U.S. patent application number 11/071069 was filed with the patent office on 2005-09-22 for method and system of cataloging and detecting network faults.
Invention is credited to Hager, Jay Alan, Schwab, Donald Michael, Staub, David Brian.
Application Number | 20050210313 11/071069 |
Document ID | / |
Family ID | 34549156 |
Filed Date | 2005-09-22 |
United States Patent
Application |
20050210313 |
Kind Code |
A1 |
Staub, David Brian ; et
al. |
September 22, 2005 |
Method and system of cataloging and detecting network faults
Abstract
A system (10) for cataloging and detecting network faults,
includes a communication interface (12) for receiving a fault
message from a network. A parser (14) is connected to the
communication interface (12). The parser (14) parses the fault
message for an event type. An associative database (16) is
connected to the parser (14) and stores a tally for the fault
message.
Inventors: |
Staub, David Brian;
(Farmington, CT) ; Schwab, Donald Michael; (Brown
Deer, WI) ; Hager, Jay Alan; (Elgin, IL) |
Correspondence
Address: |
LAW OFFICE OF DALE B. HALLING, LLC
655 SOUTHPOINTE COURT, SUITE 100
COLORADO SPRINGS
CO
80906
US
|
Family ID: |
34549156 |
Appl. No.: |
11/071069 |
Filed: |
March 2, 2005 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
11071069 |
Mar 2, 2005 |
|
|
|
09466529 |
Dec 17, 1999 |
|
|
|
6891930 |
|
|
|
|
Current U.S.
Class: |
714/4.1 |
Current CPC
Class: |
H04M 3/085 20130101;
H04Q 3/0075 20130101; H04M 3/2263 20130101 |
Class at
Publication: |
714/004 |
International
Class: |
G06F 011/00 |
Claims
1-24. (canceled)
25. A method of cataloging and detecting network faults, comprising
the steps of: (a) receiving a fault message; (b) parsing the fault
message to find an event code; and (c) defining a key based on the
event code.
26. The method of claim 25 further including the steps of: (d)
calculating a hash of the key to form an association; (e) storing a
tally at a database location pointed to by the association.
27. The method of claim 25, wherein step (b) further includes the
step of parsing the fault message to find a target, the target is a
specific piece of equipment.
28. The method of claim 25, wherein step (c) further including the
step of: (c1) concatenating the event code and a target to form the
key.
29. The method of claim 25, wherein step (c) further including the
step of: (c1) concatenating the event code and a target type to
form the key.
30. The method of claim 26, further including the steps of: (f)
setting a threshold for a predetermined event type; (g) performing
a lookup on the predetermined event type; (h) determining if an
event type tally exceeds the threshold.
31. The method of claim 30, further including the step of when the
event type tally exceed the threshold sending a network problem
message to an operator's terminal.
32. A system for cataloging and detecting network faults,
comprising a communication interface for receiving a fault message
from a network; a parser connected to the communication interface;
and an associative database connected to the parser storing a tally
for the fault message.
33. The system of claim 32, wherein the parser, parses the fault
message for an event type.
34. The system of claim 32, wherein the associative database has
hashing calculator that forms a key from the event type and
determining an association based on the key.
35. The system of claim 32, wherein the parser parses the fault
message for a target.
36. A method of cataloging and detecting network faults, comprising
the steps of: (a) receiving a plurality of fault messages; (b)
parsing the plurality of fault messages for a target to form a
plurality of tallies associated with a plurality of targets; and
(c) determining, for each of the plurality of targets, a key based
on the target, to form a plurality of keys.
37. The method of claim 36, further comprising the steps of: (d)
calculating a hash of the plurality of keys to form an association
for each of the plurality of keys; (e) storing a subset of the
plurality of tallies in a location of an associative database
pointed to by the association.
38. The method of claim 36, further including the steps of: (f)
setting a target threshold for one of the plurality of targets; (g)
performing a lookup in the associative database for a tally of the
one of the plurality of targets; (h) when the tally exceeds the
target threshold, forming a network problem message.
39. The method of claim 38, wherein the key is based on a
concatenation of an event code, a target type and a target.
Description
FIELD OF THE INVENTION
[0001] The present invention relates to network systems and more
particularly to a method and system of cataloging and detecting
network faults.
BACKGROUND OF THE INVENTION
[0002] In complex intelligent networks, network devices generate
error messages. These error messages help technicians repair the
network devices. However, additional insight can be gained by
collecting all the network error messages at a central location.
The error message includes event type information and target
information. Event type information includes messages such as a
certain action cannot be completed. Target type information
includes various physical equipment, such as telephone numbers,
circuits, equipment ID (identification) and equipment location.
[0003] Present systems only determine the number of errors for
event types. When an event type has a high repeat appearance of
counts, then the technician knows that further investigation is
required. Unfortunately this requires the technician to manually
separate the targets to determine which targets are the likely
cause of the errors. This requires considerable effort and
time.
[0004] Thus there exists a need for a method and system to catalog
and detect network faults. The system should also be capable of
tracking both event types and targets and automatically determine
trouble spots.
BRIEF DESCRIPTION OF THE DRAWINGS
[0005] FIG. 1 is a block diagram of a system for cataloging and
detecting network faults in accordance with one embodiment of the
invention;
[0006] FIG. 2 is a block diagram of a system for cataloging and
detecting network faults in accordance with one embodiment of the
invention;
[0007] FIG. 3 is a flow chart of the steps used in a method of
cataloging and detecting network faults in accordance with one
embodiment of the invention;
[0008] FIG. 4 is a flow chart of the steps used in a method of
cataloging and detecting network faults in accordance with one
embodiment of the invention; and
[0009] FIGS. 5 & 6 are a flow chart of the steps used in a
method of cataloging and detecting network faults in accordance
with one embodiment of the invention.
DETAILED DESCRIPTION OF THE DRAWINGS
[0010] A system for cataloging and detecting network faults,
includes a communication interface for receiving a fault message
from a network. A parser is connected to the communication
interface. The parser parses the fault message for an event type.
An associative database is connected to the parser and stores a
tally for the fault message. In one embodiment the parser also
parses for targets and all combinations of event type and target
are tallied. The associative memory allows rapid lookup of any
combination of event types and targets. The speed of the lookup is
essentially independent of the total number of entries. This means
the system does not suffer any performance degradation by tracking
all the various permutations of targets and event types.
[0011] FIG. 1 is a block diagram of a system 10 for cataloging and
detecting network faults in accordance with one embodiment of the
invention. A communication interface 12 receives a fault message
from a network. A parser 14 is connected to the communication
interface 12. The parser 14 parses the fault message for an event
type. An associative database 16 is connected to the parser 14 and
stores a tally for the fault message.
[0012] FIG. 2 is a block diagram of a system 20 for cataloging and
detecting network faults in accordance with one embodiment of the
invention. A communication interface 22 receives a plurality of
fault messages from a network. A parser 24 is connected to the
communication interface 22. The parser 24 parses the plurality of
fault messages for an event code, a target and a tally. The parser
24 determines a target type based on the event code. Note that an
event code is the type of error that occurred. A target type is the
type of equipment (physical asset) associated with the error and
the target is a specific piece of equipment (physical asset). An
association calculator (e.g., a hashing calculator) 26 is connected
to the parser 24. The association calculator 26 determines a key
based on the event code. The association calculator 26 determines
an association for the key. An associative database 28 is connected
to the parser 24. The associative database 28 stores the tally in a
location pointed by the association. A filter 30 is connected to
the associative database 28. The filter determines a tally
threshold for an event code. An operator interface 32 is connected
to the communication interface 22. The fault messages are
automatically tallied for every permutation of event code, target
type and target. This includes cumulative numbers for just the
event code, just the target type and just the target. This allows
the system to track all the information supplied by the fault
messages without human intervention like the prior art systems. A
tally threshold is set for every key (permutation of event code,
target type and target). Note that the tally threshold can be an
absolute number, a number of tallies in a given period, a moving
average, etc. or any combination thereof. When a tally threshold is
exceeded a network problem message is sent to the operator
interface 32. The associative database allows the system to track
very large numbers of keys without any database access time
degradation. This in turn makes it practical to have a key for
every permutation of event code, target type and target. This
provides significantly more information about a problem type to the
operations personnel responsible for fixing network errors.
[0013] FIG. 3 is a flow chart of the steps used in a method of
cataloging and detecting network faults in accordance with one
embodiment of the invention. The process starts, step 50, by
receiving a fault message at step 52. The fault message is parsed
to find an event code at step 54. A key is defined based on the
event code at step 56. An association based on the key is
determined at step 58. At step 60, a tally is stored at a database
location determined by the association, which ends the process at
step 62. In one embodiment, the fault message is parsed to find a
target. Based on the target, a target type is determined. In one
embodiment the event code and the target are concatenated to form
the key. In another embodiment the event code and the target type
are concatenated to form the key. In another embodiment, the event
code, the target type and the target are concatenated to form the
key.
[0014] In one embodiment a set of target types is determined based
on the event code. A plurality of targets is found using the set of
target types.
[0015] In one embodiment a threshold is set for a predetermined
event type. A lookup on the predetermined event type is performed.
Next it is determined if an event type tally exceeds the threshold.
When the event type tally exceeds the threshold, a network problem
message is sent to an operator's terminal.
[0016] In one embodiment a target type threshold is set for a
predetermined target type. A lookup on the predetermined target
type is performed. Next it is determined if the target type tally
exceeds the target type threshold.
[0017] In one embodiment a target threshold for a predetermined
target is set. A lookup on the predetermined target is performed.
Next it is determined if a target tally exceeds the target
threshold.
[0018] FIG. 4 is a flow chart of the steps used in a method of
cataloging and detecting network faults in accordance with one
embodiment of the invention. The process starts, step 80, by
receiving a plurality of fault messages at step 82. The plurality
of fault messages are parsed for a target to form a plurality of
tallies associated with the plurality of targets at step 84. For
each of the plurality of targets, a key is determined based on the
target to form a plurality of keys at step 86. An association is
calculated for each of the plurality of keys at step 88. At step
90, a subset of the plurality of tallies is stored in a location of
an associative database pointed to by the association, which ends
the process at step 92. In one embodiment, a target threshold is
set for one of the plurality of targets. A lookup is performed in
the associative database for a tally of the one of the plurality of
targets. When the tally exceeds the target threshold, a network
problem message is formed.
[0019] In one embodiment, the plurality of fault messages are
parsed for an event code. A target type is determined for each of
the plurality of targets. A key is formed based on a concatenation
of the event code, the target type and the target.
[0020] FIGS. 5 & 6 are a flow chart of the steps used in a
method of cataloging and detecting network faults in accordance
with one embodiment of the invention. The process starts, step 100,
by receiving a plurality of fault messages from a network at step
102. The plurality of fault messages are parsed for an event code
and a target at step 104. A target type is determined for the
target at step 106. A tally is formed for each instance of the
event code, the target type and the target at step 108. A key is
formed for each unique combination of the event code, the target
type and the target at step 110. An association is calculated for
the key at step 112. The tally is stored in a location of an
associative database connected with the key at step 114. A
threshold is set for a predetermined target type at step 116. A
number of tallies for the predetermined target type is determined
at step 118. When the number of tallies exceeds the threshold at
step 120, a network problem message is sent to an operator which
ends the process at step 122.
[0021] The methods described herein can be implemented as
computer-readable instructions stored on a computer-readable
storage medium that when executed by a computer will perform the
methods described herein.
[0022] While the invention has been described in conjunction with
specific embodiments thereof, it is evident that many alterations,
modifications, and variations will be apparent to those skilled in
the art in light of the foregoing description. Accordingly, it is
intended to embrace all such alterations, modifications, and
variations in the appended claims.
* * * * *