Method and system of cataloging and detecting network faults
A system (10) for cataloging and detecting network faults, includes a communication interface (12) for receiving a fault message from a network. A parser (14) is connected to the communication interface (12). The parser (14) parses the fault message for an event type. An associative database (16) is connected to the parser (14) and stores a tally for the fault message.
The present invention relates to network systems and more particularly to a method and system of cataloging and detecting network faults.
BACKGROUND OF THE INVENTIONIn complex intelligent networks, network devices generate error messages. These error messages help technicians repair the network devices. However, additional insight can be gained by collecting all the network error messages at a central location. The error message includes event type information and target information. Event type information includes messages such as a certain action cannot be completed. Target type information includes various physical equipment, such as telephone numbers, circuits, equipment ID (identification) and equipment location.
Present systems only determine the number of errors for event types. When an event type has a high repeat appearance of counts, then the technician knows that further investigation is required. Unfortunately this requires the technician to manually separate the targets to determine which targets are the likely cause of the errors. This requires considerable effort and time.
Thus there exists a need for a method and system to catalog and detect network faults. The system should also be capable of tracking both event types and targets and automatically determine trouble spots.
BRIEF DESCRIPTION OF THE DRAWINGS
A system for cataloging and detecting network faults, includes a communication interface for receiving a fault message from a network. A parser is connected to the communication interface. The parser parses the fault message for an event type. An associative database is connected to the parser and stores a tally for the fault message. In one embodiment the parser also parses for targets and all combinations of event type and target are tallied. The associative memory allows rapid lookup of any combination of event types and targets. The speed of the lookup is essentially independent of the total number of entries. This means the system does not suffer any performance degradation by tracking all the various permutations of targets and event types.
In one embodiment a set of target types is determined based on the event code. A plurality of targets is found using the set of target types.
In one embodiment a threshold is set for a predetermined event type. A lookup on the predetermined event type is performed. Next it is determined if an event type tally exceeds the threshold. When the event type tally exceeds the threshold, a network problem message is sent to an operator's terminal.
In one embodiment a target type threshold is set for a predetermined target type. A lookup on the predetermined target type is performed. Next it is determined if the target type tally exceeds the target type threshold.
In one embodiment a target threshold for a predetermined target is set. A lookup on the predetermined target is performed. Next it is determined if a target tally exceeds the target threshold.
In one embodiment, the plurality of fault messages are parsed for an event code. A target type is determined for each of the plurality of targets. A key is formed based on a concatenation of the event code, the target type and the target.
The methods described herein can be implemented as computer-readable instructions stored on a computer-readable storage medium that when executed by a computer will perform the methods described herein.
While the invention has been described in conjunction with specific embodiments thereof, it is evident that many alterations, modifications, and variations will be apparent to those skilled in the art in light of the foregoing description. Accordingly, it is intended to embrace all such alterations, modifications, and variations in the appended claims.
Claims
1-24. (canceled)
25. A method of cataloging and detecting network faults, comprising the steps of:
- (a) receiving a fault message;
- (b) parsing the fault message to find an event code; and
- (c) defining a key based on the event code.
26. The method of claim 25 further including the steps of:
- (d) calculating a hash of the key to form an association;
- (e) storing a tally at a database location pointed to by the association.
27. The method of claim 25, wherein step (b) further includes the step of parsing the fault message to find a target, the target is a specific piece of equipment.
28. The method of claim 25, wherein step (c) further including the step of:
- (c1) concatenating the event code and a target to form the key.
29. The method of claim 25, wherein step (c) further including the step of:
- (c1) concatenating the event code and a target type to form the key.
30. The method of claim 26, further including the steps of:
- (f) setting a threshold for a predetermined event type;
- (g) performing a lookup on the predetermined event type;
- (h) determining if an event type tally exceeds the threshold.
31. The method of claim 30, further including the step of when the event type tally exceed the threshold sending a network problem message to an operator's terminal.
32. A system for cataloging and detecting network faults, comprising
- a communication interface for receiving a fault message from a network;
- a parser connected to the communication interface; and
- an associative database connected to the parser storing a tally for the fault message.
33. The system of claim 32, wherein the parser, parses the fault message for an event type.
34. The system of claim 32, wherein the associative database has hashing calculator that forms a key from the event type and determining an association based on the key.
35. The system of claim 32, wherein the parser parses the fault message for a target.
36. A method of cataloging and detecting network faults, comprising the steps of:
- (a) receiving a plurality of fault messages;
- (b) parsing the plurality of fault messages for a target to form a plurality of tallies associated with a plurality of targets; and
- (c) determining, for each of the plurality of targets, a key based on the target, to form a plurality of keys.
37. The method of claim 36, further comprising the steps of:
- (d) calculating a hash of the plurality of keys to form an association for each of the plurality of keys;
- (e) storing a subset of the plurality of tallies in a location of an associative database pointed to by the association.
38. The method of claim 36, further including the steps of:
- (f) setting a target threshold for one of the plurality of targets;
- (g) performing a lookup in the associative database for a tally of the one of the plurality of targets;
- (h) when the tally exceeds the target threshold, forming a network problem message.
39. The method of claim 38, wherein the key is based on a concatenation of an event code, a target type and a target.
Type: Application
Filed: Mar 2, 2005
Publication Date: Sep 22, 2005
Inventors: David Staub (Farmington, CT), Donald Schwab (Brown Deer, WI), Jay Hager (Elgin, IL)
Application Number: 11/071,069