Method and system for event impact analysis
First Claim
1. A method for handling network events generated in a network in an enterprise, the method comprising:
- detecting at least one of a plurality of network events;
collecting at least one of the plurality of network events by an event server, wherein the plurality of network events have event states;
executing, using at least one computing device, a first action node of an action tree in response to the network event, the action tree including a plurality of action nodes, each of the plurality of action nodes includes an action and a decision, and the plurality of action nodes are organized in a hierarchy based on relationships between enterprise-related data objects, the relationships defined by at least one data impact analysis data structure populated with data accessed from a plurality of data sources throughout the network;
changing the event state of the network event to unresolved;
placing the action tree in an hibernation state;
upon determining that the network event has not been resolved, taking the action tree out of the hibernation state;
escalating the network event by accessing a second action node which is higher in the hierarchy of the action tree than the first action node;
upon determining that the network event has been resolved, changing the event state to resolved; and
returning the network event to the event server.
1 Assignment
0 Petitions
Accused Products
Abstract
An impact analysis software system is described which resides on a computer connected to a network in an enterprise. The system analyzes the impact of network events on the network, and includes a number of modules, including a number of data source adapters for interfacing with external data sources to thereby allow access by the system to enterprise-related data in the external data sources. The system further includes an impact analysis data structure populated with data accessed from the external data sources and defining relationships between the enterprise-related data. One or more action tree data structures comprise a routine which, when executed, acts upon the relationships defined by the impact analysis data structure to handle events. A message processor reads the network events and select one of the action tree data structures to handle each read network event.
205 Citations
20 Claims
-
1. A method for handling network events generated in a network in an enterprise, the method comprising:
-
detecting at least one of a plurality of network events; collecting at least one of the plurality of network events by an event server, wherein the plurality of network events have event states; executing, using at least one computing device, a first action node of an action tree in response to the network event, the action tree including a plurality of action nodes, each of the plurality of action nodes includes an action and a decision, and the plurality of action nodes are organized in a hierarchy based on relationships between enterprise-related data objects, the relationships defined by at least one data impact analysis data structure populated with data accessed from a plurality of data sources throughout the network; changing the event state of the network event to unresolved; placing the action tree in an hibernation state; upon determining that the network event has not been resolved, taking the action tree out of the hibernation state; escalating the network event by accessing a second action node which is higher in the hierarchy of the action tree than the first action node; upon determining that the network event has been resolved, changing the event state to resolved; and returning the network event to the event server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer for handling network events generated in a network in an enterprise, the computer comprising:
-
an event broker operative to cause the computer detect at least one of a plurality of network events; an event server operative to cause the computer to collect at least one of the plurality of network events, wherein the network events have event states; and an impact server operative to cause the computer to; execute a first action node of an action tree in response to the network event, the action tree including a plurality of action nodes, each of the plurality of action nodes includes an action and a decision, and the plurality of action nodes are organized in a hierarchy based on relationships between enterprise related data objects, the relationships defined by at least one impact analysis data structure populated with data accessed from a plurality of data sources throughout the network; change the event state of the network event to unresolved; place the action tree in a hibernation state; determine that the network event has not been resolved and take the action tree out of the hibernation state; escalate the network even by accessing a second action node which is higher in the hierarchy of the action tree than the first action node; determine that the network even has been resolved and change the event state to resolved; and return the network event to the event server. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification