Flexible event data content management for relevant event and alert analysis within a distributed processing system

US 8,660,995 B2
Filed: 11/09/2012
Issued: 02/25/2014
Est. Priority Date: 06/22/2011
Status: Expired due to Fees

First Claim

Patent Images

1. A method of flexible event data content management for relevant event and alert analysis within a distributed processing system, the method comprising:

analyzing, by an interface connector, custom data within a raw event to determine a location to store the custom data, the custom data in a first data format;

storing, by the interface connector, extended data within the raw event in a common event data format, the extended data indicating the location of the custom data;

receiving, by an event analyzer, the event; and

determining whether there are custom customer rules that need the custom data; and

if there are such custom customer rules, retrieving the custom data based on the extended data from the event, including;

determining if the custom data is stored in the extended data; and

if the custom data is stored within the extended data, extracting the custom data from the extended data within the event; and

applying the custom customer rules to the extended data;

if there are no such custom customer rules, applying the base rules to a base portion of the event.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Flexible event data content management for relevant event and alert analysis within a distributed processing system includes receiving, by an interface connector, a raw event from a component of the distributed processing system; analyzing custom data within the raw event to determine a location to store the custom data, the custom data in a first data format; storing extended data within the raw event in a common event data format, the extended data indicating the location of the custom data; receiving, by an event analyzer, the event; and determining whether there are custom customer rules that need the custom data; and if there are such custom customer rules, retrieving the custom data based on the extended data from the event; and applying the custom customer rules to the extended data; if there are no such custom customer rules, applying the base rules to a base portion of the event.

Citations

15 Claims

1. A method of flexible event data content management for relevant event and alert analysis within a distributed processing system, the method comprising:
- analyzing, by an interface connector, custom data within a raw event to determine a location to store the custom data, the custom data in a first data format;
  
  storing, by the interface connector, extended data within the raw event in a common event data format, the extended data indicating the location of the custom data;
  
  receiving, by an event analyzer, the event; and
  
  determining whether there are custom customer rules that need the custom data; and
  
  if there are such custom customer rules, retrieving the custom data based on the extended data from the event, including;
  
  determining if the custom data is stored in the extended data; and
  
  if the custom data is stored within the extended data, extracting the custom data from the extended data within the event; and
  
  applying the custom customer rules to the extended data;
  
  if there are no such custom customer rules, applying the base rules to a base portion of the event.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein analyzing the custom data within the raw event to determine a location to store the custom data includes determining if the size of the custom data is larger than a predetermined size.
  - 3. The method of claim 2, wherein storing extended data within the raw event in a common event data format includes:
    - if the size of the custom data is larger than the predetermined size, creating, by the interface connector, a separate database table that stores the custom data; and
      
      storing a key within the extended data of the event, the key linking to the custom data stored in the separate database; and
      
      if the size of the custom data is smaller than the predetermined size, storing the custom data in a second data format as the extended data within the event.
  - 4. The method of claim 2, wherein the predetermined size is user configurable for each component of a plurality of components of the distributed processing system.
  - 5. The method of claim 1 wherein retrieving the custom data based on the extended data from the event includes:
    - determining if the custom data is stored in the extended data; and
      
      if the custom data is not stored within the extended data, retrieving a key from the extended data within the event; and
      
      using the key to retrieve the custom data from a separate database table.

6. A system for flexible event data content management for relevant event and alert analysis within a distributed processing system, the system comprising a computer processor, a computer memory operatively coupled to the computer processor, the computer memory having disposed within it computer program instructions capable, when executed by the computer processor, of causing the system to carry out the steps of:
- analyzing, by an interface connector, custom data within a raw event to determine a location to store the custom data, the custom data in a first data format;
  
  storing, by the interface connector, extended data within the raw event in a common event data format, the extended data indicating the location of the custom data;
  
  receiving, by an event analyzer, the event; and
  
  determining whether there are custom customer rules that need the custom data; and
  
  if there are such custom customer rules, retrieving the custom data based on the extended data from the event, including;
  
  determining if the custom data is stored in the extended data; and
  
  if the custom data is stored within the extended data, extracting the custom data from the extended data within the event; and
  
  applying the custom customer rules to the extended data;
  
  if there are no such custom customer rules, applying the base rules to a base portion of the event.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The system of claim 6, wherein analyzing the custom data within the raw event to determine a location to store the custom data includes determining if the size of the custom data is larger than a predetermined size.
  - 8. The system of claim 7, wherein storing extended data within the raw event in a common event data format includes:
    - if the size of the custom data is larger than the predetermined size, creating, by the interface connector, a separate database table that stores the custom data; and
      
      storing a key within the extended data of the event, the key linking to the custom data stored in the separate database; and
      
      if the size of the custom data is smaller than the predetermined size, storing the custom data in a second data format as the extended data within the event.
  - 9. The system, of claim 7, wherein the predetermined size is user configurable for each component of a plurality of components of the distributed processing system.
  - 10. The system of claim 6 wherein retrieving the custom data based on the extended data from the event includes:
    - determining if the custom data is stored in the extended data; and
      
      if the custom data is not stored within the extended data, retrieving a key from the extended data within the event; and
      
      using the key to retrieve the custom data from a separate database table;
      
      identified last event.

11. A computer program product for restarting event and alert analysis in a distributed processing system, the computer program product disposed upon a computer readable storage medium, wherein the computer readable storage medium is not a signal and the computer program product comprises computer program instructions for:
- analyzing, by an interface connector, custom data within a raw event to determine a location to store the custom data, the custom data in a first data format;
  
  storing, by the interface connector, extended data within the raw event in a common event data format, the extended data indicating the location of the custom data;
  
  receiving, by an event analyzer, the event; and
  
  determining whether there are custom customer rules that need the custom data; and
  
  if there are such custom customer rules, retrieving the custom data based on the extended data from the event, including;
  
  determining if the custom data is stored in the extended data; and
  
  if the custom data is stored within the extended data, extracting the custom data from the extended data within the event; and
  
  applying the custom customer rules to the extended data;
  
  if there are no such custom customer rules, applying the base rules to a base portion of the event.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The computer program product of claim 11, wherein analyzing the custom data within the raw event to determine a location to store the custom data includes determining if the size of the custom data is larger than a predetermined size.
  - 13. The computer program product of claim 12, wherein storing extended data within the raw event in a common event data format includes:
    - if the size of the custom data is larger than the predetermined size, creating, by the interface connector, a separate database table that stores the custom data; and
      
      storing a key within the extended data of the event, the key linking to the custom data stored in the separate database; and
      
      if the size of the custom data is smaller than the predetermined size, storing the custom data in a second data format as the extended data within the event.
  - 14. The computer program product of claim 12, wherein the predetermined size is user configurable for each component of a plurality of components of the distributed processing system.
  - 15. The computer program product of claim 11 wherein retrieving the custom data based on the extended data from the event includes:
    - determining if the custom data is stored in the extended data; and
      
      if the custom data is not stored within the extended data, retrieving a key from the extended data within the event; and
      
      using the key to retrieve the custom data from a separate database table.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Carey, James E., Markland, Matthew W., Sanders, Philip J.
Primary Examiner(s)
To, Baoquoc N

Application Number

US13/672,966
Publication Number

US 20130080630A1
Time in Patent Office

473 Days
Field of Search

707/672, 707/688
US Class Current

707/672
CPC Class Codes

G06F 11/0709   in a distributed system con...

G06F 11/0781   Error filtering or prioriti...

G06F 11/3006   where the computing system ...

G06F 11/3072   where the reporting involve...

H04L 41/0686   Additional information in t...

H04L 41/069   using logs of notifications...

H04L 67/025   for remote control or remot...

Flexible event data content management for relevant event and alert analysis within a distributed processing system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Flexible event data content management for relevant event and alert analysis within a distributed processing system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links