Administering incident pools for event and alert analysis
First Claim
1. A method of administering incident pools for event and alert analysis in a distributed processing system, the method comprising:
- receiving, by an incident analyzer from an incident queue, a plurality of incidents from one or more components of the distributed processing system;
creating, by the incident analyzer, a pool of incidents;
assigning, by the incident analyzer, each received incident to the pool;
assigning, by the incident analyzer, to each incident a predetermined minimum time for inclusion in a pool;
determining, by the incident analyzer, whether conditions have been met to close the pool; and
if conditions have been met to close the pool, determining for each incident in the pool whether the incident has been in the pool for its predetermined minimum time for inclusion in a pool; and
if the incident has not been in the pool for its predetermined minimum time, evicting the incident from the closed pool and including the incident in a next pool.
1 Assignment
0 Petitions
Accused Products
Abstract
Administering incident pools including creating a pool of incidents, the pool having a predetermined initial period of time; assigning each received incident to the pool; assigning, by the incident analyzer, to each incident a predetermined minimum time for inclusion in a pool; extending for one or more of the incidents the predetermined initial period of time of the pool by a particular period of time assigned to the incident; determining whether conditions have been met to close the pool; and if conditions have been met to close the pool determining for each incident in the pool whether the incident has been in the pool for its predetermined minimum time for inclusion in a pool; and if the incident has not been in the pool for its predetermined minimum time, evicting the incident from the closed pool and including the incident in a next pool.
-
Citations
8 Claims
-
1. A method of administering incident pools for event and alert analysis in a distributed processing system, the method comprising:
-
receiving, by an incident analyzer from an incident queue, a plurality of incidents from one or more components of the distributed processing system; creating, by the incident analyzer, a pool of incidents; assigning, by the incident analyzer, each received incident to the pool; assigning, by the incident analyzer, to each incident a predetermined minimum time for inclusion in a pool; determining, by the incident analyzer, whether conditions have been met to close the pool; and if conditions have been met to close the pool, determining for each incident in the pool whether the incident has been in the pool for its predetermined minimum time for inclusion in a pool; and if the incident has not been in the pool for its predetermined minimum time, evicting the incident from the closed pool and including the incident in a next pool. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
Specification