Some content of this application is unavailable at the moment.
If this situation persist, please contact us atFeedback&Contact
1. (WO2018106624) STRUCTURE-LEVEL ANOMALY DETECTION FOR UNSTRUCTURED LOGS
Latest bibliographic data on file with the International Bureau    Submit observation

Pub. No.: WO/2018/106624 International Application No.: PCT/US2017/064591
Publication Date: 14.06.2018 International Filing Date: 05.12.2017
IPC:
G06F 17/30 (2006.01)
G PHYSICS
06
COMPUTING; CALCULATING; COUNTING
F
ELECTRIC DIGITAL DATA PROCESSING
17
Digital computing or data processing equipment or methods, specially adapted for specific functions
30
Information retrieval; Database structures therefor
Applicants:
NEC LABORATORIES AMERICA, INC [US/US]; 4 INDEPENDENCE WAY SUITE 200 PRINCETON, NEW JERSEY 08540, US
Inventors:
DEBNATH, Biplob; US
ZHANG, Hui; US
JIANG, Guofei; US
Agent:
KOLODKA, Joseph; US
Priority Data:
15/830,57904.12.2017US
62/431,51308.12.2016US
62/544,94914.08.2017US
Title (EN) STRUCTURE-LEVEL ANOMALY DETECTION FOR UNSTRUCTURED LOGS
(FR) DÉTECTION D'ANOMALIES D'UN NIVEAU D'UNE STRUCTURE POUR JOURNAUX NON STRUCTURÉS
Abstract:
(EN) A computer-implemented method, computer program product, and computer processing system are provided. The method includes preprocessing, by a processor, a set of heterogeneous logs by splitting each of the logs into tokens to obtain preprocessed logs. Each of the logs in the set is associated with a timestamp and textual content in one or more fields. The method further includes generating, by the processor, a set of regular expressions from the preprocessed logs. The method also includes performing, by the processor, an unsupervised parsing operation by applying the regular expressions to the preprocessed logs to obtain a set of parsed logs and a set of unparsed logs, if any. The method additionally includes storing, by the processor, the set of parsed logs in a log analytics database and the set of unparsed logs in a debugging database.
(FR) L'invention concerne un procédé informatisé, un produit programme informatique et un système de traitement informatique. Le procédé comprend les étapes au cours desquelles un processeur : prétraite un ensemble de journaux hétérogènes en divisant chacun des journaux en jetons de façon à obtenir des journaux prétraités, chacun des journaux de l'ensemble étant associé à une estampille temporelle et à un contenu textuel dans un ou plusieurs champs; génère un ensemble d'expressions régulières à partir des journaux prétraités; effectue une opération d'analyse non supervisée en appliquant les expressions régulières aux journaux prétraités de façon à obtenir un ensemble de journaux analysés et, le cas échéant, un ensemble de journaux non analysés; et stocke l'ensemble de journaux analysés dans une base de données d'analyse de journaux et l'ensemble de journaux non analysés dans une base de données de débogage.
front page image
Designated States: AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, HR, HU, ID, IL, IN, IR, IS, JO, JP, KE, KG, KH, KN, KP, KR, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW
African Regional Intellectual Property Organization (ARIPO) (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW)
Eurasian Patent Office (AM, AZ, BY, KG, KZ, RU, TJ, TM)
European Patent Office (EPO) (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR)
African Intellectual Property Organization (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG)
Publication Language: English (EN)
Filing Language: English (EN)