公开(公告)号：US12028222B1

公开(公告)日：2024-07-02

申请号：US17560747

申请日：2021-12-23

申请人： Splunk Inc.

发明人： Atif Mahadik ,  Ryan Connor Means ,  Govind Salinas ,  Sourabh Satish

IPC分类号： H04L41/14 ,  H04L41/0631 ,  H04L41/0654 ,  H04L41/22

CPC分类号： H04L41/145 ,  H04L41/0636 ,  H04L41/0645 ,  H04L41/0654 ,  H04L41/22

摘要： Described herein are improvements for generating courses of action for an information technology (IT) environment. In one example, a method includes identifying a first course of action for responding to an incident type in an information technology environment and generating a simulated incident associated with the incident type. The method further includes initiating performance of the first course of action based on the generation of the simulated incident. The method also includes, upon reaching a particular step of the first course of action that prevents the performance of the first course of action from proceeding, providing a first simulated result that allows the performance of the first course of action to proceed.

公开(公告)号：US20180120826A1

公开(公告)日：2018-05-03

申请号：US15565019

申请日：2016-03-28

申请人： SAMSUNG ELECTRONICS CO., LTD.

发明人： Eun-Hee RHIM

IPC分类号： G05B23/02 ,  H04L12/24 ,  G06F11/22 ,  G06K9/62 ,  H04L12/28

CPC分类号： G05B23/0254 ,  G05B2219/1196 ,  G05B2219/25428 ,  G05B2219/31211 ,  G05B2219/34012 ,  G06F11/22 ,  G06K9/6267 ,  G06K9/6297 ,  H04L12/2803 ,  H04L41/0622 ,  H04L41/0636 ,  H04L41/064 ,  H04L41/065 ,  H04L41/085 ,  H04L41/0866

摘要： Various examples of the present invention provide a server for providing information of an electronic device, and the server can comprise: a communication unit for receiving, from at least one first electronic device, at least one piece of information of the first electronic device; and a control unit for determining, from the received information, a current state among a plurality of states preset for the first electronic device, and controlling the first electronic device such that state prediction information of the first electronic device is transmitted to a second electronic device if the determined current state satisfies a preset notification condition on a state diagram in which a relationship among the plurality of states is set. Additionally, other examples could be possible besides the various examples of the present invention.

公开(公告)号：US20170054605A1

公开(公告)日：2017-02-23

申请号：US14831168

申请日：2015-08-20

申请人： Accenture Global Services Limited

发明人： Peter T. DUNCAN ,  Kundan Lal Sareen ,  Jai Advani ,  Arnab D. Chakraborty ,  Vinita V. Nair ,  Vinoth Venkataraman

IPC分类号： H04L12/24 ,  H04L12/26

CPC分类号： H04L41/145 ,  G06F11/008 ,  H04L41/0636 ,  H04L41/0686 ,  H04L41/147 ,  H04L41/16 ,  H04L41/5038 ,  H04L43/10

摘要： A device may obtain first information related to network devices of a network. The device may obtain second information related to the network devices and/or to one or more historic network service incidents. The one or more historic network service incidents may be related to network services provided in association with the network devices. The one or more historic network service incidents may include outages and/or degradations of one or more network services. The device may perform an analysis of the first information and the second information. The device may train a predictive model based on the analysis of the first information and the second information. The predictive model may predict a probability of a future network service incident based on the first information and/or the second information. The device may cause third information, related to the network devices, to be monitored based on the predictive model.

摘要翻译： 设备可以获得与网络的网络设备相关的第一信息。 设备可以获得与网络设备有关的第二信息和/或获得一个或多个历史网络服务事件。 一个或多个历史网络服务事件可以与与网络设备相关联地提供的网络服务相关。 一个或多个历史网络服务事件可能包括一个或多个网络服务的中断和/或退化。 设备可以执行第一信息和第二信息的分析。 该装置可以基于对第一信息和第二信息的分析来训练预测模型。 预测模型可以基于第一信息和/或第二信息来预测未来网络服务事件的概率。 基于预测模型，该设备可以引起与网络设备相关的第三信息。

公开(公告)号：US09558196B2

公开(公告)日：2017-01-31

申请号：US14958134

申请日：2015-12-03

申请人： Cisco Technology, Inc.

发明人： Jay Kemper Johnston ,  David C. White, Jr. ,  Christopher Blayne Dreier

IPC分类号： G06F17/30 ,  G06F17/22 ,  H04L12/701 ,  G06F11/07 ,  H04L12/24

CPC分类号： G06F11/079 ,  G06F11/07 ,  G06F11/0709 ,  G06F11/0751 ,  G06F11/0775 ,  G06F11/0787 ,  G06F11/366 ,  G06F17/2241 ,  G06F17/30144 ,  G06F17/30327 ,  G06F17/30477 ,  G06F17/30961 ,  H04L41/0636 ,  H04L41/069 ,  H04L41/22 ,  H04L45/00

摘要： Systems and methods are described herein for logging system events within an electronic machine using an event log structured as a collection of tree-like cause and effect graphs. An event to be logged may be received. A new event node may be created within the event log for the received event. One or more existing event nodes within the event log may be identified as having possibly caused the received event. One or more causal links may be created within the event log between the new event node and the one or more identified existing event nodes. The new event node may be stored as an unattached root node in response to not identifying an existing event node that may have caused the received event.

摘要翻译： 本文描述了系统和方法，用于使用结构化为树状原因和效果图的集合的事件日志记录电子机器内的系统事件。 可能会收到要记录的事件。 可以在事件日志中为接收的事件创建一个新的事件节点。 事件日志中的一个或多个现有事件节点可能被识别为可能导致所接收的事件。 可以在新事件节点和一个或多个已识别的现有事件节点之间的事件日志内创建一个或多个因果链接。 响应于不识别可能已经导致接收到的事件的现有事件节点，新事件节点可以被存储为未附着的根节点。

公开(公告)号：US09497072B2

公开(公告)日：2016-11-15

申请号：US14242861

申请日：2014-04-01

申请人： CA, INC.

发明人： Carrie E. Gates ,  Steven L. Greenspan ,  Maria C. Velez-Rojas ,  Serguei Mankovskii

IPC分类号： G06F11/00 ,  H04L12/24 ,  G06F11/07 ,  G06F11/30

CPC分类号： H04L41/065 ,  G06F11/0709 ,  G06F11/079 ,  G06F11/30 ,  H04L41/0631 ,  H04L41/0636 ,  H04L41/22 ,  H04L43/045

摘要： Methods for monitoring a networked computing environment and for consolidating multiple alarms under a single root cause are described. In some embodiments, in response to detecting an alert corresponding with a performance issue in a networked computing environment, a root cause identification tool may aggregate a plurality of alarms from a plurality of performance management tools monitoring the networked computing environment. The root cause identification tool may then generate a failure graph associated with the performance issue based on the plurality of alarms, determine a first set of leaf nodes of the failure graph, determine a first chain of failures based on the first set of leaf nodes, suppress (or hide) alarms that are not associated with the first chain of failures, and output a consolidated alarm associated with the first chain of failures.

摘要翻译： 描述了在单个根本原因下监视联网计算环境和整合多个警报的方法。 在一些实施例中，响应于检测到与网络计算环境中的性能问题相对应的警报，根本原因识别工具可以聚合来自监视联网计算环境的多个性能管理工具中的多个警报。 然后，根本原因识别工具可以基于多个警报产生与性能问题相关联的故障图，确定故障图的第一组叶节点，基于第一组叶节点确定第一个故障链， 抑制（或隐藏）与第一个故障链无关的报警，并输出与第一个故障链相关联的综合报警。

公开(公告)号：US09485159B1

公开(公告)日：2016-11-01

申请号：US13717578

申请日：2012-12-17

申请人： Juniper Networks, Inc.

发明人： Paulo Sant'Anna ,  Jian Jin

IPC分类号： G06F15/16 ,  H04L12/26 ,  H04L29/08 ,  H04L29/06

CPC分类号： H04L43/08 ,  H04L29/06 ,  H04L29/08072 ,  H04L29/08117 ,  H04L41/0636 ,  H04L41/069 ,  H04L67/125

摘要： Techniques are described for managing network services deployed in a network using a rules engine with on-demand dependency insertion. A network service manager may use a rules engine to monitor a network service at network devices in order to detect a device-level event, and determine a service-level impact of the detected event based on network service rules and dependencies. The dependencies define links between the device-level event and actions triggered by the device-level event. According to the techniques, a rules engine is configured to detect a device-level event and, in response, insert only those dependencies associated with the detected device-level event into a working memory. Once the device-level event has been cleared, the dependencies related to the device-level event are removed from the working memory. The working memory, therefore, will include only the dependencies needed to determine service-level impacts of currently detected device-level events.

摘要翻译： 描述了用于管理使用具有按需依赖插入的规则引擎在网络中部署的网络服务的技术。 网络服务管理器可以使用规则引擎来监视网络设备处的网络服务，以便检测设备级事件，并且基于网络服务规则和依赖性确定检测到的事件的服务级别影响。 依赖关系定义设备级事件与设备级事件触发的动作之间的链接。 根据这些技术，规则引擎被配置为检测设备级事件，并且作为响应，仅将与检测到的设备级事件相关联的那些依赖性插入到工作存储器中。 一旦设备级事件被清除，与设备级事件相关的依赖关系将从工作内存中删除。 因此，工作内存将仅包括确定当前检测到的设备级事件的服务级别影响所需的依赖关系。

公开(公告)号：US09444708B2

公开(公告)日：2016-09-13

申请号：US14447577

申请日：2014-07-30

申请人： Microsoft Corporation

发明人： Art Sadovsky ,  Olga Ivanova ,  Venkat Narayanan ,  Smita Ojha

IPC分类号： H04L12/26 ,  H04L12/24

CPC分类号： H04L43/0817 ,  H04L41/0636 ,  H04L41/5035 ,  H04L41/5038 ,  H04L41/5096

摘要： Outage detection in a cloud based service is provided using synthetic measurements and anonymized usage data of the cloud based service. Synthetic measurements and usage data are processed through a shared aggregator to generate aggregated data. The synthetic measurements and the usage data are analyzed through a decision tree to correlate an outage based on the synthetic measurements and the usage data. A confidence value is assigned to the outage. An alert is generated that includes information associated with the outage and the confidence value.

摘要翻译： 基于云服务的合作测量和匿名使用数据提供了基于云服务的中断检测。 合成测量和使用数据通过共享聚合器进行处理，以生成聚合数据。 通过决策树分析综合测量和使用数据，以便根据合成测量和使用数据关联中断。 信号值被分配给中断。 产生包括与中断和置信度值相关联的信息的警报。

公开(公告)号：US20160098419A1

公开(公告)日：2016-04-07

申请号：US14958134

申请日：2015-12-03

申请人： Cisco Technology, Inc.

发明人： Jay Kemper Johnston ,  David C. White, JR. ,  Christopher Blayne Dreier

IPC分类号： G06F17/30

CPC分类号： G06F11/079 ,  G06F11/07 ,  G06F11/0709 ,  G06F11/0751 ,  G06F11/0775 ,  G06F11/0787 ,  G06F11/366 ,  G06F17/2241 ,  G06F17/30144 ,  G06F17/30327 ,  G06F17/30477 ,  G06F17/30961 ,  H04L41/0636 ,  H04L41/069 ,  H04L41/22 ,  H04L45/00

摘要： Systems and methods are described herein for logging system events within an electronic machine using an event log structured as a collection of tree-like cause and effect graphs. An event to be logged may be received. A new event node may be created within the event log for the received event. One or more existing event nodes within the event log may be identified as having possibly caused the received event. One or more causal links may be created within the event log between the new event node and the one or more identified existing event nodes. The new event node may be stored as an unattached root node in response to not identifying an existing event node that may have caused the received event.

摘要翻译： 本文描述了系统和方法，用于使用结构化为树状原因和效果图的集合的事件日志记录电子机器内的系统事件。 可能会收到要记录的事件。 可以在事件日志中为接收的事件创建一个新的事件节点。 事件日志中的一个或多个现有事件节点可能被识别为可能导致所接收的事件。 可以在新事件节点和一个或多个已识别的现有事件节点之间的事件日志内创建一个或多个因果链接。 响应于不识别可能已经导致接收到的事件的现有事件节点，新事件节点可以被存储为未附着的根节点。

公开(公告)号：US20150333998A1

公开(公告)日：2015-11-19

申请号：US14278854

申请日：2014-05-15

申请人： Futurewei Technologies, Inc.

发明人： Nandu Gopalakrishnan ,  Baoling Sheen

IPC分类号： H04L12/26

CPC分类号： H04L43/16 ,  H04L41/0636 ,  H04L41/142 ,  H04L41/16 ,  H04L43/08

摘要： In one embodiment, a method of determining whether a metric is an anomaly includes receiving a data point and determining a metric in accordance with the data point and a center value. The method also includes determining whether the metric is below a lower threshold, between the lower threshold and an upper threshold, or above the upper threshold and determining that the data point is not the anomaly when the metric is below the lower threshold. Additionally, the method includes determining that the data point is the anomaly when the metric is above the upper threshold and determining that the data point might be the anomaly when the metric is between the lower threshold and the upper threshold.

摘要翻译： 在一个实施例中，确定度量是否是异常的方法包括接收数据点并根据数据点和中心值确定度量。 该方法还包括确定度量是否低于较低阈值，较低阈值和较高阈值之间或高于上限阈值，并且当度量低于下限阈值时确定数据点不是异常。 此外，该方法包括当度量高于上限阈值时确定数据点是异常，并且当度量在下阈值和上阈值之间时确定数据点可能是异常。

公开(公告)号：US20150222478A1

公开(公告)日：2015-08-06

申请号：US14607405

申请日：2015-01-28

申请人： FUJITSU LIMITED

发明人： Kinji Kawaguchi ,  Masahiko Ohashi ,  Natsuko ARAI ,  Mitsuhiko Miwa

IPC分类号： H04L12/24 ,  H04L12/931

CPC分类号： H04L41/0636 ,  H04L41/0672 ,  H04L41/0859

摘要： An apparatus monitors a communication system including at least one communication device. The monitoring apparatus includes a memory, a processor. A second virtual system is generated by changing a first virtual system determined according to a combination of an arrangement of a plurality of virtual machines arranged in the at least one communication device, and a communication path between the plurality of virtual machines. The memory stores system information that represents an arrangement and a communication path of virtual machines used in the second virtual system. The processor receives the fault information that reports an occurrence of a fault. The processor identifies the fault information as being generated in the virtual machine within the first virtual system when a specified fault detected in a case where the fault information is transmitted from any of the virtual machines within the second virtual system represented by the system information is not detected.

摘要翻译： 一种装置监视包括至少一个通信装置的通信系统。 监视装置包括存储器，处理器。 通过改变根据布置在至少一个通信设备中的多个虚拟机的布置的组合确定的第一虚拟系统和多个虚拟机之间的通信路径来生成第二虚拟系统。 存储器存储表示在第二虚拟系统中使用的虚拟机的布置和通信路径的系统信息。 处理器接收报告故障发生的故障信息。 当在由系统信息表示的第二虚拟系统内的任何虚拟机发送故障信息的情况下检测到的指定故障不是在第一虚拟系统内的虚拟机中生成故障信息时，处理器将故障信息识别为生成 检测到。