Network Incident Identification Based On Characterizing Relationships Between Interfaces And Events As Graphical Component Relationships
Techniques for use in network incident identification are described. In response to an occurrence of an unknown network incident, a plurality of log messages (e.g. syslog messages) are received from a plurality of network components in one or more networks. In one illustrative example, a plurality o...
Gespeichert in:
| Hauptverfasser: | , , , , , , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | Techniques for use in network incident identification are described. In response to an occurrence of an unknown network incident, a plurality of log messages (e.g. syslog messages) are received from a plurality of network components in one or more networks. In one illustrative example, a plurality of relationships between interfaces and events are derived from the received log messages and characterized as a plurality of graphical component relationships. One or more groups of connected components are determined from the graphical component relationships and network component connection data which indicate interface relationships of the network components. Here, groups of connected components may be logically joined based on the network component connection data indicating one or more interface relationships. A network incident may then be identified based on at least one of the determined groups of connected components being associated with at least one identified set of events that has the closest or substantial match with at least one predetermined set of events associated with the network incident. |
|---|