The patent's assignee for patent number 8645532 is
News editors obtained the following quote from the background information supplied by the inventors: "The growing presence of computer networks such as intranets and extranets has brought about the development of applications in e-commerce, education, manufacturing, and other areas. Organizations increasingly rely on such applications to carry out their business, production, or other objectives, and devote considerable resources to ensuring that the applications perform as expected. To this end, various application management, monitoring, and analysis techniques have been developed.
"One approach for managing an application involves monitoring the application, generating data regarding application performance, and analyzing the data to determine application health. Some system management products analyze a large number of data streams to try to determine a normal and abnormal application state. Large numbers of data streams are often analyzed because the system management products may not have a semantic understanding of the data being analyzed. Accordingly, when an unhealthy application state occurs, many data streams may have abnormal data values because the data streams are causally related to one another. Because the system management products may lack a semantic understanding of the data, they may not be able to assist the user in determining either the ultimate source or cause of a problem. Additionally, these application management systems may not know whether a change in data indicates an application is actually unhealthy or not.
"Current application management approaches may include monitoring techniques such as deep packet inspection (DPI), which may be performed as a packet passes an inspection point and may include collecting statistical information, among others. Such monitoring techniques can be data-intensive and may be ineffective in providing substantively real-time health information regarding network applications. Additionally, packet trace information may be lost and application-specific code may be required.
"Embodiments of the present invention are, therefore, directed towards solving these and other related problems."
As a supplement to the background information on this patent, VerticalNews correspondents also obtained the inventors' summary information for this patent: "It should be appreciated that this Summary is provided to introduce a selection of concepts in a simplified form, the concepts being further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of this disclosure, nor is it intended to limit the scope of the invention.
"Some embodiments of the present invention are directed to a method for parsing and optionally filtering network traffic data sent to and/or received by a network device. Methods may include monitoring the contents of network traffic in a network device. Network traffic data sent by and/or received at the network device is collected in substantially real-time using at least one kernel space driver interface. The collected network traffic data is parsed (i.e., transaction data corresponding to at least one logical transaction defined by a network protocol is extracted, and an indicator of a quantity of the collected network traffic data that was consumed is stored). An event incorporating the extracted transaction data is generated.
"In some embodiments, network traffic data is collected according to at least one predicate that corresponds to at least one characteristic of network traffic data to be collected. Some embodiments may provide that the collected network traffic data is transferred into a memory buffer accessible in both kernel space and user space. The size of the memory buffer is configurable in some embodiments. According to some embodiments, the size of the memory buffer is adaptive based on available memory.
"Parsing the collected network traffic data, according to some embodiments, may include determining, based on the collected network traffic data, that parsing a subsequent portion of network traffic data is not performed. An indicator that both the collected network traffic data and the subsequent portion of network traffic were consumed is stored responsive to the determining. Some embodiments may provide that parsing the collected network traffic data includes determining that a quantity of the collected network traffic data is not sufficient to extract at least one logical transaction. An indicator that none of the collected network traffic data was consumed is stored responsive to the determining. In some embodiments, parsing the collected network traffic data includes determining that the collected network traffic data that corresponds to a network flow cannot be parsed, and storing an indicator, responsive to the determining, that subsequent network traffic data that corresponds to the network flow is not parsed.
"Some embodiments may provide that parsing the collected network traffic data includes storing, in memory and/or a persistent data store, at least one attribute of the extracted transaction data. In some embodiments, parsing the collected network traffic data includes executing a script within a script interpreter that is incorporated into an executable application.
"In some embodiments, filtered transaction data is generated based on the extracted transaction data. Generating the filtered transaction data includes modifying and/or deleting data within the extracted transaction data, and/or supplementing the extracted transaction data. An event incorporating the filtered transaction data is generated. Some embodiments may provide that generating filtered transaction data includes identifying extracted transaction data that corresponds to multiple related logical transactions, and representing the multiple related logical transactions as a single transaction in the generated filtered transaction data.
"According to some embodiments, generating filtered transaction data includes storing, in memory and/or a persistent data store, at least one attribute of the filtered transaction data. In some embodiments, generating filtered transaction data includes executing a script within a script interpreter that is incorporated into an executable application.
"Methods according to some embodiments may include aggregating transaction data that corresponds to a predefined time interval. An event incorporating the aggregated transaction data is generated responsive to aggregating the transaction data. Some embodiments may provide that the extracted transaction data that corresponds to a predefined time interval is compressed, and an event incorporating the compressed transaction data is generated responsive to compressing the transaction data.
"In some embodiments, a computer program product including a non-transitory computer usable storage medium having computer-readable program code embodied in the medium is provided. The computer-readable program code is configured to perform operations corresponding to methods described herein.
"Other methods, devices, and/or computer program products according to exemplary embodiments will be or become apparent to one with skill in the art upon review of the following drawings and detailed description. It is intended that all such additional methods, devices, and/or computer program products be included within this description, be within the scope of the present invention, and be protected by the accompanying claims."
For additional information on this patent, see: Reynolds, Patrick A.; Yumerefendi, Aydan R.; Nethercutt, Glenn T.. Methods and Computer Program Products for Monitoring the Contents of Network Traffic in a Network Device. U.S. Patent Number 8645532, filed
Keywords for this news article include:
Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC
Most Popular Stories
- 5 Notable Hispanic Technology Executives
- Top Hispanic Tech Companies Push for the Top
- Tesla's Alt-Energy Future Aims for Massive Lithium-Ion Battery Production
- Rand Paul Tops Presidential Straw Poll at Conservative PAC Conference
- China Urges Malaysia Flight Emergency Response
- New Chat App, Yik Yak, Causes Problems for Students
- Russia, Crimea Discuss Referendum
- Gas Prices May Jump from Calif. Emissions Law
- Visa, MasterCard Team Up to Focus on Payment Security
- Obama Meets with Ukraine Prime Minister Wednesday