公开(公告)号：US20170250932A1

公开(公告)日：2017-08-31

申请号：US15375958

申请日：2016-12-12

Applicant: Moogsoft Inc.

Inventor： Philip Tee ,  Peter Spreenberg

IPC: H04L12/58 ,  H04L29/08 ,  H04L12/24

CPC classification number: H04L51/04 ,  H04L41/046 ,  H04L41/0893 ,  H04L41/145 ,  H04L43/045 ,  H04L43/08 ,  H04L51/12 ,  H04L67/04 ,  H04L67/12 ,  H04L67/16 ,  H04L67/22 ,  H04L67/26 ,  H04L69/40

Abstract: An event clustering system has an extraction engine in communication with a managed infrastructure. A signalizer engine includes one or more of an NMF engine, a k-means clustering engine and a topology proximity engine. The signalizer engine determines one or more common characteristics or features from events, the signalizer engine using the common features of events to produce clusters of events relating to the failure or errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. The system is configured to group two or more situations, where a situation is a collection of one or more events or alerts representative of a problem in the managed infrastructure.

公开(公告)号：US20170104650A1

公开(公告)日：2017-04-13

申请号：US15382884

申请日：2016-12-19

Applicant: Moogsoft, Inc.

Inventor： Philip Tee ,  Robert Duncan Harper ,  Charles Mike Silvey

IPC: H04L12/26 ,  H04L12/24 ,  H04L29/08

Abstract: A system is provided for clustering events. A first engine is configured to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information. A second engine determines common characteristics of events and produces clusters of events relating to a failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. One or more situations are created that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure. In response to the production of the clusters one or more physical changes in the managed infrastructure hardware.

公开(公告)号：US20170103119A1

公开(公告)日：2017-04-13

申请号：US15385304

申请日：2016-12-20

Applicant: Moogsoft, Inc.

Inventor： Philip Tee ,  Robert Duncan Harper ,  Charles Mike Silvey ,  Andrew John Leonard

IPC: G06F17/30 ,  G06F3/0481

CPC classification number: G06F11/0709 ,  G06F3/0481 ,  G06F11/0751 ,  G06F11/0769 ,  G06F11/0772 ,  G06F11/079 ,  G06F16/285 ,  G06F16/358 ,  G06F16/904 ,  G06Q10/00 ,  H04L41/0631 ,  H04L41/065 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/22 ,  H04L51/16 ,  H04L51/24

Abstract: A user interface system has a first engine in communication with a managed infrastructure and configured to receive messages from the managed infrastructure. The managed infrastructure includes physical hardware. A second engine is provided that determines one or more common steps from events and produces clusters of events relating to a failure or errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware of the managed infrastructure directed to supporting the flow and processing of information. In response to the production of the clusters one or more proposed physical hardware changes are suggested in a managed infrastructure hardware. A situation room is coupled to the first and second engines.

公开(公告)号：US20160218910A1

公开(公告)日：2016-07-28

申请号：US14606946

申请日：2015-01-27

Applicant: Moogsoft, Inc.

Inventor： Philip Tee

IPC: H04L12/24

CPC classification number: H04L41/046 ,  G06F17/30864 ,  H04L41/0886 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/142 ,  H04L41/145 ,  H04L41/22 ,  H04L43/067 ,  H04L43/0823 ,  H04L43/10 ,  H04L63/029 ,  H04L67/34 ,  H04L67/42

Abstract: A distributed system includes a plurality of managed devices, and at least one agent in communication with the managed devices. A polling server is in communication with the at least one agent with the at least one agent communicating over a subscribed bus. A portal bridge is in communication with the bus and communicates through a client's firewall to a Network System. A server includes or is coupled to a database of anomies and time series data.

Abstract translation: 分布式系统包括多个被管理设备，以及与被管理设备通信的至少一个代理。 轮询服务器与所述至少一个代理通信，所述至少一个代理通过订阅的总线通信。 门户网桥与总线通信，并通过客户端的防火墙与网络系统进行通信。 服务器包括或耦合到异常数据库和时间序列数据。

公开(公告)号：US20140324794A1

公开(公告)日：2014-10-30

申请号：US14262890

申请日：2014-04-28

Applicant: Moogsoft, Inc.

Inventor： Philip Tee ,  Robert Duncan Harper ,  Charles Mike Silvey

IPC: G06F17/30

CPC classification number: G06F11/0709 ,  G06F3/0481 ,  G06F11/0751 ,  G06F11/0769 ,  G06F11/0772 ,  G06F11/079 ,  G06F17/30598 ,  G06F17/30713 ,  G06F17/30994 ,  G06Q10/00 ,  H04L41/0631 ,  H04L41/065 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/22 ,  H04L51/16 ,  H04L51/24

Abstract: Methods are provided for clustering events. Data is received at an extraction engine from managed infrastructure. Events are converted into alerts and the alerts mapped to a matrix M. One or more common steps are determined from the events and clusters of events are produced relating to the alerts and or events.

Abstract translation: 为聚类事件提供了方法。 数据在提取引擎从受管基础设施接收。 将事件转换为警报，并将警报映射到矩阵M.一个或多个常见步骤是从与警报和/或事件有关的事件和事件集群确定的。

公开(公告)号：US11924018B2

公开(公告)日：2024-03-05

申请号：US17483818

申请日：2021-09-24

Applicant: Moogsoft Inc.

Inventor： Philip Tee ,  Robert Duncan Harper

IPC: H04L12/26 ,  H04L41/046 ,  H04L41/0686 ,  H04L41/069 ,  H04L41/14 ,  H04L43/045

CPC classification number: H04L41/046 ,  H04L41/0686 ,  H04L41/069 ,  H04L41/145 ,  H04L43/045

Abstract: A system texecutes automatic attribute inference and includes: a processor; a memory coupled to the memory; a first engine that executes automatic attribute inference; an extraction engine in communication with a managed infrastructure and the first engine, the extraction engine configured to receive managed infrastructure data; and a signaliser engine that includes one or more of an NMF engine, a k-means clustering engine and a topology proximity engine, the signaliser engine inputting a list of devices and a list a connections between components or nodes in the managed infrastructure, the signaliser engine determining one or more common characteristics and produces one or more dusters of events.

公开(公告)号：US11914452B2

公开(公告)日：2024-02-27

申请号：US15417593

申请日：2017-01-27

Applicant: Moogsoft Inc.

Inventor： Philip Tee ,  Robert Duncan Harper ,  Charles Mike Silvey ,  Andrew John Leonard ,  Jeffrey Ellison Townsend

IPC: G06F11/07 ,  G06F3/0481 ,  G06F16/28 ,  G06F16/35 ,  G06F16/904 ,  H04L41/0631 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/22 ,  H04L51/216 ,  H04L51/224 ,  H04L41/0894 ,  G06Q10/00

CPC classification number: G06F11/0709 ,  G06F3/0481 ,  G06F11/079 ,  G06F11/0751 ,  G06F11/0769 ,  G06F11/0772 ,  G06F16/285 ,  G06F16/358 ,  G06F16/904 ,  H04L41/065 ,  H04L41/0631 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/22 ,  H04L51/216 ,  H04L51/224 ,  G06Q10/00

Abstract: A user interface system is provided. At least one engine is provided to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information, determine common characteristics of events and produce clusters of events relating to the failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. One or more situations is created that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure. A situation room is coupled to or includes a dashboard display computer system and a data system, the display computer system configured to generate a dashboard display configured to display situations from the clustered events.

公开(公告)号：US20230030988A1

公开(公告)日：2023-02-02

申请号：US17961569

申请日：2022-10-07

Applicant: Moogsoft, Inc.

Inventor： Philip Tee ,  Robert Duncan Harper

IPC: G06F21/55

Abstract: A system for managing an infrastructure includes extraction engine is in communication with a managed infrastructure that includes physical hardware. A signalizer engine includes one or more of an NMF engine (Non-negative matrix factorization), a k-means clustering engine (a method of vector quantization), and a topology proximity engine. The signalizer engine determines one or more common characteristics of events and produces clusters of events relating to the failure or errors in the infrastructure. The signalizer engine uses graph coordinates and optionally a subset of attributes assigned to each event to generate one or more clusters to bring together events whose characteristics are similar. One or more interactive displays provide a collaborative interface coupled to the extraction and the signalizer engine with a collaborative interface (UI) for decomposing events from the infrastructure. The events are converted into words and subsets to group the events into clusters that relate to security of the managed infrastructure. In response to grouping the events physical changes are made to at least a portion of the physical hardware. In response to production of the clusters security of the managed infrastructure is maintained.

公开(公告)号：US11170061B2

公开(公告)日：2021-11-09

申请号：US15854001

申请日：2017-12-26

Applicant: Moogsoft Inc.

Inventor： Philip Tee

IPC: G06F16/9535 ,  H04L12/24 ,  G06Q10/10 ,  H04L12/58 ,  G06F17/10 ,  G06F16/35

Abstract: A system is provided for clustering events. A first engine is configured to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information. A second engine determines common characteristics of events and produces dusters of events relating to the failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. One or more situations is created that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure. In response to the production of the clusters one or more physical changes is made to at least a portion of the managed infrastructure hardware.

公开(公告)号：US20210258225A1

公开(公告)日：2021-08-19

申请号：US17133914

申请日：2020-12-24

Applicant: Moogsoft, Inc.

Inventor： Robert Duncan Harper

IPC: H04L12/24 ,  G06K9/62 ,  G06F17/16

Abstract: A managed infrastructure is provided. Systems, and associated methods, use frequency-based sorting logic relative to feature spare NLP datasets.