Administering incident pools for event and alert analysis

US 8,898,299 B2
Filed: 03/01/2013
Issued: 11/25/2014
Est. Priority Date: 11/02/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A method of administering incident pools for event and alert analysis in a distributed processing system, the method comprising:

receiving, by an incident analyzer from an incident queue, a plurality of incidents from one or more components of the distributed processing system;

creating, by the incident analyzer, a pool of incidents;

assigning, by the incident analyzer, each received incident to the pool;

assigning, by the incident analyzer, to each incident a predetermined minimum time for inclusion in a pool;

determining, by the incident analyzer, whether conditions have been met to close the pool; and

if conditions have been met to close the pool, determining for each incident in the pool whether the incident has been in the pool for its predetermined minimum time for inclusion in a pool; and

if the incident has not been in the pool for its predetermined minimum time, evicting the incident from the closed pool and including the incident in a next pool.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Administering incident pools including creating a pool of incidents, the pool having a predetermined initial period of time; assigning each received incident to the pool; assigning, by the incident analyzer, to each incident a predetermined minimum time for inclusion in a pool; extending for one or more of the incidents the predetermined initial period of time of the pool by a particular period of time assigned to the incident; determining whether conditions have been met to close the pool; and if conditions have been met to close the pool determining for each incident in the pool whether the incident has been in the pool for its predetermined minimum time for inclusion in a pool; and if the incident has not been in the pool for its predetermined minimum time, evicting the incident from the closed pool and including the incident in a next pool.

Citations

8 Claims

1. A method of administering incident pools for event and alert analysis in a distributed processing system, the method comprising:
- receiving, by an incident analyzer from an incident queue, a plurality of incidents from one or more components of the distributed processing system;
  
  creating, by the incident analyzer, a pool of incidents;
  
  assigning, by the incident analyzer, each received incident to the pool;
  
  assigning, by the incident analyzer, to each incident a predetermined minimum time for inclusion in a pool;
  
  determining, by the incident analyzer, whether conditions have been met to close the pool; and
  
  if conditions have been met to close the pool, determining for each incident in the pool whether the incident has been in the pool for its predetermined minimum time for inclusion in a pool; and
  
  if the incident has not been in the pool for its predetermined minimum time, evicting the incident from the closed pool and including the incident in a next pool.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein one or more of the incidents comprises events and where in the method further comprises identifying one or more alerts in dependence upon one or more events assigned to the pool;
    - andwherein evicting the incident and including the incident in a next pool. further comprises evicting at least one event and including the evicted event in the next pool and associating any alerts identified in dependence upon the evicted event with the closed pool.
  - 3. The method of claim 1 wherein one or more of the incidents comprises events and where in the method further comprises identifying one or more alerts in dependence upon one or more events assigned to the pool;
    - andwherein evicting the incident and including the incident in a next pool further comprises evicting at least one event and including evicted event in the next pool and associating any alerts identified in dependence upon the evicted event with the next pool.
  - 4. The method of claim 3 wherein associating any alerts identified in dependence upon the evicted event with the next pool further comprises invalidating any alerts or events in the closed pool dependent upon the identified alerts now associated with the next pool.
  - 5. The method of claim 1 wherein determining, by the incident analyzer, whether conditions have been met to close the pool further comprises determining whether a maximum time for the pool has elapsed.
  - 6. The method of claim 1 wherein the pool of incidents has a predetermined initial period of time and the method further comprises extending, by the incident analyzer for one or more of the incidents, the predetermined initial period of time of the pool by a particular period of time assigned to the incident;
    - andwherein determining, by the incident analyzer, whether conditions have been met to close the pool further comprises determining that the predetermined initial period of time and any extensions of time associated with any incidents assigned to the pool have elapsed before another incident is assigned to the pool.
  - 7. The method of claim 1 wherein the incidents comprise events and the pool of incidents comprise an events pool.
  - 8. The method of claim 1 wherein the incidents comprise alerts and the pool of incidents comprise an alerts pool.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Atkins, Mark G., Carey, James E., Markland, Matthew W., Sanders, Philip J.
Primary Examiner(s)
VU, VIET DUY

Application Number

US13/782,431
Publication Number

US 20130179905A1
Time in Patent Office

634 Days
Field of Search

709/201, 709/202, 709/223, 709/224, 719/318
US Class Current

709/224
CPC Class Codes

G06F 9/542   Event management; Broadcast...

G06Q 10/0631   Resource planning, allocati...

G06Q 10/20   Administration of product r...

H04L 43/00   Arrangements for monitoring...

Administering incident pools for event and alert analysis

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

Administering incident pools for event and alert analysis

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links