| CPC G06Q 10/06311 (2013.01) [H04L 43/045 (2013.01); H04L 43/06 (2013.01)] | 22 Claims |
|
1. An incident management system, comprising at least one hardware processor adapted for:
receiving a plurality of logs, wherein each of the plurality of logs documenting at least one historical investigation instruction that has been executed in the incident management system and performed, through said execution, a cause-analysis of a respective incident occurring in the past, wherein said each of the plurality of logs comprising at least one parameter range of the at least one historical investigation instruction and a presentation type of response data received in response to executing the at least one historical investigation instruction; and
in each of a plurality of iterations:
receiving from a graphical user interface (GUI) of the incident management system an incident report which has been selected by a user from a plurality of incident reports presented to said user by said GUI;
generating, based on the incident report and based on an analysis of the plurality of logs, a sequence of investigation instructions, wherein each of said sequence of investigation instructions, when executed, performs a certain cause-analysis of an incident on which said investigation instructions are executed;
presenting the sequence of investigation instructions in the GUI of the incident management system;
upon identifying a user selection of at least one investigation instruction of the sequence of investigation instructions, executing the selected at least one investigation instruction on an incident documented by the selected incident report: and
generating part of the GUI of the incident management system, depicting analysis data resulted from cause-analysis performed by said execution of the selected at least one investigation instruction on the incident documented by the selected incident report.
|