System for decomposing clustering events from managed infrastructures coupled to a data extraction device

US 10,007,716 B2
Filed: 07/08/2014
Issued: 06/26/2018
Est. Priority Date: 04/28/2014
Status: Active Grant

First Claim

Patent Images

1. An event clustering system configured to provide extracted information, comprising:

an extraction engine with a processor in communication with an infrastructure, the extraction engine in operation receiving data from the infrastructure and produces clustering events and populates a database with a dictionary of event or graph entropy;

an alert engine that receives the events and creates alerts mapped into a matrix, M;

a signalizer engine that includes one or more of an NMF engine, a k-means clustering engine and a topology proximity engine, the signalizer engine determining one or more common steps from events and produces clusters relating to the alerts and or events, the signalizer engine determining one or more common steps from events and produces clusters relating to events, the signalizer engine determining one or more common characteristics of events and producing clusters of events relating to the failure or errors in the infrastructure, where membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in physical hardware of the infrastructure directed to supporting the flow and processing of information, where membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware of the infrastructure directed to supporting the flow and processing of information;

one or more interactive displays that provide a collaborative interface coupled to the extraction and the signalizer engine with a collaborative interface (UI) for decomposing events from the infrastructure;

a data extraction device that is configured to collect information from one or more clusters;

a topology engine using a source address for each event and a graph topology of the infrastructure which represents node to node connectivity of the topology engine and to assign a graph coordinate to the event with an optional subset of attributes being extracted for each event and turned into a vector;

the signalizer engine with at one or more of the NMF engine and the k-means clustering engine using graph coordinates and optionally a subset of attributes assigned to each event to generate cluster to bring together events whose characteristics are similar;

the signalizer engine with at one or more of the NMF engine and the k-means clustering engine factoring the matrix M into A and B, where A is inspected and substantially significant clusters are extracted, and B is used to assign a start and end time to each cluster, wherein an output of clusters is produced; and

wherein in response to production of the clusters one or more physical changes in a managed infrastructure hardware is made.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An event clustering system is provided. An extraction engine is in communication with an infrastructure. The extraction engine in operation receives data from the infrastructure and produces events. An alert engine receives the events and creates alerts mapped into a matrix, M. A sigalizer engine includes one or more of an NMF engine, a k-means clustering engine and a topology proximity engine. The sigalizer engine determines one or more common steps from events and produces clusters relating to the alerts and or events. A data extraction device is configured to be coupled to the event clustering system.

51 Citations

View as Search Results

12 Claims

1. An event clustering system configured to provide extracted information, comprising:
- an extraction engine with a processor in communication with an infrastructure, the extraction engine in operation receiving data from the infrastructure and produces clustering events and populates a database with a dictionary of event or graph entropy;
  
  an alert engine that receives the events and creates alerts mapped into a matrix, M;
  
  a signalizer engine that includes one or more of an NMF engine, a k-means clustering engine and a topology proximity engine, the signalizer engine determining one or more common steps from events and produces clusters relating to the alerts and or events, the signalizer engine determining one or more common steps from events and produces clusters relating to events, the signalizer engine determining one or more common characteristics of events and producing clusters of events relating to the failure or errors in the infrastructure, where membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in physical hardware of the infrastructure directed to supporting the flow and processing of information, where membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware of the infrastructure directed to supporting the flow and processing of information;
  
  one or more interactive displays that provide a collaborative interface coupled to the extraction and the signalizer engine with a collaborative interface (UI) for decomposing events from the infrastructure;
  
  a data extraction device that is configured to collect information from one or more clusters;
  
  a topology engine using a source address for each event and a graph topology of the infrastructure which represents node to node connectivity of the topology engine and to assign a graph coordinate to the event with an optional subset of attributes being extracted for each event and turned into a vector;
  
  the signalizer engine with at one or more of the NMF engine and the k-means clustering engine using graph coordinates and optionally a subset of attributes assigned to each event to generate cluster to bring together events whose characteristics are similar;
  
  the signalizer engine with at one or more of the NMF engine and the k-means clustering engine factoring the matrix M into A and B, where A is inspected and substantially significant clusters are extracted, and B is used to assign a start and end time to each cluster, wherein an output of clusters is produced; and
  
  wherein in response to production of the clusters one or more physical changes in a managed infrastructure hardware is made.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The system of claim 1, wherein the data extraction device is selected from at least one of a, SIM card, smart card, microcomputer, computing system, mobile device, network device, one or more computer servers or a peer-to-peer architecture, or other device that can collect information or data from the event clustering system.
  - 3. The system of claim 1, wherein the data extraction device performs on one or clusters at least one of:
    - analysis;
      
      encryption; and
      
      transmission to a data receiving device to extract intelligence regarding the one or more clusters.
  - 4. The system of claim 1, wherein the data extraction device is part of the clustering system.
  - 5. The system of claim 1, wherein the data extraction device is separate from the clustering system.
  - 6. The system of claim 1, wherein the data extraction device includes a storage device.
  - 7. The system of claim 1, wherein the data extraction device automatically extracts data from the clustering system.
  - 8. The system of claim 1, wherein the data extraction device transmits clustered information to a data receiving device in response to analysis of collected clustered information.
  - 9. The system of claim 1, wherein prior to transmission of extracted information the data extraction device performs an encryption of at least a portion of the information.
  - 10. The system of claim 1, wherein a receiving engine receives clustered information from the data extraction device to take actions based on the collected cluster information or analysis of the collected cluster information.
  - 11. The system of claim 10, wherein the receiving engine is configured to send extracted clustered information received from the data extraction device to a computing device.
  - 12. The system of claim 1, wherein the data extraction device extracts clustered information selected from at least one of, commands, contacts, call records, identification information, text messages and network provider information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dell Products LP (Dell Technologies Inc.)
Original Assignee
Moogsoft Inc. (Dell Technologies Inc.)
Inventors
Tee, Philip
Primary Examiner(s)
Trapanese, William C

Application Number

US14/325,575
Publication Number

US 20150310086A1
Time in Patent Office

1,449 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 16/285   Clustering or classification

G06F 16/35   Clustering; Classification

G06Q 10/107   Computer-aided management o...

H04L 12/1895   for short real-time informa...

H04L 41/065   involving logical or physic...

H04L 41/12   Discovery or management of ...

H04L 41/22   comprising specially adapte...

H04L 51/216   Handling conversation histo...

H04L 51/224   providing notification on i...

H04L 51/42   Mailbox-related aspects, e....

System for decomposing clustering events from managed infrastructures coupled to a data extraction device

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

51 Citations

12 Claims

Specification

Use Cases

Quick Links

Others

System for decomposing clustering events from managed infrastructures coupled to a data extraction device

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

51 Citations

12 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others