公开(公告)号：US11924018B2

公开(公告)日：2024-03-05

申请号：US17483818

申请日：2021-09-24

Applicant: Moogsoft Inc.

Inventor： Philip Tee ,  Robert Duncan Harper

IPC: H04L12/26 ,  H04L41/046 ,  H04L41/0686 ,  H04L41/069 ,  H04L41/14 ,  H04L43/045

CPC classification number: H04L41/046 ,  H04L41/0686 ,  H04L41/069 ,  H04L41/145 ,  H04L43/045

Abstract: A system texecutes automatic attribute inference and includes: a processor; a memory coupled to the memory; a first engine that executes automatic attribute inference; an extraction engine in communication with a managed infrastructure and the first engine, the extraction engine configured to receive managed infrastructure data; and a signaliser engine that includes one or more of an NMF engine, a k-means clustering engine and a topology proximity engine, the signaliser engine inputting a list of devices and a list a connections between components or nodes in the managed infrastructure, the signaliser engine determining one or more common characteristics and produces one or more dusters of events.

公开(公告)号：US11914452B2

公开(公告)日：2024-02-27

申请号：US15417593

申请日：2017-01-27

Applicant: Moogsoft Inc.

Inventor： Philip Tee ,  Robert Duncan Harper ,  Charles Mike Silvey ,  Andrew John Leonard ,  Jeffrey Ellison Townsend

IPC: G06F11/07 ,  G06F3/0481 ,  G06F16/28 ,  G06F16/35 ,  G06F16/904 ,  H04L41/0631 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/22 ,  H04L51/216 ,  H04L51/224 ,  H04L41/0894 ,  G06Q10/00

CPC classification number: G06F11/0709 ,  G06F3/0481 ,  G06F11/079 ,  G06F11/0751 ,  G06F11/0769 ,  G06F11/0772 ,  G06F16/285 ,  G06F16/358 ,  G06F16/904 ,  H04L41/065 ,  H04L41/0631 ,  H04L41/0893 ,  H04L41/12 ,  H04L41/22 ,  H04L51/216 ,  H04L51/224 ,  G06Q10/00

Abstract: A user interface system is provided. At least one engine is provided to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information, determine common characteristics of events and produce clusters of events relating to the failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. One or more situations is created that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure. A situation room is coupled to or includes a dashboard display computer system and a data system, the display computer system configured to generate a dashboard display configured to display situations from the clustered events.

公开(公告)号：US20230030988A1

公开(公告)日：2023-02-02

申请号：US17961569

申请日：2022-10-07

Applicant: Moogsoft, Inc.

Inventor： Philip Tee ,  Robert Duncan Harper

IPC: G06F21/55

Abstract: A system for managing an infrastructure includes extraction engine is in communication with a managed infrastructure that includes physical hardware. A signalizer engine includes one or more of an NMF engine (Non-negative matrix factorization), a k-means clustering engine (a method of vector quantization), and a topology proximity engine. The signalizer engine determines one or more common characteristics of events and produces clusters of events relating to the failure or errors in the infrastructure. The signalizer engine uses graph coordinates and optionally a subset of attributes assigned to each event to generate one or more clusters to bring together events whose characteristics are similar. One or more interactive displays provide a collaborative interface coupled to the extraction and the signalizer engine with a collaborative interface (UI) for decomposing events from the infrastructure. The events are converted into words and subsets to group the events into clusters that relate to security of the managed infrastructure. In response to grouping the events physical changes are made to at least a portion of the physical hardware. In response to production of the clusters security of the managed infrastructure is maintained.

公开(公告)号：US11170061B2

公开(公告)日：2021-11-09

申请号：US15854001

申请日：2017-12-26

Applicant: Moogsoft Inc.

Inventor： Philip Tee

IPC: G06F16/9535 ,  H04L12/24 ,  G06Q10/10 ,  H04L12/58 ,  G06F17/10 ,  G06F16/35

Abstract: A system is provided for clustering events. A first engine is configured to receive message data from managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information. A second engine determines common characteristics of events and produces dusters of events relating to the failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. One or more situations is created that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure. In response to the production of the clusters one or more physical changes is made to at least a portion of the managed infrastructure hardware.

公开(公告)号：US11003521B2

公开(公告)日：2021-05-11

申请号：US16231957

申请日：2018-12-25

Applicant: Moogsoft, Inc.

Inventor： Philip Tee ,  Robert Duncan Harper

IPC: G06F11/07 ,  G06F16/28 ,  G06F9/54 ,  G06F40/30 ,  G06F40/284

Abstract: A system is provided for decomposing events from managed infrastructures. A first engine is configured to receive message data from a managed infrastructure that includes managed infrastructure physical hardware that supports the flow and processing of information, The at least one engine is configured to determine common characteristics of events and produce clusters of events relating to the failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in a physical hardware of the managed infrastructure directed to supporting the flow and processing of information. The first engine is configured to create one or more situations that is a collection of one or more events or alerts representative of the actionable problem in the managed infrastructure. A second engine is configured to determine one or more common steps from events and produces clusters relating to events. The second engine determines one or more common characteristics of events and produces clusters of events relating to the failure or errors in the managed infrastructure. The system is configured to use natural language processing techniques to analyze threshold entries in a situation room to identify resolutions to problems.

公开(公告)号：US10686648B2

公开(公告)日：2020-06-16

申请号：US16236551

申请日：2018-12-30

Applicant: Moogsoft Inc.

Inventor： Philip Tee

IPC: G06F3/048 ,  H04L12/24 ,  G06F16/951 ,  H04L29/08 ,  H04L29/06 ,  H04L12/26

Abstract: An event clustering system includes a processor that generates reports. An extraction engine is in communication with an infrastructure. The extraction engine receives data from the infrastructure, produces events and populates a database with a dictionary of event or graph entropy. An alert engine receives the events and creates alerts mapped into a matrix, M. A signalizer engine includes one or more of an NMF engine, a k-means clustering engine and a topology proximity engine. The signalizer engine determines one or more common steps from events and produces clusters relating to the alerts and or events. One or more interactive displays provide a collaborative interface a coupled to the extraction and the signalizer engine for decomposing events from the infrastructure. A reporting engine generates a report from at least one of the clusters and the events that are retrieved from the collaborative interface with a source address for each event to assign a graph coordinate in the graph to the event with an optional subset of attributes being extracted for each event and turning that into a vector of the graph. In response to production of the clusters one or more physical changes in a managed infrastructure hardware is made, and in response.

公开(公告)号：US10346229B2

公开(公告)日：2019-07-09

申请号：US15493439

申请日：2017-04-21

Applicant: Moogsoft, Inc.

Inventor： Philip Tee ,  Robert Duncan Harper ,  Charles Mike Silvey

IPC: G06F11/00 ,  G06F11/07 ,  H04L12/24 ,  H04L29/08 ,  G06F17/30 ,  G06F11/30 ,  H04L12/58 ,  H04L29/14 ,  G06F16/28 ,  G06F16/901 ,  H04L12/26

Abstract: A system is provided for clustering events. A first engine receives message data from a managed infrastructure that includes managed infrastructure physical hardware which supports the flow and processing of information. A second engine determines common characteristics of events and produces clusters of events relating to the failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to supporting the flow and processing of information. Events are produced that relate to the managed infrastructure while converting the events into words and subsets used to group the events that relate to failures or errors in the managed infrastructure, including the managed infrastructure physical hardware. A situation room is provided with a collaborative interface (UI) for decomposing events from managed infrastructures. The (UI) is available by one or more designated individuals relative to one or more failures or errors in a managed infrastructure.

公开(公告)号：US20190158347A1

公开(公告)日：2019-05-23

申请号：US16237663

申请日：2018-12-31

Applicant: Moogsoft, Inc.

Inventor： Philip Tee

IPC: H04L12/24 ,  G06F16/951 ,  H04L29/08 ,  H04L29/06 ,  H04L12/26

Abstract: A distributed system includes a client system with a plurality of managed devices. At least one agent is in communication with the managed devices. The one agent updates and changes at least one management policy. Anomaly detection is pushed out to the one agent. A dedicated polling server is in communication with the one agent. The one agent communicates over a subscribed bus, and runs on the dedicated polling server. A portal bridge is in communication with the bus and communicates through a client system firewall to a Network System. The portal bridge listens on the bus through a firewall of the client system. The one agent discovers a local environment and retrieves monitored client system parameters. The one agent performs at least one of: communicates a time data series or detects an anomaly, in response to a detection of a hole the at least one agent checks a value for an anomaly and detected anomalies are communicated to the server, when an anomaly is not detected the agent sends a time series data point to the repository and when there are changes in the monitored system parameters the agent loads the change and restarts with the polling. In response to anomaly detection one or more physical changes in a managed infrastructure hardware is made, where the hardware supports the flow and processing of information, and in response to production of the clusters security of the managed infrastructure is maintained.

公开(公告)号：US20190052514A1

公开(公告)日：2019-02-14

申请号：US16140508

申请日：2018-09-24

Applicant: Moogsoft Inc.

Inventor： Philip Tee

IPC: H04L12/24 ,  H04L29/08 ,  H04L29/06 ,  H04L12/26 ,  G06F17/30

Abstract: Methods and system are provided for decomposing events from managed infrastructures. The system decomposes events from a managed infrastructure and includes a first engine that receives data from a managed infrastructure which includes managed infrastructure physical hardware. The infrastructure physical hardware supports the flow and processing of information. A second engine determines common characteristics of events and produces clusters of events relating to the failure of errors in the managed infrastructure. Membership in a cluster indicates a common factor of the events that is a failure or an actionable problem in the physical hardware managed infrastructure directed to support the flow and processing of information. Events are produced that relate to the managed infrastructure. The events are converted into words and subsets used to group the events that relate to failures or errors in the managed infrastructure, including the managed infrastructure physical hardware. The events have textural context. Semantic meaning is applied to the textual context of the events. A change to a managed infrastructure physical hardware component is made.

公开(公告)号：US10013476B2

公开(公告)日：2018-07-03

申请号：US14325521

申请日：2014-07-08

Applicant: Moogsoft, Inc.

Inventor： Philip Tee

IPC: G06F3/048 ,  G06F17/30 ,  H04L12/58 ,  H04L12/24 ,  H04L12/18 ,  G06Q10/10

CPC classification number: G06F16/285 ,  G06F16/35 ,  G06Q10/107 ,  H04L12/1895 ,  H04L41/065 ,  H04L41/12 ,  H04L41/22 ,  H04L51/16 ,  H04L51/22 ,  H04L51/24

Abstract: An event clustering system is configured to generate reports. An extraction engine is in communication with an infrastructure. The extraction engine in operation receives data from the infrastructure and produces events. An alert engine receives the events and creates alerts mapped into a matrix, M. A sigalizer engine includes one or more of an NMF engine, a k-means clustering engine and a topology proximity engine. The sigalizer engine determines one or more common steps from events and produces clusters relating to the alerts and or events. A reporting engine is configured to be coupled to the event clustering system.