Automatic log sensor tuning
First Claim
Patent Images
1. A method comprising:
- identifying first machine data from a first enterprise component by a first sensor in a collection framework, the first sensor tuned to a first setting for identifying the first machine data;
processing a portion of the first machine data by a first collector in the collection framework, having a first configuration, to generate first collected machine data, the first collector programmed to distribute the first collected machine data to a search cluster;
responsive to an alert condition, generating a piped HTTP request for performing analytics on a set of collected machine data in the search cluster including the first collected machine data;
receiving a single threaded piped HTTP response to the piped HTTP request as analytics output;
determining a second configuration for the first collector responsive to the analytics output;
executing a sync instruction to the first collector to replace the first configuration of the first collector with the second configuration;
receiving a second machine data from the first sensor; and
processing a portion of the second machine data according to the second configuration of the first collector to generate second collected machine data;
wherein;
the second collected machine data includes event-specific data determined to be relevant by the performing analytics on the set of collected machine data.
1 Assignment
0 Petitions
Accused Products
Abstract
A process for automatic tuning a set of collectors and/or sensors includes: collecting first machine data by a first sensor in a collection framework, processing the first machine data by a first collector in the collection framework to yield first collected machine data, performing analytics on the first collected machine data to generate analytics output, and tuning, based, at least in part, on the analytics output, at least one of the following: the first sensor and the first collector.
-
Citations
5 Claims
-
1. A method comprising:
-
identifying first machine data from a first enterprise component by a first sensor in a collection framework, the first sensor tuned to a first setting for identifying the first machine data; processing a portion of the first machine data by a first collector in the collection framework, having a first configuration, to generate first collected machine data, the first collector programmed to distribute the first collected machine data to a search cluster; responsive to an alert condition, generating a piped HTTP request for performing analytics on a set of collected machine data in the search cluster including the first collected machine data; receiving a single threaded piped HTTP response to the piped HTTP request as analytics output; determining a second configuration for the first collector responsive to the analytics output; executing a sync instruction to the first collector to replace the first configuration of the first collector with the second configuration; receiving a second machine data from the first sensor; and processing a portion of the second machine data according to the second configuration of the first collector to generate second collected machine data; wherein; the second collected machine data includes event-specific data determined to be relevant by the performing analytics on the set of collected machine data. - View Dependent Claims (2, 3, 4, 5)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsBeisiegel, Michael, Joseph, Dinakaran, Nadgir, Devaprasad K.
-
Primary Examiner(s)Truong, Dennis
-
Application NumberUS14/307,752Publication NumberTime in Patent Office825 DaysField of Search707/758, 709/224, 370/253, 702/127US Class Current1/1CPC Class CodesG06F 16/217 Database tuning G06F16/2282...G06F 16/285 Clustering or classificationG06F 16/951 Indexing; Web crawling tech...H04L 41/069 using logs of notifications...H04L 67/02 based on web technology, e....H04Q 2209/823 where the data is sent when...H04Q 9/00 Arrangements in telecontrol...
