Method and system for improved in-line management of an information technology network
First Claim
1. A method for managing a network of computer devices comprising the steps of:
- a. receiving a plurality of status messages from the network, wherein a status message includes a key performance indicator, wherein the key performance indicator is a variable, numerical value that correlates to a parameter of the network state, wherein said numerical value is descriptive of the network state;
b. forming a current incident state when a status message indicates a problem with the network, wherein the current incident state contains a key management indicator that is a plurality of key performance indicators arranged according to a syntax;
c. accessing an incident report from a library of previous incident reports, wherein an incident report stores information associated with an incident of the network, and wherein the information includes a key management indicator and a network action associated with the incident of the network, wherein said incident report further comprises automatically observed human initiated network action associated with the incident;
d. calculating a similarity value based on a comparison of a key management indicator from the incident report from the library of previous incident reports to the key management indicator of the current incident state;
e. identifying a similar incident report when the similarity value satisfies a similarity threshold requirement;
f. selecting a network action from the similar incident report, wherein said network action is provided to an Automation Engine for automatic execution;
g. executing the selected network action;
h. compiling information of the current incident state and information of the selected network action into a current incident report;
i. storing the current incident report in the library of previous incident reports;
wherein step (d) calculating a similarity value and step (e) identifying a similar incident report comprise traversing a decision tree;
testing key performance indicators of the current incident state at decision nodes of the decision tree; and
identifying an incident report from the library of previous incident reports that satisfies a set degree of matching compared in execution of the decision tree, wherein said set degree of matching is variable;
wherein step (d) includes comparing the key performance indicators of two key management indicators with a Boolean operator.
6 Assignments
0 Petitions
Accused Products
Abstract
A system and a method for leveraging human knowledge held by system administrators to support improved or optimal management of an information technology network. The present invention monitors and records the states and values key management indicators related to actions taken by a human system administrator in improving a perceived sub-optimal state of the information technology network. The present invention predicts the effect of command in situations later occurring, and optionally suggests actions to a system administrator. The method of the present invention optionally enables embodiments of the present invention to automatically select one or more preferred system commands and execute the selected command or commands.
-
Citations
20 Claims
-
1. A method for managing a network of computer devices comprising the steps of:
-
a. receiving a plurality of status messages from the network, wherein a status message includes a key performance indicator, wherein the key performance indicator is a variable, numerical value that correlates to a parameter of the network state, wherein said numerical value is descriptive of the network state; b. forming a current incident state when a status message indicates a problem with the network, wherein the current incident state contains a key management indicator that is a plurality of key performance indicators arranged according to a syntax; c. accessing an incident report from a library of previous incident reports, wherein an incident report stores information associated with an incident of the network, and wherein the information includes a key management indicator and a network action associated with the incident of the network, wherein said incident report further comprises automatically observed human initiated network action associated with the incident; d. calculating a similarity value based on a comparison of a key management indicator from the incident report from the library of previous incident reports to the key management indicator of the current incident state; e. identifying a similar incident report when the similarity value satisfies a similarity threshold requirement; f. selecting a network action from the similar incident report, wherein said network action is provided to an Automation Engine for automatic execution; g. executing the selected network action; h. compiling information of the current incident state and information of the selected network action into a current incident report; i. storing the current incident report in the library of previous incident reports; wherein step (d) calculating a similarity value and step (e) identifying a similar incident report comprise traversing a decision tree; testing key performance indicators of the current incident state at decision nodes of the decision tree; and identifying an incident report from the library of previous incident reports that satisfies a set degree of matching compared in execution of the decision tree, wherein said set degree of matching is variable; wherein step (d) includes comparing the key performance indicators of two key management indicators with a Boolean operator. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification