公开(公告)号：US20220113938A1

公开(公告)日：2022-04-14

申请号：US17133479

申请日：2020-12-23

Applicant: VMWARE, INC.

Inventor： RITESH JHA ,  NIKHIL JAISWAL ,  JOBIN RAJU GEORGE ,  VAIDIC JOSHI ,  SHIVAM SATIJA

IPC: G06F7/08 ,  G06F11/07 ,  G06F16/23

Abstract: Methods and systems that automatically rank log/event messages and log/event-message transactions to facilitate analysis of log/event-messages generated within distributed-computer systems are disclosed. A base-window dataset and current-window dataset are selected for diagnosis of a particular error or failure and processed to generate a transaction sequence for each dataset corresponding to log/event-message traces identified in the datasets. Then, frequencies of occurrence of log/event-message types relative to transaction types are generated for each dataset. From these two sets of relative frequencies of occurrence, changes in the relative frequency of occurrence for each log/event-message-type/transaction-type pair are generated. Normalized scores for log/event-message-type/transaction-type pairs and scores for transaction types are then generated from the changes in the relative frequency of occurrence. The generated scores reflect the relevance of log/event-messages in traces corresponding to particular transaction as well as the relevance of transaction types to the error or failure.

公开(公告)号：US20210357397A1

公开(公告)日：2021-11-18

申请号：US16937708

申请日：2020-07-24

Applicant: VMWARE, INC.

Inventor： RITESH JHA ,  CHANDRASHEKHAR JHA ,  NIKHIL JAISWAL ,  JOBIN RAJU GEORGE ,  SHIVAM SATIJA

IPC: G06F16/245 ,  G06F16/9035 ,  G06F9/455 ,  G06N3/08

Abstract: The current document is directed to methods and systems that efficiently transmit and process log/event messages within and among distributed computer facilities. By digesting and condensing log/event messages at the message-collector level, the volume of data transmitted from message collectors to message-ingestion-and-processing systems is greatly reduced, which increases system efficiencies by decreasing network overheads and which provides sufficient additional computational bandwidth at the message-collector level to allow message collectors to offload many message-processing tasks from message-ingestion-and-processing system and other downstream processing systems. When the currently disclosed, improved message-collectors carry out message-processing tasks formerly carried out by message-ingestion-and-processing systems and other downstream processing systems, an even greater deduction in the volume of data transmitted from message collectors to message-ingestion-and-processing systems is obtained, further increasing system efficiencies. The decrease in data volume also contributes to increased message-query-processing efficiencies.

公开(公告)号：US20230185855A1

公开(公告)日：2023-06-15

申请号：US17592532

申请日：2022-02-04

Applicant: VMWARE, INC.

Inventor： KARTHIK SESHADRI ,  RADHAKRISHNAN DEVARAJAN ,  SHIVAM SATIJA ,  SIDDARTHA LAXMAN KARIBHIMANVAR ,  RACHIL CHANDRAN

IPC: G06F16/903

CPC classification number: G06F16/90335

Abstract: This disclosure relates generally to efficiently storing and retrieving indexless log data. In particular, during ingestion of the log data metadata describing the log data and its location within a first data storage system is saved in a second data storage system to assist in efficient retrieval of the log data.

公开(公告)号：US20220066998A1

公开(公告)日：2022-03-03

申请号：US17096991

申请日：2020-11-13

Applicant: VMWARE, INC.

Inventor： RITESH JHA ,  SHIVAM SATIJA ,  PUSHKAR PATIL ,  JOBIN RAJU GEORGE ,  NIKHIL JAISWAL

IPC: G06F16/18 ,  G06F16/17 ,  G06N7/00 ,  G06F11/30

Abstract: The current document is directed to methods and systems that automatically identify log/event-message traces and computational-entity transactions within collections and/or streams of log/event messages. Automated identification of log/event-message traces provides the basis for automated interpretation, by automated computer-system administration-and-the management subsystems, of the information represented by collections and/or streams of log/event messages. Disclosed approaches to automatically identifying log/event-message traces and computational-entity involve identifying log/event-message types, generating time-series-like log/event-message-type occurrence signals from log/event-message collections and/or streams, and computing cross correlations between pairs of log/event-message-type occurrence signals. In one implementation, a strongly-correlated-type graph is generated from the computed cross correlations, from which connected-components subgraphs, corresponding to computational-entity transactions, are extracted. Log/event-message traces are then extracted from acyclic graphs generated from the connected-component subgraphs.