| CPC G06F 11/0784 (2013.01) [G06F 11/0727 (2013.01); G06F 16/2358 (2019.01); G06F 16/24568 (2019.01)] | 52 Claims |
|
1. A computing platform comprising:
at least one processor;
at least one non-transitory computer-readable medium; and
program instructions stored on the at least one non-transitory computer-readable medium that are executable by the at least one processor such that the computing platform is configured to:
cause a client device associated with a user to present an interface for creating an anomaly detection rule, wherein the interface includes a set of user-selectable options that is determined based on permissions information associated with the user;
receive, from the client device, data defining a given anomaly detection rule that has been created by the user via the interface, wherein the given anomaly detection rule comprises at least one anomaly condition that is to be applied to at least one streaming event queue;
store a data representation of the given anomaly detection rule in a data store;
retrieve the data representation of the given anomaly detection rule from the data store;
convert the data representation of the given anomaly detection rule to a streaming query statement;
iteratively apply the streaming query statement to the at least one streaming event queue;
while iteratively applying the streaming query statement to the at least one streaming event queue, make at least one determination that the at least one anomaly condition is satisfied; and
based on the at least one determination, cause at least one anomaly notification to be issued to the user.
|