A network switch is configured to receive packet data. The network switch includes a memory and a processor. The memory is configured to store an access control list and an abnormity detecting program, filter the packet data according to the access control list, and perform an abnormity detecting procedure on the packet data according to the abnormity detecting program. When at least one abnormity event occurs in one of a plurality of time intervals, a counting value increases. When the counting value reaches a counting threshold value, the memory sends an abnormity notification to the processor and the processor performs an abnormity processing procedure on the packet data.

Embodiments of the present invention provide a system for processing real-time event logs related to monitored events on a network. The system is configured for identifying one or more entity resources associated with an entity, continuously monitoring the one or more entity resources, identifying one or more events associated with the one or more entity resources, pre-processing the one or more events, via an artificial intelligence engine, identifying at least one event of the one or more events is abnormal based on pre-processing the one or more events, filtering the at least one event that is abnormal, segmenting the at least one event from the one or more events, and in response to segmenting the at least one event, storing the at least one event in a first log that is different from a second log that stores the one or more events excluding the at least one event.

A system, method, and computer-readable medium are disclosed for performing a data center monitoring and management operation. The data center monitoring and management operation includes: monitoring data center assets within a data center; identifying an issue within the data center, the issue being associated with an operational situation associated with a particular component of the data center; associating the issue with a particular point in time; and, informing a user about the issue, the informing including information regarding the particular point in time, the informing including a graphical depiction of the particular component of the data center and the issue within the data center.

A method for event processing includes accepting for processing, as accepted events and according to a target rate limit, at least a subset of received events; associating respective ingested timestamps with the accepted events; associating respective processing completion timestamps with processed events of the accepted events; determining an average measured lag time using at least a subset of the respective processing completion timestamps and corresponding respective ingested timestamps; obtaining a throttled rate limit using a proportional-integral-derivative (PID) controller; and accepting subsequent events according to the throttled rate limit. The PID controller can be configured to use, as an input, an error value that is a difference between a target lag time and the average measured lag time. An integral part of the PID controller can be set to zero responsive to an accumulated average lag time being less than the target lag time.

An information processing method for a computer to execute a process includes, acquiring a plurality of pieces of time-series data; calculating an index value that relates to periodicity at a certain time interval for each piece of aggregated time-series data obtained by dividing and aggregating the plurality of pieces of the time-series data in accordance with a certain unit of aggregation; determining the each piece of the aggregated time-series data as an analysis target when the index value satisfies a certain condition; and performing certain analysis processing on the analysis target.

A system and method for data filtering and transmission management are provided. In particular, disclosed is a method of transmission management for data acquired by a remote monitor having a sensor. The method comprises the steps of: defining an initial trend envelope having a window around a forecast trend gradient, the window defined by an initial upper bound and an initial lower bound; and processing a set of data points acquired by the sensor, to identify any data points outside the initial trend envelope. When a point is identified outside the initial trend envelope, the method: (i) transmits an event data packet to a central server; and (ii) identifies a subsequent trend envelope based on a trend gradient derived from a preceding set of data points, said preceding set of points including an identified point from the event data packet.

This disclosure describes systems, methods, and devices related to network outage management. A method may include receiving a first indication of a first cable system outage. The method may include identifying a start time associated with the first cable system outage, and determining, based on the start time, a time period during which to refrain from generating a service ticket indicative of the first cable system outage. The method may include determining that the first cable system outage has not ended at an end time of the time period, and receiving a second indication of a second cable system outage. The method may include determining that the second cable system outage begins during the time period and has not ended at the end time. The method may include generating and sending a service ticket indicative of the first cable system outage and the second cable system outage.

An application executing on a mobile computing platform provides independent data channels over a mobile network to multiple separate computing systems that each maintain some data pertinent to problem determination and resolution when an incident arises in a monitored information technology (IT) environment. The application maintains and separately exercises the channels to provide timely information in a user interface that composites data to present a single interface with a multi-sourced contextual rendering. Some systems may include an IT monitoring system and a separate incident management system among its sources. Channels may include extended functionality to improve security or other aspects of communication with mobile platforms.

Methods, systems, and devices for providing computer implemented services using managed systems are disclosed. To provide the computer implemented services, the managed systems may need to operate in a predetermined manner conducive to, for example, execution of applications that provide the computer implemented services. Similarly, the managed system may need access to certain hardware resources (e.g., and also software resources such as drivers, firmware, etc.) to provide the desired computer implemented services. To improve the likelihood of the computer implemented services being provided, the managed devices may be managed using a dynamic reporting model. The dynamic reporting model may facilitate reduction and increasing in computing resources used for reporting dynamically as the operation of the managed system change. The dynamic reporting model may be used to limit overhead for reporting.

Methods, systems, and computer-readable media are disclosed herein for proactively managing computing problems. In aspects, an execution of a script is initiated. A connection may be established via the script and the central database for identifying a network quality issue. The network quality issue may be identified more than once. Further, the network quality issue may be identified based on the network quality issue satisfying a threshold. Additionally, it may be determined that the network quality issue that satisfies the threshold is not associated with an electronic documentation based on a search in the central database. Based on determining the network quality issue is not associated with the electronic documentation, the electronic documentation may be created for the network quality issue that satisfies the threshold.