×

Blacklisting and whitelisting of security-related events

  • US 9,276,946 B2
  • Filed: 05/16/2014
  • Issued: 03/01/2016
  • Est. Priority Date: 07/31/2013
  • Status: Active Grant
First Claim
Patent Images

1. A method, comprising:

  • receiving raw data from one or more data sources;

    segmenting the raw data into a plurality of time-stamped, searchable events, wherein each event in the plurality of time-stamped, searchable events includes information relating to performance or security of an information technology system;

    creating an event group from the plurality of time-stamped, searchable events, each event in the event group matching criteria relating to one or more fields;

    determining an event group summary, the summary summarizing one or more fields of the events in the event group;

    causing display of a graphical user interface displaying a plurality of event group summaries including the event group summary;

    based on user input in response to the display of the graphical user interface, placing a selected event group summary on a whitelist or a blacklist, wherein placing the selected event group summary on the whitelist removes the selected event group summary from the displayed plurality of event group summaries, and wherein placing the selected event group summary on the blacklist changes a visual appearance of the selected event group summary among the displayed plurality of event group summaries;

    wherein the method is performed by one or more computing devices.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×