×

Creating a correlation rule defining a relationship between event types

  • US 9,612,892 B2
  • Filed: 04/04/2011
  • Issued: 04/04/2017
  • Est. Priority Date: 04/04/2011
  • Status: Active Grant
First Claim
Patent Images

1. A method comprising:

  • by a system having a processor;

    receiving events that occurred in an infrastructure technology (IT) infrastructure comprising hardware components;

    identifying a specific occurrence of a pattern of event types in the received events, the pattern of event types including a first event type and a second event type;

    identifying a first configuration item (CI) associated with the first event type and a second CI associated with the second event type;

    validating that a relationship exists between the first CI and the second CI;

    abstracting the first CI and the second CI to a CI class level by;

    identifying a first CI class associated with the first event type according to a class property of the first CI; and

    identifying a second CI class associated with the second event type according to a class property of the second CI; and

    creating a correlation rule correlating the first event type to the second event type based on the validated relationship that exists between the first CI associated with the first event type and the second CI associated with the second event type, wherein the correlation rule relates the first CI class to the second CI class; and

    determining, using the correlation rule, a cause of a symptom event in the IT infrastructure.

View all claims
  • 8 Assignments
Timeline View
Assignment View
    ×
    ×