A technique for tracking web browsing activity of a client device that includes storing, in a memory, a client profile having a client identifier associated therewith, providing a client device with a cache file having the client identifier embedded therein, receiving from the client device an identification of a client action and the client identifier, and updating the client profile to include the identification of the client action.

Certain embodiments described herein relate to an improved selective data backup system. In some embodiments, one or more components in an information management system can determine that a portion of the primary data scheduled for backup was previously backed up or is scheduled to be backed up as part of another backup operation. For example, a data agent performing a cluster-level backup operation for an entire cluster of storage servers may check whether any part of the primary data was previously backed up by a prior server-level backup operation for one of the storage servers in the cluster. If so, the data agent may skip, in the cluster-level backup operation, any portion of the primary data stored in the storage server previously backed up as part of the prior server-level backup operation.

Various embodiments discussed herein enable unique identifiers or hash values to be generated that uniquely identify performance issues and associated call stack units, which may be attributed to a user or team of users. A performance issue for a currently running process can be detected. A particular location within a call stack of the process indicating where the performance issue was detected can be determined. A quantity of call stack frames within the particular location that account for a threshold proportion of the performance issue can be determined. A hash value that uniquely identifies the performance issued can be generated based at least in part on the particular location and the quantity of call stack frames within the particular location that account for the threshold proportion of the performance issue.

A fault tolerant server according to the present invention configured to duplicate information processing by an online subsystem and an offline subsystem, the fault tolerant server operates to: execute entire copy processing for copying all data being stored in the memory of the online subsystem into the memory of the offline subsystem without stopping execution of information processing by the processor of the online subsystem, before start of duplication; detect data, the data satisfying a criterion indicating that content of data is changed during the entire copy processing, among data being stored in the memory of the online subsystem; and copy the detected data from the memory of the online subsystem into the memory of the offline subsystem.

A system and method for data replication is described. A destination storage system receives a message from a source storage system as part of a replication process. The message includes an identity of a first file, information about where the first file is stored in the source storage system, a name of a first data being used by the first file and stored at a first location of the source storage system, and a fingerprint of the first data. The destination storage system determines that a mapping database is unavailable or inaccurate, and accesses a fingerprint database using the fingerprint of the first data received with the message to determine whether data stored in the destination storage system has a fingerprint identical to the fingerprint of the first data.

In one example, a method is provided for backing up client data at a datacenter. Initially, an incremental backup is received from a client and stored at the datacenter. Next, a table of contents for the incremental backup is created, and differences identified between the incremental backup and a dataset previously stored at the datacenter. The offsets imposed by any new or modified blocks present in the incremental backup can then be identified and recorded, and used to identify respective data ranges in the incremental backup for any new and modified blocks, which data ranges can then be recorded. Next, a reference block can be created for each block of the previously stored dataset that was not modified in the incremental backup. The reference block can then be stored at the datacenter in association with the incremental backup.

A method for verifying data includes obtaining, by a backup agent, a backup verification trigger for a backup stored in a backup storage system, in response to the backup verification trigger, obtaining backup metadata associated with the backup, performing a hierarchical structure data mapping based on the backup metadata to obtain a hierarchical structure associated with the backup, performing, using the hierarchical structure, a backup verification to generate a backup health state of the backup, after the backup verification is generated: making a determination, based on the backup verification, that the backup health state is not in a healthy state, and in response to the determination, performing a remediation of the backup policies.

Examples include application of a variable-sized content-defined chunking technique to a first data portion to identify a content-defined chunk boundary at least partially defining a remainder section, merging of the remainder section with a second data portion ordered before the first data portion to create a merged section, and application of the chunking technique to the merged section.

An exemplary method for detecting one or more anomalies in a system includes building a temporal causality graph describing functional relationship among local components in normal period; applying the causality graph as a propagation template to predict a system status by iteratively applying current system event signatures; and detecting the one or more anomalies of the system by examining related patterns on the template causality graph that specifies normal system behaviors. The system can aligning event patterns on the causality graph to determine an anomaly score.

Techniques, supported by corresponding apparatuses and methods, are disclosed for monitoring execution of software in a trusted environment and generating path signatures which are characteristic of the behaviour of the software. Multiple approximate nearest neighbour searching hash tables are generated in dependence on such path signatures and on attribute information defining behavioural classifications for the path signatures. Later execution of the software in a non-trusted environment is monitoring and an observed path signature characteristic of the behaviour of the software is generated. This observed path signature is queried against the multiple approximate nearest neighbour searching hash tables and a behavioural classification is determined in dependence on hash collision-based similarity between the observed path signature and the content of the multiple approximate nearest neighbour searching hash tables.