Examples described herein include systems and methods for multi-tenant event sourcing and audit logging in a cloud-based computing infrastructure. In an example method, an event package can be received from a first microservice of an application. The event can describe any action performed within the computing infrastructure and can include various types of information. For example, it can include an event type, event ID, object type, object ID, and parent event ID. The event package can be associated with a tenant and only provided to tenant-approved recipients. The recipient can use the event package to automatically carry out steps to recreate and configure an object, or to determine the source of an event or failure within the system.

A method, system, and apparatus are provided for diagnosing network faults by distributing network test policies to remote devices that issue network tests and report network test results from a first remote device which attempts to access a first network resource over a first specified network path, where a central portal responds to a first network test result by issuing a command to one or more additional remote devices to issue one or more additional network tests for evaluating at least part of the first specified network path and report network verification test results having data which is aggregated with data from the first network test result report for use in proactively diagnosing the network fault in the first specified network path.

Embodiments of the present invention disclose a method, computer program product, and system for reducing notifications on a user device to mitigate a user's injury associated with repetitive stress of using the user device. One or more notifications associated with the user device are received. A notification profile associated with the user is generated based on the received one or more notifications. In response to a query, position data and vital sign data associated with the user is received. The received position data and vital sign data associated with the user is analyzed and a health score associated with the user is calculated based on analyzed position data and vital sign data. In response to determining the health score deviates from a threshold range, the generated notification profile associated with the user is modified. One or more notifications alerts are communicated to the user based on the modified notification profile.

Methods and apparatus, including computer program products, implementing and using techniques for network modeling and device configuration. A security information and event manager is configured to receive log data from third party devices connected to a network. A notification is received each time a specific third party device generates a predetermined event in response to traffic at the specific third party device. The notification includes event information inferring network topology information, which network topology information includes third party device location information, firewall event information, source and destination networks. In response to receiving this information, a state of each third party device is generated, using inferred information over a predetermined period. An access control list is generated for each third party device, by using the inferred information over the predetermined period.

A method that includes joining, by a first node, a network connecting a set of nodes, where each node has an agent and is associated with a sensor, and where the sensor generates sensor data, and where each agent sends and receives broadcast messages, and generating, by the sensor, sensor data associated with a second node. The method also includes analyzing, by the agent, the sensor data, where the analyzing causes a detection of a first fault condition of the second node, and where the first fault condition is an indication of a problem with the second node, generating, by the agent, a broadcast message, where the broadcast message includes the first fault condition, and sending, by the first node, the broadcast message to at least one member of the set of nodes via the network.

Alert correlation plays an important role in IT event management. It helps reduce the number of alerts that IT staff have to act upon. The disclosure describes a method, a computer program product that applies a machine driven deep learning model to effectively correlate alerts caused by a common root cause. In addition, this method of correlation provides the user the context of the root cause. Therefore, it helps the user to quickly identify, understand and resolve the problem thereby reducing the mean time to identification and resolution. Alerts that are caused by the same root cause therefor come together. In the machine learning world, language sequence models are doing very well on learning the sequence patterns between words. For example, the machine can learn the subtle difference between choice of words and the order of words in order to fake a person's writing. The disclosed embodiments use similar technology but apply it on IT resource and application monitoring alerts across private and public clouds to learn the alert's sequence pattern. Once the sequence model is trained with alert sequences, the model is fed with a stream of new alerts, the model then identifies the two or more alerts that are together or clustered. Clustered alerts are often caused by the same root cause and should be correlated as one unit of work to understand cause, impact and resolution.

A method of identifying faults in a utility supply network is disclosed. The method comprises identifying a first indication of a fault in the communications network based on a number of network performance queries received from users of user equipments (UEs) connected to the communications network within a first region of the communications network. The method further comprises identifying a second indication of a fault in the communications network based on network performance data associated with the first region. It is determined that a fault exists in the communications network based on identification of the first indication and the second indication.

Systems, methods, and computer-readable media for clustering events occurring in a network environment for providing network assurance. In one embodiment, a system can identify event states of network events defined by values of parameters of a network environment. The system can determine a confidence score that at least one of the values of parameters is associated with a specific event state using the network events and the identified event states of the network events. The confidence score can be presented to a user for purposes of providing network assurance for the network environment.

Novel tools and techniques are provided for implementing error detection in a network, and, more particularly, to methods, systems, and apparatuses for implementing error and/or fault detection in a network and/or media stream and providing options to address the error and/or fault in the network and/or media stream. In various embodiments, a computer might detect an error in a first network and send a notification indicating that the error has occurred. The notification might contain one or more options to address the error in the first network. The computer, a user device, a service provider device, or a content provider device might receive and display the notification containing the one or more options. The computer, the user device, the service provider device, or the content provider device might then select at least one of the one or more options to address the error in the first network.

During operation, a computer may compare values of at least one performance metric for access points in appropriate contexts to determine one or more temporal anomalies and/or one or more spatial anomalies for one or more of the access points. Then, the computer may generate one or more temporal anomaly events based at least in part on the one or more temporal anomalies and one or more spatial anomaly events based at least in part on the one or more spatial anomalies. Next, the computer may calculate one or more complex events based at least in part on two or more of the different anomalies. Moreover, the computer may evaluate the different anomalies, anomaly event and/or complex events to determine one or more insights about a problem in the network. Furthermore, the computer may perform a remedial action.