	US 11,809,406 B2
	Event records in a log file
Prabhanjan Gururaj, Karnataka (IN); Shreyas Prabhakar Gaikwad, Karnataka (IN); and Yashashvi Tarana, Karnataka (IN)
Assigned to Hewlett Packard Enterprise Development LP, Spring, TX (US)
Filed by Hewlett Packard Enterprise Development LP, Houston, TX (US)
Filed on Apr. 13, 2021, as Appl. No. 17/229,526.
Claims priority of application No. 202041050480 (IN), filed on Nov. 19, 2020.
Prior Publication US 2022/0156247 A1, May 19, 2022
Int. Cl. G06F 16/00 (2019.01); G06F 16/23 (2019.01); G06F 16/17 (2019.01)

CPC G06F 16/2365 (2019.01) [G06F 16/1734 (2019.01)]

20 Claims

1. A system comprising:

a processor;

a machine-readable storage medium comprising instructions executable by the processor to:

obtain a log file comprising a plurality of event records;

process a set of event records from the log file to determine a first series of logged event types and a first series of corresponding logged event attributes;

associate a numerical identifier with each logged event type within the first series of logged event types, to provide a first sequence of identifiers;

obtain a retrace dictionary based on the first sequence of identifiers, wherein the retrace dictionary links each numerical identifier in the first sequence of identifiers with a corresponding event record within the set of event records;

determine whether a selected numerical identifier within the first sequence of identifiers corresponds to occurrence of anomalous computing event; and

based on the retrace dictionary, identify an event record corresponding to the selected numerical identifier within the log file, as anomalous.