Reducing an amount of captured network traffic data to analyze
First Claim
1. A communication network monitoring system comprising:
- a plurality of probes coupled to respective locations of a communication network, each of the probes including programmable instructions configured to execute on a processing device, the probes being configured to;
capture network data from network traffic of the communication network;
detect by lightweight analysis performed by a first probe of the plurality of probes a data packet of the captured network data that includes information related to a transactional procedure failure transacted by an end-user device;
determine, by the first probe, an identity of the end-user device;
share the identity of the end-user device with other probes of the plurality of probes;
add the end-user device'"'"'s identity to respective whitelists associated with the probes of the plurality of probes; and
perform, for end-user identities included in the respective whitelists, detailed analysis of network data associated with the end-user identities captured during a predetermined time period.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for monitoring a communication network is provided. The method includes capturing network data from network traffic of the communication network by a plurality of probes monitoring the communication network. The method further includes detecting by lightweight analysis a data packet of the captured network data that includes information related to a transactional procedure failure transacted by an end-user device and determining an identity of the end-user device. The method further includes sharing the identity of the end-user device with other probes of the plurality of probes, adding the end-user device'"'"'s identity to respective whitelists associated with the probes of the plurality of probes, and performing, for end-user device identities included in the respective whitelists, detailed analysis of network data during a predetermined time period.
-
Citations
23 Claims
-
1. A communication network monitoring system comprising:
-
a plurality of probes coupled to respective locations of a communication network, each of the probes including programmable instructions configured to execute on a processing device, the probes being configured to; capture network data from network traffic of the communication network; detect by lightweight analysis performed by a first probe of the plurality of probes a data packet of the captured network data that includes information related to a transactional procedure failure transacted by an end-user device; determine, by the first probe, an identity of the end-user device; share the identity of the end-user device with other probes of the plurality of probes; add the end-user device'"'"'s identity to respective whitelists associated with the probes of the plurality of probes; and perform, for end-user identities included in the respective whitelists, detailed analysis of network data associated with the end-user identities captured during a predetermined time period. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A plurality of probes coupled at respective locations of a communication network, each of the probes comprising programmable instructions configured to execute on a processing device, the probes being configured to:
-
capture network data from network traffic of the communication network; detect by lightweight analysis performed by a first probe of the plurality of probes a data packet of the captured network data that includes information related to a transactional procedure failure transacted by an end-user device; determine, by the first probe, an identity of the end-user device; share the identity of the end-user device with other probes of the plurality of probes; add the end-user device'"'"'s identity to respective whitelists associated with the probes of the plurality of probes; and perform, for end-user device identities included in the respective whitelists, detailed analysis of network data associated with the end-user identities captured during a predetermined time period. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method of monitoring a communication network comprising:
capturing network data from network traffic of the communication network by a plurality of probes coupled to the communication network; detecting by lightweight analysis a data packet of the captured network data that includes information related to a transactional procedure failure transacted by an end-user device; determining an identity of the end-user device; sharing the identity of the end-user device with other probes of the plurality of probes; adding the end-user device'"'"'s identity to respective whitelists associated with the probes of the plurality of probes; and performing, for end-user device identities included in the respective whitelists, detailed analysis of network data during a predetermined time period. - View Dependent Claims (18, 19, 20, 21, 22, 23)
Specification