Network event capture and retention system
First Claim
Patent Images
1. A method for processing log data from a plurality of log-producing devices which is stored as summarized log data in a plurality of log data analyzers, the method comprising:
- formulating database queries in a management station;
sending database queries from the management station to a plurality of log data analyzers;
receiving in the management station a plurality of reports from the plurality of log data analyzers; and
combining in the management station the plurality of reports into a single report.
12 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus are provided to monitor and analyze activity occurring on a networked computer system. In some embodiments, a method is provided for capturing, in a data structure, at least a portion of a notification describing a network event provided by a node on a computer network, identifying a data element (e.g., an IP address of the node) within the notification, and updating an index and/or summary based on the data element. The data structure may be stored in a file system maintained on a site, and sites may exchange information related to the notification data stored on each. In some embodiments, a query which is issued to a site may be processed using data transferred from other sites, and/or may be split into one or more additional queries which may be transmitted for processing to other sites.
40 Citations
8 Claims
-
1. A method for processing log data from a plurality of log-producing devices which is stored as summarized log data in a plurality of log data analyzers, the method comprising:
- formulating database queries in a management station;
sending database queries from the management station to a plurality of log data analyzers;
receiving in the management station a plurality of reports from the plurality of log data analyzers; and
combining in the management station the plurality of reports into a single report.
- formulating database queries in a management station;
-
2. A method for processing log data from a plurality of log-producing devices which is stored as summarized log data in a plurality of log data analyzers, the method comprising:
- associating a database query with a certain log data analyzer;
sending a database query from a management station to the certain log data analyzer;
receiving in the management station a report from a database maintained by the certain log data analyzer; and
, displaying the report on the management station.
- associating a database query with a certain log data analyzer;
-
3. A method for processing log data from a plurality of log-producing devices which is stored as summarized log data in a plurality of log data analyzers, the method comprising:
- associating a database query with certain of the plurality of log data analyzers;
sending database queries from a management station to each of the certain log data analyzers;
receiving in the management station a plurality of reports from databases maintained by the certain log data analyzers;
merging the plurality of reports into a single report; and
, displaying the merged report on the management station. - View Dependent Claims (4)
- associating a database query with certain of the plurality of log data analyzers;
-
5. A data processing system for processing log data from a plurality of log-producing devices which comprises:
- a plurality of log data analyzers storing summarized log data; and
, a management station connected to the plurality of log data analyzers via data communications links and which formulates database queries;
sends database queries to a plurality of log data analyzers;
receives a plurality of reports from the plurality of log data analyzers; and
combines the plurality of reports into a single report.
- a plurality of log data analyzers storing summarized log data; and
-
6. A data processing system for processing log data from a plurality of log-producing devices which comprises:
- a plurality of log data analyzers storing summarized log data; and
, a management station connected to the plurality of log data analyzers via data communications links and which associates a database query with a certain log data analyzer;
sends a database query to the certain log data analyzer;
receives a report from a database maintained by the certain log data analyzer; and
, displays the report.
- a plurality of log data analyzers storing summarized log data; and
-
7. A data processing system for processing log data from a plurality of log-producing devices which comprises:
- a plurality of log data analyzers storing summarized log data; and
, a management station in data communication with the plurality of log data analyzers and which associates a database query with certain of the plurality of log data analyzers;
sends database queries to each of the certain log data analyzers;
receives a plurality of reports from databases maintained by the certain log data analyzers;
merges the plurality of reports into a single report; and
, displays the merged report. - View Dependent Claims (8)
- a plurality of log data analyzers storing summarized log data; and
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeEmc IP Holding Company LLC (Dell Technologies Inc.)
-
Original AssigneeNetwork Intelligence Corporation (Dell Technologies Inc.)
-
InventorsVolk, Scott, Johnson, Mark, Stevens, Matthew, Brady, Bernard
-
Application NumberUS11/441,927Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current709/224CPC Class CodesH04L 41/0213 Standardised network manage...H04L 41/06 Management of faults, event...H04L 41/22 comprising specially adapte...
