUS09/577,071Time in Patent Office1,932 DaysField of Search709/318, 709/316, 709/224, 709/223, 719/316, 719/318US Class Current719/316CPC Class CodesG06F 9/542 Event management; Broadcast...
