×

Log message anomaly detection

  • US 8,495,429 B2
  • Filed: 05/25/2010
  • Issued: 07/23/2013
  • Est. Priority Date: 05/25/2010
  • Status: Active Grant
First Claim
Patent Images

1. A computer-based method for detecting one or more anomalies in a message log, comprising:

  • grouping one or more structured log messages comprising a same value of a same program variable into a group, the grouping comprising;

    determining whether a first log parameter of a first structured log message and a second log parameter of a second structured log message are cogenetic, comprising determining at least one of;

    whether a value range of the first log parameter and a value range of the second log parameter are equivalent;

    orwhether the value range of the first log parameter is a subset of the value range of the second log parameter;

    identifying one or more invariants for the group; and

    applying at least some of the one or more invariants to one or more log sequences to detect one or more anomalies, at least some of at least one of the grouping, the identifying, or the applying implemented at least in part using a computer-based processor.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×