| 发明名称 |
IDENTIFICATION OF SYSTEMS WITH ANOMALOUS BEHAVIOUR USING EVENTS DERIVED FROM MACHINE DATA PRODUCED BY THOSE SYSTEMS |
| 摘要 |
Methods and apparatus consistent with the invention provide the ability to organize and build understandings of machine data generated by a variety of information-processing environments. Machine data is a product of information-processing systems (e.g., activity logs, configuration files, messages, database records) and represents the evidence of particular events that have taken place and been recorded in raw data format. In one embodiment, machine data is turned into a machine data web by organizing machine data into events and then linking events together. |
| 申请公布号 |
US2015143522(A1) |
申请公布日期 |
2015.05.21 |
| 申请号 |
US201514611189 |
申请日期 |
2015.01.31 |
| 申请人 |
Splunk Inc. |
发明人 |
Baum Michael Joseph;Carasso R. David;Das Robin Kumar;Hall Bradley;Murphy Brian Phillip;Sorkin Stephen Phillip;Stechert Andre David;Swan Erik M.;Greene Rory;Mealy Nicholas Christian;Noren Christina Frances Regina |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method, comprising:
receiving machine data from one or more systems; organizing the machine data into a plurality of events by determining event boundaries in the machine data; identifying one or more patterns derived from at least a portion of machine data in one or more events in the plurality of events; determining whether the one or more patterns indicate anomalous behavior in the one or more systems; wherein the method is performed by one or more computing devices. |
| 地址 |
San Francisco CA US |
