METHOD AND SYSTEM FOR IMPLEMENTING TARGET MODEL CONFIGURATION METADATA FOR A LOG ANALYTICS SYSTEM

US 20160294649A1
Filed: 04/01/2016
Published: 10/06/2016
Est. Priority Date: 04/03/2015
Status: Active Grant

First Claim

Patent Images

1. A method, for configuring log monitoring to be performed in a system that implements a log analytics system, wherein the log monitoring comprises storing log data according to an association between log monitoring configuration metadata and a target, the target representing a component in a computing environment for which log data is generated, the method comprising:

generating the log monitoring configuration metadata by;

identifying a log source corresponding to a target, the log source identifying a location to monitor for the log data generated for the target;

identifying a parser for the log source;

configuring log monitoring configuration metadata comprising target-side log monitoring configuration metadata and server-side log monitoring configuration metadata, the target-side log monitoring configuration metadata including information regarding the log source and the server-side log monitoring configuration metadata including information regarding the parser for the log source;

distributing the target-side log monitoring configuration metadata to a host for the target, wherein the target is configured according to the target-side log monitoring configuration metadata;

configuring a log analytics server according to the server-side log monitoring configuration metadata;

gathering log data for the target from the host according to the target-side log monitoring configuration metadata; and

performing log processing on the log data at the log analytics server according to the server-side log monitoring configuration metadata.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed is a system, method, and computer program product for implementing a log analytics method and system that can configure, collect, and analyze log records in an efficient manner. The log analytics system, method, and computer program product provide target-based configuration of log monitoring metadata. The log analytics system, method, and computer program product can be implemented in a cloud-based/SaaS-based architecture.

10 Citations

View as Search Results

20 Claims

1. A method, for configuring log monitoring to be performed in a system that implements a log analytics system, wherein the log monitoring comprises storing log data according to an association between log monitoring configuration metadata and a target, the target representing a component in a computing environment for which log data is generated, the method comprising:
- generating the log monitoring configuration metadata by;
  
  identifying a log source corresponding to a target, the log source identifying a location to monitor for the log data generated for the target;
  
  identifying a parser for the log source;
  
  configuring log monitoring configuration metadata comprising target-side log monitoring configuration metadata and server-side log monitoring configuration metadata, the target-side log monitoring configuration metadata including information regarding the log source and the server-side log monitoring configuration metadata including information regarding the parser for the log source;
  
  distributing the target-side log monitoring configuration metadata to a host for the target, wherein the target is configured according to the target-side log monitoring configuration metadata;
  
  configuring a log analytics server according to the server-side log monitoring configuration metadata;
  
  gathering log data for the target from the host according to the target-side log monitoring configuration metadata; and
  
  performing log processing on the log data at the log analytics server according to the server-side log monitoring configuration metadata.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the log monitoring configuration metadata comprises at least one of a base parser, a log rule that is associated with the target, an identification of the target, or a type identification for the target.
  - 3. The method of claim 1, wherein the parser comprises a regular expression to define how to parse the log data for the target.
  - 4. The method of claim 1, wherein for a single host having multiple targets, the log monitoring configuration metadata corresponds to a single file having metadata portions that pertain to the multiple targets.
  - 5. The method of claim 1, wherein the log monitoring configuration metadata corresponds to an XML file.
  - 6. The method of claim 1, wherein the log monitoring configuration metadata is generated, modified, or deleted upon a change to the association between the target and the log source, a change to the target, or a change to a status of a log collection agent on the host.
  - 7. The method of claim 1, wherein the log monitoring configuration metadata is periodically synchronized to one or more master metadata databases.

8. A computer readable medium having stored thereon a sequence of instructions which, when executed by a processor causes the processor to execute a method for configuring log monitoring to be performed in a system that implements a log analytics system, wherein the log monitoring comprises storing log data according to an association between log monitoring configuration metadata and a target, the target representing a component in a computing environment for which log data is generated, the method comprising:
- generating the log monitoring configuration metadata by;
  
  identifying a log source corresponding to a target, the log source identifying a location to monitor for the log data generated for the target;
  
  identifying a parser for the log source;
  
  configuring log monitoring configuration metadata comprising target-side log monitoring configuration metadata and server-side log monitoring configuration metadata, the target-side log monitoring configuration metadata including information regarding the log source and the server-side log monitoring configuration metadata including information regarding the parser for the log source;
  
  distributing the target-side log monitoring configuration metadata to a host for the target, wherein the target is configured according to the target-side log monitoring configuration metadata;
  
  configuring a log analytics server according to the server-side log monitoring configuration metadata;
  
  gathering log data for the target from the host according to the target-side log monitoring configuration metadata; and
  
  performing log processing on the log data at the log analytics server according to the server-side log monitoring configuration metadata.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer readable medium of claim 8, wherein the log monitoring configuration metadata comprises at least one of a base parser, a log rule that is associated with the target, an identification of the target, or a type identification for the target.
  - 10. The computer readable medium of claim 8, wherein the parser comprises a regular expression to define how to parse the log data for the target.
  - 11. The computer readable medium of claim 8, wherein for a single host having multiple targets, the log monitoring configuration metadata corresponds to a single file having metadata portions that pertain to the multiple targets.
  - 12. The computer readable medium of claim 8, wherein the log monitoring configuration metadata corresponds to an XML, file.
  - 13. The computer readable medium of claim 8, wherein the log monitoring configuration metadata is generated, modified, or deleted upon a change to the association between the target and the log source, a change to the target, or a change to a status of a log collection agent on the host.
  - 14. The computer readable medium of claim 8, wherein the log monitoring configuration metadata is periodically synchronized to one or more master metadata databases.

15. A log analytics system implemented in a cloud or software-as-a-service architecture, the log analytics system comprising:
- a configuration mechanism to configure log monitoring comprising a memory having stored thereon a sequence of instructions which, when executed by a processor, causes the processor to execute operations comprising by;
  
  identifying a log source corresponding to a target, the log source identifying a location to monitor for log data generated for the target;
  
  identifying a parser for the log source;
  
  configuring log monitoring configuration metadata comprising target-side log monitoring configuration metadata and server-side log monitoring configuration metadata, the target-side log monitoring configuration metadata including information regarding the log source and the server-side log monitoring configuration metadata including information regarding the parser for the log source;
  
  distributing the target-side log monitoring configuration metadata to a host for the target, wherein the target is configured according to the target-side log monitoring configuration metadata;
  
  configuring a log analytics pipeline at a log analytics server according to the server-side log monitoring configuration metadata;
  
  the log analytics pipeline receiving log data gathered from the host for the target according to the target-side log monitoring configuration metadata, wherein the log analytics pipeline performs log processing at the log analytics server according to the server-side log monitoring configuration metadata.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The log analytics system of claim 15, wherein the log monitoring configuration metadata comprises at least one of a base parser, a log rule that is associated with the target, an identification of the target, or a type identification for the target.
  - 17. The log analytics system of claim 15, wherein the server-side log monitoring configuration metadata corresponds to a parser having a regular expression that defines how to parse the log data for the target.
  - 18. The log analytics system of claim 15, wherein the log monitoring configuration metadata corresponds to an XML file.
  - 19. The log analytics system of claim 15, wherein the log monitoring configuration metadata is generated, modified, or deleted upon a change to an association between the target and the log source, a change to the target, or a change to a status of a log collection agent on the host.
  - 20. The log analytics system of claim 15, wherein the log monitoring configuration metadata is periodically synchronized to one or more master metadata databases.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
RUSSELL, Jerry Paul, ZHU, Shushuai

Granted Patent

US 10,592,521 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 11/00   Error detection; Error corr...

G06F 11/0766   Error or fault reporting or...

G06F 11/0775   Content or structure detail...

G06F 11/3006   where the computing system ...

G06F 11/3072   where the reporting involve...

G06F 11/3086   where the reporting involve...

G06F 16/21   Design, administration or m...

G06F 16/2228   Indexing structures

G06F 16/2455   Query execution

G06F 16/248   Presentation of query results

G06F 16/353   into predefined classes

G06F 16/84   Mapping; Conversion

G06F 3/04842   Selection of displayed obje...

G06F 40/16   Automatic learning of trans...

G06F 40/205   Parsing

G06F 9/44505   Configuring for program ini...

G06F 9/542   Event management; Broadcast...

G06N 20/00   Machine learning

H04L 41/145   involving simulating, desig...

H04L 41/5074   Handling of user complaints...

H04L 43/04 : Processing captured monitor...

View All

METHOD AND SYSTEM FOR IMPLEMENTING TARGET MODEL CONFIGURATION METADATA FOR A LOG ANALYTICS SYSTEM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

10 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR IMPLEMENTING TARGET MODEL CONFIGURATION METADATA FOR A LOG ANALYTICS SYSTEM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links