公开(公告)号：US20170206125A1

公开(公告)日：2017-07-20

申请号：US15314516

申请日：2015-05-27

申请人： HITACHI, LTD.

发明人： Yoshiteru TAKESHIMA ,  Masahiko NAKAHARA ,  Seiya KUDO ,  Yukiko TAKEDA

IPC分类号： G06F11/07

CPC分类号： G06F11/0754 ,  G06F11/0709 ,  G06F11/30 ,  G06F11/34 ,  G06F11/3409 ,  G06F11/3495 ,  G06F2201/81 ,  H04L43/0817

摘要： A monitoring system comprises: a measurement unit; and an analysis unit, wherein the measurement unit measures traffic information relating to messages inputted to a device to be monitored and messages outputted from the device to be monitored, and wherein the analysis unit calculates one or more indices on the basis of a prescribed relational expression and the measured traffic information, and detects that a specific change in state has occurred in the device to be monitored on the basis of the indices or a comparison between a change in the indices and a threshold.

公开(公告)号：US20140013007A1

公开(公告)日：2014-01-09

申请号：US14022863

申请日：2013-09-10

申请人： Hitachi, Ltd.

发明人： Naokazu NEMOTO ,  Masahiko NAKAHARA

IPC分类号： H04L12/24

CPC分类号： H04L41/06 ,  H04L67/2814 ,  H04L67/2819 ,  H04L69/04

摘要： In a gateway device holding a traffic relay function, the storage cost and the retrieval time for a great amount of access logs are prevented from increasing. The gateway device includes a traffic relay function, a protocol analysis function, a log output function and a log retrieval function. These functions output an access log in compressed or uncompressed form in compliance with a rule for each protocol designated by the manager in accordance with the degree of importance. The retrieval is carried out for the uncompressed file.

摘要翻译： 在具有流量中继功能的网关装置中，防止大量访问日志的存储成本和检索时间增加。 网关设备包括业务中继功能，协议分析功能，日志输出功能和日志检索功能。 这些功能按照管理者根据重要程度指定的每个协议的规则输出压缩或未压缩格式的访问日志。 对未压缩文件执行检索。

公开(公告)号：US20160283307A1

公开(公告)日：2016-09-29

申请号：US15033881

申请日：2015-03-18

申请人： HITACHI, LTD.

发明人： Yoshiteru TAKESHIMA ,  Yukiko TAKEDA ,  Masahiko NAKAHARA ,  Seiya KUDO

IPC分类号： G06F11/07 ,  G06F11/34 ,  G06F11/30

CPC分类号： G06F11/079 ,  G06F11/0709 ,  G06F11/076 ,  G06F11/0787 ,  G06F11/2294 ,  G06F11/3006 ,  G06F11/3409 ,  G06F11/3452 ,  G06F11/3495 ,  G06F2201/81 ,  G06F2201/875 ,  H04L41/14 ,  H04L43/50

摘要： A monitoring device executes: aggregating a number of messages for each type of message transmitted or received at nodes using test results; classifying the respective messages into either an original message that serves as an origin among messages transmitted and received by a system to be monitored, or a generated message that is generated in the system when the original message is transmitted to any of the plurality of nodes; analyzing a relationship between the original message and the generated message on the basis of a number of messages classified as the original message and a number of messages classified as the generated message, thereby creating a matrix indicating the relationship between the original message and the generated message; and determining that the system has undergone a failure if a value of an element inside the matrix is outside of a normal range.

摘要翻译： 监控设备执行：使用测试结果聚合在节点处发送或接收的每种类型的消息的多个消息; 将各个消息分类为在待监视的系统发送和接收的消息中作为起始点的原始消息，或者当原始消息被发送到多个节点中的任何节点时在系统中生成的生成的消息; 基于分类为原始消息的消息的数量和分类为生成的消息的消息的数量来分析原始消息和生成的消息之间的关系，从而创建表示原始消息与生成的消息之间的关系的矩阵 ; 并且如果矩阵内的元素的值在正常范围之外，则确定系统已经发生故障。