System for decomposing events from managed infrastructures

US 10,574,551 B2
Filed: 12/19/2016
Issued: 02/25/2020
Est. Priority Date: 04/29/2013
Status: Active Grant

First Claim

Patent Images

1. A system for clustering events, comprising:

a first engine configured to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information;

a second engine that determines common characteristics of events and produces clusters of events relating to the failure of errors in the managed infrastructure, where membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information;

creating one or more situations that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure;

wherein in response to production of the clusters making one or more physical changes in the managed infrastructure hardware; and

wherein the second engine is a signalizer engine.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is provided for clustering events. A first engine is configured to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information. A second engine determines common characteristics of events and produces clusters of events relating to a failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. One or more situations are created that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure. In response to the production of the clusters one or more physical changes in the managed infrastructure hardware.

37 Citations

View as Search Results

16 Claims

1. A system for clustering events, comprising:
- a first engine configured to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information;
  
  a second engine that determines common characteristics of events and produces clusters of events relating to the failure of errors in the managed infrastructure, where membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information;
  
  creating one or more situations that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure;
  
  wherein in response to production of the clusters making one or more physical changes in the managed infrastructure hardware; and
  
  wherein the second engine is a signalizer engine.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The system of claim 1, wherein the first engine is an extraction engine.
  - 3. The system of claim 1,wherein the first engine in operation receives messages from the managed infrastructure.
  - 4. The system of claim 1, wherein the first engine in operation produces events that relate to the managed infrastructure.
  - 5. The system of claim 1, wherein the second engine is configured to determine one or more common characteristics of events and produces clusters relating to events.
  - 6. The system of claim 1, further comprising:
    - a third engine coupled to the first and second engines.
  - 7. The system of claim 1, wherein the managed infrastructure is from a business organization.
  - 8. The system of claim 7, wherein the managed infrastructure includes, computers, network devices, appliances, mobile devices, text or numerical values from which those text or numerical values indicate a state of any hardware or software component of the managed infrastructure.
  - 9. The system of claim 8, wherein the managed infrastructure generates data that include attributes selected from at least one of, time, source a description of the event, textural or numerical values from which those text or numerical values indicate a state of any hardware or software component of the managed infrastructure.
  - 10. The system of claim 1, further comprising:
    - a publication message bus.
  - 11. The system of claim 1, further comprising:
    - a data bus web server coupled to one or more user interfaces.
  - 12. The system of claim 1, wherein a plurality of link access modules are in communication with a data bus.
  - 13. The system of claim 1, further comprising:
    - a database.
  - 14. The system of claim 1, wherein the alerts are run in parallel with activities of the first engine.

15. A system for clustering events, comprising:
- a first engine configured to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information;
  
  a second engine that determines common characteristics of events and produces clusters of events relating to the failure of errors in the managed infrastructure, where membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information;
  
  creating one or more situations that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructurewherein in response to production of the clusters making one or more physical changes in the managed infrastructure hardware; and
  
  a compare and merge engine that receives outputs from the second engine, the compare and merge engine communicating with one or more user interfaces in a situation room.

16. A system for clustering events, comprising:
- a first engine configured to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information;
  
  a second engine that determines common characteristics of events and produces clusters of events relating to the failure of errors in the managed infrastructure, where membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information;
  
  creating one or more situations that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure;
  
  wherein the first engine is an extraction engine, the first engine in operation receives messages from the managed infrastructure and produces events that relate to the managed infrastructure; and
  
  wherein the events are converted into words and subsets used to group the events into clusters that relate to failures or errors in the managed infrastructure.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dell Products LP (Dell Technologies Inc.)
Original Assignee
Moogsoft Inc. (Dell Technologies Inc.)
Inventors
Tee, Philip, Harper, Robert Duncan, Silvey, Charles Mike
Primary Examiner(s)
Ehne, Charles

Application Number

US15/382,884
Publication Number

US 20170104650A1
Time in Patent Office

1,163 Days
Field of Search
US Class Current
CPC Class Codes

G06F 11/0709   in a distributed system con...

G06F 11/0751   Error or fault detection no...

G06F 11/0778   Dumping, i.e. gathering err...

G06F 11/079   Root cause analysis, i.e. e...

G06F 11/0793   Remedial or corrective acti...

G06F 11/30   Monitoring

G06F 16/338   Presentation of query results

G06F 16/355   Class or cluster creation o...

H04L 41/0631   using root cause analysis; ...

H04L 41/065   involving logical or physic...

H04L 41/0823   characterised by the purpos...

H04L 41/22   comprising specially adapte...

H04L 43/045   for graphical visualisation...

H04L 43/0817   by checking functioning

H04L 43/0823   Errors, e.g. transmission e...

H04L 51/216   Handling conversation histo...

H04L 67/75   Indicating network or usage...

System for decomposing events from managed infrastructures

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

37 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System for decomposing events from managed infrastructures

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

37 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links