| CPC G06F 11/079 (2013.01) [G06F 11/0706 (2013.01); G06F 11/0775 (2013.01); G06F 11/0784 (2013.01); G06F 11/3003 (2013.01); G06F 11/3013 (2013.01); G06F 11/3075 (2013.01); G06F 11/3082 (2013.01); G06F 11/321 (2013.01); G06F 2201/835 (2013.01)] | 20 Claims |
|
1. A non-transitory computer-readable medium storing instructions readable and executable by at least one electronic processor to perform a log pattern analysis method by applying a log pattern to log data undergoing analysis comprising log events which are time stamped and which are defined by values for a set of fields, wherein the log data undergoing analysis are stored on a server accessible by the at least one electronic processor via an electronic network, the log pattern analysis method comprising:
constructing a retrieval query to select log events that are in a time interval and that also satisfy at least one additional constraint associated with the log pattern and defined on one or more filter fields of the set of fields;
downloading a sub-set of the log data undergoing analysis from the server to the at least one electronic processor via the electronic network, wherein the sub-set is selected from the log data undergoing analysis by the retrieval query;
applying the log pattern to the downloaded sub-set of the log data undergoing analysis to identify log pattern hits in the log data undergoing analysis; and
controlling a display screen to display a report of the log pattern hits in the log data undergoing analysis.
|