PatentsDB

Near Real-Time System or Network Incident Detection

US2018204154A1 · US · A1

Patent metadata
FieldValue
Publication numberUS-2018204154-A1
Application numberUS-201715406194-A
CountryUS
Kind codeA1
Filing dateJan 13, 2017
Priority dateJan 13, 2017
Publication dateJul 19, 2018
Grant date

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

  1. Title

    What the patent document calls the invention.

  2. Abstract

    A short plain-language summary of the technical disclosure.

  3. Assignees and inventors

    Who owns or filed the patent and who is credited as inventor.

  4. Key dates

    Filing, priority, publication, and grant dates set the timeline.

  5. First independent claim

    The legal scope of protection — read this for what is actually claimed.

  6. CPC / IPC classifications

    Technology tags used to group this patent with similar filings.

  7. Citations and related patents

    Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Systems and arrangements for determining whether a scheduled modification of a system, or the like, is a likely cause of an incident are provided. Historical data related to previous incidents may be received and analyzed to identify incidents having a significant business impact and the system, or the like, associated with those incidents. Scheduled modification data may be received and may include a system, or the like, for which a modification has occurred, and a time and date at which the modification is occurred. An incident may be received and the system, or the like associated with the incident may be identified and compared to systems, or the like, identified in the scheduled modification data. If there is a match, a determination may be made as to whether the incident occurred at a time and date of the scheduled modification. If so, the scheduled modification may be identified as a likely cause of the incident.

First claim

Opening claim text (preview).

What is claimed is: 1 . A system or network incident detection and analysis computing system, comprising: at least one processor; a communication interface communicatively coupled to the at least one processor; and at least one memory storing computer-readable instructions that, when executed by the at least one processor, cause a change management computing device of the system or network detection identification analysis computing system to: receive historical data including data related to incidents associated with a system or network and determined to have a quantified business impact above a predetermined threshold; process the received historical data to identify at least one of: devices and applications associated with each incident and a time and date of each incident; receive scheduled system or network modification data, the modification data including a date and time associated with each scheduled modification and at least one of a device and application to which the scheduled modification is being applied; process the received scheduled modification data to identify the at least one of: devices and applications for which a modification is scheduled; receive incident data associated with an incident associated with at least one of: a device or application, the incident data including a date and time of the incident and an identification of the device or application impacted by the incident; compare the received incident data to the scheduled modification data to determine whether a modification was scheduled for the at least one of: the device or application; responsive to determining that a modification was scheduled for the at least one of: the device or application associated with the incident, compare the date and time of the incident to a date and time associated with the scheduled modification for the at least on of: the device or application associated with the incident; responsive to determining that the date and time of the incident match a date and time of the scheduled modification, identifying the scheduled modification as a cause of the incident; and transmit a notification indicating the scheduled modification was the cause of the incident. 2 . The system or network incident detection and analysis computing system of claim 1 , wherein the notification is transmitted to one or more user computing devices. 3 . The system or network incident detection and analysis computing system of claim 1 , wherein the notification includes a user interface including an alert associated with the modification. 4 . The system or network incident detection and analysis computing system of claim 3 , wherein the user interface is displayed on a display associated with a user computing device. 5 . The system or network incident detection and analysis computing system of claim 1 , wherein the notification includes an email message including a description of the incident. 6 . The system or network incident detection and analysis computing system of claim 5 , wherein the email is transmitted to a predetermined list of recipients based on a type of incident. 7 . The system or network incident detection and analysis computing system of claim 1 , further including determining a confidence level that the modification was the cause of the incident. 8 . A method, comprising: receiving, by a system or network incident detection and analysis computing system, historical data including data related to incidents associated with a system or network and determined to have a quantified business impact above a predetermined threshold; processing, by the system or network incident detection and analysis computing system, the received historical data to identify at least one of: devices and applications associated with each incident and a time and date of each incident; receiving, by the system or network incident detection and analysis computing system, scheduled system or network modification data, the modification data including a date and time associated with each scheduled modification and at least one of a device and application to which the scheduled modification is being applied; processing, by the system or network incident detection and analysis computing system, the received scheduled modification data to identify the at least one of: devices and applications for which a modification is scheduled; receiving, by the system or network incident detection and analysis computing system, incident data associated with an incident associated with at least one of: a device or application, the incident data including a date and time of the incident and an identification of the device or application impacted by the incident; comparing, by the system or network incident detection and analysis computing system, the received incident data to the scheduled modification data to determine whether a modification was scheduled for the at least one of: the device or application; responsive to determining that a modification was scheduled for the at least one of: the device or application associated with the incident, comparing, by the system or network incident detection and analysis computing system, the date and time of the incident to a date and time associated with the scheduled modification for the at least on of: the device or application associated with the incident; responsive to determining that the date and time of the incident match a date and time of the scheduled modification, identifying, by the system or network incident detection and analysis computing system, the scheduled modification as a cause of the incident; and transmitting, by the system or network incident detection and analysis computing system, a notification indicating the scheduled modification was the cause of the incident. 9 . The method of claim 8 , wherein the notification is transmitted to one or more user computing devices. 10 . The method of claim 8 , wherein the notification includes a user interface including an alert associated with the modification. 11 . The method of claim 10 , wherein the user interface is displayed on a display associated with a user computing device. 12 . The method of claim 8 , wherein the notification includes an email message including a description of the incident. 13 . The method of claim 12 , wherein the email is transmitted to a predetermined list of recipients based on a type of incident. 14 . The method of claim 8 , further including determining a confidence level that the modification was the cause of the incident. 15 . One or more non-transitory computer-readable media storing instructions that, when executed by at least one computer system comprising at least one processor, memory, and a communication interface, cause the at least one computer system to: receive historical data including data related to incidents associated with a system or network and determined to have a quantified business impact above a predetermined threshold; process the received historical data to identify at least one of: devices and applications associated with each incident and a time and date of each incident; receive scheduled system or network modification data, the modification data including a date and time associated with each scheduled modification and at least one of a device and application to which the scheduled modification is being applied; process the received scheduled modification data to identify the at least one of: devices and applications for which a modification is scheduled; receive incident data associated with an incident associated with at least one of: a device or appl

Assignees

Inventors

Classifications

  • G06N20/00

    Machine learning · CPC title

  • H04L41/142

    using statistical or mathematical methods · CPC title

  • G06Q10/0635Primary

    Risk analysis of enterprise or organisation activities · CPC title

  • H04L41/16

    using machine learning or artificial intelligence · CPC title

  • H04L41/0631

    using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis · CPC title

Patent family

Related publications grouped by family.

View patent family 62840872

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US2018204154A1 cover?
Systems and arrangements for determining whether a scheduled modification of a system, or the like, is a likely cause of an incident are provided. Historical data related to previous incidents may be received and analyzed to identify incidents having a significant business impact and the system, or the like, associated with those incidents. Scheduled modification data may be received and may in…
Who is the assignee on this patent?
Bank Of America
What technology area does this patent fall under?
Primary CPC classification G06Q10/0635. Mapped technology areas include Physics.
When was this patent published?
Publication date Thu Jul 19 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?
We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).