Systems and methods of the present disclosure are directed to providing remote access capabilities in information technology infrastructure. In particular, systems and methods of the present disclosure can provide remotely access capabilities to facilitate the management, configuration, or maintenance of information technology infrastructure.

Systems and methods of the present disclosure are directed to providing remote access capabilities in information technology infrastructure. In particular, systems and methods of the present disclosure can provide remotely access capabilities to facilitate the management, configuration, or maintenance of information technology infrastructure.

Aspects of the subject disclosure may include, for example, a method in which a processing system collects information associated with trouble tickets each including a problem abstract and a log text. The method includes analyzing the log text to obtain a problem resolution for that ticket; defining ticket clusters according to the problem abstracts, and labeling the clusters. The processing system creates a library of the labeled clusters, each entry including a cluster label, a problem abstract for that cluster, and a resolution summary for that problem abstract, indicating a mapping of the problem abstract to the resolution summary for that cluster. The method includes training, based on the mapping, machine-learning applications for a predicted resolution summary for each cluster and for classifying a new ticket. The method includes assigning the new ticket to a cluster according to the classifying. Other embodiments are disclosed.

Disclosed is a system, method, and computer program product for implementing a log analytics method and system that can configure, collect, and analyze log records in an efficient manner. An improved approach is provided for identifying log files that have undergone a change in status that would require retrieve of its log data, by including a module directly into the operating system that allows the log collection component to be reactively notified of any changes to pertinent log files.

The disclosure herein describes predicting potential impact of issues reported in incident ticket data on infrastructure element. A ticket manager component includes an impact model utilizing machine learning to analyze real-time event and metric data with incident-related data to generate predicted impact data. The predicted impact data identifies potentially impacted infrastructure elements, such as, potentially impacted users, predicted infrastructure components impacted by the issue and/or an updated time-period associated with the issue. The ticket manager component creates labeled incident tickets by updating user-generated incident tickets with additional data generated by the impact model, including predicted impact data and/or additional details associated with the issue. The labeled incident tickets are provided back to the model as training data to further refine predictions generated by the model.

The disclosure herein describes predicting potential impact of issues reported in incident ticket data on infrastructure element. A ticket manager component includes an impact model utilizing machine learning to analyze real-time event and metric data with incident-related data to generate predicted impact data. The predicted impact data identifies potentially impacted infrastructure elements, such as, potentially impacted users, predicted infrastructure components impacted by the issue and/or an updated time-period associated with the issue. The ticket manager component creates labeled incident tickets by updating user-generated incident tickets with additional data generated by the impact model, including predicted impact data and/or additional details associated with the issue. The labeled incident tickets are provided back to the model as training data to further refine predictions generated by the model.

A system and method are provided that automatically update a customer-support ticket in an online customer-support system. When the customer-support ticket is created or updated, the system applies a set of triggers, which modify the ticket based on business rules, wherein each trigger performs actions that modify the ticket when conditions for parameters associated with the ticket are satisfied. When applying a trigger to the ticket, the system evaluates the conditions for the trigger by evaluating an associated condition graph, which is a directed graph comprised of condition nodes, wherein each condition node specifies conditions on parameters associated with the ticket. During this evaluation, if a valid path through the condition graph is discovered, which comprises a sequence of satisfied condition nodes from the root node to a null node, the system fires the trigger, which involves performing actions associated with the trigger to update the ticket.

A system and method are provided that automatically update a customer-support ticket in an online customer-support system. When the customer-support ticket is created or updated, the system applies a set of triggers, which modify the ticket based on business rules, wherein each trigger performs actions that modify the ticket when conditions for parameters associated with the ticket are satisfied. When applying a trigger to the ticket, the system evaluates the conditions for the trigger by evaluating an associated condition graph, which is a directed graph comprised of condition nodes, wherein each condition node specifies conditions on parameters associated with the ticket. During this evaluation, if a valid path through the condition graph is discovered, which comprises a sequence of satisfied condition nodes from the root node to a null node, the system fires the trigger, which involves performing actions associated with the trigger to update the ticket.

A framework for security information and event management (SIEM), the framework includes a first data store; a data router; one or more parsing mechanisms; one or more correlation machines; and one or more workflow engines, wherein said framework performs SIEM on behalf of multiple subscribers to said framework.

A framework for security information and event management (SIEM), the framework includes a first data store; a data router; one or more parsing mechanisms; one or more correlation machines; and one or more workflow engines, wherein said framework performs SIEM on behalf of multiple subscribers to said framework.