Abstract: Methods, systems, apparatus, and non-transitory computer readable media are described for detecting system outages using application event logs. Various aspects may include obtaining several prior application event logs where the status of the system is known at the time the application event logs were recorded. Additionally, various aspects may include determining characteristics of prior application event logs which were recorded during a system outage, and/or determining characteristics of prior application event logs which were recorded while the system was available. When current application event logs are obtained where the status of the system is unknown at the time the current application event logs are recorded, various aspects include comparing the current application event logs to the prior application event logs to determine that a system outage has occurred based upon the comparison.

Abstract: Methods, systems, apparatus, and non-transitory computer readable media are described for identifying users who are likely to have unauthorized access to secure data files in an organizational network. Various aspects may include presenting the identified users on a display for a system administrator and/or security analyst to resolve. For example, the display may include a graph data structure with users represented as nodes and connections between users represented as edges. Each connection may be a pair of users belonging to the same security group. Nodes of the graph data structure may be clustered to indicate that each of the users in the cluster belong to the same security group. Moreover, the users who are connected to multiple clusters may be identified as a potential risk of having unauthorized access to secure data files. The authorized access may then be remedied or taken away.

Abstract: Methods, systems, apparatus, and non-transitory computer readable media are described for detecting system outages using application event logs. Various aspects may include obtaining several prior application event logs where the status of the system is known at the time the application event logs were recorded. Additionally, various aspects may include determining characteristics of prior application event logs which were recorded during a system outage, and/or determining characteristics of prior application event logs which were recorded while the system was available. When current application event logs are obtained where the status of the system is unknown at the time the current application event logs are recorded, various aspects include comparing the current application event logs to the prior application event logs to determine that a system outage has occurred based upon the comparison.

Abstract: Methods, systems, apparatus, and non-transitory computer readable media are described for identifying users who are likely to have unauthorized access to secure data files in an organizational network. Various aspects may include presenting the identified users on a display for a system administrator and/or security analyst to resolve. For example, the display may include a graph data structure with users represented as nodes and connections between users represented as edges. Each connection may be a pair of users belonging to the same security group. Nodes of the graph data structure may be clustered to indicate that each of the users in the cluster belong to the same security group. Moreover, the users who are connected to multiple clusters may be identified as a potential risk of having unauthorized access to secure data files. The authorized access may then be remedied or taken away.

Abstract: Methods, systems, apparatus, and non-transitory computer readable media are described for detecting system outages using application event logs. Various aspects may include obtaining several prior application event logs where the status of the system is known at the time the application event logs were recorded. Additionally, various aspects may include determining characteristics of prior application event logs which were recorded during a system outage, and/or determining characteristics of prior application event logs which were recorded while the system was available. When current application event logs are obtained where the status of the system is unknown at the time the current application event logs are recorded, various aspects include comparing the current application event logs to the prior application event logs to determine that a system outage has occurred based upon the comparison.

Abstract: Methods, systems, apparatus, and non-transitory computer readable media are described for identifying users who are likely to have unauthorized access to secure data files in an organizational network. Various aspects may include presenting the identified users on a display for a system administrator and/or security analyst to resolve. For example, the display may include a graph data structure with users represented as nodes and connections between users represented as edges. Each connection may be a pair of users belonging to a same security group. Nodes of the graph data structure may be clustered according to a clustering coefficient. Moreover, the graph data structure display may be organized and color coded in such a manner, that a system administrator and/or security analyst may quickly and easily view the users who are most likely to have unauthorized access to secure data files. The authorized access may then be remedied or taken away.

Abstract: Methods, systems, apparatus, and non-transitory computer readable media are described for identifying users who are likely to have unauthorized access to secure data files in an organizational network. Various aspects may include presenting the identified users on a display for a system administrator and/or security analyst to resolve. For example, the display may include a graph data structure with users represented as nodes and connections between users represented as edges. Each connection may be a pair of users belonging to a same security group. The graph data structure display may be organized and color coded in such a manner, that a system administrator and/or security analyst may quickly and easily view the users who are most likely to have unauthorized access to secure data files. The authorized access may then be remedied or taken away.

Abstract: Methods, systems, apparatus, and non-transitory computer readable media are described for detecting system outages using application event logs. Various aspects may include obtaining several application event logs where the status of the system is known at the time the application event logs were recorded. Additionally, various aspects may include determining characteristics of application event logs which were recorded during a system outage, and/or determining characteristics of application event logs which were recorded while the system was available. Based upon the characteristics, various aspects include training using various machine learning techniques. When current application event logs are obtained where the status of the system is unknown at the time the current application event logs are recorded, various aspects include using the training data to determine a likelihood that a system outage has occurred based upon the obtained current application event logs.