Computer for gathering log data

Details Computer for gathering log data Computer for gathering log data

1998-04-13

2001-01-09

Beausoliel, Jr., Robert W. (Department: 2131)

Error detection/correction and fault detection/recovery

Data processing system error or fault handling

Reliability and availability

Reexamination Certificate

active

06173418

ABSTRACT:

BACKGROUND OF THE INVENTION
The present invention relates to a system wherein a manager gathers log data from agents through a network, and in particular to a log data gathering and management system wherein a manager manages log data existing within the system on the basis of common log data formats.
An operating system (OS) and application programs executed or run on an information processor output various log information therefrom. Several methods for gathering the output log information are known generally. For example, Japanese Patent Application Laid-Open No. Hei 5-250229 discloses a log data gathering technique for detecting error codes in log data upon gathering log data from a plurality of computers to thereby preferentially transmit log data outputted from a computer placed in an error state. Furthermore, Japanese Patent Application Laid-Open No. Hei 5-28008 discloses a log information gathering system for detecting that the number of log information stored in storage means has reached a predetermined number when an information processing system gathers failure logs, and suppressing log registration to thereby prevent important failure information from missing. Moreover, Japanese Patent Application Laid-Open No. Hei 6-111029 discloses a data gathering technique for respectively adding times at which data outputted from low-order terminal equipment have been gathered, to data and transferring same to an upper control device to thereby prevent impairment of a time-sequential relationship between respective data outputted from a plurality of terminals.
In a distributed processing system wherein a plurality of computers are connected to one another through a network and processing is executed or implemented while the computers are communicating with other computers respectively, one user is able to access a plurality of widespread computers and files. Accordingly, the centralization of log data outputted from individual computers to a central computer and the storage of the log data in a database are necessary to analyze the log data to thereby detect an unauthorized access to the computers or files. However, since log data outputted from various system programs or application programs are respectively different in data format from one another, the mere gathering and centralization of the log data outputted from the individual computer programs make it difficult to analyze the log data. Since the times held by the individual computers are not necessarily coincident with one another over all the computers, the times applied to individual log data are generally shifted from each other. It is thus difficult to arrange the intensively-set log data in order of the proper times.
SUMMARY OF THE INVENTION
With the foregoing in view, it is therefore an object of the present invention to manage log data normalized in common data format.
It is another object of the present invention to manage log data on the basis of the time of a central computer for gathering log data from computers at the respective sites.
In order to achieve the above objects, the present invention provides a computer for gathering log data, which has, as processing means of agents, means for creating and storing normalized log data in which values corresponding to pre-defined data items are cut out from log data in log files on the alert to arrange the values of normalized data items, and means for transmitting the stored normalized log data to a computer executing a manager function through a network.
Further, the present invention provides a computer for gathering and managing log data, which has, as processing means of a manager, means for receiving log data normalized in accordance with pre-defined common data formats and having log output times each corrected based on a reference time of the manager, from computers executing functions of agents through a network, and means for storing the normalized log data in a database in order of the corrected times.
According to the present invention, as has been described above, each of agents monitors a plurality of log files and inputs log data outputted in various formats. Thereafter, the agent normalizes the log data and converts the same into common data formats. Further, since only necessary log data is extracted and corrected times matched with a manager time are used as log data output times, an administrator is able to analyze log data outputted from a plurality of computers existing in a network on the basis of unified data formats and times.
With respect to log data stored in the manager, log data corresponding to a predetermined period is preserved. It is therefore possible to restrict the total amount of stored log information by deleting the same in order from the past log data.
Further, since the gathered log data can be retrieved according to corrected times and normalized items, the administrator can easily obtain necessary log information.


REFERENCES:
patent: 4878167 (1989-10-01), Kapulka et al.
patent: 5293323 (1994-03-01), Doskocil et al.
patent: 5465328 (1995-11-01), Dievendorff et al.
patent: 6038253 (2000-03-01), Shimazaki

Affiliated with

Also associated with

Rating

Computer for gathering log data does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Computer for gathering log data, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Computer for gathering log data will most certainly appreciate the feedback.

Rate now

Comments { 0 }

Profile ID: LFUS-PAI-O-2557065