US 12,242,902 B2
Systems and methods for multi-event correlation
John H. Lehman, Charlton, MA (US)
Assigned to DIGITAL GUARDIAN LLC, Waltham, MA (US)
Filed by Digital Guardian LLC, Eden Prairie, MN (US)
Filed on Nov. 7, 2023, as Appl. No. 18/503,537.
Application 18/503,537 is a continuation of application No. 17/327,663, filed on May 21, 2021, granted, now 11,809,920, issued on Nov. 7, 2023.
Application 17/327,663 is a continuation of application No. 16/428,122, filed on May 31, 2019, granted, now 11,016,826, issued on May 25, 2021.
Prior Publication US 2024/0111612 A1, Apr. 4, 2024
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 9/54 (2006.01); G06F 11/30 (2006.01); H04L 9/40 (2022.01)
CPC G06F 9/542 (2013.01) [G06F 11/3017 (2013.01); G06F 11/3072 (2013.01); H04L 63/1416 (2013.01)] 20 Claims
OG exemplary drawing
 
18. A method of correlating across multiple events, comprising:
receiving, by a computing system, for a leaf rule, a stream of events each corresponding to an activity of at least one of a user, a device, or a program;
detecting, by the computing system, from the stream of events, a first plurality of events in accordance with a filter of the leaf rule;
identifying, by the computing system, from the first plurality of events, a second plurality of events satisfying a condition within a time window of the leaf rule; and
executing, by the computing system, an action in accordance with a trigger on at least a subset of the second plurality of events.