| CPC H04L 41/0654 (2013.01) [H04L 43/0823 (2013.01); G06F 40/205 (2020.01)] | 30 Claims |
|
1. A computer-implemented method for detecting network anomalies, comprising:
monitoring a network, wherein the network provides public-facing application services;
monitoring at least one external public Internet platform outside of the network to obtain volumetric problem report data about the application services;
wherein the at least one external public Internet platform is nonspecific to the application services;
responsive to the volumetric problem report data from the at least one external public Internet platform exceeding a threshold, querying at least one internal network event logging tool for the network for alerts;
identifying, from the alerts, at least one anomaly associated with the volumetric problem report data; and
responsive to identifying the at least one anomaly, generating an anomaly report about the at least one anomaly;
wherein the at least one external public Internet platform comprises at least one social media platform and obtaining the volumetric problem report data comprises extrapolating problem reports from public posts to the at least one social media platform;
wherein the problem reports are extrapolated by parsing the public posts to identify keywords; and
wherein identifying, from the alerts, the at least one anomaly associated with the volumetric problem report data comprises:
mapping the identified keywords to corresponding application codes;
using the application codes to identify at least one specific component of the application services;
querying the at least one internal network event logging tool for alerts corresponding to the at least one specific component; and
using the alerts corresponding to the at least one specific component to identify the at least one anomaly associated with the at least one specific component.
|