公开(公告)号：US10275284B2

公开(公告)日：2019-04-30

申请号：US15184742

申请日：2016-06-16

Applicant: VMware, Inc.

Inventor： Arnak Poghosyan ,  Ashot Nshan Harutyunyan ,  Naira Movses Grigoryan ,  Khachatur Nazaryan ,  Ruzan Hovhannisyan

IPC: G06F9/50

Abstract: Methods determine a capacity-forecast model based on historical capacity metric data and historical business metric data. The capacity-forecast model may be to estimate capacity requirements with respect to changes in demand for the data center customer's application program. The capacity-forecast model provides an analytical “what-if” approach to reallocating data center resources in order to satisfy projected business level expectations of a data center customer and calculate estimated capacities for different business scenarios.

公开(公告)号：US09948528B2

公开(公告)日：2018-04-17

申请号：US14701066

申请日：2015-04-30

Applicant: VMware, Inc.

Inventor： Mazda A. Marvasti ,  Ashot Nshan Harutyunyan ,  Naira Movses Grigoryan ,  Arnak Poghosyan

IPC: H04L12/26 ,  H04L29/08 ,  G06F11/34

CPC classification number: H04L43/04 ,  G06F11/34 ,  H04L43/02 ,  H04L43/08 ,  H04L67/1097

Abstract: Methods and systems that manage large volumes of metric data generation by cloud-computing infrastructures are described. The cloud-computing infrastructure generates sets of metric data, each set of metric data may represent usage or performance of an application or application module run by the cloud-computing infrastructure or may represent use or performance of cloud-computing resources used by the applications. The metric data management methods and systems are composed of separate modules that perform sequential application of metric data reduction techniques on different levels of data abstraction in order to reduce volume of metric data collected. In particular, the modules determine normalcy bounds, delete highly correlated metric data, and delete metric data with highly correlated normalcy bound violations.

公开(公告)号：US20160321553A1

公开(公告)日：2016-11-03

申请号：US14701217

申请日：2015-04-30

Applicant: VMware, Inc.

Inventor： Mazda A. Marvasti ,  Ashot Nshan Harutyunyan ,  Naira Movses Grigoryan ,  Arnak Poghosyan

IPC: G06N5/04 ,  G06N7/00

CPC classification number: G06F17/18 ,  G06K9/0053 ,  G06K9/00543

Abstract: Methods and systems that estimate a degree of abnormality of a complex system based on historical time-series data representative of the complex system's past behavior and using the historical degree of abnormality to determine whether or not a degree of abnormality determined from current time-series data representative of the same complex system's current behavior is worthy of attention. The time-series data may be metric data that represents behavior of a complex system as a result of successive measurements of the complex system made over time or in a time interval. A degree of abnormality represents the amount by which the time-series data violates a threshold. The larger the degree of abnormality of the current time-series data is from the historical degree of abnormality, the larger the violation of the thresholds and the greater the probability the violation in the current time-series data is worthy of attention.

Abstract translation: 基于代表复杂系统过去行为的历史时间序列数据和使用历史异常程度来估计复杂系统的异常程度的方法和系统，以确定从当前时间序列数据确定的异常程度 代表同样复杂系统的当前行为值得关注。 时间序列数据可以是度量数据，其表示由于随着时间或时间间隔而进行的复杂系统的连续测量，复杂系统的行为。 异常程度表示时间序列数据违反阈值的量。 当前时间序列数据的异常程度越大，从历史异常程度来看，阈值越大，当前时间序列数据的违规概率越大。

公开(公告)号：US20140053025A1

公开(公告)日：2014-02-20

申请号：US13960611

申请日：2013-08-06

Applicant: VMware, Inc.

Inventor： Mazda A. Marvasti ,  Arnak Poghosyan ,  Ashot Harutyunyan ,  Naira Grigoryan

IPC: G06F11/07

CPC classification number: G06F11/079 ,  G06F11/0706 ,  G06F11/0754 ,  G06F2201/86

Abstract: This disclosure presents systems and methods for run-time analysis of streams of log data for abnormalities using a statistical structure of meta-data associated with the log data. The systems and methods convert a log data stream into meta-data and perform statistical analysis in order to reveal a dominant statistical pattern within the meta-data. The meta-data is represented as a graph with nodes that represent each of the different event types, which are detected in the stream along with event sources associated with the events. The systems and methods use real-time analysis to compare a portion of a current log data stream collected in an operational window with historically collected meta-data represented by a graph in order to determine the degree of abnormality of the current log data stream collected in the operational window.

Abstract translation: 本公开提供了使用与日志数据相关联的元数据的统计结构来运行时分析用于异常的日志数据流的系统和方法。 系统和方法将日志数据流转换为元数据并执行统计分析，以显示元数据中的统计统计模式。 元数据被表示为具有表示每个不同事件类型的节点的图，该事件类型与流中与事件相关联的事件源一起检测。 系统和方法使用实时分析来比较在操作窗口中收集的当前日志数据流的一部分与由图表表示的历史收集的元数据，以便确定当前日志数据流的异常程度 操作窗口。

公开(公告)号：US20240028444A1

公开(公告)日：2024-01-25

申请号：US18096752

申请日：2023-01-13

Applicant: VMWare, Inc.

Inventor： Ashot Nshan Harutyunyan ,  Arnak Poghosyan ,  Lilit Harutyunyan ,  Nelli Aghajanyan ,  Tigran Bunarjyan ,  Marine Harutyunyan ,  Sam Israelyan

IPC: G06F11/07

CPC classification number: G06F11/079 ,  G06F11/0721 ,  G06F11/0769 ,  G06N20/20

Abstract: Automated computer-implemented methods and systems for resolving performance problems with objects executing in a data center are described. The automated methods use machine learning to obtain rules defining relationships between probabilities of event types of in log messages and performance problems identified by a key performance indictor (“KPI”) of the object. When a KPI violates a corresponding threshold, the rules are used to evaluate run time log messages that describe the probable root cause of the performance problem. An alert identifying the KPI threshold violation, and the log messages are displayed in a graphical user interface of an electronic display device.

公开(公告)号：US20230229675A1

公开(公告)日：2023-07-20

申请号：US17577318

申请日：2022-01-17

Applicant: VMware, Inc.

Inventor： Ashot Hautyunyan ,  Arnak Poghosyan ,  Tigran Bunarjyan ,  Naira Movses Grigoryan

IPC: G06F16/28

CPC classification number: G06F16/285

Abstract: The current document is directed to methods and systems that collect metric data within computing facilities, including large data centers and cloud-computing facilities. In a described implementation, two or more metric-data sets are combined to generate a multidimensional metric-data set. The multidimensional metric-data set is compressed for efficient storage by clustering the multidimensional data points within the multidimensional metric-data set to produce a covering subset of multidimensional data points and by then representing the multidimensional-data-point members of each cluster by a cluster identifier rather than by a set of floating-point values, integer values, or other types of data representations. The covering set is constructed to ensure that the compression does not result in greater than a specified level of distortion of the original data.

公开(公告)号：US11416364B2

公开(公告)日：2022-08-16

申请号：US17119462

申请日：2020-12-11

Applicant: VMware, Inc.

Inventor： Naira Movses Grigoryan ,  Arnak Poghosyan ,  Ashot Nshan Harutyunyan ,  Clement Pang ,  Dev Nag

IPC: G06F11/30 ,  G06F11/34 ,  G06F11/32

Abstract: The current document is directed to methods and systems that employ distributed-computer-system metrics collected by one or more distributed-computer-system metrics-collection services, call traces collected by one or more call-trace services, and attribute values for distributed-computer-system components to identify attribute dimensions related to anomalous behavior of distributed-computer-system components. In a described implementation, nodes correspond to particular types of system components and node instances are individual components of the component type corresponding to a node. Node instances are associated with attribute values and node are associated with attribute-value spaces defined by attribute dimensions. A set of call traces is partitioned, by clustering. Using attribute values and call traces, attribute dimensions that are likely related to particular anomalous behaviors of distributed-computer-system components are determined by decision-tree-related analyses for each partition and are reported to one or more computational entities to facilitate resolution of the anomalous behaviors.

公开(公告)号：US20210303438A1

公开(公告)日：2021-09-30

申请号：US16833102

申请日：2020-03-27

Applicant: VMware, Inc.

Inventor： Dev Nag ,  Naira Movses Grigoryan ,  Arnak Poghosyan ,  Ashot Nshan Harutyunyan

IPC: G06F11/34 ,  G06F11/30

Abstract: The current document is directed to methods and systems that employ distributed-computer-system metrics collected by one or more distributed-computer-system metrics-collection services, call traces collected by one or more call-trace services, and attribute values for distributed-computer-system components to identify attribute dimensions related to anomalous behavior of distributed-computer-system components. In a described implementation, nodes correspond to particular types of system components and node instances are individual components of the component type corresponding to a node. Node instances are associated with attribute values and node are associated with attribute-value spaces defined by attribute dimensions. Using attribute values and call traces, attribute dimensions that are likely related to particular anomalous behaviors of distributed-computer-system components are determined by decision-tree-related analyses and are reported to one or more computational entities to facilitate resolution of the anomalous behaviors.

公开(公告)号：US20200341877A1

公开(公告)日：2020-10-29

申请号：US16391668

申请日：2019-04-23

Applicant: VMware, Inc.

Inventor： Arnak Poghosyan ,  Ashot Nshan Harutyunyan ,  Naira Movses Grigoryan ,  Nicholas Kushmerick

IPC: G06F11/30 ,  G06F17/18

Abstract: Automated processes and systems for detecting abnormally behaving objects of a distributed computing system are described. Processes and systems obtain metrics that are generated in a historical time window and are associated with an object of the distributed computing system. Processes and system use the metrics to compute a time-dependent system indicator over the historical time window. Each value of the system indicator corresponds to a point in time of the historical time window when the object was in a normal or an abnormal state. Processes and systems use the normal and abnormal states of the system indicator in the historical time window to train a state classifier that is used to detect run-time abnormal behavior of the object. When the state classifier identifies abnormal behavior of the object, an alert is generated, indicating the abnormal behavior of the object.

公开(公告)号：US10592372B2

公开(公告)日：2020-03-17

申请号：US15652705

申请日：2017-07-18

Applicant: VMware, Inc.

Inventor： Ashot Nshan Harutyunyan ,  Arnak Poghosyan ,  Naira Movses Grigoryan

IPC: G06F11/00 ,  G06F11/30 ,  G06F11/34 ,  G06F11/07

Abstract: Methods and systems of automatic confidence-controlled sampling to analyze, detect anomalies and problems in monitoring data and event messages generated by sources of a distributed computing system are described. A source can be virtual or physical object of the distributed computing system, a resource of the distributed computing system, or an event source running in the distributed computing. Monitoring data includes metric data generated by resources and data that represents meta-data properties of event sources. Confidence-controlled sampling is used to determine characteristics of the monitoring data, identify periodic patterns in the behavior of a source, detect changes in behavior of a source, and compare the behavior of two sources. Confidence-controlled sampling speeds up characterization the data sets, determination of behavior patterns, and detection and reporting of anomalies and problems of the resources and event sources of the distributed computing system.