| CPC H04L 41/00 (2013.01) [G06F 11/3055 (2013.01); G06F 16/24558 (2019.01); H04L 41/0613 (2013.01); H04L 41/0627 (2013.01); H04L 41/0631 (2013.01); H04L 41/0695 (2013.01); H04L 41/5003 (2013.01)] | 20 Claims |
|
1. A detection system comprising
a processing device, and
a memory device configured to store computer logic having instructions that enable the processing device to
monitor a plurality of overlying services offered in an underlying infrastructure having a plurality of resources arranged with a specific topology,
in response to detecting a negative impact on the overlying services during a predetermined time window and based on an understanding of the specific topology, identify suspect components from the plurality of resources in the underlying infrastructure by obtaining service alarms or degradation patterns and grouping the service alarms or degradation patterns raised within a predetermined time bin, identifying all resources of the overlying services associated with the grouped raised service alarms or degradation patterns, and identifying resources common to a greatest number of the grouped raised service alarms or degradation patterns as the suspect components, and
obtain status information with respect to the suspect components to determine a root cause of the negative impact on the overlying services.
|