公开(公告)号：US09244755B2

公开(公告)日：2016-01-26

申请号：US13897994

申请日：2013-05-20

Applicant: VMware, Inc.

Inventor： Mark Huang ,  Junyuan Lin

IPC: G06F11/00 ,  G06F11/07

CPC classification number: G06F11/0775 ,  G06F11/0709 ,  G06F11/0769 ,  G06F11/079

Abstract: Large amounts of unstructured log data generated by software and infrastructure components of a computing system are processed and analyzed in real time to identify anomalies and potential problems within the computing system. A log analytics module reduces both the volume and level of detail of log data by first classifying log messages into message types based on their content similarity. The log analytics module may then further reduce data by grouping bursts of log messages into log events. Patterns within these log events, such as the collection and number of different message types that comprise the event, can be used to identify anomalous events.

Abstract translation: 对计算系统的软件和基础设施组件生成的大量非结构化日志数据进行实时处理和分析，以识别计算系统内的异常和潜在问题。 日志分析模块通过根据内容相似性首先将日志消息分类为消息类型来减少日志数据的数量和详细程度。 然后，日志分析模块可以通过将日志消息的分组分组成日志事件来进一步减少数据。 这些日志事件中的模式，例如组成事件的不同消息类型的集合和数量，可用于识别异常事件。